Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst

System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst


Log-Analyse und Auswertung: System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 01.07.2014, 19:52   #5
Crue
 
System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst - Standard

System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst


Code:
ATTFilter
# AdwCleaner v3.214 - Bericht erstellt am 01/07/2014 um 20:49:24
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Crue - CRUE
# Gestartet von : C:\Users\Crue\Desktop\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Windows\System32\roboot64.exe

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Crue\AppData\Roaming\Mozilla\Firefox\Profiles\kl9finm7.default-1395228883835\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Crue\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6742 octets] - [04/09/2013 15:09:00]
AdwCleaner[R1].txt - [12385 octets] - [19/03/2014 13:40:25]
AdwCleaner[R2].txt - [16213 octets] - [19/05/2014 19:52:47]
AdwCleaner[R3].txt - [1325 octets] - [01/06/2014 21:43:16]
AdwCleaner[R4].txt - [8387 octets] - [17/06/2014 20:05:04]
AdwCleaner[R5].txt - [1580 octets] - [17/06/2014 20:12:14]
AdwCleaner[R6].txt - [1589 octets] - [22/06/2014 20:40:04]
AdwCleaner[R7].txt - [6001 octets] - [01/07/2014 14:18:22]
AdwCleaner[R8].txt - [1825 octets] - [01/07/2014 20:49:05]
AdwCleaner[S0].txt - [4556 octets] - [04/09/2013 15:09:41]
AdwCleaner[S1].txt - [10759 octets] - [19/03/2014 13:42:10]
AdwCleaner[S2].txt - [14141 octets] - [19/05/2014 19:53:13]
AdwCleaner[S3].txt - [8387 octets] - [17/06/2014 20:05:23]
AdwCleaner[S4].txt - [1641 octets] - [17/06/2014 20:17:00]
AdwCleaner[S5].txt - [6011 octets] - [01/07/2014 14:23:46]
AdwCleaner[S6].txt - [1746 octets] - [01/07/2014 20:49:24]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1806 octets] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Crue on 01.07.2014 at 20:31:15,22
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Crue\AppData\Roaming\systweak"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.07.2014 at 20:36:01,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-06-2014
Ran by Crue (administrator) on CRUE on 01-07-2014 20:36:30
Running from C:\Users\Crue\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Perfect World Entertainment Inc) C:\Program Files (x86)\Perfect World Entertainment\Arc\Arc.exe
() C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcOSBrowser.exe
() C:\Program Files (x86)\Perfect World Entertainment\Forsaken World_de\update\pem.exe
() C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcOSOverlay.exe
(Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-01-31] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-01-31] (Saitek)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [750160 2014-07-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3555799456-2816562778-17666758-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3555799456-2816562778-17666758-1000\...\MountPoints2: {183eea12-e319-11e2-ad19-00261849d16c} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3555799456-2816562778-17666758-1000\...\MountPoints2: {65e60307-1166-11e3-99b6-00261849d16c} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3555799456-2816562778-17666758-1000\...\MountPoints2: {6a675b5c-b86e-11e2-89cc-806e6f6e6963} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3555799456-2816562778-17666758-1000\...\MountPoints2: {a7cae9aa-b86c-11e2-88d4-00261849d16c} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3555799456-2816562778-17666758-1000\...\MountPoints2: {bc1ecacf-0b04-11e3-aebc-00261849d16c} - F:\HTC_Sync_Manager_PC.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE10DEDE/WOL_WCP
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Crue\AppData\Roaming\Mozilla\Firefox\Profiles\kl9finm7.default-1395228883835
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Crue\AppData\Roaming\Mozilla\Firefox\Profiles\kl9finm7.default-1395228883835\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Crue\AppData\Roaming\Mozilla\Firefox\Profiles\kl9finm7.default-1395228883835\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Crue\AppData\Roaming\Mozilla\Firefox\Profiles\kl9finm7.default-1395228883835\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Crue\AppData\Roaming\Mozilla\Firefox\Profiles\kl9finm7.default-1395228883835\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MEGA - C:\Users\Crue\AppData\Roaming\Mozilla\Firefox\Profiles\kl9finm7.default-1395228883835\Extensions\firefox@mega.co.nz.xpi [2014-05-02]
