FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by Chruso (administrator) on CHRUSO-PC on 30-05-2014 13:24:58
Running from C:\Users\Chruso\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Chruso\AppData\Roaming\Spotify\spotify.exe
(Spotify Ltd) C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Akamai Technologies, Inc.) C:\Users\Chruso\AppData\Local\Akamai\netsession_win.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe
(Akamai Technologies, Inc.) C:\Users\Chruso\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2014-01-08] (Realtek Semiconductor)
HKLM\...\Run: [THXCfg64] => C:\Windows\system32\THXCfg64.dll [26624 2011-05-13] (Creative Technology Ltd.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [THX TruStudio NB Settings] => C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe [909824 2011-05-19] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [t4pc_en_3] => "C:\Program Files (x86)\t4pc_en_3\t4pc_en_3.exe"
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [Spotify] => C:\Users\Chruso\AppData\Roaming\Spotify\Spotify.exe [6170168 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [Spotify Web Helper] => C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-16] (Spotify Ltd)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Chruso\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1137658774-1292525844-2702772695-1000\...\Policies\system: [DisableLockWorkstation] 0
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1AE1F14B411FCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=149&itype=n&ver=12565&tm=360&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=149&itype=n&ver=12565&tm=360&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} URL = hxxp://www.default-search.net/search?sid=492&aid=149&itype=n&ver=12565&tm=360&src=ds&p={searchTerms}
SearchScopes: HKCU - {F38CA447-3BD9-499e-A33E-25D76FA8F452} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Musik\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Chruso\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-04-16]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-28]
CHR Extension: (Google Drive) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-28]
CHR Extension: (YouTube) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-28]
CHR Extension: (Rainbow Forest (SHERIFFF)) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfdjilcpogpekcjghekpjffcoaaimjid [2014-05-28]
CHR Extension: (Google-Suche) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-28]
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-27]
CHR Extension: (AdBlock) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-28]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-04-16]
CHR Extension: (Virtual Keyboard) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-04-16]
CHR Extension: (Google Wallet) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
CHR Extension: (Google Mail) - C:\Users\Chruso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-28]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-10] ()
S2 vToolbarUpdater18.1.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.5\ToolbarUpdater.exe [X]
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-05-08] (AVG Technologies)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2014-05-11] (<Turtle Entertainment>)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-04-16] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-04-16] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-04-16] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-04-16] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-04-16] (Kaspersky Lab ZAO)
S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [88280 2014-03-05] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
R1 {587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64; C:\Windows\System32\drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys [61120 2014-05-22] (StdLib)
S3 ESEADriver2; \??\C:\Users\Chruso\AppData\Local\Temp\ESEADriver2.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-30 13:24 - 2014-05-30 13:25 - 00020003 _____ () C:\Users\Chruso\Downloads\FRST.txt
2014-05-30 13:24 - 2014-05-30 13:24 - 00000000 ____D () C:\FRST
2014-05-30 13:22 - 2014-05-30 13:22 - 02066944 _____ (Farbar) C:\Users\Chruso\Downloads\FRST64.exe
2014-05-28 20:44 - 2014-05-28 20:44 - 00000913 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk
2014-05-28 20:44 - 2014-05-28 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-05-28 20:37 - 2014-05-28 20:38 - 06585856 _____ () C:\Users\Chruso\Downloads\wllogin_64 (1).msi
