FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 04
Ran by Claren (administrator) on CLAREN-PC on 02-02-2014 22:27:04
Running from C:\Users\Claren\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Windows\DAODx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_43.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6827664 2012-08-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [RoccatKoneXTD] - C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [558944 2012-11-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIskuFX] - C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [546656 2012-11-08] (ROCCAT GmbH)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-24] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-02] (AVAST Software)
HKU\S-1-5-21-3464994741-576511317-4194332620-1000\...\MountPoints2: {8eb22f18-d387-11e2-9d5c-806e6f6e6963} - D:\.\Bin\ASSETUP.exe
==================== Internet (Whitelisted) ====================
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Claren\AppData\Roaming\Mozilla\Firefox\Profiles\8ymqjmvx.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @adobe.com/Acrobat,version=5.1 - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Better TTV - C:\Users\Claren\AppData\Roaming\Mozilla\Firefox\Profiles\8ymqjmvx.default\Extensions\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi [2013-09-14]
FF Extension: One Click Proxy - C:\Users\Claren\AppData\Roaming\Mozilla\Firefox\Profiles\8ymqjmvx.default\Extensions\jid0-zXo3XFGyiDalgkeEO4UYJTUwo2I@jetpack.xpi [2014-01-13]
FF Extension: Adblock Plus - C:\Users\Claren\AppData\Roaming\Mozilla\Firefox\Profiles\8ymqjmvx.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-12]
FF Extension: Fox!Box - C:\Users\Claren\AppData\Roaming\Mozilla\Firefox\Profiles\8ymqjmvx.default\Extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}.xpi [2013-12-24]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-02]
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.102\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\Claren\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.0.0.72_0\npcoplgn.dll (Symantec Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Extension: (YouTube) - C:\Users\Claren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-12]
CHR Extension: (Google-Suche) - C:\Users\Claren\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-12]
CHR Extension: (avast! Online Security) - C:\Users\Claren\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-02]
CHR Extension: (Norton Identity Protection) - C:\Users\Claren\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-06-12]
CHR Extension: (Google Wallet) - C:\Users\Claren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-02]
CHR Extension: (Google Mail) - C:\Users\Claren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-12]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-02]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx [2013-06-17]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-24] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-02] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\SymcPCCULaunchSvc.exe [123320 2012-08-13] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.18.16\ccSvcHst.exe [126392 2012-08-13] (Symantec Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-30] ()
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [297984 2014-02-02] ()
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-02-02] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-02] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-02] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-02] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-02] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1404000.028\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-12] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-06-12] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130809.001\IDSvia64.sys [513184 2013-06-13] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130811.021\ENG64.SYS [126040 2013-06-12] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130811.021\EX64.SYS [2098776 2013-06-12] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1404000.028\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1404000.028\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1404000.028\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1404000.028\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1404000.028\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1404000.028\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-02 22:26 - 2014-02-02 22:27 - 00017637 _____ () C:\Users\Claren\Desktop\FRST.txt
2014-02-02 22:21 - 2014-02-02 22:21 - 00024516 _____ () C:\Users\Claren\Downloads\Addition.txt
