Avast URL:Mal-Warnung Firefox

Metaller666 · 25.04.2014, 21:20

Huhu zusammen,

ich bin vor Tagen vom 'Opera 12.16' auf die aktuellste Firefox-Version umgesteigen, seitdem plagen mich andauernd 'URL:Mal'-Warnungen seitens 'Avast Free', davor hatte ich eigentlich keine Probleme solcher Art - dabei ist es egal, welche Seiten ich ansurfe, das geschieht ganz sporadisch.

Was bereits getan wurde:
-Malwarebytes
-Adwcleaner
-JRT
-und Avast-Komplettscan
durchgeführt.
Außerdem wurde das komplette Firefox gelöscht, sowie Firefox komplett neuinstalliert.

Seitdem treten die Meldungen gefühlt viel seltener auf (etwa 1x täglich).

Installierte Addons:
-Adblock Plus
-NoScript
-ZoomPage
-Omnibar
-Facepaste
-About:newtab Context Menu
-Customize about:newtab

In der Warnmeldung ausgegebene URLs (das sind bestimmt nicht alle):
-288.91.196.4/.....
-5.104.107.76/....

Nun hoffe ich, dass ihr mir bei diesem Problem weiterhelfen könnt.

schrauber · 26.04.2014, 06:45

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Metaller666 · 26.04.2014, 09:02

FRST.txt

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 01
Ran by Metaller666 (administrator) on METALLER188-PC on 26-04-2014 09:41:24
Running from D:\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Arcai.com) E:\Program Files (x86)\netcut\services\AIPS.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Company) E:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) E:\Program Files\Windows Media Player\wmpnetwk.exe
(Nero AG) E:\Program Files (x86)\Nero\Update\NASvc.exe
(SoftPerfect Research) E:\Program Files\NetWorx\networx.exe
(Elgato Systems) E:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
(Microsoft Corporation) E:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) E:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\always-on-top.exe
(Power Software Ltd) E:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Dropbox, Inc.) C:\Users\Metaller666\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VIA) E:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
() E:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Logitech Inc.) E:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Beepa P/L) E:\Program Files (x86)\Fraps\fraps.exe
(Logitech, Inc.) E:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(ATI Technologies Inc.) E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) E:\Program Files\Java\jre7\bin\java.exe
(Beepa P/L) E:\Program Files (x86)\Fraps\fraps64.dat
(Sysinternals - www.sysinternals.com) C:\Windows\system32\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Metaller666\AppData\Local\Temp\procexp64.exe
(Microsoft Corporation) E:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Steven Mayall) E:\Program Files (x86)\MusicBee\MusicBee.exe
(Spotify Ltd) C:\Users\Metaller666\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(BitTorrent Inc.) C:\Users\Metaller666\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) E:\Program Files (x86)\Common Files\Steam\SteamService.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NetWorx] => E:\Program Files\NetWorx\networx.exe [5295824 2014-03-07] (SoftPerfect Research)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => E:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => E:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [WD Print Share] => E:\Program Files (x86)\Western Digital\WD Print Share\WDPrintShare.exe [4328448 2012-12-21] ()
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-21] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\RunOnce: [20131224] - E:\Program Files\AVAST Software\Avast\setup\emupdate\b6f69ecc-6af7-4ade-9873-b7c8dd244005.exe /check [181136 2014-04-25] (AVAST Software)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [Remote Control Editor] => E:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe [1834496 2012-05-14] (Elgato Systems)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [AnyDVD] => E:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [5860984 2012-02-20] (SlySoft, Inc.)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [Spotify Web Helper] => C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [Skype] => E:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\MountPoints2: H - H:\autorun.exe
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\MountPoints2: I - I:\AUTOSTARTER.EXE
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\MountPoints2: J - J:\setup.exe
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\MountPoints2: M - M:\FarCryAutoCD.exe
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\MountPoints2: {b3ed34b3-7ca6-11e1-97ff-806e6f6e6963} - G:\autorun.exe
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\MountPoints2: {eaa73a87-b224-11e1-83c2-0009dd502a17} - O:\Setup.now.exe
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Winlogon: [Shell] explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
IFEO\taskmgr.exe: [Debugger] procexp.exe
IFEO\utilman.exe: [Debugger] cmd.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\always-on-top.exe ()
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Metaller666\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fraps.lnk
ShortcutTarget: Fraps.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HD VDeck.lnk
ShortcutTarget: HD VDeck.lnk -> E:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> E:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk
ShortcutTarget: SetPointII.lnk -> E:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TV-Browser.lnk
ShortcutTarget: TV-Browser.lnk -> E:\Program Files (x86)\TV-Browser3.3\tvbrowser.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - E:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - E:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - E:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - E:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\8ozx4akk.Standalone
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - E:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - E:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - E:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - E:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - E:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - E:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - E:\PROGRA~3\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - E:\PROGRA~3\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - E:\PROGRA~3\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - E:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - E:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect - E:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Extension: Adblock Plus - C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\8ozx4akk.Standalone\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-21]

Chrome: 
=======
CHR Extension: (Google Drive) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-06]
CHR Extension: (YouTube) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-06]
CHR Extension: (Google-Suche) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-06]
CHR Extension: (AdBlock) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-07]
CHR Extension: (avast! Online Security) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-04]
CHR Extension: (Google Wallet) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-06]
CHR Extension: (Google Mail) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-21]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; E:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-09] (Adobe Systems)
R2 AIPS; E:\Program Files (x86)\netcut\services\AIPS.exe [262144 2011-07-28] (Arcai.com)
R2 AMD FUEL Service; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-15] (Advanced Micro Devices, Inc.)
R2 Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-21] (AVAST Software)
S2 AxAutoMntSrv; E:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 CLKMSVC10_173EB256; E:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)
S3 DAUpdaterSvc; E:\Games\Dragon Age\Dragon Age Origins\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S3 Futuremark SystemInfo Service; E:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-29] (Futuremark)
S2 gupdate1ce9c1e86dd3230; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-12-06] (Google Inc.)
S3 gupdatem; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-12-06] (Google Inc.)
S3 IDriverT; E:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-02-21] (Apple Inc.)
R2 LightScribeService; E:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company)
S3 Microsoft SharePoint Workspace Audit Service; E:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
S3 MozillaMaintenance; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-03-15] (Mozilla Foundation)
R2 NAUpdate; E:\Program Files (x86)\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
S3 ose; E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
R2 osppsvc; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
S2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 SQLWriter; E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [129624 2012-02-11] (Microsoft Corporation)
R3 Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [572096 2014-04-24] (Valve Corporation)
R2 TeamViewer9; E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 wlidsvc; E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [138360 2012-01-29] (SlySoft, Inc.)
R2 AODDriver4.1; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.2.0; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-21] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-02-12] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-11-23] (REALiX(tm))
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-02-12] ()
R1 networx; C:\Windows\System32\drivers\networx.sys [59384 2014-03-06] (NetFilterSDK.com)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S4 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-02-12] (Duplex Secure Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
R3 WDUDSMBus; C:\Windows\System32\drivers\WDUDSMBus.sys [106632 2012-06-09] (Windows (R) Codename Longhorn DDK provider)
S3 WDUDSTcpBus; C:\Windows\System32\Drivers\WDUDSTcpBus.sys [180360 2012-06-09] (Windows (R) Codename Longhorn DDK provider)
U3 adesrcj3; C:\Windows\System32\Drivers\adesrcj3.sys [0 ] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\METALL~4\AppData\Local\Temp\ALSysIO64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
U5 HCWBT8XX; C:\Windows\SysWOW64\Drivers\HCWBT8XX.sys [472644 2006-01-25] (Hauppauge Computer Works)
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 09:40 - 2014-04-26 09:41 - 00000000 ____D () C:\FRST
2014-04-25 14:57 - 2014-04-25 14:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 14:57 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-25 14:57 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-24 22:13 - 2014-04-24 22:13 - 00017408 ___SH () C:\Users\Metaller666\Thumbs.db
2014-04-24 14:36 - 2014-04-24 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-22 17:17 - 2014-04-22 17:17 - 00000000 ____D () C:\ProgramData\ATI
2014-04-22 17:10 - 2014-04-22 17:10 - 00067420 _____ () C:\Windows\SysWOW64\CCCInstall_201404221710383312.log
2014-04-22 17:10 - 2014-04-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-22 16:59 - 2014-04-22 16:59 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221659138977.log
2014-04-22 16:46 - 2014-04-22 16:46 - 00066765 _____ () C:\Windows\SysWOW64\CCCInstall_201404221646266389.log
2014-04-22 16:17 - 2014-04-22 16:17 - 00000000 ____D () E:\Program Files (x86)\AMD AVT
2014-04-22 16:12 - 2014-04-22 16:12 - 00000000 ____D () E:\Program Files (x86)\ATI Technologies
2014-04-22 16:10 - 2014-04-22 17:09 - 00000000 ____D () E:\Program Files\ATI Technologies
2014-04-22 15:55 - 2014-04-22 15:55 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221555331783.log
2014-04-21 22:26 - 2014-04-21 22:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-21 22:26 - 2014-04-21 22:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-21 09:26 - 2014-04-21 09:26 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\AVAST Software
2014-04-21 09:25 - 2014-04-24 18:44 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-21 09:25 - 2014-04-21 22:26 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-21 09:25 - 2014-04-21 22:26 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-21 09:25 - 2014-04-21 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-21 09:24 - 2014-04-21 09:24 - 00000000 ____D () E:\Program Files\AVAST Software
2014-04-20 20:06 - 2014-04-20 20:06 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () E:\Program Files (x86)\VisiPics
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
2014-04-18 18:22 - 2014-04-18 18:22 - 00000000 _____ () C:\Users\Metaller666\Sti_Trace.log
2014-04-16 19:04 - 2014-04-16 19:04 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b13.log
2014-04-16 19:04 - 2014-03-17 22:11 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-16 19:04 - 2014-03-17 22:02 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-16 19:04 - 2014-03-17 22:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-16 19:04 - 2014-03-17 22:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-16 14:20 - 2014-04-23 17:37 - 00000000 ____D () E:\Program Files (x86)\Mozilla Firefox
2014-04-16 14:20 - 2014-04-16 14:20 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-16 09:37 - 2014-04-24 18:40 - 00000000 ____D () C:\AdwCleaner
2014-04-16 04:43 - 2014-04-16 04:43 - 10335208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08866928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08010968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 07520200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06799688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06796592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01343272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01117184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-04-16 04:39 - 2014-04-16 04:39 - 00274656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-04-16 04:37 - 2014-04-16 04:37 - 15376384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-04-16 04:23 - 2014-04-16 04:23 - 28685824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00231424 _____ () C:\Windows\system32\clinfo.exe
2014-04-16 04:23 - 2014-04-16 04:23 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-04-16 04:20 - 2014-04-16 04:20 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 05442048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-04-16 04:12 - 2014-04-16 04:12 - 27907584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-04-16 03:58 - 2014-04-16 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-04-16 03:51 - 2014-04-16 03:51 - 23409152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00368128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-04-16 03:46 - 2014-04-16 03:46 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-04-16 03:42 - 2014-04-16 03:42 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-04-16 03:30 - 2014-04-16 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-16 03:29 - 2014-04-16 03:29 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-04-16 03:28 - 2014-04-16 03:28 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-04-16 03:28 - 2014-04-16 03:28 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-04-16 03:19 - 2014-04-16 03:19 - 00806912 _____ (AMD) C:\Windows\system32\coinst_14.100.dll
2014-04-16 03:17 - 2014-04-16 03:17 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-04-16 03:08 - 2014-04-16 03:08 - 00848896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00638976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-04-16 03:07 - 2014-04-16 03:07 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-04-16 03:04 - 2014-04-16 03:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-04-15 22:07 - 2014-04-15 22:35 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 22:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 22:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 22:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 21:46 - 2014-04-14 21:46 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-14 20:44 - 2014-04-14 21:52 - 00000000 ____D () E:\Program Files (x86)\Comodo
2014-04-14 20:44 - 2014-04-14 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-13 22:21 - 2014-04-13 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-13 22:20 - 2014-04-13 22:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-13 22:20 - 2014-04-13 22:20 - 00000000 ____D () E:\Program Files\iPod
2014-04-13 22:18 - 2014-04-13 22:18 - 00000000 ____D () E:\Program Files\Common Files\Apple
2014-04-10 19:58 - 2014-04-10 19:58 - 00082128 _____ () C:\Windows\system32\ativce02.dat
2014-04-09 18:44 - 2014-04-09 18:44 - 00000312 _____ () C:\Users\Metaller666\2014-04-09-16-44-33.043-VBoxSVC.exe-6236.log
2014-04-09 18:30 - 2014-04-09 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-04-09 18:30 - 2014-03-26 19:01 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-04-09 18:30 - 2014-03-26 19:00 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-04-08 21:00 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-08 21:00 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-08 21:00 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 21:00 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-08 21:00 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-08 21:00 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-08 21:00 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-08 21:00 - 2014-02-24 04:35 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 09074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-08 21:00 - 2014-02-24 03:34 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 21:00 - 2014-02-24 03:15 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 21:00 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-08 21:00 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-08 21:00 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-08 21:00 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-08 21:00 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-08 21:00 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-06 23:17 - 2014-04-06 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () E:\Program Files (x86)\FreeMind
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2014-04-01 00:06 - 2014-04-01 00:06 - 00234804 _____ () C:\Windows\system32\ativvaxy_cik.dat
2014-04-01 00:04 - 2014-04-01 00:04 - 00233008 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () E:\Program Files (x86)\Western Digital
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-03-31 17:30 - 2012-06-09 10:24 - 00106632 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\WDUDSMBus.sys
2014-03-31 17:30 - 2012-06-09 10:22 - 00180360 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\WDUDSTcpBus.sys