2014-05-28 20:33 - 2014-05-28 20:33 - 06585856 _____ () C:\Users\Chruso\Downloads\wllogin_64.msi
2014-05-28 19:56 - 2014-05-28 19:57 - 00000000 ____D () C:\Users\Chruso\Documents\LOLReplay
2014-05-28 19:56 - 2014-05-28 19:56 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
2014-05-28 19:55 - 2014-05-28 19:55 - 01480047 _____ () C:\Users\Chruso\Downloads\LOLReplay-0.8.7.4.exe
2014-05-28 00:36 - 2014-05-28 00:36 - 00018303 _____ () C:\Users\Chruso\Desktop\AdwCleaner[S0].txt
2014-05-28 00:32 - 2014-05-28 00:35 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\64711995.sys
2014-05-28 00:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-28 00:29 - 2014-05-28 00:33 - 00000000 ____D () C:\AdwCleaner
2014-05-28 00:20 - 2014-05-28 00:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\Chruso\Downloads\AdwCleaner - CHIP-Installer.exe
2014-05-28 00:18 - 2014-05-22 18:22 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys
2014-05-28 00:15 - 2014-05-28 00:15 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 00:15 - 2014-05-28 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-28 00:14 - 2014-05-28 00:15 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 00:14 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-28 00:14 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-28 00:13 - 2014-05-28 00:14 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Chruso\Downloads\mbam-setup-2.0.0.1000.exe
2014-05-27 23:54 - 2014-05-27 23:54 - 00003859 _____ () C:\Users\Chruso\Desktop\logpc1.rar
2014-05-27 23:47 - 2014-05-30 13:16 - 00000280 _____ () C:\Windows\setupact.log
2014-05-27 23:47 - 2014-05-27 23:47 - 00324616 _____ () C:\Windows\Minidump\052714-40731-01.dmp
2014-05-27 23:47 - 2014-05-27 23:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-27 23:46 - 2014-05-28 20:34 - 00075472 _____ () C:\Windows\PFRO.log
2014-05-27 23:45 - 2014-05-27 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-27 23:45 - 2014-05-27 23:45 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-05-27 23:31 - 2014-05-27 23:31 - 00000000 ____D () C:\ProgramData\NexonEU
2014-05-27 23:28 - 2014-05-27 23:28 - 00000000 ____D () C:\Users\Chruso\Desktop\RK_Quarantine
2014-05-27 23:27 - 2014-05-27 23:27 - 00002466 _____ () C:\Users\Chruso\Desktop\aswMBR.txt
2014-05-27 23:27 - 2014-05-27 23:27 - 00000512 _____ () C:\Users\Chruso\Desktop\MBR.dat
2014-05-27 23:12 - 2014-05-30 13:19 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-27 23:12 - 2014-05-28 00:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 23:12 - 2014-05-27 23:32 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-27 23:11 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-27 23:10 - 2014-05-27 23:10 - 00000000 ____D () C:\Users\Chruso\Desktop\mbar
2014-05-27 22:59 - 2014-05-28 00:35 - 00000000 ____D () C:\Users\Chruso\AppData\Local\t4pc_en_3
2014-05-27 22:59 - 2014-05-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T4PC2
2014-05-27 22:59 - 2014-05-27 22:59 - 00000000 ____D () C:\Program Files (x86)\t4pc_en_3
2014-05-27 22:47 - 2014-05-27 22:47 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér
2014-05-27 22:35 - 2014-05-28 00:33 - 00000000 ____D () C:\Program Files (x86)\TowerTilt
2014-05-27 22:35 - 2014-05-27 22:36 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-27 22:26 - 2014-05-27 22:26 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-05-27 22:25 - 2014-05-28 20:33 - 00001338 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2014-05-27 22:13 - 2014-05-27 22:16 - 15453832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xlive.dll
2014-05-27 21:59 - 2014-05-27 21:59 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Akamai
2014-05-22 18:09 - 2014-05-22 18:09 - 02105143 _____ () C:\Users\Chruso\Downloads\Sacred Monkeys Avatare.zip
2014-05-22 16:52 - 2014-05-22 16:52 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Publish Providers
2014-05-22 16:45 - 2014-05-22 16:46 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Sony
2014-05-22 16:45 - 2014-05-22 16:45 - 00000000 ____D () C:\ProgramData\Sony
2014-05-22 16:45 - 2014-05-22 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-22 16:45 - 2014-05-22 16:45 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-05-22 16:44 - 2014-05-27 23:22 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Sony
2014-05-22 16:42 - 2014-05-22 16:42 - 242558744 _____ (Sony Creative Software Inc.) C:\Users\Chruso\Downloads\vegaspro12.0.670_CB-DL-Manager [1].exe
2014-05-22 16:41 - 2014-05-22 16:41 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Opera Software