2014-02-02 22:20 - 2014-02-02 22:27 - 00000000 ____D () C:\FRST
2014-02-02 22:20 - 2014-02-02 22:21 - 00029956 _____ () C:\Users\Claren\Downloads\FRST.txt
2014-02-02 22:19 - 2014-02-02 22:19 - 02080256 _____ (Farbar) C:\Users\Claren\Desktop\FRST64.exe
2014-02-02 19:04 - 2014-02-02 19:04 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-02 19:04 - 2014-02-02 19:04 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-02 19:04 - 2014-02-02 19:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-02 18:48 - 2014-02-02 18:48 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-02 18:48 - 2014-02-02 18:48 - 00000000 ____D () C:\Users\Claren\AppData\Roaming\AVAST Software
2014-02-02 18:47 - 2014-02-02 18:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-02 18:47 - 2014-02-02 18:47 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-02 18:47 - 2014-02-02 18:47 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-02 18:47 - 2014-02-02 18:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-02 18:47 - 2014-02-02 18:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-01-18 00:21 - 2014-01-18 00:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-18 00:21 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-18 00:20 - 2014-01-18 00:20 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 00:20 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-18 00:20 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-18 00:20 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-17 15:04 - 2014-01-17 15:04 - 01467128 _____ () C:\Users\Claren\Downloads\SystemCheck_deDE(1).exe
2014-01-15 18:47 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 18:47 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 18:47 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 18:47 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 18:47 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 18:47 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 18:47 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 18:47 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 18:47 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 18:03 - 2014-01-10 18:03 - 03571656 _____ (Piriform Ltd) C:\Users\Claren\Downloads\ccsetup409_slim.exe
2014-01-10 17:52 - 2014-01-10 17:52 - 00000000 ____D () C:\Users\Claren\Documents\ProcessExplorer
2014-01-10 17:11 - 2014-01-10 17:11 - 00000000 _____ () C:\autoexec.bat
2014-01-10 17:10 - 2014-02-02 19:28 - 00000000 ____D () C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-01-10 17:10 - 2014-01-10 17:10 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-10 17:09 - 2014-01-10 17:09 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Claren\Downloads\SpyHunter-Installer.exe
==================== One Month Modified Files and Folders =======
2014-02-02 22:27 - 2014-02-02 22:26 - 00017637 _____ () C:\Users\Claren\Desktop\FRST.txt
2014-02-02 22:27 - 2014-02-02 22:20 - 00000000 ____D () C:\FRST
2014-02-02 22:26 - 2013-06-12 19:42 - 00064024 _____ () C:\Users\Claren\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-02 22:21 - 2014-02-02 22:21 - 00024516 _____ () C:\Users\Claren\Downloads\Addition.txt
2014-02-02 22:21 - 2014-02-02 22:20 - 00029956 _____ () C:\Users\Claren\Downloads\FRST.txt
2014-02-02 22:19 - 2014-02-02 22:19 - 02080256 _____ (Farbar) C:\Users\Claren\Desktop\FRST64.exe
2014-02-02 22:17 - 2013-06-12 18:50 - 01954077 _____ () C:\Windows\WindowsUpdate.log
2014-02-02 22:06 - 2013-06-12 20:17 - 00000000 ____D () C:\Users\Claren\AppData\Local\PMB Files
2014-02-02 22:06 - 2013-06-12 20:17 - 00000000 ____D () C:\ProgramData\PMB Files
2014-02-02 21:55 - 2013-06-12 19:18 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-02 21:49 - 2013-06-12 20:49 - 00000548 _____ () C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job
2014-02-02 21:32 - 2013-06-12 20:32 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-02 19:28 - 2014-01-10 17:10 - 00000000 ____D () C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2014-02-02 19:22 - 2013-06-12 20:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-02 19:08 - 2013-06-15 12:43 - 00000000 ____D () C:\Users\Claren\AppData\Local\CrashDumps
2014-02-02 19:04 - 2014-02-02 19:04 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-02 19:04 - 2014-02-02 19:04 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-02 19:04 - 2014-02-02 19:04 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-02 18:48 - 2014-02-02 18:48 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-02 18:48 - 2014-02-02 18:48 - 00000000 ____D () C:\Users\Claren\AppData\Roaming\AVAST Software