FF Extension: Adblock Plus - C:\Users\Crue\AppData\Roaming\Mozilla\Firefox\Profiles\kl9finm7.default-1395228883835\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-19]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-05-02]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Crue\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjickaaceffhmedhkibfclfegpofdac [2014-05-19]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2013-10-23]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1028688 2014-07-01] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-10-23] () [File not signed]
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-05-20] (Perfect World Entertainment Inc)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-11-13] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-06-08] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-30] (Disc Soft Ltd)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 SaiK0CD5; C:\Windows\System32\DRIVERS\SaiK0CD5.sys [180584 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-02-01] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-02-01] (Saitek)
R3 SaiU0CD5; C:\Windows\System32\DRIVERS\SaiU0CD5.sys [47208 2012-09-20] (Saitek)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-01 20:36 - 2014-07-01 20:36 - 00011766 _____ () C:\Users\Crue\Desktop\FRST.txt
2014-07-01 20:36 - 2014-07-01 20:36 - 00000850 _____ () C:\Users\Crue\Desktop\JRT.txt
2014-07-01 20:30 - 2014-07-01 20:30 - 02083328 _____ (Farbar) C:\Users\Crue\Desktop\FRST64.exe
2014-07-01 20:30 - 2014-07-01 20:30 - 01016261 _____ (Thisisu) C:\Users\Crue\Desktop\JRT.exe
2014-07-01 20:29 - 2014-07-01 20:29 - 01346519 _____ () C:\Users\Crue\Desktop\adwcleaner_3.214.exe
2014-07-01 15:56 - 2014-07-01 20:36 - 00000000 ____D () C:\FRST
2014-07-01 15:02 - 2014-07-01 15:03 - 00001790 _____ () C:\sc-cleaner.txt
2014-07-01 14:57 - 2014-07-01 14:57 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 14:42 - 2014-07-01 15:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 14:42 - 2014-07-01 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-01 14:42 - 2014-07-01 14:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 14:42 - 2014-07-01 14:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-01 14:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-01 14:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-01 14:42 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-01 14:35 - 2013-12-13 17:53 - 00019544 _____ (System Speedup) C:\Windows\system32\roboot64.exe
2014-07-01 14:24 - 2014-07-01 14:55 - 00001426 _____ () C:\Windows\PFRO.log
2014-07-01 14:24 - 2014-07-01 14:55 - 00000336 _____ () C:\Windows\setupact.log
2014-07-01 14:24 - 2014-07-01 14:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-30 17:01 - 2014-07-01 15:38 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-06-30 17:01 - 2014-07-01 15:05 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\betadeeal
2014-06-30 17:01 - 2014-06-30 17:01 - 00667648 _____ () C:\Users\Crue\AppData\Roaming\~bobtsxu.exe
2014-06-30 17:01 - 2014-06-30 17:01 - 00003182 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-30 14:54 - 2014-06-30 14:54 - 00003234 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-30 14:54 - 2014-06-30 14:54 - 00003208 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-30 14:54 - 2014-06-30 14:54 - 00001993 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-24 17:54 - 2014-06-24 17:55 - 00000000 ____D () C:\Users\Crue\Desktop\Praktikum
2014-06-23 22:34 - 2014-06-23 22:40 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\Wise Registry Cleaner
2014-06-23 22:28 - 2014-06-23 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2014-06-23 22:28 - 2014-06-23 22:28 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-06-22 20:02 - 2014-06-22 20:02 - 00000000 ____D () C:\ProgramData\Astroburn Lite
2014-06-21 08:00 - 2014-07-01 15:51 - 00248028 _____ () C:\Windows\WindowsUpdate.log
2014-06-18 15:49 - 2014-06-30 17:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 15:55 - 2014-06-17 15:55 - 00000722 _____ () C:\Users\Crue\Documents\cc_20140617_155539.reg
2014-06-17 15:38 - 2014-06-17 15:37 - 00000030 _____ () C:\AVScanner.ini
2014-06-17 15:37 - 2014-06-17 15:37 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-12 18:09 - 2014-06-13 16:20 - 00431104 _____ () C:\ProgramData\uninstall_Deeal.exe