==================== One Month Modified Files and Folders =======

2014-04-26 09:41 - 2014-04-26 09:40 - 00000000 ____D () C:\FRST
2014-04-26 09:41 - 2013-02-03 16:12 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\uTorrent
2014-04-26 09:37 - 2012-03-25 10:04 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Skype
2014-04-26 09:35 - 2013-04-28 09:50 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Spotify
2014-04-26 09:31 - 2013-08-18 16:23 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-25 22:12 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-25 22:12 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-25 22:08 - 2013-03-08 22:01 - 01084935 _____ () C:\Windows\WindowsUpdate.log
2014-04-25 22:04 - 2012-03-25 18:18 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Mp3tag
2014-04-25 21:21 - 2012-03-26 18:08 - 00000000 ____D () E:\Program Files (x86)\Steam
2014-04-25 14:57 - 2014-04-25 14:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 14:53 - 2012-04-10 11:34 - 00000000 ____D () C:\Windows\System32\Tasks\TerraTec
2014-04-25 13:54 - 2014-03-14 17:33 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\MusicBee
2014-04-25 10:37 - 2013-08-21 10:15 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C79624AB-E946-4E99-B9F8-9FAFB81F6E5E}
2014-04-25 10:31 - 2013-08-18 16:23 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-24 22:56 - 2013-09-27 20:02 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\TV-Browser
2014-04-24 22:56 - 2012-07-28 20:48 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Dropbox
2014-04-24 22:41 - 2013-04-20 10:08 - 00274210 _____ () C:\Windows\setupact.log
2014-04-24 22:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 22:13 - 2014-04-24 22:13 - 00017408 ___SH () C:\Users\Metaller666\Thumbs.db
2014-04-24 22:13 - 2012-03-24 17:43 - 00000000 ____D () C:\Users\Metaller666
2014-04-24 18:44 - 2014-04-21 09:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-24 18:41 - 2012-03-25 12:12 - 00000000 ____D () E:\Program Files (x86)\Mp3tag
2014-04-24 18:40 - 2014-04-16 09:37 - 00000000 ____D () C:\AdwCleaner
2014-04-24 15:58 - 2011-04-12 09:43 - 00813034 _____ () C:\Windows\system32\perfh007.dat
2014-04-24 15:58 - 2011-04-12 09:43 - 00189100 _____ () C:\Windows\system32\perfc007.dat
2014-04-24 15:58 - 2009-07-14 07:13 - 01891264 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-24 14:36 - 2014-04-24 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-24 13:41 - 2012-08-16 16:18 - 00000000 ____D () E:\Program Files (x86)\JDownloader
2014-04-23 17:37 - 2014-04-16 14:20 - 00000000 ____D () E:\Program Files (x86)\Mozilla Firefox
2014-04-22 17:34 - 2013-04-28 09:50 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Spotify
2014-04-22 17:32 - 2014-01-06 17:51 - 00000000 ____D () C:\Users\DefaultAppPool
2014-04-22 17:32 - 2012-08-04 09:11 - 00000000 ____D () C:\Users\Gast
2014-04-22 17:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-22 17:17 - 2014-04-22 17:17 - 00000000 ____D () C:\ProgramData\ATI
2014-04-22 17:10 - 2014-04-22 17:10 - 00067420 _____ () C:\Windows\SysWOW64\CCCInstall_201404221710383312.log
2014-04-22 17:10 - 2014-04-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-22 17:09 - 2014-04-22 16:10 - 00000000 ____D () E:\Program Files\ATI Technologies
2014-04-22 17:09 - 2013-09-29 17:19 - 00000000 ____D () C:\ProgramData\AMD
2014-04-22 16:59 - 2014-04-22 16:59 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221659138977.log
2014-04-22 16:46 - 2014-04-22 16:46 - 00066765 _____ () C:\Windows\SysWOW64\CCCInstall_201404221646266389.log
2014-04-22 16:17 - 2014-04-22 16:17 - 00000000 ____D () E:\Program Files (x86)\AMD AVT
2014-04-22 16:12 - 2014-04-22 16:12 - 00000000 ____D () E:\Program Files (x86)\ATI Technologies
2014-04-22 15:55 - 2014-04-22 15:55 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221555331783.log
2014-04-21 22:26 - 2014-04-21 22:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-21 22:26 - 2014-04-21 22:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-21 22:26 - 2014-04-21 09:25 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-21 21:27 - 2013-08-21 22:08 - 00000000 ____D () E:\Program Files\VideoLAN
2014-04-21 20:05 - 2013-09-07 11:00 - 00000132 _____ () C:\Users\Metaller666\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-04-21 18:10 - 2013-04-21 09:03 - 00456946 _____ () C:\Windows\PFRO.log
2014-04-21 09:26 - 2014-04-21 09:26 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\AVAST Software
2014-04-21 09:25 - 2014-04-21 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-21 09:24 - 2014-04-21 09:24 - 00000000 ____D () E:\Program Files\AVAST Software
2014-04-21 09:23 - 2012-03-24 15:17 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-20 20:06 - 2014-04-20 20:06 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () E:\Program Files (x86)\VisiPics
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
2014-04-18 18:22 - 2014-04-18 18:22 - 00000000 _____ () C:\Users\Metaller666\Sti_Trace.log
2014-04-17 12:28 - 2013-02-08 19:07 - 00000000 ____D () E:\Program Files (x86)\Mozilla Maintenance Service
2014-04-16 23:11 - 2013-12-10 19:03 - 00001018 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-16 23:04 - 2012-07-04 22:28 - 00000600 _____ () C:\Users\Metaller666\AppData\Local\PUTTY.RND
2014-04-16 21:34 - 2012-10-02 22:09 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\KeePass
2014-04-16 20:06 - 2012-04-24 16:53 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\TeamViewer
2014-04-16 19:10 - 2013-09-25 20:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-16 19:04 - 2014-04-16 19:04 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b13.log
2014-04-16 19:04 - 2013-04-23 18:31 - 00000000 ____D () E:\Program Files (x86)\Java
2014-04-16 14:20 - 2014-04-16 14:20 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-16 14:20 - 2012-03-25 10:54 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Mozilla
2014-04-16 04:43 - 2014-04-16 04:43 - 10335208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08866928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08010968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 07520200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06799688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06796592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01343272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01117184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-04-16 04:39 - 2014-04-16 04:39 - 00274656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-04-16 04:37 - 2014-04-16 04:37 - 15376384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-04-16 04:23 - 2014-04-16 04:23 - 28685824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00231424 _____ () C:\Windows\system32\clinfo.exe
2014-04-16 04:23 - 2014-04-16 04:23 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-04-16 04:20 - 2014-04-16 04:20 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 05442048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-04-16 04:12 - 2014-04-16 04:12 - 27907584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-04-16 03:58 - 2014-04-16 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-04-16 03:51 - 2014-04-16 03:51 - 23409152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00368128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-04-16 03:46 - 2014-04-16 03:46 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-04-16 03:42 - 2014-04-16 03:42 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-04-16 03:30 - 2014-04-16 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-16 03:29 - 2014-04-16 03:29 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-04-16 03:28 - 2014-04-16 03:28 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-04-16 03:28 - 2014-04-16 03:28 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-04-16 03:19 - 2014-04-16 03:19 - 00806912 _____ (AMD) C:\Windows\system32\coinst_14.100.dll
2014-04-16 03:17 - 2014-04-16 03:17 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-04-16 03:09 - 2014-02-24 04:28 - 01177600 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00848896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00638976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-04-16 03:07 - 2014-04-16 03:07 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-04-16 03:04 - 2014-04-16 03:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-04-15 22:35 - 2014-04-15 22:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 22:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 16:39 - 2013-09-04 15:59 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Adobe
2014-04-15 16:39 - 2012-03-30 19:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-15 16:39 - 2012-03-30 19:25 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-15 15:07 - 2013-09-04 20:13 - 00001456 _____ () C:\Users\Metaller666\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-15 14:39 - 2012-04-13 14:34 - 00000000 ____D () C:\Users\Metaller666\.VirtualBox
2014-04-15 12:17 - 2013-06-09 09:37 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Opera Software
2014-04-15 12:14 - 2012-07-19 18:01 - 00000000 ____D () E:\Program Files (x86)\Firefox Nightly
2014-04-15 12:12 - 2013-05-29 09:10 - 00000000 ____D () E:\Program Files (x86)\Opera Next
2014-04-15 12:11 - 2013-12-06 21:33 - 00000000 ____D () E:\Program Files (x86)\Opera Developer
2014-04-14 21:52 - 2014-04-14 20:44 - 00000000 ____D () E:\Program Files (x86)\Comodo
2014-04-14 21:52 - 2014-04-14 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-14 21:46 - 2014-04-14 21:46 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-14 21:46 - 2013-11-13 12:50 - 00001251 _____ () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-04-14 21:46 - 2013-11-13 11:35 - 00001273 _____ () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-14 21:46 - 2012-09-10 20:55 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Opera
2014-04-14 04:24 - 2014-04-25 14:57 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-25 14:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 22:21 - 2014-04-13 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-13 22:21 - 2014-04-13 22:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-13 22:21 - 2013-09-19 21:21 - 00000000 ____D () E:\Program Files\iTunes
2014-04-13 22:20 - 2014-04-13 22:20 - 00000000 ____D () E:\Program Files\iPod
2014-04-13 22:18 - 2014-04-13 22:18 - 00000000 ____D () E:\Program Files\Common Files\Apple
2014-04-13 22:06 - 2012-03-24 15:46 - 00000000 ____D () C:\ProgramData\Apple
2014-04-10 19:58 - 2014-04-10 19:58 - 00082128 _____ () C:\Windows\system32\ativce02.dat
2014-04-09 18:44 - 2014-04-09 18:44 - 00000312 _____ () C:\Users\Metaller666\2014-04-09-16-44-33.043-VBoxSVC.exe-6236.log
2014-04-09 18:30 - 2014-04-09 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-04-09 16:43 - 2013-05-22 18:25 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Foxit Software
2014-04-08 22:22 - 2013-11-13 10:17 - 00000000 ____D () C:\Windows\rescache
2014-04-08 21:13 - 2012-04-23 16:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-08 21:12 - 2013-07-27 12:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-08 21:03 - 2012-03-24 18:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 17:55 - 2013-09-26 14:36 - 00000000 ____D () E:\Program Files (x86)\SEE Electrical Schulversion V5
2014-04-07 17:54 - 2013-09-27 21:16 - 00001276 _____ () C:\ProgramData\CADdy++1100.ini
2014-04-07 17:54 - 2013-09-27 21:16 - 00001276 _____ () C:\ProgramData\CADdy++1010.ini
2014-04-07 17:54 - 2013-09-27 21:16 - 00001276 _____ () C:\ProgramData\CADdy++1000.ini
2014-04-06 23:17 - 2014-04-06 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-04-06 13:30 - 2012-03-24 17:58 - 00000000 ___HD () E:\Program Files (x86)\InstallShield Installation Information
2014-04-06 13:30 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-05 14:44 - 2013-02-08 18:44 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-05 13:33 - 2013-09-27 20:01 - 00000000 ____D () E:\Program Files (x86)\TV-Browser3.3
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () E:\Program Files (x86)\FreeMind
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2014-04-04 21:34 - 2013-02-08 18:40 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-03 09:51 - 2014-04-15 22:07 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 22:07 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 22:07 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 21:22 - 2012-09-26 20:20 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\FileZilla
2014-04-02 21:18 - 2012-12-12 21:28 - 00000000 ___RD () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-02 16:33 - 2012-03-28 20:18 - 00000000 ____D () E:\Program Files (x86)\phase5
2014-04-01 00:06 - 2014-04-01 00:06 - 00234804 _____ () C:\Windows\system32\ativvaxy_cik.dat
2014-04-01 00:04 - 2014-04-01 00:04 - 00233008 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () E:\Program Files (x86)\Western Digital
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-03-29 11:26 - 2013-08-18 16:23 - 00004116 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 11:26 - 2013-08-18 16:23 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 11:14 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-29 11:13 - 2012-04-28 14:16 - 00000000 ____D () E:\Program Files (x86)\Synchredible
2014-03-28 20:15 - 2012-12-01 22:41 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\My Games
2014-03-27 18:15 - 2012-04-28 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synchredible

Some content of TEMP:
====================
C:\Users\Metaller666\AppData\Local\Temp\Checkupdate.exe
C:\Users\Metaller666\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Metaller666\AppData\Local\Temp\gcapi_dll.dll
C:\Users\Metaller666\AppData\Local\Temp\gtapi_signed.dll
C:\Users\Metaller666\AppData\Local\Temp\procexp64.exe
C:\Users\Metaller666\AppData\Local\Temp\vlc-2.1.4-win64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 16:06

==================== End Of Log ============================

--- --- ---

Metaller666 · 26.04.2014, 09:02

Addition.txt

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-04-2014 01
Ran by Metaller666 at 2014-04-26 09:42:06
Running from D:\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

"Assassin's Creed IV - Black Flag" (HKLM-x32\...\{959CF39B-F3FA-4A80-AECF-8AF6BA639276}_is1) (Version: 1.02.0.0 - )
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30740 - BitTorrent Inc.)
3DMark (HKLM-x32\...\{e1e3b41b-1078-4885-a74f-393ca384b1aa}) (Version: 1.2.250.0 - Futuremark)
3DMark (Version: 1.2.250.0 - Futuremark) Hidden
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.3 - Futuremark Corporation)
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.0 - Futuremark Corporation)
3DMark03 (HKLM-x32\...\{FF35F637-72B9-43BE-A281-06EB2854393A}) (Version: 3.6.2 - Futuremark Corporation)
3DMark06 (HKLM-x32\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.2.0 - Futuremark Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)
Adobe Bridge 1.0 (x32 Version: 1.0.1.1 - Adobe Systems) Hidden
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Common File Installer (x32 Version: 1.00.002 - Adobe System Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Help Center 2.0 (x32 Version: 2.0.0 - Adobe Systems) Hidden
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.2 - Adobe Systems) Hidden
AIDA64 Extreme Edition v2.30 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 2.30 - FinalWire Ltd.)
AMCap (HKLM-x32\...\AMCap) (Version: 9.21.156.3 - Noël Danjou)
AMD Accelerated Video Transcoding (Version: 13.30.100.40223 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0415.2225.38428 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{F5B2C61F-1C10-FD9B-C29C-D8B88C9849CF}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0415.2225.38428 - Ihr Firmenname) Hidden
AMD Steady Video Plug-In  (Version: 2.07.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AquaMark3 (HKLM-x32\...\AquaMark3) (Version:  - )
ArtMoney SE v7.42 (HKLM-x32\...\ArtMoney SE_is1) (Version: 7.42 - System SoftLab)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed III Version v1.01 (HKLM-x32\...\{FF9C72E0-61E9-4FB6-9D9D-69A9D974106C}_is1) (Version: v1.01 - ZKY)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.15.16 - Atheros Communications Inc.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
Audiograbber 1.83 SE  (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber Deutschland)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.4.2.0 - Auslogics Labs Pty Ltd)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Battlefield 3 version 1.0 (HKLM-x32\...\{4B7IL77L-LKS1-75B1-BF321-18CD6E6334R1}_is1) (Version: 1.0 - EA)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
calibre 64bit (HKLM\...\{A1A084D5-B714-442F-B7B6-C3A24AE8C130}) (Version: 0.9.31 - Kovid Goyal)
CANYON USB 2.0 PC CAMERA (HKCU\...\{71A51A91-E7D3-11DB-A386-005056C00008}) (Version: 2008.05.14 - Vimicro Corp.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0415.2225.38428 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0415.2225.38428 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0415.2225.38428 - Advanced Micro Devices, Inc.) Hidden
Catzilla 1.1 (HKLM\...\{41EE0CB2-75DE-4FE0-AEB2-4CBC30624FA6}_is1) (Version: 1.1 - ALLPlayer Group Ltd.)
CCC Help Chinese Standard (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0415.2224.38428 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0415.2225.38428 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
Champions of Regnum (HKLM-x32\...\Steam App 222520) (Version:  - )
Cinergy T PCIe Dual V6.0.108.76 (HKLM-x32\...\Cinergy T PCIe Dual) (Version: 6.0.108.76 - )
ConvertXtoDVD 4.0.12.327 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.12.327 - )
Core Temp 1.0 RC3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z G1 1.68 (HKLM\...\CPUID CPU-Z G1_is1) (Version: 1.68 - CPUID, Inc.)
CrystalDiskInfo 5.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.5.0 - Crystal Dew World)
CrystalDiskMark 3.0.1c (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.1c - Crystal Dew World)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3518.52 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.3518.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.615 - Electronic Arts)
DiRT 3 (HKLM-x32\...\GFWL_{434D0FA0-1558-4D8E-AC3D-BD1000008200}) (Version: 1.0.0000.130 - Codemasters)
DiRT 3 (x32 Version: 1.0.0000.130 - Codemasters) Hidden
Dragon Age 2 - The Deep Green 1.03 (HKLM-x32\...\Dragon Age 2 - The Deep Green 1.03) (Version:  - )
Dragon Age II (HKLM-x32\...\{F2E23139-3404-4E3C-9855-7724415D62A5}) (Version: 1.04 - Electronic Arts, Inc.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05 - Electronic Arts, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
DVDFab 9.1.3.3 (12/03/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Emit version 1.11 (HKLM-x32\...\{91092771-7812-483E-A276-4D5977982BC5}_is1) (Version: 1.11 - Biokoda d.o.o.)
EPSON Copy Utility 3 (HKLM-x32\...\{67EDD823-135A-4D59-87BD-950616D6E857}) (Version: 3.2.0.0 - )
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX218 Series Printer Uninstall (HKLM\...\EPSON SX218 Series) (Version:  - SEIKO EPSON Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ubisoft)
Far Cry (Patch 1.4) (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry (x32 Version: 1.00.0000 - Ubisoft) Hidden
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
FileZilla Client 3.7.3 (HKCU\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.1.1031 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Studio version 2014 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.11.225 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.18.1128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.18.1128 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.0 - )
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
Geeks3D.com FurMark 1.9.2 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
HD Tune Pro 5.00 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Heaven DX11 Benchmark version 3.0 (HKLM\...\Unigine Heaven DX11 Benchmark (Basic Edition)_is1) (Version: 3.0 - Unigine Corp.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KeePass Password Safe 2.20 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Last.fm Scrobbler 2.1.36 (HKLM-x32\...\LastFM_is1) (Version:  - Last.fm)
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
LochMaster 4.0 (HKLM-x32\...\LochMaster_is1) (Version:  - )
Logitech SetPoint 5.20 (HKLM\...\{D3120436-1358-4253-9EB2-257FFE8CE1D9}) (Version: 5.20 - Logitech)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.02 - Electronic Arts, Inc.)
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version:  - )
Microsoft Age of Empires Expansion (HKLM-x32\...\Age of Empires Expansion 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - German/Deutsch (HKLM-x32\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20828.01) (HKLM-x32\...\{E511AE89-54BB-481D-BC4A-1B1F1E1B7693}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20828.01) (HKLM-x32\...\{00C84D22-DB8F-4159-BF70-682B8EA56A1E}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Zoo Tycoon (HKLM-x32\...\Zoo Tycoon 1.0) (Version:  - )
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Morrowind (HKLM-x32\...\{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}) (Version:  - )
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Mozilla Thunderbird 17.0.3 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.3 (x86 de)) (Version: 17.0.3 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
Mp3tag v2.59a (HKLM-x32\...\Mp3tag) (Version: v2.59a - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MusicBee 2.3 (HKLM-x32\...\MusicBee) (Version: 2.3 - Steven Mayall)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version:  - )
Need For Speed Underground (HKLM-x32\...\{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version:  - )
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version:  - )
Nero 2014 (HKLM-x32\...\{CFF19D4A-F26D-4C6C-8535-A7C9107C9027}) (Version: 15.0.07100 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20064 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Burning Core (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.16700 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.23200 - Nero AG) Hidden
Nero CoverDesigner (HKLM-x32\...\{3143E3EB-17A5-48F9-90FC-D7CA556CA210}) (Version: 12.0.01500 - Nero AG)
Nero CoverDesigner (x32 Version: 12.0.10003 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero Device Updates (x32 Version: 15.0.1002 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Disc to Device (x32 Version: 15.0.12032 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 15.0.10011 - Nero AG) Hidden
Nero Express (x32 Version: 15.0.25001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 15.0.12000 - Nero AG) Hidden
Nero MediaHome (x32 Version: 1.22.3600 - Nero AG) Hidden
Nero MediaHome Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 15.0.10008 - Nero AG) Hidden
Nero Recode (x32 Version: 15.0.25000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 15.0.2000 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 15.0.00015 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.15005 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.13300.42.0 - Nero AG) Hidden
Nero Video (x32 Version: 15.0.23000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 15.0.00021 - Nero AG) Hidden
NetCut 2.1.4 (HKLM-x32\...\NetCut_is1) (Version:  - arcai.com)
NetWorx 5.3 (HKLM\...\NetWorx_is1) (Version:  - Softperfect Research)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
NVIDIA System Monitor (x32 Version: 6.5 - NVIDIA Corporation) Hidden
Oblivion - Construction Set (HKLM-x32\...\{23D683DD-93C6-48E6-B84E-78B57778F126}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version:  - Timeslip)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
ownCloud (HKLM-x32\...\ownCloud) (Version: 1.5.0.1913 - ownCloud, Inc)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
Prince of Persia (HKLM-x32\...\{7C11154F-3539-4CB5-979D-EF7913473E53}) (Version: 1.0 - Ubisoft)
Prince of Persia T2T (HKLM-x32\...\{DFFE2B1F-07E0-45A9-8801-CD8514CAA876}) (Version: 1.00.999 - Ubisoft)
Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
Prince of Persia The Two Thrones (x32 Version: 1.00.999 - Ubisoft) Hidden
Prince of Persia Warrior Within (HKLM-x32\...\{EE5BC0BB-9EDA-423C-8276-48857B735D68}) (Version: 1.00.999 - )
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Recuva (HKLM\...\Recuva) (Version: 1.46 - Piriform)
Resident Evil 6 Benchmark (HKLM-x32\...\{0343CD8E-625A-47FF-BC7E-92BCDF2E5929}) (Version: 1.00.0000 - CAPCOM CO., LTD.)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
SEE Electrical Schulversion V5R1 (HKLM-x32\...\SEE Electrical Schulversion V5R1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.2.0 - Shark007)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
sPlan 7.0 (HKLM-x32\...\sPlan_70_is1) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.8.296.g91f68827 - Spotify AB)
Star Swarm Stress Test (HKLM-x32\...\Steam App 267130) (Version:  - Oxide Games)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPER © v2012.build.50 (February 21st, 2012) Version v2012.buil (HKLM-x32\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2012.build.50 - eRightSoft)
SUPER © v2014.build.60+Recorder (2014/02/18) Version v2014.buil (HKLM-x32\...\{8E2A18E2-96AF-8549-4DE7-5C06B75719A4}_is1) (Version: v2014.build.60+Recorder - eRightSoft)
Synchredible (HKLM-x32\...\Synchredible_is1) (Version: 4.1.0.2 - ASCOMP Software GmbH)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.27614 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - )
TerraTec Home Cinema (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.25.6 - )
TerraTec Remote Control (HKLM-x32\...\{483213DE-E8FC-44D9-8826-11D480BEE38D}) (Version: 5.34 - )
TES Construction Set (HKLM-x32\...\{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}) (Version:  - )
The Elder Scrolls V Hearthfire DLC für die DEU & ENG Version 1.00 (HKLM-x32\...\The Elder Scrolls V Hearthfire DLC für die DEU & ENG Version 1.00) (Version:  - )
The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim - Dawnguard DLC Deutsche Version 1.00) (Version:  - )
The Elder Scrolls V Skyrim Creation-Kit (1.6.89.0) 1.6.89.0 (HKLM-x32\...\The Elder Scrolls V Skyrim Creation-Kit (1.6.89.0) 1.6.89.0) (Version:  - )
The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Dragonborn DLC Deutsche Version 1.00) (Version: 1.00 - .x.X.RIDDICK.X.x.)
The Elder Scrolls V Skyrim Update 10 (1.7.7.0.6) Deutsche Version 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Update 10 (1.7.7.0.6) Deutsche Version 1.00) (Version:  - )
The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Update 11 (1.8.151.0.7) Deutsche Version 1.00) (Version:  - )
The Elder Scrolls V Skyrim Update 9 (1.6.89.0.6) Deutsche Version 1.00 (HKLM-x32\...\The Elder Scrolls V Skyrim Update 9 (1.6.89.0.6) Deutsche Version 1.00) (Version:  - )
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\The Witcher Enhanced Edition Director's Cut_is1) (Version:  - GOG.com)
Tomb Raider - The Last Revelation (HKLM-x32\...\Tomb Raider - The Last Revelation) (Version:  - )
Tomb Raider (HKLM-x32\...\Tomb Raider_is1) (Version:  - )
Tomb Raider Chronicles (HKLM-x32\...\Tomb Raider Chronicles) (Version:  - )
Tombraider (HKLM-x32\...\Tombraider_is1) (Version:  - )
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TV-Browser 3.3.3 (HKLM-x32\...\tvbrowser) (Version: 3.3.3 - TV-Browser Team)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.de-de_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.OMUI.de-de_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version:  - Ozone)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
WD Print Share (HKLM-x32\...\{F1117A09-01DF-4591-90E6-CEE0E0E4230F}) (Version: 2.43 - Western Digital)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinHTTrack Website Copier 3.46-1 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.46.1 - HTTrack)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 1.8.0 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.8.0 - The Wireshark developer community, hxxp://www.wireshark.org)
x64 Components v4.2.0 (HKLM\...\Advanced x64Components_is1) (Version: 4.2.0 - Shark007)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Restore Points  =========================