2014-02-02 18:48 - 2014-02-02 18:47 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-02 18:47 - 2014-02-02 18:47 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-02 18:47 - 2014-02-02 18:47 - 00207904 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-02-02 18:47 - 2014-02-02 18:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-02 18:47 - 2014-02-02 18:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-02 18:47 - 2014-02-02 18:47 - 00000000 ____D () C:\Program Files\AVAST Software
2014-02-02 17:59 - 2013-06-12 20:15 - 00000000 ____D () C:\Users\Claren\AppData\Roaming\Skype
2014-02-02 16:35 - 2013-06-12 20:23 - 00004208 _____ () C:\Windows\System32\Tasks\Software Updater
2014-02-02 16:35 - 2013-06-12 20:23 - 00004172 _____ () C:\Windows\System32\Tasks\Software Updater Ui
2014-02-02 15:55 - 2013-06-12 19:18 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-02 12:38 - 2013-08-15 14:59 - 00000000 ____D () C:\Users\Claren\AppData\Local\Battle.net
2014-02-02 10:26 - 2009-07-14 05:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 10:26 - 2009-07-14 05:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 10:25 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-02-02 10:25 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-02-02 10:25 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-02 10:19 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-01 16:24 - 2013-06-12 22:03 - 00000000 ___RD () C:\Users\Claren\Desktop\*
2014-01-31 19:42 - 2013-11-30 00:08 - 00000247 _____ () C:\Users\Claren\Desktop\movies.txt
2014-01-31 19:42 - 2013-06-16 15:11 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-01-19 14:46 - 2013-06-12 20:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-19 14:46 - 2013-06-12 20:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-19 14:46 - 2013-06-12 20:32 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-19 14:46 - 2013-06-12 20:32 - 00000000 ____D () C:\Users\Claren\AppData\Local\Adobe
2014-01-18 14:13 - 2013-10-22 11:38 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-01-18 00:26 - 2014-01-18 00:21 - 00000000 ____D () C:\ProgramData\Oracle
2014-01-18 00:20 - 2014-01-18 00:20 - 00005298 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-18 00:20 - 2013-12-03 23:32 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-01-18 00:20 - 2013-10-18 12:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-01-18 00:19 - 2013-08-15 14:59 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-01-17 15:04 - 2014-01-17 15:04 - 01467128 _____ () C:\Users\Claren\Downloads\SystemCheck_deDE(1).exe
2014-01-16 16:47 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-16 16:47 - 2009-07-14 05:45 - 00294848 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-16 00:20 - 2013-08-15 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 00:19 - 2013-06-14 21:08 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-11 21:30 - 2013-10-03 12:36 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-01-11 13:19 - 2013-06-12 19:19 - 00000000 ____D () C:\Program Files\Google
2014-01-11 13:19 - 2013-06-12 19:18 - 00000000 ____D () C:\Program Files (x86)\Google
2014-01-10 18:27 - 2013-06-12 19:19 - 00000000 ____D () C:\ProgramData\Google
2014-01-10 18:27 - 2013-06-12 19:18 - 00000000 ____D () C:\Users\Claren\AppData\Local\Google
2014-01-10 18:04 - 2013-06-13 20:11 - 00000000 ____D () C:\Windows\Minidump
2014-01-10 18:04 - 2013-06-12 20:21 - 00000000 ____D () C:\Users\Claren\AppData\Roaming\TS3Client
2014-01-10 18:04 - 2013-06-12 19:42 - 00000000 ____D () C:\Windows\Panther
2014-01-10 18:03 - 2014-01-10 18:03 - 03571656 _____ (Piriform Ltd) C:\Users\Claren\Downloads\ccsetup409_slim.exe
2014-01-10 17:52 - 2014-01-10 17:52 - 00000000 ____D () C:\Users\Claren\Documents\ProcessExplorer
2014-01-10 17:11 - 2014-01-10 17:11 - 00000000 _____ () C:\autoexec.bat
2014-01-10 17:10 - 2014-01-10 17:10 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-01-10 17:09 - 2014-01-10 17:09 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Claren\Downloads\SpyHunter-Installer.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-01-30 20:33
==================== End Of Log ============================
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 04
Ran by Claren at 2014-02-02 22:27:18
Running from C:\Users\Claren\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
Adobe Acrobat 5.0 (x32 Version: 5.1 - Adobe Systems, Inc.)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.43 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.20.100.31024 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1024.1808.30712 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1024.1808.30712 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81024.1827 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0 - Asmedia Technology)
Assassin's Creed IV Black Flag (x32 Version: - Ubisoft Montreal)
ASUS Product Register Program (x32 Version: 1.0.018 - ASUSTek Computer Inc.)