2014-06-11 13:38 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 13:38 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 13:38 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 13:38 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 13:38 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 13:38 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 13:38 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 13:38 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 13:38 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 13:38 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 13:38 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 13:38 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 13:38 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 13:38 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 13:38 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 13:38 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 13:38 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 13:38 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 13:38 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 13:38 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 13:38 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 13:38 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 13:38 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 13:38 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 13:38 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 13:38 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 13:38 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 13:38 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 13:38 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 13:38 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 13:38 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 13:38 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 13:38 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 13:38 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 13:38 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 13:38 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 13:38 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 13:38 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 13:38 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 13:38 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 13:38 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 13:38 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 13:38 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 13:38 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 13:38 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 13:38 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 13:38 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 13:38 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 13:38 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 13:38 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 13:38 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 13:38 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 13:38 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 13:38 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 13:38 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 13:38 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 13:38 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 13:38 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 13:38 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 13:38 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 13:38 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 13:38 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 13:38 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 13:38 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 13:38 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 13:38 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 13:37 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 13:37 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 07:58 - 2014-06-07 07:59 - 00040198 _____ () C:\Users\Crue\Documents\cc_20140607_075857.reg
2014-06-01 13:19 - 2014-06-01 13:19 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cossacks 2 - Battle for Europe
2014-06-01 13:19 - 2014-06-01 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cossacks 2 - Battle for Europe
2014-06-01 12:31 - 2014-06-01 13:19 - 00000000 ____D () C:\Program Files (x86)\Cossacks 2 - Battle for Europe