23-04-2014 16:42:58 23.04.2014
25-04-2014 12:57:39 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-04-24 18:15 - 00748489 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	5.104.107.76
127.0.0.1 		qoa-a.com
127.0.0.1 		horad-fo.com
127.0.0.1 		spatbe-w.com
127.0.0.1 		dns.msftncsi.com
127.0.0.1 		msftncsi.com
127.0.0.1	gumblar.cn
127.0.0.1	addthiss.net
127.0.0.1	agasi-story.info
127.0.0.1	alexblane.com
127.0.0.1	busderaskon.com
127.0.0.1	cattww.com
127.0.0.1	cutheatergroup.cn
127.0.0.1	damisystem.com
127.0.0.1	delzzerro.cn
127.0.0.1	description2011.ru
127.0.0.1	elantrasantrope.ru
127.0.0.1	1speed.info
127.0.0.1	2112111.com
127.0.0.1	318x.com
127.0.0.1	abbcp.cn
127.0.0.1	acrossuniverseitbenet.com
127.0.0.1	afonya123.com
127.0.0.1	b9g.at
127.0.0.1	bbsr.co.in
127.0.0.1	bigsophieblog.com
127.0.0.1	combinebet.cn
127.0.0.1	delhicakesngifts.com
127.0.0.1	domain454002.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {0266A566-5DC1-4155-B5E7-E4267A8BDC5D} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {0D04AE50-EDBE-48CF-92A1-300FFCE2DC42} - System32\Tasks\avast! Emergency Update => E:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-21] (AVAST Software)
Task: {14BB9691-CE32-42D8-9E43-9BAB24CBC3EF} - System32\Tasks\DiskDefrag\DiskDefrag => E:\Program Files (x86)\Auslogics\DiskDefrag\DiskDefrag.exe [2014-01-15] (Auslogics)
Task: {1816875D-625A-4D4F-90EB-26A88CE3BA54} - \Software Updater No Task File <==== ATTENTION
Task: {1F4484B3-4653-4C4D-911F-44152E0EF6AF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-15] (Adobe Systems Incorporated)
Task: {239D94D7-E1E5-436D-8CA3-3E091E3CB5E6} - System32\Tasks\{E8F40082-D4A2-420E-BA31-5B0045A4D951} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {4F3A150C-FC1B-4D86-AB02-71799B13B1C4} - System32\Tasks\Teamviewer\Teamviewer => E:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe [2014-04-02] (TeamViewer GmbH)
Task: {57061FDC-3705-4EAE-8B46-2806A2DB6812} - System32\Tasks\CCleaner\CCleaner => E:\Program Files\CCleaner\CCleaner64.exe [2013-10-22] (Piriform Ltd)
Task: {5FA71CBD-0C67-40E7-8BB5-3537EDDA4F0B} - System32\Tasks\TerraTec\THCScheduledTask2014-04-28-13-38 => E:\Program Files (x86)\TerraTec\TerraTec Home Cinema\InstTool.exe [2011-11-18] (TERRATEC Electronic GmbH)
Task: {702805F5-1A78-4387-A06C-59209D498075} - System32\Tasks\{2E5D3C05-BBB4-4985-9513-D68FA4FA8A67} => Chrome.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/go/help.faq.installer?LastError=1603
Task: {711CBDA1-9272-4FAF-8B75-540FA2540FFA} - System32\Tasks\CoreTemp\CoreTemp => E:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {75E76A44-C27E-4ABF-9C94-33D2B4606BE0} - System32\Tasks\Datensicherung\Syncredible => E:\Program Files (x86)\Synchredible\synchredible.exe [2014-03-13] (ASCOMP Software GmbH)
Task: {7AB516B5-812B-4905-B077-ECD0DAC5433B} - System32\Tasks\PS\PS => E:\Program Files\Photoshop CS6\PhotoshopCS6Portable.exe
Task: {7EC1AE8A-6BE4-4C02-905D-D99ACD72E630} - System32\Tasks\GoogleUpdateTaskMachineCore => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {A8A9FA3C-8B22-4108-9B57-110D5F86C8F8} - System32\Tasks\AIDA\AIDA64 => E:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe [2012-03-28] (FinalWire Ltd.)
Task: {B3EAD71F-C14D-4768-8A70-E48EEA1FE9FA} - System32\Tasks\Auslogics\Disk Defrag\Scheduled Defragmentation => Rundll32.exe TaskSchedulerHelper.dll,RunTask "DiskDefrag.exe" "-UseTray -Scheduler"
Task: {BCD30C5B-A924-41CD-9912-D9177F1F00DA} - System32\Tasks\TerraTec\THCScheduledTask2014-04-28-13-48 => E:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe [2011-11-18] (TERRATEC Electronic GmbH)
Task: {C70BEA38-0E16-4085-92BF-8B08ECFC79D4} - System32\Tasks\{261539F0-2DB7-4D12-B6FF-CAF77A9216B0} => Chrome.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/go/help.faq.installer?LastError=1603
Task: {C89FBC2D-9CE1-407E-9556-898890048866} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C8BB1832-EA1D-4E54-9925-B66B2E544FED} - System32\Tasks\FRAPS\Fraps => E:\Program Files (x86)\Fraps\fraps.exe [2012-08-30] (Beepa P/L)
Task: {CB8FF24B-8102-4B0B-B79B-D1F4F191F4FA} - System32\Tasks\iTunes\iTunes => E:\Verknüpfungen aus Aufgabenplanung\iTunes starten.bat [2013-09-19] ()
Task: {D013C82B-DA98-4B81-B1B5-F94AA2B81096} - System32\Tasks\VideoSoft\StudioManager => E:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe [2014-02-26] (DvdVideoSoft Ltd.                   )
Task: {D1BFC72C-8B10-4108-BD0F-A8C7B694F01A} - System32\Tasks\MSI\Afterburner => E:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
Task: {D8AF586E-DA71-4CBC-ADDD-7BCE2185EEED} - System32\Tasks\GoogleUpdateTaskMachineUA => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-06] (Google Inc.)
Task: {E526AFF5-B7CE-4D18-8613-BA459EE966A0} - System32\Tasks\Datensicherung\TrueCrypt => E:\Program Files\TrueCrypt\TrueCrypt.exe [2013-06-02] (TrueCrypt Foundation)
Task: {EC857691-C635-437F-9505-FDB2977DBE25} - System32\Tasks\{4A4B38B3-C882-43F5-8E48-19D93CEE0390} => E:\Games\Call of Duty\Call of Duty- Modern Warfare 3\iw5sp.exe
Task: {F48418F6-E401-4F4F-914A-628733E59A7B} - System32\Tasks\{D811BCAE-AADD-4983-9E1B-E4252205FD67} => Chrome.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FA6EC4B2-A19A-403D-9A6E-15E0C7EE2761} - System32\Tasks\{7C9E9565-3198-4199-BE20-9FB4227D4E79} => E:\Games\Call of Duty\Call of Duty- Modern Warfare 3\iw5sp.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () E:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-04-22 21:03 - 2013-10-05 10:01 - 00699392 _____ () E:\Program Files\NetWorx\sqlite.dll
2013-04-22 21:03 - 2013-07-20 11:12 - 00115704 _____ () E:\Program Files\NetWorx\nfapi.dll
2012-12-13 14:40 - 2012-04-26 16:46 - 00203965 _____ () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\always-on-top.exe
2012-03-24 18:28 - 2010-07-06 10:01 - 00078448 ____R () E:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2012-03-24 18:28 - 2010-07-06 10:00 - 00386160 ____R () E:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2012-03-24 18:28 - 2010-07-06 10:01 - 00105584 ____R () E:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2012-03-24 18:28 - 2010-07-06 10:01 - 64643696 ____R () E:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2010-02-03 15:36 - 2010-02-03 15:36 - 00087488 _____ () E:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2014-04-15 22:28 - 2014-04-15 22:28 - 00102400 _____ () E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-09-27 21:14 - 2014-04-11 18:13 - 00602680 _____ () C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-04-24 13:54 - 2014-04-24 13:54 - 02215936 _____ () E:\Program Files\AVAST Software\Avast\defs\14042400\algo.dll
2014-04-25 22:08 - 2014-04-25 22:08 - 02252800 _____ () E:\Program Files\AVAST Software\Avast\defs\14042501\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () E:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-04-21 09:25 - 2014-04-21 09:25 - 19336120 _____ () E:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Metaller666\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-19 16:36 - 2014-03-19 16:36 - 03018864 _____ () E:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-03-19 16:36 - 2014-03-19 16:36 - 00158832 _____ () E:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-19 16:36 - 2014-03-19 16:36 - 00023152 _____ () E:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2013-11-11 21:13 - 2013-11-11 21:13 - 00084480 _____ () E:\Program Files (x86)\MusicBee\MusicBeeBass.dll
2013-04-28 09:50 - 2014-04-11 18:13 - 36966968 _____ () C:\Users\Metaller666\AppData\Roaming\Spotify\Data\libcef.dll
2013-09-27 21:14 - 2014-04-11 18:13 - 00886840 _____ () C:\Users\Metaller666\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-27 21:14 - 2014-04-11 18:13 - 00108600 _____ () C:\Users\Metaller666\AppData\Roaming\Spotify\Data\libegl.dll
2014-01-26 21:41 - 2014-04-22 00:55 - 00340480 _____ () E:\Program Files (x86)\Steam\libavresample-1.dll
2014-04-23 15:33 - 2014-04-22 00:55 - 00471552 _____ () E:\Program Files (x86)\Steam\libavutil-53.dll
2013-03-12 18:10 - 2014-04-01 00:09 - 00754688 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2012-03-27 13:58 - 2014-04-24 00:01 - 01092288 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-03-27 13:58 - 2014-03-03 21:15 - 20626624 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-27 13:58 - 2013-06-15 01:49 - 01100800 _____ () E:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-27 13:58 - 2013-06-15 01:49 - 00124416 _____ () E:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-27 13:58 - 2013-06-15 01:49 - 00192000 _____ () E:\Program Files (x86)\Steam\bin\avformat-53.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD
AlternateDataStreams: C:\ProgramData\Temp:07BF512B
AlternateDataStreams: C:\Users\Metaller666\Cookies:oU0FbXwOYOwgWcmv7gjg3Ao0DQY
AlternateDataStreams: C:\Users\Metaller666\Cookies:PvWFyPaZqD4QXQP4p87P42lX4lVb
AlternateDataStreams: C:\Users\Metaller666\Lokale Einstellungen:mgERGCBHvYk6zZF9fs1eLE
AlternateDataStreams: C:\Users\Metaller666\AppData\Local:mgERGCBHvYk6zZF9fs1eLE
AlternateDataStreams: C:\Users\Metaller666\AppData\Local\Anwendungsdaten:mgERGCBHvYk6zZF9fs1eLE
AlternateDataStreams: C:\Users\Metaller666\AppData\Local\Temporary Internet Files:OO2HlQdq6cHGWZM9S4den8MQwWk

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: ABBYY.Licensing.FineReader.Sprint.9.0 => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^fraps.exe => C:\Windows\pss\fraps.exe.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Metaller188^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "E:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "E:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AnyDVD => "E:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe"
MSCONFIG\startupreg: APSDaemon => "E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "E:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BDRegion => E:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: CLMLServer => "E:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: CloneCDTray => "E:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: EEventManager => "E:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: HDAudDeck => E:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: InstantBurn => E:\PROGRA~3\CYBERL~1\INSTAN~1\Win2K\IBurn.exe
MSCONFIG\startupreg: iTunesHelper => "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: MobileDocuments => E:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
MSCONFIG\startupreg: Name of App => E:\Program Files (x86)\SAMSUNG\FW LiveUpdate\FWManager.exe r
MSCONFIG\startupreg: NBAgent => "E:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart
MSCONFIG\startupreg: QuickTime Task => "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Remote Control Editor => "E:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe"
MSCONFIG\startupreg: RemoteControl9 => "E:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Gerät (PAN) #2
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: NVIDIA Enthusiasts Platform KDM
Description: NVIDIA Enthusiasts Platform KDM
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA Corporation
Service: nvoclk64
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.2.0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: AODDriver4.3
Description: AODDriver4.3
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AODDriver4.3
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2014 02:57:40 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).

Error: (04/25/2014 02:57:39 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).

Error: (04/24/2014 11:12:52 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: EXPLORERFRAME.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c6a8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000030a0d
ID des fehlerhaften Prozesses: 0x528
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (04/24/2014 10:43:04 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (04/24/2014 06:43:49 PM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (04/24/2014 09:51:30 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (04/24/2014 09:45:33 AM) (Source: Application Hang) (User: )
Description: Programm AvastUI.exe, Version 9.0.2018.391 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b4

Startzeit: 01cf5f902b5d8596

Endzeit: 60000

Anwendungspfad: E:\Program Files\AVAST Software\Avast\AvastUI.exe

Berichts-ID: 3e485832-cb84-11e3-b7eb-6c626dc099bb

Error: (04/24/2014 07:04:32 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 3580. Meldungs-ID: [0x2509].

Error: (04/24/2014 06:57:30 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 3080. Meldungs-ID: [0x2509].

Error: (04/24/2014 06:24:38 AM) (Source: Microsoft-Windows-WMI) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" aufgrund des Fehlers "0x80041003" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.