2014-05-22 16:41 - 2014-05-22 16:41 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Opera Software
2014-05-22 16:36 - 2014-05-22 16:43 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-20 02:15 - 2014-05-20 02:15 - 00000942 _____ () C:\Users\Chruso\Desktop\ESEA Client.lnk
2014-05-19 18:54 - 2014-02-01 22:30 - 00000000 ____D () C:\Users\Chruso\Downloads\MYSTERIOUS-MONKEYS-HD---steamsize-by-weltenbummler
2014-05-19 14:23 - 2014-05-19 14:23 - 00000000 ____D () C:\Users\Chruso\Documents\Native Instruments
2014-05-15 03:05 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 03:05 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 03:05 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 03:05 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 03:05 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 03:05 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 22:47 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 22:47 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 22:47 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 22:47 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 22:47 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 22:47 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 22:47 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 22:47 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 22:47 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 22:47 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 22:47 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 22:47 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 22:47 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 22:47 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 22:47 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 22:47 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 22:47 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 22:47 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 22:47 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 22:47 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 22:47 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 22:47 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 22:47 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 22:47 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 22:47 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 22:47 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 22:47 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 22:47 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 22:47 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 22:47 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 22:47 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 22:47 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 22:47 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 22:47 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-13 14:33 - 2014-05-13 14:33 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-05-13 14:33 - 2014-05-13 14:33 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\library_dir
2014-05-13 14:32 - 2014-05-13 14:32 - 00000000 ____D () C:\ProgramData\ATI
2014-05-13 14:31 - 2014-05-14 14:11 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Raptr
2014-05-13 14:31 - 2014-05-13 14:33 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-05-13 14:31 - 2014-05-13 14:31 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-05-13 14:30 - 2014-05-13 14:30 - 00061432 _____ () C:\Windows\SysWOW64\CCCInstall_201405131430260884.log
2014-05-13 14:30 - 2014-05-13 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-05-13 14:30 - 2012-08-28 14:27 - 00058536 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2014-05-06 18:48 - 2014-05-15 03:22 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-03 21:52 - 2014-05-03 21:52 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\java
==================== One Month Modified Files and Folders =======
2014-05-30 13:25 - 2014-05-30 13:24 - 00020003 _____ () C:\Users\Chruso\Downloads\FRST.txt
2014-05-30 13:25 - 2013-03-09 23:41 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Temp
2014-05-30 13:24 - 2014-05-30 13:24 - 00000000 ____D () C:\FRST
2014-05-30 13:24 - 2009-07-14 06:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-30 13:24 - 2009-07-14 06:45 - 00021856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-30 13:22 - 2014-05-30 13:22 - 02066944 _____ (Farbar) C:\Users\Chruso\Downloads\FRST64.exe