==================== One Month Modified Files and Folders =======

2014-07-01 20:36 - 2014-07-01 20:36 - 00011766 _____ () C:\Users\Crue\Desktop\FRST.txt
2014-07-01 20:36 - 2014-07-01 20:36 - 00000850 _____ () C:\Users\Crue\Desktop\JRT.txt
2014-07-01 20:36 - 2014-07-01 15:56 - 00000000 ____D () C:\FRST
2014-07-01 20:30 - 2014-07-01 20:30 - 02083328 _____ (Farbar) C:\Users\Crue\Desktop\FRST64.exe
2014-07-01 20:30 - 2014-07-01 20:30 - 01016261 _____ (Thisisu) C:\Users\Crue\Desktop\JRT.exe
2014-07-01 20:29 - 2014-07-01 20:29 - 01346519 _____ () C:\Users\Crue\Desktop\adwcleaner_3.214.exe
2014-07-01 20:25 - 2013-05-01 14:50 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\Skype
2014-07-01 20:22 - 2013-05-01 14:56 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-01 15:51 - 2014-06-21 08:00 - 00248028 _____ () C:\Windows\WindowsUpdate.log
2014-07-01 15:48 - 2013-09-04 13:13 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-07-01 15:38 - 2014-06-30 17:01 - 00000000 ____D () C:\Program Files (x86)\Deeal
2014-07-01 15:25 - 2014-07-01 14:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-01 15:05 - 2014-06-30 17:01 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\betadeeal
2014-07-01 15:04 - 2013-09-21 11:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-01 15:04 - 2009-07-14 06:45 - 00026512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-01 15:04 - 2009-07-14 06:45 - 00026512 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-01 15:03 - 2014-07-01 15:02 - 00001790 _____ () C:\sc-cleaner.txt
2014-07-01 15:02 - 2013-05-01 02:08 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-07-01 15:02 - 2013-05-01 02:08 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-07-01 15:02 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-01 14:57 - 2014-07-01 14:57 - 00000000 ____D () C:\Windows\ERUNT
2014-07-01 14:55 - 2014-07-01 14:24 - 00001426 _____ () C:\Windows\PFRO.log
2014-07-01 14:55 - 2014-07-01 14:24 - 00000336 _____ () C:\Windows\setupact.log
2014-07-01 14:55 - 2013-05-01 15:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-01 14:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-01 14:54 - 2010-01-31 10:52 - 00000000 ____D () C:\temp
2014-07-01 14:42 - 2014-07-01 14:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-01 14:42 - 2014-07-01 14:42 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-01 14:42 - 2014-07-01 14:42 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-01 14:24 - 2014-07-01 14:24 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-01 14:23 - 2013-09-04 15:08 - 00000000 ____D () C:\AdwCleaner
2014-06-30 17:01 - 2014-06-30 17:01 - 00667648 _____ () C:\Users\Crue\AppData\Roaming\~bobtsxu.exe
2014-06-30 17:01 - 2014-06-30 17:01 - 00003182 _____ () C:\Windows\System32\Tasks\WIN-fdfEfEfAfC
2014-06-30 17:01 - 2014-06-18 15:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-30 14:54 - 2014-06-30 14:54 - 00003234 _____ () C:\Windows\System32\Tasks\WIN-statsSystem
2014-06-30 14:54 - 2014-06-30 14:54 - 00003208 _____ () C:\Windows\System32\Tasks\WIN-statsAdmin
2014-06-30 14:54 - 2014-06-30 14:54 - 00001993 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-30 14:54 - 2014-05-31 09:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cossacks - The Art Of War
2014-06-30 14:54 - 2014-05-31 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cossacks - Back To War
2014-06-30 14:54 - 2013-05-01 14:46 - 00001961 _____ () C:\Users\Crue\Desktop\Mozilla Firefox.lnk