System errors:
=============
Error: (04/25/2014 09:18:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/25/2014 09:18:40 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (04/24/2014 10:42:46 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "WDN600ROUTER",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{E9061130-D214-480B-BC8B-63C33A19AA18}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/24/2014 10:41:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 10:41:31 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 06:43:19 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "WDN600ROUTER",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{E9061130-D214-480B-BC8B-63C33A19AA18}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/24/2014 06:42:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 06:42:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 09:49:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 09:49:55 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/25/2014 02:57:40 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)

Error: (04/25/2014 02:57:39 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)

Error: (04/24/2014 11:12:52 PM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4EXPLORERFRAME.dll6.1.7601.175144ce7c6a8c00000050000000000030a0d52801cf6000f812ada7C:\Windows\explorer.exeC:\Windows\system32\EXPLORERFRAME.dll321f2f2e-cbf5-11e3-b4e4-6c626dc099bb

Error: (04/24/2014 10:43:04 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2014 06:43:49 PM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2014 09:51:30 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/24/2014 09:45:33 AM) (Source: Application Hang)(User: )
Description: AvastUI.exe9.0.2018.3911b401cf5f902b5d859660000E:\Program Files\AVAST Software\Avast\AvastUI.exe3e485832-cb84-11e3-b7eb-6c626dc099bb

Error: (04/24/2014 07:04:32 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 3580. Meldungs-ID: [0x2509].

Error: (04/24/2014 06:57:30 AM) (Source: .NET Runtime)(User: )
Description: .NET Runtime version 4.0.30319.18444 - Fehler beim Initialisieren der Profilerstellungs-API-Anfügeinfrastruktur. Dieser Prozess ermöglicht einem Profiler das Anfügen nicht. HRESULT: 0x80004005.  Prozess-ID (dezimal): 3080. Meldungs-ID: [0x2509].

Error: (04/24/2014 06:24:38 AM) (Source: Microsoft-Windows-WMI)(User: NT-AUTORITÄT)
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-12-15 08:59:12.306
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-15 08:59:12.196
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-15 08:59:11.071
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-15 08:59:10.961
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-15 08:59:09.861
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-15 08:59:09.741
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-15 08:59:08.636
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-15 08:59:08.521
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-15 08:59:03.686
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-12-15 08:59:03.571
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Program Files (x86)\RivaTuner v2.24\RivaTuner64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 42%
Total physical RAM: 8190.16 MB
Available physical RAM: 4691 MB
Total Pagefile: 16380.34 MB
Available Pagefile: 12354.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:68.43 GB) (Free:13.08 GB) NTFS
Drive d: (Eigene Dateien) (Fixed) (Total:413.77 GB) (Free:28.74 GB) NTFS
Drive e: (Programme und Spiele) (Fixed) (Total:449.22 GB) (Free:76.31 GB) NTFS
Drive m: () (Removable) (Total:1.9 GB) (Free:0.57 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: F497F497)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=414 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=449 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 26.04.2014, 18:25

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Metaller666 · 26.04.2014, 22:58

Code:

ATTFilter

ComboFix 14-04-26.01 - Metaller666 26.04.2014  23:24:35.1.3 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8190.4298 [GMT 2:00]
ausgeführt von:: d:\downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\_@E4E2.tmp
C:\_@EC52.tmp
C:\_@F586.tmp
c:\users\METALL~4\AppData\Local\Temp\procexp64.exe
c:\users\Metaller666\AppData\Local\Temp\procexp64.exe
c:\users\Metaller666\AppData\Roaming\Microsoft\Windows\Recent\aida64.url
c:\windows\IsUn0407.exe
c:\windows\SysWow64\tmp37F2.tmp
c:\windows\SysWow64\tmp3802.tmp
c:\windows\SysWow64\tmpEC72.tmp
c:\windows\SysWow64\tmpEC83.tmp
d:\eigene dokumente\~WRL0003.tmp
E:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-26 bis 2014-04-26  ))))))))))))))))))))))))))))))
.
.
2014-04-26 21:33 . 2014-04-26 21:33	--------	d-----w-	c:\users\DefaultAppPool\AppData\Local\temp
2014-04-26 21:33 . 2014-04-26 21:33	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-26 14:35 . 2014-04-26 14:35	--------	d-----w-	e:\program files (x86)\ESET
2014-04-26 07:40 . 2014-04-26 07:42	--------	d-----w-	C:\FRST
2014-04-25 12:57 . 2014-04-25 12:57	--------	d-s---w-	c:\windows\system32\CompatTel
2014-04-25 12:57 . 2014-04-14 02:24	465408	----a-w-	c:\windows\system32\aepdu.dll
2014-04-25 12:57 . 2014-04-14 02:19	424448	----a-w-	c:\windows\system32\aeinv.dll
2014-04-22 15:17 . 2014-04-22 15:17	--------	d-----w-	c:\programdata\ATI
2014-04-22 14:46 . 2014-04-22 14:46	--------	d-----w-	e:\program files (x86)\Common Files\ATI Technologies
2014-04-22 14:17 . 2014-04-22 14:17	--------	d-----w-	e:\program files (x86)\AMD AVT
2014-04-22 14:12 . 2014-04-22 14:12	--------	d-----w-	e:\program files (x86)\ATI Technologies
2014-04-22 14:10 . 2014-04-22 15:09	--------	d-----w-	e:\program files\ATI Technologies
2014-04-21 20:26 . 2014-04-21 20:26	29208	----a-w-	c:\windows\system32\drivers\aswHwid.sys
2014-04-21 20:26 . 2014-04-21 20:26	43152	----a-w-	c:\windows\avastSS.scr
2014-04-21 07:26 . 2014-04-21 07:26	--------	d-----w-	c:\users\Metaller666\AppData\Roaming\AVAST Software
2014-04-21 07:25 . 2014-04-21 20:26	85328	----a-w-	c:\windows\system32\drivers\aswStm.sys
2014-04-21 07:25 . 2014-04-21 20:26	208416	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-04-21 07:25 . 2014-04-21 20:26	1039096	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2014-04-21 07:25 . 2014-04-21 20:26	423240	----a-w-	c:\windows\system32\drivers\aswSP.sys
2014-04-21 07:25 . 2014-04-21 20:26	79184	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-04-21 07:25 . 2014-04-21 20:26	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-04-21 07:25 . 2014-04-21 20:26	93568	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2014-04-21 07:25 . 2014-04-21 20:26	334648	----a-w-	c:\windows\system32\aswBoot.exe
2014-04-21 07:24 . 2014-04-21 07:24	--------	d-----w-	e:\program files\AVAST Software
2014-04-20 18:06 . 2014-04-20 18:06	--------	d-----w-	c:\windows\ERUNT
2014-04-18 18:37 . 2014-04-18 18:37	--------	d-----w-	e:\program files (x86)\VisiPics
2014-04-16 17:04 . 2014-03-17 20:11	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-16 07:37 . 2014-04-24 16:40	--------	d-----w-	C:\AdwCleaner
2014-04-16 02:39 . 2014-04-16 02:39	274656	----a-w-	c:\windows\system32\drivers\amdacpksd.sys
2014-04-16 02:37 . 2014-04-16 02:37	15376384	----a-w-	c:\windows\system32\drivers\atikmdag.sys
2014-04-16 02:23 . 2014-04-16 02:23	231424	----a-w-	c:\windows\system32\clinfo.exe
2014-04-16 02:23 . 2014-04-16 02:23	98816	----a-w-	c:\windows\system32\OpenVideo64.dll
2014-04-16 02:23 . 2014-04-16 02:23	83456	----a-w-	c:\windows\SysWow64\OpenVideo.dll
2014-04-16 02:23 . 2014-04-16 02:23	86528	----a-w-	c:\windows\system32\OVDecode64.dll
2014-04-16 02:23 . 2014-04-16 02:23	73216	----a-w-	c:\windows\SysWow64\OVDecode.dll
2014-04-16 02:23 . 2014-04-16 02:23	28685824	----a-w-	c:\windows\system32\amdocl64.dll
2014-04-16 02:20 . 2014-04-16 02:20	24107520	----a-w-	c:\windows\SysWow64\amdocl.dll
2014-04-16 02:17 . 2014-04-16 02:17	65024	----a-w-	c:\windows\system32\OpenCL.dll
2014-04-16 02:17 . 2014-04-16 02:17	58880	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-04-16 02:13 . 2014-04-16 02:13	127488	----a-w-	c:\windows\system32\mantle64.dll
2014-04-16 02:13 . 2014-04-16 02:13	113664	----a-w-	c:\windows\SysWow64\mantle32.dll
2014-04-16 02:13 . 2014-04-16 02:13	5442048	----a-w-	c:\windows\system32\amdmantle64.dll
2014-04-16 02:12 . 2014-04-16 02:12	27907584	----a-w-	c:\windows\system32\atio6axx.dll
2014-04-16 01:58 . 2014-04-16 01:58	4358656	----a-w-	c:\windows\SysWow64\amdmantle32.dll
2014-04-16 01:51 . 2014-04-16 01:51	23409152	----a-w-	c:\windows\SysWow64\atioglxx.dll
2014-04-16 01:46 . 2014-04-16 01:46	368128	----a-w-	c:\windows\system32\atiapfxx.exe
2014-04-16 01:46 . 2014-04-16 01:46	62464	----a-w-	c:\windows\system32\aticalrt64.dll
2014-04-16 01:46 . 2014-04-16 01:46	52224	----a-w-	c:\windows\SysWow64\aticalrt.dll
2014-04-16 01:46 . 2014-04-16 01:46	91136	----a-w-	c:\windows\system32\mantleaxl64.dll
2014-04-16 01:46 . 2014-04-16 01:46	55808	----a-w-	c:\windows\system32\aticalcl64.dll
2014-04-16 01:46 . 2014-04-16 01:46	49152	----a-w-	c:\windows\SysWow64\aticalcl.dll
2014-04-16 01:46 . 2014-04-16 01:46	85504	----a-w-	c:\windows\SysWow64\mantleaxl32.dll
2014-04-16 01:46 . 2014-04-16 01:46	15716352	----a-w-	c:\windows\system32\aticaldd64.dll
2014-04-16 01:42 . 2014-04-16 01:42	14302208	----a-w-	c:\windows\SysWow64\aticaldd.dll
2014-04-16 01:33 . 2014-04-16 01:33	48128	----a-w-	c:\windows\system32\amdmmcl6.dll
2014-04-16 01:33 . 2014-04-16 01:33	37888	----a-w-	c:\windows\SysWow64\amdmmcl.dll
2014-04-16 01:30 . 2014-04-16 01:30	442368	----a-w-	c:\windows\system32\atidemgy.dll
2014-04-16 01:29 . 2014-04-16 01:29	31232	----a-w-	c:\windows\system32\atimuixx.dll
2014-04-16 01:29 . 2014-04-16 01:29	586240	----a-w-	c:\windows\system32\atieclxx.exe
2014-04-16 01:29 . 2014-04-16 01:29	239616	----a-w-	c:\windows\system32\atiesrxx.exe
2014-04-16 01:28 . 2014-04-16 01:28	190976	----a-w-	c:\windows\system32\atitmm64.dll
2014-04-16 01:19 . 2014-04-16 01:19	806912	----a-w-	c:\windows\system32\coinst_14.100.dll
2014-04-16 01:08 . 2014-04-16 01:08	95744	----a-w-	c:\windows\system32\amdave64.dll
2014-04-16 01:08 . 2014-04-16 01:08	90112	----a-w-	c:\windows\SysWow64\amdave32.dll
2014-04-16 01:08 . 2014-04-16 01:08	848896	----a-w-	c:\windows\SysWow64\atiadlxy.dll
2014-04-16 01:08 . 2014-04-16 01:08	89088	----a-w-	c:\windows\system32\atisamu64.dll
2014-04-16 01:08 . 2014-04-16 01:08	80896	----a-w-	c:\windows\SysWow64\atisamu32.dll
2014-04-16 01:07 . 2014-04-16 01:07	75264	----a-w-	c:\windows\system32\atig6pxx.dll
2014-04-16 01:07 . 2014-04-16 01:07	69632	----a-w-	c:\windows\SysWow64\atiglpxx.dll
2014-04-16 01:07 . 2014-04-16 01:07	69632	----a-w-	c:\windows\system32\atiglpxx.dll
2014-04-16 01:07 . 2014-04-16 01:07	146944	----a-w-	c:\windows\system32\atig6txx.dll
2014-04-16 01:07 . 2014-04-16 01:07	133632	----a-w-	c:\windows\SysWow64\atigktxx.dll
2014-04-16 01:07 . 2014-04-16 01:07	638976	----a-w-	c:\windows\system32\drivers\atikmpag.sys
2014-04-16 01:04 . 2014-04-16 01:04	43520	----a-w-	c:\windows\system32\drivers\ati2erec.dll
2014-04-15 20:07 . 2014-04-15 20:35	119512	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 20:07 . 2014-04-15 20:07	--------	d-----w-	e:\program files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 20:07 . 2014-04-15 20:07	--------	d-----w-	c:\programdata\Malwarebytes
2014-04-15 20:07 . 2014-04-03 07:51	63192	----a-w-	c:\windows\system32\drivers\mwac.sys
2014-04-15 20:07 . 2014-04-03 07:51	88280	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-04-15 20:07 . 2014-04-03 07:50	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2014-04-14 18:44 . 2014-04-14 19:52	--------	d-----w-	e:\program files (x86)\Comodo
2014-04-13 20:20 . 2014-04-13 20:20	--------	d-----w-	e:\program files\iPod
2014-04-13 20:20 . 2014-04-13 20:21	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-13 20:18 . 2014-04-13 20:18	--------	d-----w-	e:\program files\Common Files\Apple
2014-04-09 16:30 . 2014-03-26 17:01	254240	----a-w-	c:\windows\system32\drivers\VBoxDrv.sys
2014-04-09 16:30 . 2014-03-26 17:00	128288	----a-w-	c:\windows\system32\drivers\VBoxUSBMon.sys
2014-04-05 10:22 . 2014-04-05 10:22	--------	d-----w-	e:\program files (x86)\FreeMind
2014-03-31 15:30 . 2012-06-09 08:24	106632	----a-w-	c:\windows\system32\drivers\WDUDSMBus.sys
2014-03-31 15:30 . 2012-06-09 08:22	180360	----a-w-	c:\windows\system32\drivers\WDUDSTcpBus.sys
2014-03-31 15:30 . 2014-03-31 15:30	--------	d-----w-	e:\program files (x86)\Western Digital
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-26 13:55 . 2012-03-30 17:25	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-26 13:55 . 2012-03-30 17:25	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-16 01:09 . 2014-02-24 02:28	1177600	----a-w-	c:\windows\system32\atiadlxx.dll
2014-04-08 19:03 . 2012-03-24 16:56	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-04-05 12:44 . 2013-02-08 16:44	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2014-04-04 19:34 . 2013-02-08 16:40	281688	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-03-26 17:00 . 2014-03-26 17:00	156448	----a-w-	c:\windows\system32\drivers\VBoxNetFlt.sys
2014-03-26 17:00 . 2014-03-26 17:00	141600	----a-w-	c:\windows\system32\drivers\VBoxNetAdp.sys
2014-03-26 17:00 . 2014-03-26 17:00	115488	----a-w-	c:\windows\system32\drivers\VBoxUSB.sys
2014-03-26 16:58 . 2014-03-26 16:58	204064	----a-w-	c:\windows\system32\VBoxNetFltNobj.dll
2014-03-14 15:56 . 2013-08-21 09:10	181064	----a-w-	c:\windows\PSEXESVC.EXE
2014-03-06 22:53 . 2012-09-03 11:40	2925760	----a-w-	c:\windows\system32\procexp.exe
2014-03-06 12:16 . 2013-04-22 19:03	59384	----a-w-	c:\windows\system32\drivers\networx.sys
2014-03-04 09:17 . 2014-04-08 19:00	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-02-24 03:48 . 2014-02-24 03:48	1187342	----a-w-	c:\windows\system32\amdocl_as64.exe
2014-02-24 03:48 . 2014-02-24 03:48	1061902	----a-w-	c:\windows\system32\amdocl_ld64.exe
2014-02-24 03:48 . 2014-02-24 03:48	995342	----a-w-	c:\windows\SysWow64\amdocl_as32.exe
2014-02-24 03:48 . 2014-02-24 03:48	798734	----a-w-	c:\windows\SysWow64\amdocl_ld32.exe
2014-02-23 20:58 . 2014-02-23 20:58	51200	----a-w-	c:\windows\system32\kdbsdk64.dll
2014-02-23 20:53 . 2014-02-23 20:53	38912	----a-w-	c:\windows\SysWow64\kdbsdk32.dll
2014-02-20 15:53 . 2014-02-20 15:53	108968	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2014-02-20 15:53 . 2014-02-20 15:53	312744	----a-w-	c:\windows\system32\javaws.exe
2014-02-20 15:53 . 2014-02-20 15:53	189352	----a-w-	c:\windows\system32\javaw.exe
2014-02-20 15:53 . 2014-02-20 15:53	189352	----a-w-	c:\windows\system32\java.exe
2014-02-13 13:20 . 2014-02-27 19:11	180368	--sha-r-	c:\windows\SysWow64\avutil-lav-52.dll
2014-02-13 13:20 . 2014-02-27 19:11	152720	--sha-r-	c:\windows\SysWow64\IntelQuickSyncDecoder.dll
2014-02-13 13:20 . 2014-02-27 19:11	110224	--sha-r-	c:\windows\SysWow64\libbluray.dll
2014-02-13 13:20 . 2014-02-27 19:11	109200	--sha-r-	c:\windows\SysWow64\swscale-lav-2.dll
2014-02-13 13:20 . 2014-02-27 19:11	98960	--sha-r-	c:\windows\SysWow64\avfilter-lav-3.dll
2014-02-13 13:20 . 2014-02-27 19:11	59536	--sha-r-	c:\windows\SysWow64\avresample-lav-1.dll
2014-02-13 13:20 . 2014-02-27 19:11	539280	--sha-r-	c:\windows\SysWow64\avformat-lav-55.dll
2014-02-13 13:20 . 2014-02-27 19:11	3057808	--sha-r-	c:\windows\SysWow64\avcodec-lav-55.dll
2014-02-13 13:20 . 2014-02-27 19:11	202384	--sha-r-	c:\windows\SysWow64\HLsplit.dll
2014-02-13 13:20 . 2014-02-27 19:11	122512	--sha-r-	c:\windows\SysWow64\HLaudio.dll
2014-02-13 13:20 . 2014-02-27 19:11	313520	--sha-r-	c:\windows\SysWow64\HLvideo.dll
2014-02-12 16:08 . 2014-02-12 16:08	386680	----a-w-	c:\windows\system32\drivers\sptd.sys
2014-02-12 15:33 . 2014-02-12 15:33	314016	----a-w-	c:\windows\system32\drivers\atksgt.sys
2014-02-12 15:33 . 2014-02-12 15:33	43680	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2014-02-07 01:23 . 2014-03-12 13:53	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-02-04 02:32 . 2014-03-12 13:53	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-12 13:53	624128	----a-w-	c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-12 13:53	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 13:53	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-01-29 02:32 . 2014-03-12 13:53	484864	----a-w-	c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-12 13:53	381440	----a-w-	c:\windows\SysWow64\wer.dll
2014-01-28 02:32 . 2014-03-12 13:53	228864	----a-w-	c:\windows\system32\wwansvc.dll
2013-12-18 16:47 . 2013-12-18 16:47	40960	----a-w-	e:\program files (x86)\HOSTS-Blocker.exe
2009-09-27 08:39	415744	--sh--w-	c:\windows\SysWOW64\avisynth.dll
2004-02-22 09:11	764416	--sh--w-	c:\windows\SysWOW64\devil.dll
2011-02-11 09:26	112128	--sha-r-	c:\windows\SysWOW64\OptimFROG.dll
2012-10-05 18:54	188416	--sha-r-	c:\windows\SysWOW64\winDCE32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Metaller666\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Metaller666\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Metaller666\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Remote Control Editor"="e:\program files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe" [2012-05-14 1834496]
"Sidebar"="e:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"AnyDVD"="e:\program files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe" [2012-02-20 5860984]
"Spotify Web Helper"="c:\users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-04-11 1171000]
"Skype"="e:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AdobeCEPServiceManager"="e:\program files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" [2013-03-13 1039248]
"PWRISOVM.EXE"="e:\program files\PowerISO\PWRISOVM.EXE" [2013-10-23 377368]
"SunJavaUpdateSched"="e:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"WD Print Share"="e:\program files (x86)\Western Digital\WD Print Share\WDPrintShare.exe" [2012-12-21 4328448]
"iTunesHelper"="e:\program files\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"AvastUI.exe"="e:\program files\AVAST Software\Avast\AvastUI.exe" [2014-04-21 3873704]
"StartCCC"="e:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-04-15 767200]
.
c:\users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
always-on-top.exe [2012-4-26 203965]
Dropbox.lnk - c:\users\Metaller666\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
Fraps.lnk - c:\windows\System32\schtasks.exe /RUN /TN "FRAPS\Fraps" [2010-11-21 285696]
HD VDeck.lnk - e:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2012-3-24 2443376]
Mozilla Thunderbird.lnk - e:\program files (x86)\Mozilla Thunderbird\thunderbird.exe [2014-3-19 390256]
SetPointII.lnk - e:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
TV-Browser.lnk - e:\program files (x86)\TV-Browser3.3\tvbrowser.exe [2013-11-19 65195]
.
c:\users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\
icloud.exe [2013-4-5 145736]
Synchredible.lnk - e:\program files (x86)\Synchredible\synchredible.exe [2012-4-28 6733688]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\
SetPointII.lnk - e:\program files\Logitech\SetPoint II\SetPointII.exe [2009-7-21 815104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AIPS;Arp Intelligent Protection Service;e:\program files (x86)\netcut\services\AIPS.exe;e:\program files (x86)\netcut\services\AIPS.exe [x]
R2 AODDriver4.2.0;AODDriver4.2.0;e:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;e:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AODDriver4.3;AODDriver4.3;e:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;e:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 CLKMSVC10_173EB256;CyberLink Product - 2012/03/25 09:17;e:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe;e:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 gupdate1ce9c1e86dd3230;Google Update-Dienst (gupdate1ce9c1e86dd3230);e:\program files (x86)\Google\Update\GoogleUpdate.exe;e:\program files (x86)\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;e:\program files (x86)\Skype\Updater\Updater.exe;e:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\METALL~4\AppData\Local\Temp\ALSysIO64.sys;c:\users\METALL~4\AppData\Local\Temp\ALSysIO64.sys [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;e:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;e:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 nmwcdnsux64;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsux64.sys;c:\windows\SYSNATIVE\drivers\nmwcdnsux64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys;c:\windows\SYSNATIVE\Drivers\VBoxUSB.sys [x]
R3 vcd10bus;Virtual CD v10 Bus Enumerator;c:\windows\system32\DRIVERS\vcd10bus.sys;c:\windows\SYSNATIVE\DRIVERS\vcd10bus.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDUDSTcpBus;WDUDSTcpBus;c:\windows\system32\Drivers\WDUDSTcpBus.sys;c:\windows\SYSNATIVE\Drivers\WDUDSTcpBus.sys [x]
R4 nvoclk64;NVIDIA Enthusiasts Platform KDM;c:\windows\system32\DRIVERS\nvoclk64.sys;c:\windows\SYSNATIVE\DRIVERS\nvoclk64.sys [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 HWiNFO32;HWiNFO32/64 Kernel Driver;c:\windows\system32\drivers\HWiNFO64A.SYS;c:\windows\SYSNATIVE\drivers\HWiNFO64A.SYS [x]
S1 networx;networx;c:\windows\system32\drivers\networx.sys;c:\windows\SYSNATIVE\drivers\networx.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;e:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;e:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.1;AODDriver4.1;e:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;e:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 NAUpdate;Nero Update;e:\program files (x86)\Nero\Update\NASvc.exe;e:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 TeamViewer9;TeamViewer 9;e:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;e:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 cxpl_mhd;Cinergy T PCIe Dual;c:\windows\system32\drivers\y_cx88x.sys;c:\windows\SYSNATIVE\drivers\y_cx88x.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys;c:\windows\SYSNATIVE\Drivers\pcouffin.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 WDUDSMBus;WDUDSMBus;c:\windows\system32\drivers\WDUDSMBus.sys;c:\windows\SYSNATIVE\drivers\WDUDSMBus.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_173EB256
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
iissvcs	REG_MULTI_SZ   	w3svc was
apphost	REG_MULTI_SZ   	apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\AutorunsDisabled\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2013-01-16 11:46	454176	----a-w-	e:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2013-01-16 11:46	454176	----a-w-	e:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-26 12:28	1078088	----a-w-	e:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- e:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-06 19:06]
.
2014-04-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- e:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-12-06 19:06]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-04-21 20:26	290888	----a-w-	e:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Metaller666\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Metaller666\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Metaller666\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Metaller666\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
Trusted Zone: aeriagames.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\x25d4xqu.default\
FF - prefs.js: browser.startup.homepage - about:newtab
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 9051
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2104731482-4251404017-3914828187-1006\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-2104731482-4251404017-3914828187-1006\Software\SecuROM\License information*]
"datasecu"=hex:4b,04,ff,8c,11,2f,5e,dc,1c,24,52,47,6e,95,37,c9,d0,bf,83,96,00,
   9c,44,43,fb,6a,49,33,1d,7a,a9,c0,d1,2b,43,43,49,9d,1f,7d,4e,e3,3d,5f,0e,ee,\
"rkeysecu"=hex:17,52,6d,6b,70,91,10,a0,b4,5d,26,34,be,35,fe,c3
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="e:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-26  23:34:46
ComboFix-quarantined-files.txt  2014-04-26 21:34
.
Vor Suchlauf: 12 Verzeichnis(se), 12.681.519.104 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 12.539.305.984 Bytes frei
.
- - End Of File - - 54F60FE3C47E40DB8B0D50018FD79564
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 27.04.2014, 18:47

