Trojaner-Board - Laptop wird voll ausgelastet!

Frst.txt

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2014 01

Ran by Daniel (administrator) on DANIEL-PC on 08-03-2014 12:52:26

Running from C:\Users\Daniel\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 9

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\system32\WLANExt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe

() C:\Program Files (x86)\Hotkey\PowerBiosServer.exe

(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe

(Chicony) C:\Program Files (x86)\ChiconyCam\CECAPLF.exe

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cfp.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe

() C:\Program Files (x86)\Hotkey\Hotkey.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe

(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe

(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2328360 2010-09-16] (Synaptics Incorporated)

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-26] (Realtek Semiconductor)

HKLM\...\Run: [IntelWireless] - C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)

HKLM\...\Run: [CECAPLF] - C:\Program Files (x86)\ChiconyCam\CECAPLF.exe [121456 2011-07-06] (Chicony)

HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.)

HKLM\...\Run: [COMODO Internet Security] - C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [9569096 2012-03-11] (COMODO)

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1271168 2012-03-26] (Microsoft Corporation)

HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [165144 2008-11-27] (Acronis)

HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1374720 2010-11-01] (Creative Technology Ltd)

HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-29] (Intel Corporation)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-07-18] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4386336 2008-11-27] (Acronis)

HKLM-x32\...\Run: [AcronisTimounterMonitor] - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [962584 2008-11-27] (Acronis)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1566376184-774175250-1359431121-1000\...\Run: [Google Update] - C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-08] (Google Inc.)

HKU\S-1-5-21-1566376184-774175250-1359431121-1000\...\MountPoints2: {2403b117-f9a4-11e1-a839-806e6f6e6963} - E:\autorun.exe

HKU\S-1-5-21-1566376184-774175250-1359431121-1001\...\MountPoints2: {2403b117-f9a4-11e1-a839-806e6f6e6963} - E:\autorun.exe

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [240232 2011-08-03] (NVIDIA Corporation)

AppInit_DLLs:  C:\Windows\system32\guard64.dll => C:\Windows\system32\guard64.dll [389840 2012-03-11] (COMODO)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201320 2011-08-03] (NVIDIA Corporation)

AppInit_DLLs-x32:  C:\Windows\SysWOW64\guard32.dll => C:\Windows\SysWOW64\guard32.dll [301224 2012-03-11] (COMODO)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x05C797ABB58DCD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

Chrome: 

=======

CHR HomePage: 

CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll ()

CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Google Update) - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File

CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-08]
 

==================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)

R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2815496 2012-03-11] (COMODO)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [12600 2012-03-26] (Microsoft Corporation)

S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [291696 2012-03-26] (Microsoft Corporation)

R2 PowerBiosServer; C:\Program Files (x86)\Hotkey\PowerBiosServer.exe [33792 2011-02-15] ()

R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-07-18] (Avira GmbH)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-07-18] (Avira GmbH)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-07-18] (Avira GmbH)

R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [577824 2012-03-11] (COMODO)

R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [43248 2012-03-11] (COMODO)

R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [93200 2012-02-03] (COMODO)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [203888 2012-03-20] (Microsoft Corporation)

S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [98688 2012-03-20] (Microsoft Corporation)

R0 snapman380; C:\Windows\System32\DRIVERS\snman380.sys [237600 2012-09-08] (Acronis)

R0 tdrpman174; C:\Windows\System32\DRIVERS\tdrpm174.sys [1581088 2012-09-08] (Acronis)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-03-08 12:52 - 2014-03-08 12:52 - 00011503 _____ () C:\Users\Daniel\Downloads\FRST.txt

2014-03-08 12:52 - 2014-03-08 12:52 - 00000000 ____D () C:\FRST

2014-03-08 12:51 - 2014-03-08 12:51 - 02156544 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe

2014-03-08 12:50 - 2014-03-08 12:51 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-1.75.0.1300.exe

2014-03-08 12:39 - 2014-03-08 12:41 - 00000000 ____D () C:\AdwCleaner

2014-03-08 12:39 - 2014-03-08 12:39 - 01244192 _____ () C:\Users\Daniel\Downloads\adwcleaner_3.0.2.0.exe

2014-03-08 12:19 - 2014-03-08 12:19 - 00001923 _____ () C:\Users\Daniel\Desktop\CheckDrive.lnk

2014-03-08 12:19 - 2014-03-08 12:19 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft

2014-03-08 12:19 - 2014-03-08 12:19 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Abelssoft

2014-03-08 12:19 - 2014-03-08 12:19 - 00000000 ____D () C:\Program Files (x86)\CheckDrive