avast! Free Antivirus (x32 Version: 9.0.2013 - Avast Software)
Battle.net (x32 Version: - Blizzard Entertainment)
Battlefield 4™ (x32 Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.0 - EA Digital Illusions CE AB)
Call of Duty: Ghosts (x32 Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version: - Infinity Ward)
Call of Duty: Modern Warfare 2 (x32 Version: - Infinity Ward)
Castle Crashers (x32 Version: - The Behemoth)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1024.1808.30712 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1024.1808.30712 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1024.1808.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1024.1807.30712 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1024.1808.30712 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.10 - Piriform)
Diablo III (x32 Version: - Blizzard Entertainment)
EVEREST Home Edition v2.20 (x32 Version: 2.20 - Lavalys Inc)
Google Chrome (x32 Version: 32.0.1700.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Hearthstone (x32 Version: - Blizzard Entertainment)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (x32 Version: 140.0.61.61 - Hewlett Packard)
HP Update (x32 Version: 5.002.006.003 - Hewlett-Packard)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (x32 Version: 1.3 - Riot Games)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Norton Internet Security (x32 Version: 20.4.0.40 - Symantec Corporation)
Norton PC Checkup (x32 Version: 2.0.18.16 - Symantec Corporation)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Origin (x32 Version: 9.2.1.4399 - Electronic Arts, Inc.)
Pando Media Booster (x32 Version: 2.6.0.9 - Pando Networks Inc.)
PDF-Viewer (Version: 2.5.211.0 - Tracker Software Products Ltd)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
ROCCAT Isku FX Keyboard Driver (x32 Version: - Roccat GmbH)
ROCCAT Kone XTD Mouse Driver (x32 Version: - Roccat GmbH)
RollerCoaster Tycoon 3: Platinum! (x32 Version: - Frontier)
Samsung Data Migration (x32 Version: 2.0 - Samsung)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Sniper Ghost Warrior 2 (x32 Version: - City Interactive)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
World of Warcraft (x32 Version: - Blizzard Entertainment)
World of Warcraft Public Test (x32 Version: - Blizzard Entertainment)
==================== Restore Points =========================
21-01-2014 15:52:37 Windows Update
28-01-2014 15:39:17 Windows Update
02-02-2014 17:47:19 avast! antivirus system restore point
02-02-2014 18:27:05 Removed SpyHunter
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {080F4E8A-B91B-4BB2-A6A4-2ECF714784EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12] (Google Inc.)
Task: {0B4C3B12-7810-41E0-B9B5-D716C394C698} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-12] (Google Inc.)
Task: {3B7C342F-C7E9-4F12-9C8D-7E1D10E059A2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {4188B0DA-6DF8-4C31-A5DC-65F3EC830D7D} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {4BB81D1B-1196-460B-BA75-E3F2216A86AC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-02] (AVAST Software)
Task: {58A497A1-F5B2-4CED-B082-E5D4ECF23A86} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {74F3F581-EF3E-46C3-8021-17C4F6F0B384} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-18] ()
Task: {A6B20D9C-020D-4603-901C-4C3B2073272B} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-12-18] ()
Task: {AE262BBB-F74B-40ED-A8EF-110CBEFCFDD5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-19] (Adobe Systems Incorporated)
Task: {E6514F34-7770-4DA9-99EA-FBDBE2B5BA1A} - System32\Tasks\hpwebreg_xxxxxxxxxx => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\hpwebreg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {F6969627-88D2-4519-A568-F765F973C6FE} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {F9E3AE25-CBD0-4635-9869-0FD22489EE9B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\hpwebreg_xxxxxxxxxx.job => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HpWebReg.exe
==================== Loaded Modules (whitelisted) =============
2013-10-24 17:11 - 2013-10-24 17:11 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-06-12 20:18 - 2012-06-17 10:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2013-06-12 20:19 - 2012-07-08 15:31 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\hiddriver.dll
2013-06-17 17:47 - 2012-05-30 07:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2014-02-02 18:47 - 2014-01-21 23:40 - 02156032 _____ () C:\Program Files\AVAST Software\Avast\defs\14012101\algo.dll
2014-02-02 18:49 - 2014-02-02 10:38 - 02168320 _____ () C:\Program Files\AVAST Software\Avast\defs\14020200\algo.dll
2014-02-02 18:47 - 2014-02-02 18:47 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-12-20 14:13 - 2013-12-20 14:13 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-01-19 14:46 - 2014-01-19 14:46 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_43.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/02/2014 07:27:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary walukabs.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (02/02/2014 07:04:37 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LoLLauncher.exe, Version: 2.3.0.39, Zeitstempel: 0x52d722cc