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Metaller666 · 27.04.2014, 20:06

Malwarebytes und Adwcleaner wurden - wie im Anfangspost erwähnt - bereits ausgeführt, hier habe ich dir jeweils den Log der ersten und der heutigen Prüfung angehängt.

Malwarebytes (15.04.14):

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 15.04.2014
Suchlauf-Zeit: 22:26:26
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.15.11
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Metaller666

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 334875
Verstrichene Zeit: 14 Min, 4 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Tiefer Rootkit-Suchlauf: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 12
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}, In Quarantäne, [fe027789d62a1de3089af5557b8709f7], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}, In Quarantäne, [fe027789d62a1de3089af5557b8709f7], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [1ae6639dfd03c23e505381c9d32f0df3], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}, In Quarantäne, [1ae6639dfd03c23e505381c9d32f0df3], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\CLASSES\APPID\priam_bho.DLL, In Quarantäne, [9d6312ee6c94c73928cf97fdeb1834cc], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, In Quarantäne, [04fce61ad927847c3652bdef9e654ab6], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\priam_bho.DLL, In Quarantäne, [8a76c040c7390ef205f29ff543c0b24e], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jpmbfleldcgkldadpdinhjjopdfpjfjp, In Quarantäne, [689833cdbf417987b9b31c5857ab7987], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2104731482-4251404017-3914828187-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [3dc38f71e61ab848164c34479b67a35d], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2104731482-4251404017-3914828187-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [768a51af2cd432cec7d6f0a1748f827e], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-2104731482-4251404017-3914828187-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [c23eed13e11f669a2c4c5f0af50d5ba5], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-2104731482-4251404017-3914828187-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, In Quarantäne, [cc34de2241bf6f916d8ca2f21ae96799], 

Registrierungswerte: 2
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2104731482-4251404017-3914828187-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0Q1O2W1R1D0D1S1J, In Quarantäne, [768a51af2cd432cec7d6f0a1748f827e]
PUP.Optional.Wajam.A, HKU\S-1-5-21-2104731482-4251404017-3914828187-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 6447, In Quarantäne, [cc34de2241bf6f916d8ca2f21ae96799]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 2
PUP.Optional.Wajam.A, C:\Users\Metaller666\AppData\Local\Wajam, In Quarantäne, [c9379070679954ac72df0c54a85ae61a], 
PUP.Optional.Wajam.A, C:\Users\Metaller666\AppData\Local\Wajam\Chrome, In Quarantäne, [c9379070679954ac72df0c54a85ae61a], 

Dateien: 3
PUP.Optional.Conduit.A, C:\Users\Metaller666\AppData\Roaming\uTorrent\ism.exe, In Quarantäne, [4eb2d92769979e620230cd5242becf31], 
PUP.Optional.Iminent.A, C:\Users\Metaller666\AppData\Local\DownloadGuide\Offers\iminent.exe, In Quarantäne, [6898d22e1ce4ce3269b017114bb627d9], 
PUP.Optional.Wajam.A, C:\Users\Metaller666\AppData\Local\Wajam\Chrome\wajam.crx, In Quarantäne, [c9379070679954ac72df0c54a85ae61a], 

Physische Sektoren: 0
(No malicious items detected)


(end)

Malwarebytes (27.04.14):

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 27.04.2014
Suchlauf-Zeit: 20:35:30
Logdatei: mbam2.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.27.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Metaller666

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 356059
Verstrichene Zeit: 13 Min, 58 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Tiefer Rootkit-Suchlauf: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Adwcleaner (16.04.14):

Code:

ATTFilter

# AdwCleaner v3.023 - Bericht erstellt am 16/04/2014 um 09:37:06
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Metaller666 - METALLER188-PC
# Gestartet von : D:\Downloads\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : SystemStoreService

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Windows\System32\Tasks\Software Updater
Ordner Gefunden C:\ProgramData\boost_interprocess
Ordner Gefunden C:\Users\Metaller666\AppData\Local\DownloadGuide
Ordner Gefunden C:\Users\Metaller666\AppData\Local\Software_Updater
Ordner Gefunden C:\Users\Metaller666\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gefunden E:\Program Files (x86)\Conduit
Ordner Gefunden E:\Program Files (x86)\SoftwareUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Headlight
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : [x64] HKCU\Software\APN PIP
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\Headlight
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\Freeze.com
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_facebook-messenger-fur-windows_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_facebook-messenger-fur-windows_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\Software\PIP
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\systweak
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v18.0.2 (de)

[ Datei : C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\lsb27ga5.STandalone\prefs.js ]


[ Datei : C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\w3kqp5bj.default\prefs.js ]


-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4825 octets] - [16/04/2014 09:37:06]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4885 octets] ##########

Adwcleaner (27.04.14)

Code:

ATTFilter

# AdwCleaner v3.204 - Bericht erstellt am 27/04/2014 um 20:39:40
# Aktualisiert 26/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Metaller666 - METALLER188-PC
# Gestartet von : D:\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Metaller666\.android

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\8ozx4akk.Standalone\prefs.js ]