2014-06-30 14:54 - 2013-04-30 17:35 - 00001769 _____ () C:\Users\Crue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-24 17:55 - 2014-06-24 17:54 - 00000000 ____D () C:\Users\Crue\Desktop\Praktikum
2014-06-23 22:40 - 2014-06-23 22:34 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\Wise Registry Cleaner
2014-06-23 22:32 - 2014-05-30 12:54 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\DAEMON Tools Lite
2014-06-23 22:28 - 2014-06-23 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner
2014-06-23 22:28 - 2014-06-23 22:28 - 00000000 ____D () C:\Program Files (x86)\Wise
2014-06-22 20:02 - 2014-06-22 20:02 - 00000000 ____D () C:\ProgramData\Astroburn Lite
2014-06-20 20:27 - 2013-09-21 22:29 - 00000000 ____D () C:\Users\Crue\Documents\My Games
2014-06-19 08:40 - 2014-03-01 16:23 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\Arc
2014-06-19 08:38 - 2013-05-01 14:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-17 17:41 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-17 17:39 - 2013-10-22 17:50 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-17 17:37 - 2013-10-22 17:43 - 00000000 ____D () C:\ProgramData\Origin
2014-06-17 17:37 - 2013-10-22 17:43 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-17 15:55 - 2014-06-17 15:55 - 00000722 _____ () C:\Users\Crue\Documents\cc_20140617_155539.reg
2014-06-17 15:37 - 2014-06-17 15:38 - 00000030 _____ () C:\AVScanner.ini
2014-06-17 15:37 - 2014-06-17 15:37 - 00000000 ____D () C:\ProgramData\McAfee
2014-06-17 15:37 - 2013-05-01 14:56 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-17 15:37 - 2013-05-01 14:56 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-17 15:37 - 2013-05-01 14:56 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-14 20:42 - 2013-05-14 17:01 - 00000000 ____D () C:\Users\Crue\Documents\DVDVideoSoft
2014-06-13 16:20 - 2014-06-12 18:09 - 00431104 _____ () C:\ProgramData\uninstall_Deeal.exe
2014-06-12 20:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-11 22:47 - 2013-08-15 02:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 22:45 - 2013-05-07 07:52 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 22:43 - 2014-05-06 21:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-10 20:37 - 2013-05-01 16:07 - 00000000 ____D () C:\Users\Crue\Desktop\Meine Daten
2014-06-08 16:21 - 2013-09-04 13:13 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-06-08 16:01 - 2014-04-21 14:33 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\Tropico 4
2014-06-08 11:41 - 2014-05-02 19:51 - 00000000 ____D () C:\Users\Crue\Documents\GTA San Andreas User Files
2014-06-08 11:13 - 2014-06-11 13:37 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 13:37 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 12:52 - 2013-09-21 21:42 - 00000000 ____D () C:\Users\Crue\Documents\Square Enix
2014-06-07 08:18 - 2013-05-17 16:54 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\TS3Client
2014-06-07 07:59 - 2014-06-07 07:58 - 00040198 _____ () C:\Users\Crue\Documents\cc_20140607_075857.reg
2014-06-01 13:19 - 2014-06-01 13:19 - 00000000 ____D () C:\Users\Crue\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cossacks 2 - Battle for Europe
2014-06-01 13:19 - 2014-06-01 13:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cossacks 2 - Battle for Europe
2014-06-01 13:19 - 2014-06-01 12:31 - 00000000 ____D () C:\Program Files (x86)\Cossacks 2 - Battle for Europe