Name des fehlerhaften Moduls: LoLLauncher.exe, Version: 2.3.0.39, Zeitstempel: 0x52d722cc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000684e0
ID des fehlerhaften Prozesses: 0x1174
Startzeit der fehlerhaften Anwendung: 0xLoLLauncher.exe0
Pfad der fehlerhaften Anwendung: LoLLauncher.exe1
Pfad des fehlerhaften Moduls: LoLLauncher.exe2
Berichtskennung: LoLLauncher.exe3
Error: (02/02/2014 06:47:23 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary walukabs.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (02/02/2014 11:00:34 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (02/02/2014 10:20:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/01/2014 04:36:30 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0xf78
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (02/01/2014 03:36:51 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
Error: (02/01/2014 10:14:28 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 10:22:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: LoLLauncher.exe, Version: 2.3.0.39, Zeitstempel: 0x52d722cc
Name des fehlerhaften Moduls: LoLLauncher.exe, Version: 2.3.0.39, Zeitstempel: 0x52d722cc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000684e0
ID des fehlerhaften Prozesses: 0x15b0
Startzeit der fehlerhaften Anwendung: 0xLoLLauncher.exe0
Pfad der fehlerhaften Anwendung: LoLLauncher.exe1
Pfad des fehlerhaften Moduls: LoLLauncher.exe2
Berichtskennung: LoLLauncher.exe3
Error: (01/31/2014 08:27:31 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
System errors:
=============
Error: (02/02/2014 06:56:37 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (02/02/2014 06:51:00 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (02/02/2014 06:51:00 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (02/02/2014 06:49:38 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (02/02/2014 06:49:38 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (02/02/2014 06:49:38 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (02/02/2014 06:49:38 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (02/02/2014 06:49:38 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (02/02/2014 06:49:37 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (01/25/2014 11:52:45 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office Sessions:
=========================
Error: (02/02/2014 07:27:10 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary walukabs.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (02/02/2014 07:04:37 PM) (Source: Application Error)(User: )
Description: LoLLauncher.exe2.3.0.3952d722ccLoLLauncher.exe2.3.0.3952d722ccc0000005000684e0117401cf1ff810566750C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\LoLLauncher.exeC:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\LoLLauncher.exe7a0490c1-8c34-11e3-bc0c-60a44c5977a5
Error: (02/02/2014 06:47:23 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary walukabs.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (02/02/2014 11:00:34 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (02/02/2014 10:20:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/01/2014 04:36:30 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8f7801cf1f614291a72eC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll9e6a4ec5-8b56-11e3-ac79-60a44c5977a5
Error: (02/01/2014 03:36:51 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
Error: (02/01/2014 10:14:28 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/31/2014 10:22:17 PM) (Source: Application Error)(User: )
Description: LoLLauncher.exe2.3.0.3952d722ccLoLLauncher.exe2.3.0.3952d722ccc0000005000684e015b001cf1eb72d5cc119C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\LoLLauncher.exeC:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.198\deploy\LoLLauncher.exec2427fb6-8abd-11e3-9c4c-60a44c5977a5
Error: (01/31/2014 08:27:31 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
CodeIntegrity Errors:
===================================
Date: 2013-06-12 21:38:07.105
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Claren\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-12 21:38:07.101
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Claren\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-12 21:38:07.061
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-06-12 21:38:07.057
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 8093.64 MB
Available physical RAM: 5732.76 MB
Total Pagefile: 16185.46 MB
Available Pagefile: 13202.24 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1863.01 GB) (Free:1634.76 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 556CE3B4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 556CE3AC)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