[ Datei : C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\x25d4xqu.default\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5009 octets] - [16/04/2014 09:37:06]
AdwCleaner[R1].txt - [1182 octets] - [18/04/2014 21:10:18]
AdwCleaner[R2].txt - [1243 octets] - [24/04/2014 18:39:15]
AdwCleaner[R3].txt - [1939 octets] - [27/04/2014 20:38:20]
AdwCleaner[S0].txt - [4839 octets] - [16/04/2014 13:29:00]
AdwCleaner[S1].txt - [1304 octets] - [24/04/2014 18:40:38]
AdwCleaner[S2].txt - [1852 octets] - [27/04/2014 20:39:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1912 octets] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Metaller666 on 27.04.2014 at 20:48:41,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Metaller666\AppData\Roaming\mozilla\firefox\profiles\x25d4xqu.default\minidumps [2 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.04.2014 at 20:57:13,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 01
Ran by Metaller666 (administrator) on METALLER188-PC on 27-04-2014 20:58:21
Running from D:\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Sandboxie Holdings, LLC) E:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Company) E:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Elgato Systems) E:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
(Microsoft Corporation) E:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Skype Technologies S.A.) E:\Program Files (x86)\Skype\Phone\Skype.exe
(Sandboxie Holdings, LLC) E:\Program Files\Sandboxie\SbieCtrl.exe
() C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\always-on-top.exe
(Microsoft Corporation) E:\Program Files\Windows Media Player\wmpnetwk.exe
(Dropbox, Inc.) C:\Users\Metaller666\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Power Software Ltd) E:\Program Files\PowerISO\PWRISOVM.EXE
(Oracle Corporation) E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VIA) E:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Beepa P/L) E:\Program Files (x86)\Fraps\fraps.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Logitech Inc.) E:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Logitech, Inc.) E:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Advanced Micro Devices Inc.) E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) E:\Program Files\Java\jre7\bin\java.exe
(Beepa P/L) E:\Program Files (x86)\Fraps\fraps64.dat
(ATI Technologies Inc.) E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nero AG) E:\Program Files (x86)\Nero\Update\NASvc.exe
(Thisisu) D:\Desktop\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [AdobeCEPServiceManager] => E:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => E:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [WD Print Share] => E:\Program Files (x86)\Western Digital\WD Print Share\WDPrintShare.exe [4328448 2012-12-21] ()
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-21] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-15] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [Remote Control Editor] => E:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe [1834496 2012-05-14] (Elgato Systems)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [Spotify Web Helper] => C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [Skype] => E:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [SandboxieControl] => E:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
IFEO\taskmgr.exe: [Debugger] procexp.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\always-on-top.exe ()
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Metaller666\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fraps.lnk
ShortcutTarget: Fraps.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HD VDeck.lnk
ShortcutTarget: HD VDeck.lnk -> E:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> E:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk
ShortcutTarget: SetPointII.lnk -> E:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TV-Browser.lnk
ShortcutTarget: TV-Browser.lnk -> E:\Program Files (x86)\TV-Browser3.3\tvbrowser.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - E:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - E:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - E:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - E:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\8ozx4akk.Standalone
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - E:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - E:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - E:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - E:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - E:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - E:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - E:\PROGRA~3\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - E:\PROGRA~3\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - E:\PROGRA~3\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - E:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - E:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect - E:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Extension: Adblock Plus - C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\8ozx4akk.Standalone\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-21]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (YouTube) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-26]
CHR Extension: (Google-Suche) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-26]
CHR Extension: (Collusion for Chrome) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp [2014-04-26]
CHR Extension: (AdBlock) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-26]
CHR Extension: (Speed Dial 2) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2014-04-26]
CHR Extension: (Google Wallet) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-26]
CHR Extension: (YouTube Unblocker) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-04-26]
CHR Extension: (ScriptSafe) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-04-26]
CHR Extension: (Google Mail) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-21]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; E:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-09] (Adobe Systems)
R2 AMD FUEL Service; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-15] (Advanced Micro Devices, Inc.)
R2 Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-21] (AVAST Software)
S2 AxAutoMntSrv; E:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 CLKMSVC10_173EB256; E:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)
S3 DAUpdaterSvc; E:\Games\Dragon Age\Dragon Age Origins\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S3 Futuremark SystemInfo Service; E:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-29] (Futuremark)
S2 gupdate1ce9c1e86dd3230; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-12-06] (Google Inc.)
S3 gupdatem; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-12-06] (Google Inc.)
S3 IDriverT; E:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-02-21] (Apple Inc.)
R2 LightScribeService; E:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company)
S3 Microsoft SharePoint Workspace Audit Service; E:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
S3 MozillaMaintenance; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-03-15] (Mozilla Foundation)
R2 NAUpdate; E:\Program Files (x86)\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
S3 ose; E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
R2 osppsvc; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R2 SbieSvc; E:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
S2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 SQLWriter; E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [129624 2012-02-11] (Microsoft Corporation)
S3 Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [572096 2014-04-24] (Valve Corporation)
R2 TeamViewer9; E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 wlidsvc; E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.)
S2 AIPS; E:\Program Files (x86)\netcut\services\AIPS.exe [X]
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.2.0; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-21] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-02-12] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-11-23] (REALiX(tm))
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-02-12] ()
R1 networx; C:\Windows\System32\drivers\networx.sys [59384 2014-03-06] (NetFilterSDK.com)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S4 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 SbieDrv; E:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-02-12] (Duplex Secure Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
R3 WDUDSMBus; C:\Windows\System32\drivers\WDUDSMBus.sys [106632 2012-06-09] (Windows (R) Codename Longhorn DDK provider)
S3 WDUDSTcpBus; C:\Windows\System32\Drivers\WDUDSTcpBus.sys [180360 2012-06-09] (Windows (R) Codename Longhorn DDK provider)
U3 a9pwv9kl; C:\Windows\System32\Drivers\a9pwv9kl.sys [0 ] (Advanced Micro Devices)
S3 ALSysIO; \??\C:\Users\METALL~4\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
U5 HCWBT8XX; C:\Windows\SysWOW64\Drivers\HCWBT8XX.sys [472644 2006-01-25] (Hauppauge Computer Works)
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-27 20:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-27 14:40 - 2014-04-27 14:40 - 00000000 ___RD () C:\Sandbox
2014-04-27 14:39 - 2014-04-27 14:41 - 00001856 _____ () C:\Windows\Sandboxie.ini
2014-04-27 14:39 - 2014-04-27 14:39 - 00000000 ____D () E:\Program Files\Sandboxie
2014-04-27 14:39 - 2014-04-27 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-04-27 10:52 - 2014-04-27 11:41 - 00000000 ____D () E:\Program Files (x86)\Tor
2014-04-26 23:34 - 2014-04-26 23:34 - 00035938 _____ () C:\ComboFix.txt
2014-04-26 23:22 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-26 23:22 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-26 23:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-26 23:21 - 2014-04-26 23:34 - 00000000 ____D () C:\Qoobox
2014-04-26 23:21 - 2014-04-26 23:33 - 00000000 ____D () C:\Windows\erdnt
2014-04-26 16:35 - 2014-04-26 16:35 - 00000000 ____D () E:\Program Files (x86)\ESET
2014-04-26 09:40 - 2014-04-27 20:58 - 00000000 ____D () C:\FRST
2014-04-25 14:57 - 2014-04-25 14:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 14:57 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-25 14:57 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-24 22:13 - 2014-04-24 22:13 - 00017408 ___SH () C:\Users\Metaller666\Thumbs.db
2014-04-24 14:36 - 2014-04-24 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-22 17:17 - 2014-04-22 17:17 - 00000000 ____D () C:\ProgramData\ATI
2014-04-22 17:10 - 2014-04-22 17:10 - 00067420 _____ () C:\Windows\SysWOW64\CCCInstall_201404221710383312.log
2014-04-22 17:10 - 2014-04-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-22 16:59 - 2014-04-22 16:59 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221659138977.log
2014-04-22 16:46 - 2014-04-22 16:46 - 00066765 _____ () C:\Windows\SysWOW64\CCCInstall_201404221646266389.log
2014-04-22 16:17 - 2014-04-22 16:17 - 00000000 ____D () E:\Program Files (x86)\AMD AVT
2014-04-22 16:12 - 2014-04-22 16:12 - 00000000 ____D () E:\Program Files (x86)\ATI Technologies
2014-04-22 16:10 - 2014-04-22 17:09 - 00000000 ____D () E:\Program Files\ATI Technologies
2014-04-22 15:55 - 2014-04-22 15:55 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221555331783.log
2014-04-21 22:26 - 2014-04-21 22:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-21 22:26 - 2014-04-21 22:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-21 09:26 - 2014-04-21 09:26 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\AVAST Software
2014-04-21 09:25 - 2014-04-26 18:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-21 09:25 - 2014-04-21 22:26 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-21 09:25 - 2014-04-21 22:26 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-21 09:25 - 2014-04-21 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-21 09:24 - 2014-04-21 09:24 - 00000000 ____D () E:\Program Files\AVAST Software
2014-04-20 20:06 - 2014-04-20 20:06 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () E:\Program Files (x86)\VisiPics
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
2014-04-18 18:22 - 2014-04-18 18:22 - 00000000 _____ () C:\Users\Metaller666\Sti_Trace.log
2014-04-16 19:04 - 2014-04-16 19:04 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b13.log
2014-04-16 19:04 - 2014-03-17 22:11 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-16 19:04 - 2014-03-17 22:02 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-16 19:04 - 2014-03-17 22:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-16 19:04 - 2014-03-17 22:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-16 14:20 - 2014-04-26 16:56 - 00000000 ____D () E:\Program Files (x86)\Mozilla Firefox
2014-04-16 14:20 - 2014-04-16 14:20 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-16 09:37 - 2014-04-27 20:39 - 00000000 ____D () C:\AdwCleaner
2014-04-16 04:43 - 2014-04-16 04:43 - 10335208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08866928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08010968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 07520200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06799688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06796592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01343272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01117184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-04-16 04:39 - 2014-04-16 04:39 - 00274656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-04-16 04:37 - 2014-04-16 04:37 - 15376384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-04-16 04:23 - 2014-04-16 04:23 - 28685824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00231424 _____ () C:\Windows\system32\clinfo.exe
2014-04-16 04:23 - 2014-04-16 04:23 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-04-16 04:20 - 2014-04-16 04:20 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 05442048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-04-16 04:12 - 2014-04-16 04:12 - 27907584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-04-16 03:58 - 2014-04-16 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-04-16 03:51 - 2014-04-16 03:51 - 23409152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00368128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-04-16 03:46 - 2014-04-16 03:46 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-04-16 03:42 - 2014-04-16 03:42 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-04-16 03:30 - 2014-04-16 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-16 03:29 - 2014-04-16 03:29 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-04-16 03:28 - 2014-04-16 03:28 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-04-16 03:28 - 2014-04-16 03:28 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-04-16 03:19 - 2014-04-16 03:19 - 00806912 _____ (AMD) C:\Windows\system32\coinst_14.100.dll
2014-04-16 03:17 - 2014-04-16 03:17 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-04-16 03:08 - 2014-04-16 03:08 - 00848896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00638976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-04-16 03:07 - 2014-04-16 03:07 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-04-16 03:04 - 2014-04-16 03:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-04-15 22:07 - 2014-04-27 20:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 22:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 22:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 22:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 21:46 - 2014-04-14 21:46 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-14 20:44 - 2014-04-14 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-13 22:21 - 2014-04-13 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-13 22:20 - 2014-04-13 22:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-13 22:20 - 2014-04-13 22:20 - 00000000 ____D () E:\Program Files\iPod
2014-04-13 22:18 - 2014-04-13 22:18 - 00000000 ____D () E:\Program Files\Common Files\Apple
2014-04-10 19:58 - 2014-04-10 19:58 - 00082128 _____ () C:\Windows\system32\ativce02.dat
2014-04-09 18:44 - 2014-04-09 18:44 - 00000312 _____ () C:\Users\Metaller666\2014-04-09-16-44-33.043-VBoxSVC.exe-6236.log
2014-04-09 18:30 - 2014-04-09 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-04-09 18:30 - 2014-03-26 19:01 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-04-09 18:30 - 2014-03-26 19:00 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-04-08 21:00 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-08 21:00 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-08 21:00 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 21:00 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-08 21:00 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-08 21:00 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-08 21:00 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-08 21:00 - 2014-02-24 04:35 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 09074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-08 21:00 - 2014-02-24 03:34 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 21:00 - 2014-02-24 03:15 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 21:00 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-08 21:00 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-08 21:00 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-08 21:00 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-08 21:00 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-08 21:00 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-06 23:17 - 2014-04-06 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () E:\Program Files (x86)\FreeMind
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2014-04-01 00:06 - 2014-04-01 00:06 - 00234804 _____ () C:\Windows\system32\ativvaxy_cik.dat
2014-04-01 00:04 - 2014-04-01 00:04 - 00233008 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () E:\Program Files (x86)\Western Digital
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-03-31 17:30 - 2012-06-09 10:24 - 00106632 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\WDUDSMBus.sys
2014-03-31 17:30 - 2012-06-09 10:22 - 00180360 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\WDUDSTcpBus.sys

==================== One Month Modified Files and Folders =======

2014-04-27 20:58 - 2014-04-26 09:40 - 00000000 ____D () C:\FRST
2014-04-27 20:51 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-27 20:51 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-27 20:45 - 2012-07-28 20:48 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Dropbox
2014-04-27 20:43 - 2012-03-25 10:04 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Skype
2014-04-27 20:41 - 2013-08-18 16:23 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 20:40 - 2013-04-21 09:03 - 00458044 _____ () C:\Windows\PFRO.log
2014-04-27 20:40 - 2013-04-20 10:08 - 00274378 _____ () C:\Windows\setupact.log
2014-04-27 20:40 - 2013-03-08 22:01 - 01118918 _____ () C:\Windows\WindowsUpdate.log
2014-04-27 20:40 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-27 20:39 - 2014-04-16 09:37 - 00000000 ____D () C:\AdwCleaner
2014-04-27 20:39 - 2012-03-24 17:43 - 00000000 ____D () C:\Users\Metaller666
2014-04-27 20:37 - 2012-04-10 11:34 - 00000000 ____D () C:\Windows\System32\Tasks\TerraTec
2014-04-27 20:31 - 2013-08-18 16:23 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-27 20:19 - 2014-04-15 22:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 18:01 - 2013-04-28 09:50 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Spotify
2014-04-27 15:07 - 2012-03-26 18:08 - 00000000 ____D () E:\Program Files (x86)\Steam
2014-04-27 14:41 - 2014-04-27 14:39 - 00001856 _____ () C:\Windows\Sandboxie.ini
2014-04-27 14:40 - 2014-04-27 14:40 - 00000000 ___RD () C:\Sandbox
2014-04-27 14:39 - 2014-04-27 14:39 - 00000000 ____D () E:\Program Files\Sandboxie
2014-04-27 14:39 - 2014-04-27 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-04-27 13:27 - 2013-09-21 14:13 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Vidalia
2014-04-27 12:31 - 2013-08-21 10:15 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C79624AB-E946-4E99-B9F8-9FAFB81F6E5E}
2014-04-27 12:02 - 2013-09-21 14:14 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\tor
2014-04-27 11:41 - 2014-04-27 10:52 - 00000000 ____D () E:\Program Files (x86)\Tor
2014-04-27 10:05 - 2013-09-27 20:02 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\TV-Browser
2014-04-26 23:34 - 2014-04-26 23:34 - 00035938 _____ () C:\ComboFix.txt
2014-04-26 23:34 - 2014-04-26 23:21 - 00000000 ____D () C:\Qoobox
2014-04-26 23:33 - 2014-04-26 23:21 - 00000000 ____D () C:\Windows\erdnt
2014-04-26 23:33 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-26 23:08 - 2012-04-15 07:52 - 00000000 ____D () C:\ProgramData\Win7codecs
2014-04-26 22:37 - 2012-03-25 18:18 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Mp3tag
2014-04-26 18:44 - 2014-03-14 17:33 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\MusicBee
2014-04-26 18:35 - 2014-04-21 09:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-26 18:31 - 2013-02-03 16:12 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\uTorrent
2014-04-26 16:56 - 2014-04-16 14:20 - 00000000 ____D () E:\Program Files (x86)\Mozilla Firefox
2014-04-26 16:35 - 2014-04-26 16:35 - 00000000 ____D () E:\Program Files (x86)\ESET
2014-04-26 15:56 - 2013-09-04 15:59 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Adobe
2014-04-26 15:55 - 2012-03-30 19:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-26 15:55 - 2012-03-30 19:25 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 14:57 - 2014-04-25 14:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-24 22:13 - 2014-04-24 22:13 - 00017408 ___SH () C:\Users\Metaller666\Thumbs.db
2014-04-24 18:41 - 2012-03-25 12:12 - 00000000 ____D () E:\Program Files (x86)\Mp3tag
2014-04-24 15:58 - 2011-04-12 09:43 - 00813034 _____ () C:\Windows\system32\perfh007.dat
2014-04-24 15:58 - 2011-04-12 09:43 - 00189100 _____ () C:\Windows\system32\perfc007.dat
2014-04-24 15:58 - 2009-07-14 07:13 - 01891264 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-24 14:36 - 2014-04-24 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-24 13:41 - 2012-08-16 16:18 - 00000000 ____D () E:\Program Files (x86)\JDownloader
2014-04-22 17:34 - 2013-04-28 09:50 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Spotify
2014-04-22 17:32 - 2014-01-06 17:51 - 00000000 ____D () C:\Users\DefaultAppPool
2014-04-22 17:32 - 2012-08-04 09:11 - 00000000 ____D () C:\Users\Gast
2014-04-22 17:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-22 17:17 - 2014-04-22 17:17 - 00000000 ____D () C:\ProgramData\ATI
2014-04-22 17:10 - 2014-04-22 17:10 - 00067420 _____ () C:\Windows\SysWOW64\CCCInstall_201404221710383312.log
2014-04-22 17:10 - 2014-04-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-22 17:09 - 2014-04-22 16:10 - 00000000 ____D () E:\Program Files\ATI Technologies
2014-04-22 17:09 - 2013-09-29 17:19 - 00000000 ____D () C:\ProgramData\AMD
2014-04-22 16:59 - 2014-04-22 16:59 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221659138977.log
2014-04-22 16:46 - 2014-04-22 16:46 - 00066765 _____ () C:\Windows\SysWOW64\CCCInstall_201404221646266389.log
2014-04-22 16:17 - 2014-04-22 16:17 - 00000000 ____D () E:\Program Files (x86)\AMD AVT
2014-04-22 16:12 - 2014-04-22 16:12 - 00000000 ____D () E:\Program Files (x86)\ATI Technologies
2014-04-22 15:55 - 2014-04-22 15:55 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221555331783.log
2014-04-21 22:26 - 2014-04-21 22:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-21 22:26 - 2014-04-21 22:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-21 22:26 - 2014-04-21 09:25 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-21 21:27 - 2013-08-21 22:08 - 00000000 ____D () E:\Program Files\VideoLAN
2014-04-21 20:05 - 2013-09-07 11:00 - 00000132 _____ () C:\Users\Metaller666\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-04-21 09:26 - 2014-04-21 09:26 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\AVAST Software
2014-04-21 09:25 - 2014-04-21 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-21 09:24 - 2014-04-21 09:24 - 00000000 ____D () E:\Program Files\AVAST Software
2014-04-21 09:23 - 2012-03-24 15:17 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-20 20:06 - 2014-04-20 20:06 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () E:\Program Files (x86)\VisiPics
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
2014-04-18 18:22 - 2014-04-18 18:22 - 00000000 _____ () C:\Users\Metaller666\Sti_Trace.log
2014-04-17 12:28 - 2013-02-08 19:07 - 00000000 ____D () E:\Program Files (x86)\Mozilla Maintenance Service
2014-04-16 23:11 - 2013-12-10 19:03 - 00001018 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-16 23:04 - 2012-07-04 22:28 - 00000600 _____ () C:\Users\Metaller666\AppData\Local\PUTTY.RND
2014-04-16 21:34 - 2012-10-02 22:09 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\KeePass
2014-04-16 20:06 - 2012-04-24 16:53 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\TeamViewer
2014-04-16 19:10 - 2013-09-25 20:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-16 19:04 - 2014-04-16 19:04 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b13.log
2014-04-16 19:04 - 2013-04-23 18:31 - 00000000 ____D () E:\Program Files (x86)\Java
2014-04-16 14:20 - 2014-04-16 14:20 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-16 14:20 - 2012-03-25 10:54 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Mozilla
2014-04-16 04:43 - 2014-04-16 04:43 - 10335208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08866928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08010968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 07520200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06799688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06796592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01343272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01117184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-04-16 04:39 - 2014-04-16 04:39 - 00274656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-04-16 04:37 - 2014-04-16 04:37 - 15376384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-04-16 04:23 - 2014-04-16 04:23 - 28685824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00231424 _____ () C:\Windows\system32\clinfo.exe
2014-04-16 04:23 - 2014-04-16 04:23 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-04-16 04:20 - 2014-04-16 04:20 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 05442048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-04-16 04:12 - 2014-04-16 04:12 - 27907584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-04-16 03:58 - 2014-04-16 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-04-16 03:51 - 2014-04-16 03:51 - 23409152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00368128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-04-16 03:46 - 2014-04-16 03:46 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-04-16 03:42 - 2014-04-16 03:42 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-04-16 03:30 - 2014-04-16 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-16 03:29 - 2014-04-16 03:29 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-04-16 03:28 - 2014-04-16 03:28 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-04-16 03:28 - 2014-04-16 03:28 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-04-16 03:19 - 2014-04-16 03:19 - 00806912 _____ (AMD) C:\Windows\system32\coinst_14.100.dll
2014-04-16 03:17 - 2014-04-16 03:17 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-04-16 03:09 - 2014-02-24 04:28 - 01177600 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00848896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00638976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-04-16 03:07 - 2014-04-16 03:07 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-04-16 03:04 - 2014-04-16 03:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-04-15 22:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 15:07 - 2013-09-04 20:13 - 00001456 _____ () C:\Users\Metaller666\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-15 14:39 - 2012-04-13 14:34 - 00000000 ____D () C:\Users\Metaller666\.VirtualBox
2014-04-15 12:17 - 2013-06-09 09:37 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Opera Software
2014-04-15 12:14 - 2012-07-19 18:01 - 00000000 ____D () E:\Program Files (x86)\Firefox Nightly
2014-04-15 12:12 - 2013-05-29 09:10 - 00000000 ____D () E:\Program Files (x86)\Opera Next
2014-04-15 12:11 - 2013-12-06 21:33 - 00000000 ____D () E:\Program Files (x86)\Opera Developer
2014-04-14 21:52 - 2014-04-14 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-14 21:46 - 2014-04-14 21:46 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-14 21:46 - 2013-11-13 12:50 - 00001251 _____ () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-04-14 21:46 - 2013-11-13 11:35 - 00001273 _____ () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-14 21:46 - 2012-09-10 20:55 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Opera
2014-04-14 04:24 - 2014-04-25 14:57 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-25 14:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 22:21 - 2014-04-13 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-13 22:21 - 2014-04-13 22:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-13 22:21 - 2013-09-19 21:21 - 00000000 ____D () E:\Program Files\iTunes
2014-04-13 22:20 - 2014-04-13 22:20 - 00000000 ____D () E:\Program Files\iPod
2014-04-13 22:18 - 2014-04-13 22:18 - 00000000 ____D () E:\Program Files\Common Files\Apple
2014-04-13 22:06 - 2012-03-24 15:46 - 00000000 ____D () C:\ProgramData\Apple
2014-04-10 19:58 - 2014-04-10 19:58 - 00082128 _____ () C:\Windows\system32\ativce02.dat
2014-04-09 18:44 - 2014-04-09 18:44 - 00000312 _____ () C:\Users\Metaller666\2014-04-09-16-44-33.043-VBoxSVC.exe-6236.log
2014-04-09 18:30 - 2014-04-09 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-04-09 16:43 - 2013-05-22 18:25 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Foxit Software
2014-04-08 22:22 - 2013-11-13 10:17 - 00000000 ____D () C:\Windows\rescache
2014-04-08 21:13 - 2012-04-23 16:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-08 21:12 - 2013-07-27 12:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-08 21:03 - 2012-03-24 18:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 17:55 - 2013-09-26 14:36 - 00000000 ____D () E:\Program Files (x86)\SEE Electrical Schulversion V5
2014-04-07 17:54 - 2013-09-27 21:16 - 00001276 _____ () C:\ProgramData\CADdy++1100.ini
2014-04-07 17:54 - 2013-09-27 21:16 - 00001276 _____ () C:\ProgramData\CADdy++1010.ini
2014-04-07 17:54 - 2013-09-27 21:16 - 00001276 _____ () C:\ProgramData\CADdy++1000.ini
2014-04-06 23:17 - 2014-04-06 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-04-06 13:30 - 2012-03-24 17:58 - 00000000 ___HD () E:\Program Files (x86)\InstallShield Installation Information
2014-04-06 13:30 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-05 14:44 - 2013-02-08 18:44 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-05 13:33 - 2013-09-27 20:01 - 00000000 ____D () E:\Program Files (x86)\TV-Browser3.3
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () E:\Program Files (x86)\FreeMind
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2014-04-04 21:34 - 2013-02-08 18:40 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-03 09:51 - 2014-04-15 22:07 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 22:07 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 22:07 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 21:22 - 2012-09-26 20:20 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\FileZilla
2014-04-02 21:18 - 2012-12-12 21:28 - 00000000 ___RD () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-02 16:33 - 2012-03-28 20:18 - 00000000 ____D () E:\Program Files (x86)\phase5
2014-04-01 00:06 - 2014-04-01 00:06 - 00234804 _____ () C:\Windows\system32\ativvaxy_cik.dat
2014-04-01 00:04 - 2014-04-01 00:04 - 00233008 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () E:\Program Files (x86)\Western Digital
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-03-29 11:26 - 2013-08-18 16:23 - 00004116 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 11:26 - 2013-08-18 16:23 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 11:14 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-29 11:13 - 2012-04-28 14:16 - 00000000 ____D () E:\Program Files (x86)\Synchredible
2014-03-28 20:15 - 2012-12-01 22:41 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\My Games