Files to move or delete:
====================
C:\ProgramData\uninstall_Deeal.exe
C:\Users\Crue\Combatarms_eu.exe


Some content of TEMP:
====================
C:\Users\Crue\AppData\Local\Temp\avgnt.exe
C:\Users\Crue\AppData\Local\Temp\Quarantine.exe
C:\Users\Crue\AppData\Local\Temp\unzip.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-29 20:47

==================== End Of Log ============================
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-06-2014
Ran by Crue at 2014-07-01 21:12:50
Running from C:\Users\Crue\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version:  - )
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
AutoIt v3.3.8.0 (HKLM-x32\...\AutoItv3) (Version:  - AutoIt Team)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.5.450 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0600}) (Version: 12.6.0.1900 - APN, LLC)
Bad Rats (HKLM-x32\...\Steam App 34900) (Version:  - Invent4 Entertainment)
Banished (HKLM-x32\...\QmFuaXNoZWQ=_is1) (Version: 1 - )
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
Blackwell Convergence (HKLM-x32\...\Steam App 80350) (Version:  - Wadjet Eye Games)
Blackwell Deception (HKLM-x32\...\Steam App 80360) (Version:  - Wadjet Eye Games)
Blackwell Unbound (HKLM-x32\...\Steam App 80340) (Version:  - Wadjet Eye Games)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version:  - )
Cossacks - Back To War (HKLM-x32\...\Cossacks : Back To War) (Version:  - )
Cossacks - European Wars (HKLM-x32\...\EW : Cossacks) (Version:  - )
Cossacks - The Art Of War (HKLM-x32\...\Cossacks : The Art Of War) (Version:  - )
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Deponia (HKLM-x32\...\Steam App 214340) (Version:  - Daedalic Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.63.5 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Dwarfs!? (HKLM-x32\...\Steam App 35480) (Version:  - Power of 2)
Earth 2160 (HKLM-x32\...\Steam App 1900) (Version:  - Reality Pump Studios)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.11.827 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.20.1230 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.20.1230 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.29.304 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.29.304 - DVDVideoSoft Ltd.)
Gameforge Live 1.9.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.9.0 - Gameforge)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
Grand Theft Auto San Andreas (HKLM-x32\...\{2BB114DA-C718-45FE-8AB9-DEFFF0EA5569}_is1) (Version: v1.0/1.1 - Grosses_K)
Greenshot 1.0.6.2228 (HKLM\...\Greenshot_is1) (Version: 1.0.6.2228 - Greenshot)
Halo: Spartan Assault (HKLM-x32\...\Steam App 277430) (Version:  - Vanguard Games)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - Dennaton Games)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.3.0.001 - HTC Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medal of Honor(TM) Multiplayer (HKLM-x32\...\Steam App 47830) (Version:  - Electronic Arts)
Medal of Honor(TM) Single Player (HKLM-x32\...\Steam App 47790) (Version:  - Electronic Arts)
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
Neverwinter (HKLM-x32\...\Neverwinter) (Version:  - Cryptic Studios)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PremiumSoft Navicat 8.1 for MySQL (HKLM-x32\...\PremiumSoft Navicat 8.1 for MySQL_is1) (Version:  - PremiumSoft CyberTech Ltd.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version:  - Croteam)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version:  - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version:  - Croteam)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.24.8 (HKLM\...\{F31F1F66-5685-4C21-906E-20CB74C7BCDF}) (Version: 7.0.24.8 - Mad Catz)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold 2 (HKLM-x32\...\{16D2C649-CBA8-44EE-B730-12584667D487}) (Version: 1.40.1000 - Firefly Studios)
Stronghold 3 (HKLM-x32\...\Steam App 47400) (Version:  - FireFly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Legends (HKLM-x32\...\{66A405D2-BA14-4594-BF36-B3B544F0754E}) (Version: 1.20.0000 - Firefly Studios)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Syberia (HKLM-x32\...\Steam App 46500) (Version:  - Anuman)
Syberia 2 (HKLM-x32\...\Steam App 46510) (Version:  - Anuman / Microids)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
The Blackwell Legacy (HKLM-x32\...\Steam App 80330) (Version:  - Wadjet Eye Games)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.3.7 - Electronic Arts)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - Haemimont Games)
UltraISO Premium V9.6 (HKLM-x32\...\UltraISO_is1) (Version:  - )
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wise Registry Cleaner 8.12 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.12 - WiseCleaner.com, Inc.)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)
Worms Ultimate Mayhem (HKLM-x32\...\Steam App 70600) (Version:  - Team17 Software Ltd.)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-2 - BitNami)