2014-05-30 13:21 - 2013-03-09 23:41 - 01499885 _____ () C:\Windows\WindowsUpdate.log
2014-05-30 13:19 - 2014-05-27 23:12 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-30 13:19 - 2013-03-10 16:29 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-30 13:18 - 2014-04-16 14:44 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-05-30 13:18 - 2013-06-30 15:51 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Spotify
2014-05-30 13:17 - 2013-03-09 18:41 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-30 13:16 - 2014-05-27 23:47 - 00000280 _____ () C:\Windows\setupact.log
2014-05-30 13:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 20:44 - 2014-05-28 20:44 - 00000913 _____ () C:\Users\Public\Desktop\Combat Arms EU.lnk
2014-05-28 20:44 - 2014-05-28 20:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2014-05-28 20:38 - 2014-05-28 20:37 - 06585856 _____ () C:\Users\Chruso\Downloads\wllogin_64 (1).msi
2014-05-28 20:34 - 2014-05-27 23:46 - 00075472 _____ () C:\Windows\PFRO.log
2014-05-28 20:33 - 2014-05-28 20:33 - 06585856 _____ () C:\Users\Chruso\Downloads\wllogin_64.msi
2014-05-28 20:33 - 2014-05-27 22:25 - 00001338 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2014-05-28 20:32 - 2013-03-27 22:07 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Skype
2014-05-28 20:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-28 20:30 - 2013-03-09 18:41 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-28 20:08 - 2013-03-10 18:31 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\TS3Client
2014-05-28 19:57 - 2014-05-28 19:56 - 00000000 ____D () C:\Users\Chruso\Documents\LOLReplay
2014-05-28 19:56 - 2014-05-28 19:56 - 00000000 ____D () C:\Program Files (x86)\LOLReplay
2014-05-28 19:55 - 2014-05-28 19:55 - 01480047 _____ () C:\Users\Chruso\Downloads\LOLReplay-0.8.7.4.exe
2014-05-28 16:09 - 2013-06-30 15:52 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Spotify
2014-05-28 16:07 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup
2014-05-28 00:36 - 2014-05-28 00:36 - 00018303 _____ () C:\Users\Chruso\Desktop\AdwCleaner[S0].txt
2014-05-28 00:35 - 2014-05-28 00:32 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\64711995.sys
2014-05-28 00:35 - 2014-05-27 22:59 - 00000000 ____D () C:\Users\Chruso\AppData\Local\t4pc_en_3
2014-05-28 00:34 - 2014-01-08 14:25 - 00000000 ____D () C:\Users\Chruso\AppData\Local\AVG SafeGuard toolbar
2014-05-28 00:33 - 2014-05-28 00:29 - 00000000 ____D () C:\AdwCleaner
2014-05-28 00:33 - 2014-05-27 22:35 - 00000000 ____D () C:\Program Files (x86)\TowerTilt
2014-05-28 00:33 - 2013-03-09 23:43 - 00000997 _____ () C:\Users\Chruso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-28 00:33 - 2013-03-09 23:43 - 00000000 ___RD () C:\Users\Chruso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-28 00:33 - 2013-03-09 18:42 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-28 00:33 - 2013-03-09 18:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-28 00:33 - 2009-07-14 04:34 - 00000505 _____ () C:\Windows\win.ini
2014-05-28 00:28 - 2014-03-08 21:34 - 00000000 ____D () C:\Users\TEMP
2014-05-28 00:20 - 2014-05-28 00:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\Chruso\Downloads\AdwCleaner - CHIP-Installer.exe
2014-05-28 00:15 - 2014-05-28 00:15 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-28 00:15 - 2014-05-28 00:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-28 00:15 - 2014-05-28 00:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-28 00:14 - 2014-05-28 00:13 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Chruso\Downloads\mbam-setup-2.0.0.1000.exe
2014-05-28 00:14 - 2014-05-27 23:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-27 23:54 - 2014-05-27 23:54 - 00003859 _____ () C:\Users\Chruso\Desktop\logpc1.rar
2014-05-27 23:50 - 2013-03-09 18:10 - 00068712 _____ () C:\Users\Chruso\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-27 23:47 - 2014-05-27 23:47 - 00324616 _____ () C:\Windows\Minidump\052714-40731-01.dmp
2014-05-27 23:47 - 2014-05-27 23:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-27 23:47 - 2013-03-28 01:39 - 00000000 ____D () C:\Windows\Minidump
2014-05-27 23:47 - 2009-07-14 06:45 - 00313176 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-27 23:45 - 2014-05-27 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-27 23:45 - 2014-05-27 23:45 - 00000000 ____D () C:\Program Files (x86)\7-Zip
2014-05-27 23:43 - 2013-03-09 23:43 - 00000000 ____D () C:\Users\Chruso\AppData\Local\VirtualStore
2014-05-27 23:32 - 2014-05-27 23:12 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-27 23:31 - 2014-05-27 23:31 - 00000000 ____D () C:\ProgramData\NexonEU