Some content of TEMP:
====================
C:\Users\Metaller666\AppData\Local\Temp\procexp64.exe
C:\Users\Metaller666\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 16:06

==================== End Of Log ============================

--- --- ---

schrauber · 28.04.2014, 08:58

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Metaller666 · 28.04.2014, 16:13

ESET hatte ich bereits am 26.04.14 ausgeführt, die ersten beiden Einträge habe ich bereits manuell entfernt, wobei ich denke, dass das eher ein Fehlalarm war, genauso wie beim letzten Eintrag - das ist definitiv einer.

ESET Log:

Code:

ATTFilter

C:\ProgramData\Win7codecs\{D9E2655F-6715-4E89-8C91-3B327FD891B4}\Win7codecs.msi	Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Users\All Users\Win7codecs\{D9E2655F-6715-4E89-8C91-3B327FD891B4}\Win7codecs.msi	Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung
C:\Users\Metaller666\AppData\Roaming\DVDVideoSoft\FreeStudio.exe	Win32/OpenCandy potenziell unsichere Anwendung

Checkup:

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus out of date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Adobe Flash Player 	13.0.0.182  
 Mozilla Firefox (28.0) 
 Mozilla Thunderbird (17.0.3) 
 Google Chrome 17.0.963.83  
````````Process Check: objlist.exe by Laurent````````  
 system32 AvastSvc.exe -?-   
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 01
Ran by Metaller666 (administrator) on METALLER188-PC on 28-04-2014 17:07:31
Running from D:\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Sandboxie Holdings, LLC) E:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard Company) E:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Elgato Systems) E:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe
(Microsoft Corporation) E:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) E:\Program Files\Windows Media Player\wmpnetwk.exe
(Skype Technologies S.A.) E:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\always-on-top.exe
() E:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Dropbox, Inc.) C:\Users\Metaller666\AppData\Roaming\Dropbox\bin\Dropbox.exe
(VIA) E:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Beepa P/L) E:\Program Files (x86)\Fraps\fraps.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Logitech Inc.) E:\Program Files\Logitech\SetPoint II\SetPointII.exe
(Power Software Ltd) E:\Program Files\PowerISO\PWRISOVM.EXE
(Logitech, Inc.) E:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Oracle Corporation) E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) E:\Program Files\Java\jre7\bin\java.exe
(Beepa P/L) E:\Program Files (x86)\Fraps\fraps64.dat
(ATI Technologies Inc.) E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Nero AG) E:\Program Files (x86)\Nero\Update\NASvc.exe
(TERRATEC Electronic GmbH) E:\Program Files (x86)\TerraTec\TerraTec Home Cinema\CinergyDvr.exe
(Microsoft Corporation) E:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Steven Mayall) E:\Program Files (x86)\MusicBee\MusicBee.exe


==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [AdobeCEPServiceManager] => E:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PWRISOVM.EXE] => E:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [SunJavaUpdateSched] => E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [WD Print Share] => E:\Program Files (x86)\Western Digital\WD Print Share\WDPrintShare.exe [4328448 2012-12-21] ()
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704 2014-04-21] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => E:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\RunOnce: [20131224] - E:\Program Files\AVAST Software\Avast\setup\emupdate\aa26f112-d80c-4ec0-90a6-ba5e148c7497.exe /check [181136 2014-04-28] (AVAST Software)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [Remote Control Editor] => E:\Program Files (x86)\Common Files\TerraTec\Remote\TTTvRc.exe [1834496 2012-05-14] (Elgato Systems)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [Spotify Web Helper] => C:\Users\Metaller666\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-11] (Spotify Ltd)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Run: [Skype] => E:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2104731482-4251404017-3914828187-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
IFEO\taskmgr.exe: [Debugger] procexp.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\always-on-top.exe ()
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Metaller666\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fraps.lnk
ShortcutTarget: Fraps.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HD VDeck.lnk
ShortcutTarget: HD VDeck.lnk -> E:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk
ShortcutTarget: Mozilla Thunderbird.lnk -> E:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SetPointII.lnk
ShortcutTarget: SetPointII.lnk -> E:\Program Files\Logitech\SetPoint II\SetPointII.exe (Logitech Inc.)
Startup: C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TV-Browser.lnk
ShortcutTarget: TV-Browser.lnk -> E:\Program Files (x86)\TV-Browser3.3\tvbrowser.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - E:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - E:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - E:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -  No File
Toolbar: HKLM-x32 - TerraTec Home Cinema - {AD6E6555-FB2C-47D4-8339-3E2965509877} - E:\Program Files (x86)\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - E:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\8ozx4akk.Standalone
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - E:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - E:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.1 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - E:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - E:\Program Files (x86)\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - E:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - E:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - E:\PROGRA~3\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - E:\PROGRA~3\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - E:\PROGRA~3\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - E:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - E:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect - E:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF Extension: Adblock Plus - C:\Users\Metaller666\AppData\Roaming\Mozilla\Firefox\Profiles\8ozx4akk.Standalone\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-21]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR Extension: (YouTube) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-26]
CHR Extension: (Google-Suche) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-26]
CHR Extension: (Collusion for Chrome) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp [2014-04-26]
CHR Extension: (AdBlock) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-26]
CHR Extension: (Speed Dial 2) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2014-04-26]
CHR Extension: (Google Wallet) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-26]
CHR Extension: (YouTube Unblocker) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-04-26]
CHR Extension: (ScriptSafe) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2014-04-26]
CHR Extension: (Google Mail) - C:\Users\Metaller666\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-21]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; E:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-09] (Adobe Systems)
R2 AMD FUEL Service; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-15] (Advanced Micro Devices, Inc.)
R2 Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-21] (AVAST Software)
S2 AxAutoMntSrv; E:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 CLKMSVC10_173EB256; E:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [240112 2010-11-18] (CyberLink)
S3 DAUpdaterSvc; E:\Games\Dragon Age\Dragon Age Origins\bin_ship\DAUpdaterSvc.Service.exe [25832 2009-12-15] (BioWare)
S3 Futuremark SystemInfo Service; E:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-29] (Futuremark)
S2 gupdate1ce9c1e86dd3230; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-12-06] (Google Inc.)
S3 gupdatem; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-12-06] (Google Inc.)
S3 IDriverT; E:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-02-21] (Apple Inc.)
R2 LightScribeService; E:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company)
S3 Microsoft SharePoint Workspace Audit Service; E:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [30814400 2013-12-19] (Microsoft Corporation)
S3 MozillaMaintenance; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-03-15] (Mozilla Foundation)
R2 NAUpdate; E:\Program Files (x86)\Nero\Update\NASvc.exe [762192 2013-07-18] (Nero AG)
S3 ose; E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
R2 osppsvc; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R2 SbieSvc; E:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
S2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
R2 SQLWriter; E:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [129624 2012-02-11] (Microsoft Corporation)
S3 Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [572096 2014-04-24] (Valve Corporation)
R2 TeamViewer9; E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4972864 2014-04-02] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
R2 wlidsvc; E:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corp.)
S2 AIPS; E:\Program Files (x86)\netcut\services\AIPS.exe [X]
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.1; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.2.0; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; E:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-21] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-21] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-04-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-21] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-02-12] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31136 2013-11-23] (REALiX(tm))
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104560 2012-04-25] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-02-12] ()
R1 networx; C:\Windows\System32\drivers\networx.sys [59384 2014-03-06] (NetFilterSDK.com)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S4 nvoclk64; C:\Windows\System32\DRIVERS\nvoclk64.sys [42088 2009-09-15] (NVIDIA Corp.)
R3 SbieDrv; E:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-02-12] (Duplex Secure Ltd.)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-03-26] (Oracle Corporation)
R3 WDUDSMBus; C:\Windows\System32\drivers\WDUDSMBus.sys [106632 2012-06-09] (Windows (R) Codename Longhorn DDK provider)
S3 WDUDSTcpBus; C:\Windows\System32\Drivers\WDUDSTcpBus.sys [180360 2012-06-09] (Windows (R) Codename Longhorn DDK provider)
U3 al1zg0t6; C:\Windows\System32\Drivers\al1zg0t6.sys [0 ] (Advanced Micro Devices)
S3 ALSysIO; \??\C:\Users\METALL~4\AppData\Local\Temp\ALSysIO64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
U5 HCWBT8XX; C:\Windows\SysWOW64\Drivers\HCWBT8XX.sys [472644 2006-01-25] (Hauppauge Computer Works)
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-27 20:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-04-27 14:40 - 2014-04-27 14:40 - 00000000 ___RD () C:\Sandbox
2014-04-27 14:39 - 2014-04-27 14:41 - 00001856 _____ () C:\Windows\Sandboxie.ini
2014-04-27 14:39 - 2014-04-27 14:39 - 00000000 ____D () E:\Program Files\Sandboxie
2014-04-27 14:39 - 2014-04-27 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-04-27 10:52 - 2014-04-27 11:41 - 00000000 ____D () E:\Program Files (x86)\Tor
2014-04-26 23:34 - 2014-04-26 23:34 - 00035938 _____ () C:\ComboFix.txt
2014-04-26 23:22 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-26 23:22 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-26 23:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-26 23:22 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-26 23:21 - 2014-04-26 23:34 - 00000000 ____D () C:\Qoobox
2014-04-26 23:21 - 2014-04-26 23:33 - 00000000 ____D () C:\Windows\erdnt
2014-04-26 16:35 - 2014-04-26 16:35 - 00000000 ____D () E:\Program Files (x86)\ESET
2014-04-26 09:40 - 2014-04-28 17:07 - 00000000 ____D () C:\FRST
2014-04-25 14:57 - 2014-04-25 14:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-25 14:57 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-25 14:57 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-24 22:13 - 2014-04-24 22:13 - 00017408 ___SH () C:\Users\Metaller666\Thumbs.db
2014-04-24 14:36 - 2014-04-24 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-22 17:17 - 2014-04-22 17:17 - 00000000 ____D () C:\ProgramData\ATI
2014-04-22 17:10 - 2014-04-22 17:10 - 00067420 _____ () C:\Windows\SysWOW64\CCCInstall_201404221710383312.log
2014-04-22 17:10 - 2014-04-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-22 16:59 - 2014-04-22 16:59 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221659138977.log
2014-04-22 16:46 - 2014-04-22 16:46 - 00066765 _____ () C:\Windows\SysWOW64\CCCInstall_201404221646266389.log
2014-04-22 16:17 - 2014-04-22 16:17 - 00000000 ____D () E:\Program Files (x86)\AMD AVT
2014-04-22 16:12 - 2014-04-22 16:12 - 00000000 ____D () E:\Program Files (x86)\ATI Technologies
2014-04-22 16:10 - 2014-04-22 17:09 - 00000000 ____D () E:\Program Files\ATI Technologies
2014-04-22 15:55 - 2014-04-22 15:55 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221555331783.log
2014-04-21 22:26 - 2014-04-21 22:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-21 22:26 - 2014-04-21 22:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-21 09:26 - 2014-04-21 09:26 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\AVAST Software
2014-04-21 09:25 - 2014-04-26 18:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-21 09:25 - 2014-04-21 22:26 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-21 09:25 - 2014-04-21 22:26 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-21 09:25 - 2014-04-21 22:26 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-21 09:25 - 2014-04-21 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-21 09:24 - 2014-04-21 09:24 - 00000000 ____D () E:\Program Files\AVAST Software
2014-04-20 20:06 - 2014-04-20 20:06 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () E:\Program Files (x86)\VisiPics
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
2014-04-18 18:22 - 2014-04-18 18:22 - 00000000 _____ () C:\Users\Metaller666\Sti_Trace.log
2014-04-16 19:04 - 2014-04-16 19:04 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b13.log
2014-04-16 19:04 - 2014-03-17 22:11 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-16 19:04 - 2014-03-17 22:02 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-16 19:04 - 2014-03-17 22:02 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-16 19:04 - 2014-03-17 22:02 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-16 14:20 - 2014-04-26 16:56 - 00000000 ____D () E:\Program Files (x86)\Mozilla Firefox
2014-04-16 14:20 - 2014-04-16 14:20 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-16 09:37 - 2014-04-27 20:39 - 00000000 ____D () C:\AdwCleaner
2014-04-16 04:43 - 2014-04-16 04:43 - 10335208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08866928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08010968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 07520200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06799688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06796592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01343272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01117184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-04-16 04:39 - 2014-04-16 04:39 - 00274656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-04-16 04:37 - 2014-04-16 04:37 - 15376384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-04-16 04:23 - 2014-04-16 04:23 - 28685824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00231424 _____ () C:\Windows\system32\clinfo.exe
2014-04-16 04:23 - 2014-04-16 04:23 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-04-16 04:20 - 2014-04-16 04:20 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 05442048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-04-16 04:12 - 2014-04-16 04:12 - 27907584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-04-16 03:58 - 2014-04-16 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-04-16 03:51 - 2014-04-16 03:51 - 23409152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00368128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-04-16 03:46 - 2014-04-16 03:46 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-04-16 03:42 - 2014-04-16 03:42 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-04-16 03:30 - 2014-04-16 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-16 03:29 - 2014-04-16 03:29 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-04-16 03:28 - 2014-04-16 03:28 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-04-16 03:28 - 2014-04-16 03:28 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-04-16 03:19 - 2014-04-16 03:19 - 00806912 _____ (AMD) C:\Windows\system32\coinst_14.100.dll
2014-04-16 03:17 - 2014-04-16 03:17 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-04-16 03:08 - 2014-04-16 03:08 - 00848896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00638976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-04-16 03:07 - 2014-04-16 03:07 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-04-16 03:04 - 2014-04-16 03:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-04-15 22:07 - 2014-04-27 20:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 22:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-15 22:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-15 22:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 21:46 - 2014-04-14 21:46 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-14 20:44 - 2014-04-14 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-13 22:21 - 2014-04-13 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-13 22:20 - 2014-04-13 22:21 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-13 22:20 - 2014-04-13 22:20 - 00000000 ____D () E:\Program Files\iPod
2014-04-13 22:18 - 2014-04-13 22:18 - 00000000 ____D () E:\Program Files\Common Files\Apple
2014-04-10 19:58 - 2014-04-10 19:58 - 00082128 _____ () C:\Windows\system32\ativce02.dat
2014-04-09 18:44 - 2014-04-09 18:44 - 00000312 _____ () C:\Users\Metaller666\2014-04-09-16-44-33.043-VBoxSVC.exe-6236.log