2014-03-08 12:17 - 2014-03-08 12:18 - 14536560 _____ (Abelssoft ) C:\Users\Daniel\Downloads\checkdrive2014.exe

2014-03-08 12:03 - 2014-03-08 12:03 - 00301688 _____ (Thesycon GmbH) C:\Users\Daniel\Downloads\dpclat.exe

2014-03-08 11:48 - 2014-03-08 11:48 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\LolClient

2014-03-08 11:33 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx

2014-03-08 11:33 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll

2014-03-08 11:33 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx

2014-03-08 11:33 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll

2014-03-08 11:33 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe

2014-03-08 11:33 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe

2014-03-08 11:33 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe

2014-03-08 11:33 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

2014-03-08 11:33 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-03-08 11:33 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-03-08 11:33 - 2013-08-27 10:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2014-03-08 11:33 - 2013-08-27 10:01 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2014-03-08 11:33 - 2013-08-27 09:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2014-03-08 11:33 - 2013-07-26 03:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-03-08 11:33 - 2013-07-26 03:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll

2014-03-08 11:33 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-03-08 11:33 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll

2014-03-08 11:33 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-03-08 11:33 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2014-03-08 11:33 - 2013-07-06 07:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-03-08 11:33 - 2013-05-13 06:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2014-03-08 11:33 - 2013-05-13 06:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2014-03-08 11:33 - 2013-05-13 06:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2014-03-08 11:33 - 2013-05-13 06:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll

2014-03-08 11:33 - 2013-05-13 05:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2014-03-08 11:33 - 2013-05-13 05:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2014-03-08 11:33 - 2013-05-13 05:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2014-03-08 11:33 - 2013-05-13 04:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe

2014-03-08 11:33 - 2013-05-13 04:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe

2014-03-08 11:33 - 2013-05-13 04:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll

2014-03-08 11:33 - 2013-04-26 06:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll

2014-03-08 11:33 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll

2014-03-08 11:33 - 2013-01-03 07:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-03-08 11:33 - 2012-11-23 04:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe

2014-03-08 11:33 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll

2014-03-08 11:33 - 2012-09-25 23:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll

2014-03-08 11:33 - 2012-08-22 19:12 - 00376688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-03-08 11:30 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll

2014-03-08 11:30 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL

2014-03-08 11:30 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL

2014-03-08 11:30 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll

2014-03-08 11:30 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL

2014-03-08 11:30 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-03-08 11:30 - 2013-04-10 07:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys

2014-03-08 11:30 - 2011-02-03 12:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll

2014-03-08 10:14 - 2014-03-08 10:15 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe

2014-03-08 10:14 - 2014-03-08 10:14 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\NVIDIA

2014-03-08 10:13 - 2014-03-08 10:14 - 00000000 ____D () C:\ProgramData\Adobe

2014-03-08 10:12 - 2014-03-08 12:43 - 00007643 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg
 

==================== One Month Modified Files and Folders =======
 

2014-03-08 12:52 - 2014-03-08 12:52 - 00011503 _____ () C:\Users\Daniel\Downloads\FRST.txt

2014-03-08 12:52 - 2014-03-08 12:52 - 00000000 ____D () C:\FRST

2014-03-08 12:51 - 2014-03-08 12:51 - 02156544 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe

2014-03-08 12:51 - 2014-03-08 12:50 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-1.75.0.1300.exe

2014-03-08 12:49 - 2009-07-14 05:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-03-08 12:49 - 2009-07-14 05:45 - 00021840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-03-08 12:47 - 2011-04-12 08:43 - 00656266 _____ () C:\Windows\system32\perfh007.dat

2014-03-08 12:47 - 2011-04-12 08:43 - 00131006 _____ () C:\Windows\system32\perfc007.dat

2014-03-08 12:47 - 2009-07-14 06:13 - 01505034 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-03-08 12:45 - 2012-09-08 12:03 - 01820316 _____ () C:\Windows\WindowsUpdate.log

2014-03-08 12:43 - 2014-03-08 10:12 - 00007643 _____ () C:\Users\Daniel\AppData\Local\Resmon.ResmonCfg

2014-03-08 12:41 - 2014-03-08 12:39 - 00000000 ____D () C:\AdwCleaner

2014-03-08 12:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-03-08 12:41 - 2009-07-14 05:51 - 00032708 _____ () C:\Windows\setupact.log

2014-03-08 12:39 - 2014-03-08 12:39 - 01244192 _____ () C:\Users\Daniel\Downloads\adwcleaner_3.0.2.0.exe