2014-05-27 23:28 - 2014-05-27 23:28 - 00000000 ____D () C:\Users\Chruso\Desktop\RK_Quarantine
2014-05-27 23:27 - 2014-05-27 23:27 - 00002466 _____ () C:\Users\Chruso\Desktop\aswMBR.txt
2014-05-27 23:27 - 2014-05-27 23:27 - 00000512 _____ () C:\Users\Chruso\Desktop\MBR.dat
2014-05-27 23:22 - 2014-05-22 16:44 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Sony
2014-05-27 23:19 - 2013-03-18 21:50 - 00000000 ____D () C:\Users\Chruso\AppData\Local\CrashDumps
2014-05-27 23:10 - 2014-05-27 23:10 - 00000000 ____D () C:\Users\Chruso\Desktop\mbar
2014-05-27 22:59 - 2014-05-27 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\T4PC2
2014-05-27 22:59 - 2014-05-27 22:59 - 00000000 ____D () C:\Program Files (x86)\t4pc_en_3
2014-05-27 22:47 - 2014-05-27 22:47 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér
2014-05-27 22:41 - 2014-04-25 19:45 - 00000000 ____D () C:\Program Files\ASRock
2014-05-27 22:36 - 2014-05-27 22:35 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-27 22:35 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-05-27 22:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-05-27 22:26 - 2014-05-27 22:26 - 00000000 ____D () C:\Windows\SysWOW64\xlive
2014-05-27 22:26 - 2013-03-21 21:38 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games for Windows - LIVE
2014-05-27 22:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-05-27 22:16 - 2014-05-27 22:13 - 15453832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xlive.dll
2014-05-27 21:59 - 2014-05-27 21:59 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Akamai
2014-05-24 15:03 - 2011-04-12 09:43 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-05-24 15:03 - 2011-04-12 09:43 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-05-24 15:03 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-22 18:22 - 2014-05-28 00:18 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{587cb346-a3d8-4884-b39b-f0ed918b6f96}Gw64.sys
2014-05-22 18:09 - 2014-05-22 18:09 - 02105143 _____ () C:\Users\Chruso\Downloads\Sacred Monkeys Avatare.zip
2014-05-22 16:52 - 2014-05-22 16:52 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Publish Providers
2014-05-22 16:46 - 2014-05-22 16:45 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Sony
2014-05-22 16:45 - 2014-05-22 16:45 - 00000000 ____D () C:\ProgramData\Sony
2014-05-22 16:45 - 2014-05-22 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-05-22 16:45 - 2014-05-22 16:45 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-05-22 16:43 - 2014-05-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-05-22 16:42 - 2014-05-22 16:42 - 242558744 _____ (Sony Creative Software Inc.) C:\Users\Chruso\Downloads\vegaspro12.0.670_CB-DL-Manager [1].exe
2014-05-22 16:42 - 2013-04-11 18:43 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Apple Computer
2014-05-22 16:42 - 2013-04-11 18:41 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-22 16:41 - 2014-05-22 16:41 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Opera Software
2014-05-22 16:41 - 2014-05-22 16:41 - 00000000 ____D () C:\Users\Chruso\AppData\Local\Opera Software
2014-05-21 15:58 - 2013-10-22 20:13 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\TeamViewer
2014-05-20 02:15 - 2014-05-20 02:15 - 00000942 _____ () C:\Users\Chruso\Desktop\ESEA Client.lnk
2014-05-20 02:15 - 2014-01-12 18:57 - 00000000 ____D () C:\Program Files\ESEA
2014-05-19 14:23 - 2014-05-19 14:23 - 00000000 ____D () C:\Users\Chruso\Documents\Native Instruments
2014-05-17 15:45 - 2013-10-12 13:18 - 00000000 ____D () C:\Windows\rescache
2014-05-16 01:32 - 2013-04-09 20:25 - 00000000 ____D () C:\Users\Chruso\AppData\Local\ESL Wire Game Client
2014-05-15 13:09 - 2013-03-09 23:43 - 00000000 ___RD () C:\Users\Chruso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 03:22 - 2014-05-06 18:48 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-15 03:05 - 2013-08-16 03:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 03:05 - 2013-06-10 14:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-14 17:44 - 2014-02-22 17:26 - 00000000 ____D () C:\Windows\pss
2014-05-14 14:11 - 2014-05-13 14:31 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Raptr
2014-05-13 14:33 - 2014-05-13 14:33 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-05-13 14:33 - 2014-05-13 14:33 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\library_dir
2014-05-13 14:33 - 2014-05-13 14:31 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-05-13 14:32 - 2014-05-13 14:32 - 00000000 ____D () C:\ProgramData\ATI