2014-04-09 18:30 - 2014-04-09 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-04-09 18:30 - 2014-03-26 19:01 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-04-09 18:30 - 2014-03-26 19:00 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-04-08 21:00 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-08 21:00 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-08 21:00 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-08 21:00 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-08 21:00 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-08 21:00 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-08 21:00 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-08 21:00 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-08 21:00 - 2014-02-24 04:35 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 09074688 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-04-08 21:00 - 2014-02-24 04:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-04-08 21:00 - 2014-02-24 04:05 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-08 21:00 - 2014-02-24 03:34 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-08 21:00 - 2014-02-24 03:15 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-08 21:00 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-08 21:00 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-08 21:00 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-08 21:00 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-08 21:00 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-08 21:00 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-06 23:17 - 2014-04-06 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () E:\Program Files (x86)\FreeMind
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2014-04-01 00:06 - 2014-04-01 00:06 - 00234804 _____ () C:\Windows\system32\ativvaxy_cik.dat
2014-04-01 00:04 - 2014-04-01 00:04 - 00233008 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () E:\Program Files (x86)\Western Digital
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-03-31 17:30 - 2012-06-09 10:24 - 00106632 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\WDUDSMBus.sys
2014-03-31 17:30 - 2012-06-09 10:22 - 00180360 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Drivers\WDUDSTcpBus.sys

==================== One Month Modified Files and Folders =======

2014-04-28 17:07 - 2014-04-26 09:40 - 00000000 ____D () C:\FRST
2014-04-28 17:07 - 2012-03-25 10:04 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Skype
2014-04-28 16:31 - 2013-08-18 16:23 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-28 14:07 - 2013-08-21 10:15 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{C79624AB-E946-4E99-B9F8-9FAFB81F6E5E}
2014-04-28 13:48 - 2012-04-10 11:34 - 00000000 ____D () C:\Windows\System32\Tasks\TerraTec
2014-04-28 10:31 - 2013-08-18 16:23 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 21:34 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-27 21:34 - 2009-07-14 06:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-27 21:28 - 2012-07-28 20:48 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Dropbox
2014-04-27 21:26 - 2013-09-27 20:02 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\TV-Browser
2014-04-27 21:24 - 2013-04-20 10:08 - 00274434 _____ () C:\Windows\setupact.log
2014-04-27 21:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-27 21:23 - 2013-03-08 22:01 - 01131023 _____ () C:\Windows\WindowsUpdate.log
2014-04-27 20:40 - 2013-04-21 09:03 - 00458044 _____ () C:\Windows\PFRO.log
2014-04-27 20:39 - 2014-04-16 09:37 - 00000000 ____D () C:\AdwCleaner
2014-04-27 20:39 - 2012-03-24 17:43 - 00000000 ____D () C:\Users\Metaller666
2014-04-27 20:19 - 2014-04-15 22:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-27 18:01 - 2013-04-28 09:50 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Spotify
2014-04-27 15:07 - 2012-03-26 18:08 - 00000000 ____D () E:\Program Files (x86)\Steam
2014-04-27 14:41 - 2014-04-27 14:39 - 00001856 _____ () C:\Windows\Sandboxie.ini
2014-04-27 14:40 - 2014-04-27 14:40 - 00000000 ___RD () C:\Sandbox
2014-04-27 14:39 - 2014-04-27 14:39 - 00000000 ____D () E:\Program Files\Sandboxie
2014-04-27 14:39 - 2014-04-27 14:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-04-27 13:27 - 2013-09-21 14:13 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Vidalia
2014-04-27 12:02 - 2013-09-21 14:14 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\tor
2014-04-27 11:41 - 2014-04-27 10:52 - 00000000 ____D () E:\Program Files (x86)\Tor
2014-04-26 23:34 - 2014-04-26 23:34 - 00035938 _____ () C:\ComboFix.txt
2014-04-26 23:34 - 2014-04-26 23:21 - 00000000 ____D () C:\Qoobox
2014-04-26 23:33 - 2014-04-26 23:21 - 00000000 ____D () C:\Windows\erdnt
2014-04-26 23:33 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-26 23:08 - 2012-04-15 07:52 - 00000000 ____D () C:\ProgramData\Win7codecs
2014-04-26 22:37 - 2012-03-25 18:18 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Mp3tag
2014-04-26 18:44 - 2014-03-14 17:33 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\MusicBee
2014-04-26 18:35 - 2014-04-21 09:25 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-26 18:31 - 2013-02-03 16:12 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\uTorrent
2014-04-26 16:56 - 2014-04-16 14:20 - 00000000 ____D () E:\Program Files (x86)\Mozilla Firefox
2014-04-26 16:35 - 2014-04-26 16:35 - 00000000 ____D () E:\Program Files (x86)\ESET
2014-04-26 15:56 - 2013-09-04 15:59 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Adobe
2014-04-26 15:55 - 2012-03-30 19:25 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-26 15:55 - 2012-03-30 19:25 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-25 14:57 - 2014-04-25 14:57 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-24 22:13 - 2014-04-24 22:13 - 00017408 ___SH () C:\Users\Metaller666\Thumbs.db
2014-04-24 18:41 - 2012-03-25 12:12 - 00000000 ____D () E:\Program Files (x86)\Mp3tag
2014-04-24 15:58 - 2011-04-12 09:43 - 00813034 _____ () C:\Windows\system32\perfh007.dat
2014-04-24 15:58 - 2011-04-12 09:43 - 00189100 _____ () C:\Windows\system32\perfc007.dat
2014-04-24 15:58 - 2009-07-14 07:13 - 01891264 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-24 14:36 - 2014-04-24 14:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2014-04-24 13:41 - 2012-08-16 16:18 - 00000000 ____D () E:\Program Files (x86)\JDownloader
2014-04-22 17:34 - 2013-04-28 09:50 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Spotify
2014-04-22 17:32 - 2014-01-06 17:51 - 00000000 ____D () C:\Users\DefaultAppPool
2014-04-22 17:32 - 2012-08-04 09:11 - 00000000 ____D () C:\Users\Gast
2014-04-22 17:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-22 17:17 - 2014-04-22 17:17 - 00000000 ____D () C:\ProgramData\ATI
2014-04-22 17:10 - 2014-04-22 17:10 - 00067420 _____ () C:\Windows\SysWOW64\CCCInstall_201404221710383312.log
2014-04-22 17:10 - 2014-04-22 17:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-04-22 17:09 - 2014-04-22 16:10 - 00000000 ____D () E:\Program Files\ATI Technologies
2014-04-22 17:09 - 2013-09-29 17:19 - 00000000 ____D () C:\ProgramData\AMD
2014-04-22 16:59 - 2014-04-22 16:59 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221659138977.log
2014-04-22 16:46 - 2014-04-22 16:46 - 00066765 _____ () C:\Windows\SysWOW64\CCCInstall_201404221646266389.log
2014-04-22 16:17 - 2014-04-22 16:17 - 00000000 ____D () E:\Program Files (x86)\AMD AVT
2014-04-22 16:12 - 2014-04-22 16:12 - 00000000 ____D () E:\Program Files (x86)\ATI Technologies
2014-04-22 15:55 - 2014-04-22 15:55 - 00065920 _____ () C:\Windows\SysWOW64\CCCInstall_201404221555331783.log
2014-04-21 22:26 - 2014-04-21 22:26 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-21 22:26 - 2014-04-21 22:26 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-21 22:26 - 2014-04-21 09:25 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-21 22:26 - 2014-04-21 09:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-21 21:27 - 2013-08-21 22:08 - 00000000 ____D () E:\Program Files\VideoLAN
2014-04-21 20:05 - 2013-09-07 11:00 - 00000132 _____ () C:\Users\Metaller666\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-04-21 09:26 - 2014-04-21 09:26 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\AVAST Software
2014-04-21 09:25 - 2014-04-21 09:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-04-21 09:24 - 2014-04-21 09:24 - 00000000 ____D () E:\Program Files\AVAST Software
2014-04-21 09:23 - 2012-03-24 15:17 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-20 20:06 - 2014-04-20 20:06 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () E:\Program Files (x86)\VisiPics
2014-04-18 20:37 - 2014-04-18 20:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VisiPics
2014-04-18 18:22 - 2014-04-18 18:22 - 00000000 _____ () C:\Users\Metaller666\Sti_Trace.log
2014-04-17 12:28 - 2013-02-08 19:07 - 00000000 ____D () E:\Program Files (x86)\Mozilla Maintenance Service
2014-04-16 23:11 - 2013-12-10 19:03 - 00001018 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-16 23:04 - 2012-07-04 22:28 - 00000600 _____ () C:\Users\Metaller666\AppData\Local\PUTTY.RND
2014-04-16 21:34 - 2012-10-02 22:09 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\KeePass
2014-04-16 20:06 - 2012-04-24 16:53 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\TeamViewer
2014-04-16 19:10 - 2013-09-25 20:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-16 19:04 - 2014-04-16 19:04 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b13.log
2014-04-16 19:04 - 2013-04-23 18:31 - 00000000 ____D () E:\Program Files (x86)\Java
2014-04-16 14:20 - 2014-04-16 14:20 - 00001017 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-16 14:20 - 2012-03-25 10:54 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Mozilla
2014-04-16 04:43 - 2014-04-16 04:43 - 10335208 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08866928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 08010968 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 07520200 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06799688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 06796592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01343272 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 01117184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00127872 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00117560 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00099520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-04-16 04:43 - 2014-04-16 04:43 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-04-16 04:39 - 2014-04-16 04:39 - 00274656 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2014-04-16 04:37 - 2014-04-16 04:37 - 15376384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-04-16 04:23 - 2014-04-16 04:23 - 28685824 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00231424 _____ () C:\Windows\system32\clinfo.exe
2014-04-16 04:23 - 2014-04-16 04:23 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2014-04-16 04:23 - 2014-04-16 04:23 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2014-04-16 04:20 - 2014-04-16 04:20 - 24107520 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-04-16 04:17 - 2014-04-16 04:17 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 05442048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2014-04-16 04:13 - 2014-04-16 04:13 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2014-04-16 04:12 - 2014-04-16 04:12 - 27907584 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-04-16 03:58 - 2014-04-16 03:58 - 04358656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2014-04-16 03:51 - 2014-04-16 03:51 - 23409152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00580816 _____ () C:\Windows\system32\atiapfxx.blb
2014-04-16 03:46 - 2014-04-16 03:46 - 00368128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-04-16 03:46 - 2014-04-16 03:46 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-04-16 03:46 - 2014-04-16 03:46 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-04-16 03:42 - 2014-04-16 03:42 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00048128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2014-04-16 03:33 - 2014-04-16 03:33 - 00037888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2014-04-16 03:30 - 2014-04-16 03:30 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2014-04-16 03:29 - 2014-04-16 03:29 - 00586240 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00239616 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-04-16 03:29 - 2014-04-16 03:29 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-04-16 03:28 - 2014-04-16 03:28 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2014-04-16 03:28 - 2014-04-16 03:28 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-04-16 03:19 - 2014-04-16 03:19 - 00806912 _____ (AMD) C:\Windows\system32\coinst_14.100.dll
2014-04-16 03:17 - 2014-04-16 03:17 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-04-16 03:09 - 2014-02-24 04:28 - 01177600 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00848896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2014-04-16 03:08 - 2014-04-16 03:08 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00638976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-04-16 03:07 - 2014-04-16 03:07 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-04-16 03:07 - 2014-04-16 03:07 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-04-16 03:04 - 2014-04-16 03:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-04-15 22:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-15 22:07 - 2014-04-15 22:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-15 15:07 - 2013-09-04 20:13 - 00001456 _____ () C:\Users\Metaller666\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-15 14:39 - 2012-04-13 14:34 - 00000000 ____D () C:\Users\Metaller666\.VirtualBox
2014-04-15 12:17 - 2013-06-09 09:37 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Opera Software
2014-04-15 12:14 - 2012-07-19 18:01 - 00000000 ____D () E:\Program Files (x86)\Firefox Nightly
2014-04-15 12:12 - 2013-05-29 09:10 - 00000000 ____D () E:\Program Files (x86)\Opera Next
2014-04-15 12:11 - 2013-12-06 21:33 - 00000000 ____D () E:\Program Files (x86)\Opera Developer
2014-04-14 21:52 - 2014-04-14 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-04-14 21:46 - 2014-04-14 21:46 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-14 21:46 - 2013-11-13 12:50 - 00001251 _____ () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-04-14 21:46 - 2013-11-13 11:35 - 00001273 _____ () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-14 21:46 - 2012-09-10 20:55 - 00000000 ____D () C:\Users\Metaller666\AppData\Local\Opera
2014-04-14 04:24 - 2014-04-25 14:57 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-04-14 04:19 - 2014-04-25 14:57 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-04-13 22:21 - 2014-04-13 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-13 22:21 - 2014-04-13 22:20 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-13 22:21 - 2013-09-19 21:21 - 00000000 ____D () E:\Program Files\iTunes
2014-04-13 22:20 - 2014-04-13 22:20 - 00000000 ____D () E:\Program Files\iPod
2014-04-13 22:18 - 2014-04-13 22:18 - 00000000 ____D () E:\Program Files\Common Files\Apple
2014-04-13 22:06 - 2012-03-24 15:46 - 00000000 ____D () C:\ProgramData\Apple
2014-04-10 19:58 - 2014-04-10 19:58 - 00082128 _____ () C:\Windows\system32\ativce02.dat
2014-04-09 18:44 - 2014-04-09 18:44 - 00000312 _____ () C:\Users\Metaller666\2014-04-09-16-44-33.043-VBoxSVC.exe-6236.log
2014-04-09 18:30 - 2014-04-09 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2014-04-09 16:43 - 2013-05-22 18:25 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\Foxit Software
2014-04-08 22:22 - 2013-11-13 10:17 - 00000000 ____D () C:\Windows\rescache
2014-04-08 21:13 - 2012-04-23 16:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-08 21:12 - 2013-07-27 12:26 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-08 21:03 - 2012-03-24 18:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-07 17:55 - 2013-09-26 14:36 - 00000000 ____D () E:\Program Files (x86)\SEE Electrical Schulversion V5
2014-04-07 17:54 - 2013-09-27 21:16 - 00001276 _____ () C:\ProgramData\CADdy++1100.ini
2014-04-07 17:54 - 2013-09-27 21:16 - 00001276 _____ () C:\ProgramData\CADdy++1010.ini
2014-04-07 17:54 - 2013-09-27 21:16 - 00001276 _____ () C:\ProgramData\CADdy++1000.ini
2014-04-06 23:17 - 2014-04-06 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2014-04-06 13:30 - 2012-03-24 17:58 - 00000000 ___HD () E:\Program Files (x86)\InstallShield Installation Information
2014-04-06 13:30 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-05 14:44 - 2013-02-08 18:44 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-04-05 13:33 - 2013-09-27 20:01 - 00000000 ____D () E:\Program Files (x86)\TV-Browser3.3
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () E:\Program Files (x86)\FreeMind
2014-04-05 12:22 - 2014-04-05 12:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeMind
2014-04-04 21:34 - 2013-02-08 18:40 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-04-03 09:51 - 2014-04-15 22:07 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-15 22:07 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-15 22:07 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 21:22 - 2012-09-26 20:20 - 00000000 ____D () C:\Users\Metaller666\AppData\Roaming\FileZilla
2014-04-02 21:18 - 2012-12-12 21:28 - 00000000 ___RD () C:\Users\Metaller666\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-02 16:33 - 2012-03-28 20:18 - 00000000 ____D () E:\Program Files (x86)\phase5
2014-04-01 00:06 - 2014-04-01 00:06 - 00234804 _____ () C:\Windows\system32\ativvaxy_cik.dat
2014-04-01 00:04 - 2014-04-01 00:04 - 00233008 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () E:\Program Files (x86)\Western Digital
2014-03-31 17:30 - 2014-03-31 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2014-03-29 11:26 - 2013-08-18 16:23 - 00004116 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-29 11:26 - 2013-08-18 16:23 - 00003864 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-29 11:14 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-29 11:13 - 2012-04-28 14:16 - 00000000 ____D () E:\Program Files (x86)\Synchredible

Some content of TEMP:
====================
C:\Users\Metaller666\AppData\Local\Temp\procexp64.exe
C:\Users\Metaller666\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 16:06

==================== End Of Log ============================

--- --- ---

--- --- ---

Probleme traten bisher keine mehr auf, aber spätestens, wenn wieder welche auftreten, werde ich mich hier wieder melden.

schrauber · 29.04.2014, 17:06

Das sind alle 3 keine Fehlalarme.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

IFEO\taskmgr.exe: [Debugger] procexp.exe

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Metaller666 · 29.04.2014, 17:14

Eine kleine Frage hätte ich noch, bevor ich FRST ausführe: Liege ich mit meiner Ansicht richtig, dass der Befehl nur die Entführung des Taskmanagers rückgängig macht? Diesen habe ich nämlich mit Absicht gegen den 'Process Explorer' ausgetauscht, da ich diesen wesentlich besser finde.

Ansonsten möchte ich mich abschließend für deine geniale und schnelle Hilfe bedanken.

Bisher traten keine Probleme mehr auf und ich hoffe, dass das so bleibt.

schrauber · 30.04.2014, 23:24

Genau, dann kannste den Fix auch weg lassen

30.04.2014, 23:24	#13
schrauber /// the machine /// TB-Ausbilder	Avast URL:Mal-Warnung Firefox Genau, dann kannste den Fix auch weg lassen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Avast URL:Mal-Warnung Firefox

Plagegeister aller Art und deren Bekämpfung: Avast URL:Mal-Warnung Firefox