2014-03-08 12:36 - 2012-09-08 12:04 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-03-08 12:36 - 2012-09-08 12:04 - 00000000 ___RD () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-03-08 12:35 - 2011-04-12 08:55 - 00000000 ____D () C:\Program Files\Windows Journal

2014-03-08 12:34 - 2012-09-08 12:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-03-08 12:19 - 2014-03-08 12:19 - 00001923 _____ () C:\Users\Daniel\Desktop\CheckDrive.lnk

2014-03-08 12:19 - 2014-03-08 12:19 - 00000000 ____D () C:\Windows\System32\Tasks\Abelssoft

2014-03-08 12:19 - 2014-03-08 12:19 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Abelssoft

2014-03-08 12:19 - 2014-03-08 12:19 - 00000000 ____D () C:\Program Files (x86)\CheckDrive

2014-03-08 12:18 - 2014-03-08 12:17 - 14536560 _____ (Abelssoft ) C:\Users\Daniel\Downloads\checkdrive2014.exe

2014-03-08 12:09 - 2012-09-08 12:59 - 00002329 _____ () C:\Users\Daniel\Desktop\Google Chrome.lnk

2014-03-08 12:09 - 2012-09-08 12:59 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-03-08 12:08 - 2012-09-08 12:58 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1566376184-774175250-1359431121-1000UA.job

2014-03-08 12:08 - 2012-09-08 12:58 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1566376184-774175250-1359431121-1000Core.job

2014-03-08 12:06 - 2012-09-08 12:38 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-03-08 12:06 - 2012-09-08 12:38 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-03-08 12:06 - 2012-09-08 12:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-03-08 12:03 - 2014-03-08 12:03 - 00301688 _____ (Thesycon GmbH) C:\Users\Daniel\Downloads\dpclat.exe

2014-03-08 12:03 - 2012-09-08 12:58 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566376184-774175250-1359431121-1000UA

2014-03-08 12:03 - 2012-09-08 12:58 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566376184-774175250-1359431121-1000Core

2014-03-08 11:48 - 2014-03-08 11:48 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\LolClient

2014-03-08 11:47 - 2012-09-08 12:38 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Adobe

2014-03-08 10:15 - 2014-03-08 10:14 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe

2014-03-08 10:14 - 2014-03-08 10:14 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\NVIDIA

2014-03-08 10:14 - 2014-03-08 10:13 - 00000000 ____D () C:\ProgramData\Adobe
 

Some content of TEMP:

====================

C:\Users\Daniel\AppData\Local\Temp\AskSLib.dll

C:\Users\Daniel\AppData\Local\Temp\DIFxAPI.dll

C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe

C:\Users\Daniel\AppData\Local\Temp\_isEDC7.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2011-12-05 13:04
 

==================== End Of Log ============================

--- --- ---

Addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2014 01

Ran by Daniel at 2014-03-08 12:53:03

Running from C:\Users\Daniel\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Out of date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AV: Microsoft Security Essentials (Enabled - Up to date) {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

AS: Avira Desktop (Enabled - Out of date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {2C040BB5-2B06-7275-5A21-2B969A740B4B}

AS: COMODO Defense+ (Enabled - Up to date) {FEEA52D5-051E-08DD-07EF-2F009097607D}

FW: COMODO Firewall (Enabled) {7DB03214-694B-060B-1600-BD4715C36DBB}
 

==================== Installed Programs ======================
 

Acronis*True*Image*Home (HKLM-x32\...\{37C8899D-FD70-481F-94AA-1F1B08765E22}) (Version: 12.0.9646.4 - Acronis)

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)

Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.0.0.1167 - Avira)

BisonCam (HKLM-x32\...\{5BBC4803-C96E-4D3E-9D1D-2E43774C4062}) (Version: 9.2.1.71.34 - BisonCam)

CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)

CheckDrive (HKLM-x32\...\{B83513EC-2E4D-4621-816D-4CCF397BE702}_is1) (Version: 4.4 - Abelssoft)

ChiconyCam (HKLM-x32\...\{A2201542-DA80-457F-8BD9-6C9C90196481}) (Version: 1.0.47.0819 - Chicony Electronics Co.,Ltd.)

Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 15.0 - COMODO)

COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.10.31649.2253 - COMODO Security Solutions Inc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Defraggler (HKLM\...\Defraggler) (Version: 2.10 - Piriform)

Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)

Hotkey 3.3044 (HKLM-x32\...\InstallShield_{164714B6-46BC-4649-9A30-A6ED32F03B5A}) (Version: 3.3044 - NoteBook)

Hotkey 3.3044 (x32 Version: 3.3044 - NoteBook) Hidden

Intel PROSet Wireless (Version:  - ) Hidden

Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)

Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)

Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)

JMicron Ethernet Adapter NDIS Driver (HKLM-x32\...\{96DCEE2F-98EE-4F80-8C0F-7C04D1FB9D7F}) (Version: 6.0.26.6 - JMicron Technology Corp.)

JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.62.0 - JMicron Technology Corp.)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)

Microsoft Security Client (Version: 4.0.1526.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.0.1526.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden

NVIDIA 3D Vision Controller-Treiber 280.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 280.19 - NVIDIA Corporation)

NVIDIA Grafiktreiber 280.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 280.26 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1000.25.170 - NVIDIA Corporation) Hidden

NVIDIA Optimus 1.4.28 (Version: 1.4.28 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)

NVIDIA Systemsteuerung 280.26 (Version: 280.26 - NVIDIA Corporation) Hidden

NVIDIA Update 1.4.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.4.28 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.4.28 - NVIDIA Corporation) Hidden

OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6301 - Realtek Semiconductor Corp.)

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.14.0 - Synaptics Incorporated)

THX TruStudio Pro (HKLM-x32\...\{82F99DC9-389A-4528-940C-88248731A620}) (Version: TAMB-CVS1D-1-LB R07 - Creative Technology Limited)

TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{EB3C6814-1327-4B63-85CB-8A69AF09BAA6}) (Version: 1.12.7.0 - Ihr Firmenname)

TI USB3 Host Driver (x32 Version: 1.12.7.0 - Ihr Firmenname) Hidden

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)

WebCam Installer (HKLM-x32\...\InstallShield_{2A14D7BC-1876-4B38-830B-18856C27F550}) (Version: 4.00 - WebCam)

WebCam Installer (x32 Version: 4.00 - WebCam) Hidden

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Restore Points  =========================
 
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {13B407C5-B52D-402E-A34C-B090F4F53F41} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)

Task: {715356AD-9EED-4DC6-90CE-6DBFF9C1979A} - System32\Tasks\Abelssoft\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2013-09-02] (Abelssoft)

Task: {ADC7FC6C-6FCE-4296-8306-966AB814EB46} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-08] (Adobe Systems Incorporated)

Task: {AF1217D8-7964-4229-896D-6739C1A9CB29} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566376184-774175250-1359431121-1000UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-08] (Google Inc.)

Task: {CC4F363D-C129-47FE-A61B-4DBB990846D3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1566376184-774175250-1359431121-1000Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-08] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1566376184-774175250-1359431121-1000Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1566376184-774175250-1359431121-1000UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2011-01-05 11:53 - 2011-01-05 11:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll

2011-02-15 16:16 - 2011-02-15 16:16 - 00033792 _____ () C:\Program Files (x86)\Hotkey\PowerBiosServer.exe

2014-03-08 12:19 - 2013-09-02 11:05 - 00017936 _____ () C:\Program Files (x86)\CheckDrive\AbStartManager.dll

2014-03-08 12:19 - 2013-09-02 11:05 - 00016912 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll

2012-09-08 12:10 - 2011-08-09 00:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2011-01-05 11:53 - 2011-01-05 11:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll

2012-09-08 12:30 - 2010-11-12 11:38 - 00241152 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL

2011-09-06 13:40 - 2011-09-06 13:40 - 03080192 _____ () C:\Program Files (x86)\Hotkey\Hotkey.exe

2012-09-08 12:42 - 2012-07-18 17:04 - 00398288 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

2009-06-06 13:50 - 2009-06-06 13:50 - 00019968 _____ () C:\Program Files (x86)\Hotkey\Audiodll.dll

2006-12-11 01:10 - 2006-12-11 01:10 - 00049152 _____ () C:\Program Files (x86)\Hotkey\AudioControlDLL.dll

2012-09-08 12:29 - 2010-11-01 16:34 - 00159744 ____N () C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\de-DE\THXAudio.resources.dll

2014-03-08 12:09 - 2014-03-02 03:35 - 00051016 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll

2014-03-08 12:09 - 2014-03-02 03:35 - 00716616 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\libglesv2.dll

2014-03-08 12:09 - 2014-03-02 03:35 - 00100168 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\libegl.dll

2014-03-08 12:09 - 2014-03-02 03:35 - 04061000 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\pdf.dll

2014-03-08 12:09 - 2014-03-02 03:35 - 00394568 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll

2014-03-08 12:09 - 2014-03-02 03:35 - 01647432 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll

2012-09-08 12:33 - 2011-04-29 23:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

2014-03-08 12:09 - 2014-03-02 03:35 - 13632840 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\startupfolder: C:^Users^Daniel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (03/08/2014 00:42:24 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (03/08/2014 00:36:11 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (03/08/2014 00:34:54 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (03/08/2014 00:22:44 PM) (Source: System Restore) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\servicing\TrustedInstaller.exe; Beschreibung = Windows Modules Installer; Fehler = 0x80070422).
 