2014-05-13 14:31 - 2014-05-13 14:31 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-05-13 14:31 - 2014-04-21 17:34 - 00000000 ____D () C:\ProgramData\AMD
2014-05-13 14:31 - 2013-10-27 16:03 - 00000000 ____D () C:\Program Files\AMD
2014-05-13 14:31 - 2013-03-09 23:49 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-05-13 14:30 - 2014-05-13 14:30 - 00061432 _____ () C:\Windows\SysWOW64\CCCInstall_201405131430260884.log
2014-05-13 14:30 - 2014-05-13 14:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-05-13 14:30 - 2014-04-21 17:32 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-05-11 22:48 - 2013-08-27 22:38 - 00184968 _____ (<Turtle Entertainment>) C:\Windows\system32\Drivers\ESLWireACD.sys
2014-05-11 22:44 - 2013-08-27 22:38 - 00000779 _____ () C:\Users\Public\Desktop\ESL Wire.lnk
2014-05-11 22:44 - 2013-08-27 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
2014-05-11 22:44 - 2013-04-09 20:24 - 00000000 ____D () C:\Program Files\EslWire
2014-05-09 08:14 - 2014-05-14 22:47 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 22:47 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 17:30 - 2014-01-08 14:25 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-05-07 21:25 - 2013-03-09 18:41 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 21:25 - 2013-03-09 18:41 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 06:40 - 2014-05-15 03:05 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 03:05 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 03:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 03:05 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 03:05 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-04 17:12 - 2013-03-09 20:23 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-04 00:32 - 2013-04-03 23:58 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\.minecraft
2014-05-03 21:52 - 2014-05-03 21:52 - 00000000 ____D () C:\Users\Chruso\AppData\Roaming\java
2014-05-03 21:49 - 2013-03-26 03:16 - 00050688 ___SH () C:\Users\Chruso\Downloads\Thumbs.db
Some content of TEMP:
====================
C:\Users\Chruso\AppData\Local\Temp\NGMDll.dll
C:\Users\Chruso\AppData\Local\Temp\NGMResource.dll
C:\Users\Chruso\AppData\Local\Temp\NGMSetup.exe
C:\Users\Chruso\AppData\Local\Temp\Quarantine.exe
C:\Users\Chruso\AppData\Local\Temp\unicows.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-19 12:42
==================== End Of Log ============================ --- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-05-2014
Ran by Chruso at 2014-05-30 13:25:27
Running from C:\Users\Chruso\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.0.8.4990 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.3.183.75 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.07.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock eXtreme Tuner v0.1.346 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock InstantBoot v1.28 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\{9580813D-94B1-4C28-9426-A441E2BB29A5}) (Version: 1.0.0.0 - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version: - Codemasters)
ESEA Client (HKCU\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
ESL Wire 1.17.3 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free M4a to MP3 Converter 8.0 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
IObit Apps Toolbar v9.2 (HKLM-x32\...\{4F5E5430-1DA8-4B2B-BB26-B29C0E7DBFDB}) (Version: 9.2 - Spigot, Inc.) <==== ATTENTION
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.7.4 - www.leaguereplays.com)
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Controller Editor (Version: 1.3.4.630 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: - Native Instruments)
Native Instruments Traktor 2 (Version: 2.0.1.10169 - Native Instruments) Hidden
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 (Version: 2.9.8.581 - Native Instruments) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKCU\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Price Metér (remove only) (HKCU\...\Price Metér) (Version: 1.1.2.7 - Price Meter) <==== ATTENTION
Protegere (HKLM-x32\...\Protegere) (Version: - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.0-1.0.5185.1 - raidcall.com)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.171.34768 - SteelSeries)
t4pc_en_3 (HKLM-x32\...\t4pc_en_3_is1) (Version: - T4PC2) <==== ATTENTION
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
THX TruStudio (HKLM-x32\...\{AFB907F5-C0E6-4753-8284-DE955EF86AC2}) (Version: 1.00.01 - Creative Technology Limited)