==================== Restore Points  =========================

22-06-2014 19:19:22 Geplanter Prüfpunkt
24-06-2014 13:46:33 Windows Update
30-06-2014 12:56:32 Removed LogMeIn Hamachi
30-06-2014 15:06:03 Removed SupraSavings
01-07-2014 11:54:44 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {29D7C502-C1DB-4101-92CA-F9E77D1F0A11} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-23] (Piriform Ltd)
Task: {3DB47C9C-ABBB-4E79-9243-43CCFAB675F5} - \fde639c5-a4cc-438e-8184-b9d525bc4d0f-4 No Task File <==== ATTENTION
Task: {55414255-4CB3-4A2A-9D12-B7C14CB3221B} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe <==== ATTENTION
Task: {5D0AA912-7A99-4B92-88B4-255E2711CED5} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {616F2D8C-3B28-456F-B90F-66923DBB16B9} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Crue\AppData\Roaming\~bobtsxu.exe [2014-06-30] ()
Task: {6F4D6BBA-24BB-420F-ADDF-983E438A3C80} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-17] (Adobe Systems Incorporated)
Task: {7466379E-920C-4B48-8D24-91BC3DCB1A64} - System32\Tasks\WIN-statsSystem => C:\Users\Crue\AppData\Local\Microsoft\WinU\~hkebvqx.exe [2014-06-30] ()
Task: {7CF0E93A-340A-4318-88A3-1514BB5F9497} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {85CF2311-CEC1-4C3D-A9F3-9A3EDA3D08B6} - System32\Tasks\WIN-statsAdmin => C:\Users\Crue\AppData\Local\Microsoft\WinU\~frwgdnm.exe [2014-06-30] ()
Task: {871AD24D-8D64-421E-B00D-4953FD186088} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {97D5559A-2250-46D7-9863-209F38FF0831} - \DealPlyLiveUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {A5EFC68B-4BB4-43BB-BF60-BDCF5AD1D5DA} - \DealPlyLiveUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {ACFDB62E-92BD-4E77-9182-24D570054B7E} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {ADD8D483-7B92-4C2E-AE8F-7FDDAB0B820F} - \fde639c5-a4cc-438e-8184-b9d525bc4d0f-1 No Task File <==== ATTENTION
Task: {B04A14AB-4F9A-46A6-B9A2-0AC298BF0351} - \Lyrics Seeker Update No Task File <==== ATTENTION
Task: {B693F56A-25E6-4DC4-8B04-C7A49435F2D7} - \Dealply No Task File <==== ATTENTION
Task: {D5F272B6-2BCF-4D59-8BC7-D2C7344AA65B} - System32\Tasks\wp_update => C:\Users\Crue\AppData\Roaming\~zdyvexm.exe <==== ATTENTION
Task: {DD8191EB-EBD6-463E-BE5A-EEF62AA97740} - \fde639c5-a4cc-438e-8184-b9d525bc4d0f-3 No Task File <==== ATTENTION
Task: {FD25ECF2-EF85-4575-BE70-F7D2E36E2B52} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-05-01 15:18 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-07 18:27 - 2012-12-07 18:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-11-13 17:10 - 2013-11-13 17:22 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-12 14:55 - 2014-06-12 14:55 - 00751952 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcOSBrowser.exe
2014-05-08 14:41 - 2014-05-22 15:10 - 10701264 _____ () C:\Program Files (x86)\Perfect World Entertainment\Forsaken World_de\update\PEM.exe
2014-06-12 14:55 - 2014-06-12 14:55 - 00698704 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcOSOverlay.exe
2014-06-18 15:49 - 2014-06-18 15:50 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-12 14:55 - 2014-06-12 14:55 - 01481040 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\CoreUI.dll
2014-02-24 18:37 - 2014-02-24 18:37 - 00174416 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\ZUnZip.dll
2014-02-24 18:36 - 2014-02-24 18:36 - 00568552 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\sqlite3.dll
2014-05-20 15:06 - 2014-05-20 15:06 - 00174416 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcOverlayStub.dll
2014-02-24 18:36 - 2014-02-24 18:36 - 24984912 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\libcef.dll
2014-02-24 18:36 - 2014-02-24 18:36 - 00742736 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\libglesv2.dll
2014-02-24 18:36 - 2014-02-24 18:36 - 00136528 _____ () C:\Program Files (x86)\Perfect World Entertainment\Arc\libegl.dll
2014-06-17 15:37 - 2014-06-17 15:37 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll
2013-11-22 11:59 - 2014-05-22 15:10 - 04580184 _____ () C:\Program Files (x86)\Perfect World Entertainment\Forsaken World_de\update\ElementSkill.dll
2012-12-26 13:16 - 2012-12-26 13:16 - 00454792 _____ () C:\Program Files (x86)\Perfect World Entertainment\Forsaken World_de\update\SpeedTreeRT.dll
2012-12-26 13:16 - 2012-12-26 13:16 - 00147456 _____ () C:\Program Files (x86)\Perfect World Entertainment\Forsaken World_de\update\FTDriver.dll
2012-12-26 13:16 - 2012-12-26 13:16 - 00024712 _____ () C:\Program Files (x86)\Perfect World Entertainment\Forsaken World_de\update\ImmWrapper.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^Users^Crue^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Crue\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/01/2014 08:52:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (07/01/2014 08:52:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 14327.18 MB
Available physical RAM: 10488.86 MB
Total Pagefile: 28652.53 MB
Available Pagefile: 24623.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (BOOT) (Fixed) (Total:576.17 GB) (Free:101.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:19.99 GB) (Free:15.91 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: F98D6E74)
Partition 1: (Active) - (Size=576 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)

==================== End Of Log ============================

Geändert von Crue (01.07.2014 um 20:16 Uhr)

 

Themen zu System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst
adware/adware.gen, beenden, dvdvideosoft ltd., internet explorer, microsoft, preferences, problem, programme, prozesse, pup.optional.adpeak.a, pup.optional.elex.a, pup.optional.mysearchdial.a, pup.optional.pricora.a, pup.optional.qone8, pup.optional.quickstart.a, pup.optional.suprasavings.a, quick_start, registrierungsdatenbank, software, system32, trojan.banker.kreapixel, windows


« Windows 7 - V-9.1HD - hartnäckiger kleiner Teufel | TR/Rootkit.gen lässt sich nicht löschen »


Ähnliche Themen: System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst


  1. Windows 7: Advanced System Protector lässt sich nicht deinstallieren
    Log-Analyse und Auswertung - 09.07.2014 (19)
  2. Windows Vista: System Speedup
    Log-Analyse und Auswertung - 27.06.2014 (7)
  3. Win7 mit Advanced System Protector, System Speedup und vielen weiteren Plagegeistern
    Plagegeister aller Art und deren Bekämpfung - 10.06.2014 (12)
  4. advanced system protector hat sich eingenistet
    Plagegeister aller Art und deren Bekämpfung - 18.02.2014 (19)
  5. Advanced System Protector hat sich eingenistet.
    Plagegeister aller Art und deren Bekämpfung - 13.01.2014 (11)
  6. Advanced System Protecter V2.1 lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 23.12.2013 (29)
  7. Advanced System Protector und Optimizer Pro entfernen. Antimalware-Programme lassen sich nicht installieren.
    Log-Analyse und Auswertung - 29.11.2013 (14)
  8. Windows 7, Advanced System Protector hat sich selbst installiert, LogFiles nach Anleitung erstellt
    Log-Analyse und Auswertung - 29.11.2013 (13)
  9. 2x Advanced System Protector und Optimizer Pro entfernen. Antimalware-Programme lassen sich nicht installieren.
    Mülltonne - 21.11.2013 (0)
  10. Advanced System Protector und RegClean- durch einfaches deinstallieren entfernt?
    Plagegeister aller Art und deren Bekämpfung - 08.11.2013 (15)
  11. Wie kann ich "Advanced System Protector" deinstallieren
    Log-Analyse und Auswertung - 03.11.2013 (8)
  12. Windows 7 - Advanced System Protection - wie entfernen?
    Plagegeister aller Art und deren Bekämpfung - 21.09.2013 (18)
  13. Win7, Advanced System Protector, System verseucht?
    Log-Analyse und Auswertung - 15.09.2013 (19)
  14. pc MÜLLT SICH ZU. evtl. regclean pro oder advanced system protector?
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (9)
  15. System Progressive Protection Logfiles nach entfehrnung
    Log-Analyse und Auswertung - 24.11.2012 (3)
  16. Vollständige Bereinigung nach dem Trojaner vom System Progressive Protection
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (11)
  17. Log nach scheinbar erfolgreicher(?)Entfernung von ,,System Progressive Protection''
    Log-Analyse und Auswertung - 14.10.2012 (21)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst - Code: Alles auswählen Aufklappen ATTFilter # AdwCleaner v3.214 - Bericht erstellt am 01/07/2014 um 20:49:24 # Aktualisiert 29/06/2014 von Xplode # Betriebssystem : Windows 7 Professional Service Pack 1 (64 - System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst...
Archiv
Du betrachtest: System speedup und Advanced System Protection installieren sich nach dem deinstallieren von selbst auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132