TS3 Overlay (HKLM\...\TS3 Overlay) (Version: v3.0.16 - Rohrbacher Development)
TubeBox (HKLM-x32\...\{dfb98fb0-f9eb-4466-8678-55f5d75269ae}) (Version: 4.3.0.32 - Freetec)
TubeBox (x32 Version: 4.3.0.32 - Freetec) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EEB9EFDE-ED91-11E2-91A8-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Utils (HKLM-x32\...\Windows Utils) (Version: - )
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0147ECF3-5DBA-4435-A639-C02C304EC165} - \pricemetertask No Task File <==== ATTENTION
Task: {18623098-D952-4EEF-B71D-962A8E4CB083} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-3 No Task File <==== ATTENTION
Task: {41CE9A7B-F7AB-464C-9DA4-5A5CBA09D143} - \Software Updater Ui No Task File <==== ATTENTION
Task: {46F5595C-7D3A-4598-BD19-B7A5E0001257} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-09] (Google Inc.)
Task: {5B20C5C0-9495-4DE5-80E0-B4C3C0976B98} - \globalUpdateUpdateTaskMachineCore No Task File <==== ATTENTION
Task: {5F343881-04E2-4F47-ABF1-FE9700C2EB93} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-09] (Google Inc.)
Task: {61D710D7-F0D6-428F-9444-E1A069532041} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-6 No Task File <==== ATTENTION
Task: {6B099A62-9F7E-459D-9FE7-304850DBF85C} - \pricemeterwatcher No Task File <==== ATTENTION
Task: {6E01D87D-8555-47DC-8024-77DBFAD2298C} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-5 No Task File <==== ATTENTION
Task: {7D825F8E-DEF8-4AEE-979C-10573864BEAD} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-7 No Task File <==== ATTENTION
Task: {7FFD0D0A-8FDB-43FE-B041-A0EBB78F0421} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {ABE1A0EA-61D1-405B-B317-5D17104206E0} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-4 No Task File <==== ATTENTION
Task: {B3FDAF8A-A06C-47FD-AB22-13555F2D0FD8} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-2 No Task File <==== ATTENTION
Task: {BC5217B9-4A6F-41B4-88B5-9CFE42F7B7B5} - \YourFile DownloaderUpdate No Task File <==== ATTENTION
Task: {CEE569BB-95B2-4056-BFA7-25BA75DEB58E} - \87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-1 No Task File <==== ATTENTION
Task: {E13B4746-7BB5-4F56-AB64-E1D09560B3F5} - \globalUpdateUpdateTaskMachineUA No Task File <==== ATTENTION
Task: {E5FA9CDD-0F38-45B7-88C3-7CB0F587271C} - \Software Updater No Task File <==== ATTENTION
Task: {ED5726E8-5B6F-4980-841A-E8F5760BEFA9} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {F4296FC2-4311-4B15-B493-F3BBCF524C06} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {F78B0B10-6C03-47BB-B3EB-0FCC444C2BFE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-04-17 22:29 - 2014-04-17 22:29 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-08-27 22:38 - 2014-01-29 19:14 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2013-04-09 20:25 - 2014-02-06 16:38 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2013-03-09 23:54 - 2011-05-19 10:58 - 00246784 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2013-11-05 19:19 - 2013-11-05 19:19 - 00708096 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-01-08 23:52 - 2014-01-08 23:52 - 00089915 ____N () C:\Users\Chruso\AppData\Local\Temp\10d2ca4a-28d7-4d81-8c1e-dc42bb6c83fc\CliSecureRT64.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00280064 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 09562112 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 07:46 - 2013-01-10 07:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2013-11-05 19:19 - 2013-11-05 19:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2013-03-10 21:48 - 2013-03-10 21:58 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-25 14:45 - 2014-05-16 13:16 - 00598072 _____ () C:\Users\Chruso\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2013-01-28 13:08 - 2013-01-28 13:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 13:08 - 2013-01-28 13:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2013-06-30 15:52 - 2014-05-16 13:16 - 36966968 _____ () C:\Users\Chruso\AppData\Roaming\Spotify\Data\libcef.dll
2013-03-09 23:53 - 2011-05-04 17:32 - 00094208 ____N () C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\de-DE\THXAudNB.resources.dll
2013-09-25 14:45 - 2014-05-16 13:16 - 00886840 _____ () C:\Users\Chruso\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-09-25 14:45 - 2014-05-16 13:16 - 00108600 _____ () C:\Users\Chruso\AppData\Roaming\Spotify\Data\libegl.dll
2014-05-22 13:20 - 2014-04-30 02:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 10:34 - 2014-04-30 02:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-22 13:20 - 2014-04-30 02:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-08 13:41 - 2014-04-30 02:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-12 18:10 - 2014-05-17 03:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 13:20 - 2014-05-29 19:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-22 13:20 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-02-25 08:39 - 2014-05-29 19:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-02-19 12:48 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-05-22 19:12 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 19:12 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 19:12 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 19:12 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 19:12 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
2014-05-22 19:12 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\startupfolder: C:^Users^Chruso^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Netzmanager.lnk => C:\Windows\pss\Netzmanager.lnk.Startup
MSCONFIG\startupreg: ApplePhotoStreams => E:\Musik\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: EADM => "E:\Spiele\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: ESL Wire => "C:\Program Files\EslWire\wire.exe" --tray
MSCONFIG\startupreg: iCloudServices => E:\Musik\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "E:\Musik\iTunesHelper.exe"
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (05/30/2014 01:19:50 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (05/30/2014 01:19:20 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (05/30/2014 01:18:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/28/2014 08:38:43 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (05/28/2014 08:36:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/28/2014 04:10:06 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (05/28/2014 04:09:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/28/2014 03:43:54 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (05/28/2014 03:34:39 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
Error: (05/28/2014 03:07:51 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe
System errors:
=============
Error: (05/30/2014 01:19:17 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (05/30/2014 01:19:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/30/2014 01:19:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (05/30/2014 01:16:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.5" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/30/2014 01:16:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/28/2014 08:36:32 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (05/28/2014 08:35:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.5" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/28/2014 08:35:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.3" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/28/2014 04:09:12 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147023143.
Error: (05/28/2014 04:07:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater18.1.5" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (10/30/2013 05:53:47 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2315 seconds with 1380 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-05-24 18:38:17.343
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 18:38:17.342
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 18:38:17.341
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 18:38:17.324
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 18:38:17.323
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-24 18:38:17.321
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-17 15:39:19.085
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-17 15:39:19.084
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-17 15:39:19.083
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-05-17 15:39:19.075
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 45%
Total physical RAM: 8149.7 MB
Available physical RAM: 4460.86 MB
Total Pagefile: 28096.01 MB
Available Pagefile: 23666.39 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:58.5 GB) (Free:4.14 GB) NTFS
Drive d: () (Fixed) (Total:488.28 GB) (Free:476.5 GB) NTFS
Drive e: () (Fixed) (Total:384.64 GB) (Free:248.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D0502C3C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=385 GB) - (Type=07 NTFS)
==================== End Of Log ============================ |