Error: (03/08/2014 00:22:44 PM) (Source: System Restore) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).
 

Error: (03/08/2014 11:32:55 AM) (Source: System Restore) (User: )

Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x80070422).
 

Error: (03/08/2014 10:11:28 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (09/08/2012 02:15:50 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (09/08/2012 02:00:12 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (09/08/2012 01:45:54 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (03/08/2014 00:35:26 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 

%%13
 

Error: (03/08/2014 00:34:30 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎08.‎03.‎2014 um 12:30:13 unerwartet heruntergefahren.
 

Error: (09/08/2012 01:59:37 PM) (Source: volsnap) (User: )

Description: Die Schattenkopien von Volume "C:" wurde während der Ermittlung abgebrochen.
 

Error: (09/08/2012 01:22:24 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 

%%16405
 

Error: (09/08/2012 00:54:13 PM) (Source: Microsoft Antimalware) (User: )

Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt
 

        Feature: %%835
 

        Fehlercode: 0x80004005
 

        Fehlerbeschreibung: Unbekannter Fehler 
 

        Grund: %%842
 

Error: (09/08/2012 00:45:36 PM) (Source: Service Control Manager) (User: )

Description: Der Dienst "COMODO Internet Security Helper Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 

Error: (09/08/2012 00:32:06 PM) (Source: Microsoft Antimalware) (User: )

Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt
 

        Feature: %%835
 

        Fehlercode: 0x80004005
 

        Fehlerbeschreibung: Unbekannter Fehler 
 

        Grund: %%842
 

Error: (09/08/2012 00:20:19 PM) (Source: Microsoft Antimalware) (User: )

Description: Beim Aktualisieren der Signaturen wurde von %Daniel-PC60 ein Fehler festgestellt.
 

        Neue Signaturversion: 
 

        Vorherige Signaturversion: 1.105.605.0
 

        Aktualisierungsquelle: %Daniel-PC51
 

        Aktualisierungsphase: 3.0.8402.00
 

        Quellpfad: 3.0.8402.01
 

        Signaturtyp: %Daniel-PC602
 

        Aktualisierungstyp: %Daniel-PC604
 

        Benutzer: Daniel-PC\Daniel
 

        Aktuelle Modulversion: %Daniel-PC605
 

        Vorherige Modulversion: %Daniel-PC606
 

        Fehlercode: %Daniel-PC607
 

        Fehlerbeschreibung: %Daniel-PC608
 

Error: (09/08/2012 00:20:19 PM) (Source: Microsoft Antimalware) (User: )

Description: Beim Aktualisieren der Signaturen wurde von %Daniel-PC60 ein Fehler festgestellt.
 

        Neue Signaturversion: 
 

        Vorherige Signaturversion: 1.105.605.0
 

        Aktualisierungsquelle: %Daniel-PC51
 

        Aktualisierungsphase: 3.0.8402.00
 

        Quellpfad: 3.0.8402.01
 

        Signaturtyp: %Daniel-PC602
 

        Aktualisierungstyp: %Daniel-PC604
 

        Benutzer: Daniel-PC\Daniel
 

        Aktuelle Modulversion: %Daniel-PC605
 

        Vorherige Modulversion: %Daniel-PC606
 

        Fehlercode: %Daniel-PC607
 

        Fehlerbeschreibung: %Daniel-PC608
 

Error: (09/08/2012 00:20:19 PM) (Source: Microsoft Antimalware) (User: )

Description: Beim Aktualisieren der Signaturen wurde von %Daniel-PC60 ein Fehler festgestellt.
 

        Neue Signaturversion: 
 

        Vorherige Signaturversion: 1.105.605.0
 

        Aktualisierungsquelle: %Daniel-PC51
 

        Aktualisierungsphase: 3.0.8402.00
 

        Quellpfad: 3.0.8402.01
 

        Signaturtyp: %Daniel-PC602
 

        Aktualisierungstyp: %Daniel-PC604
 

        Benutzer: Daniel-PC\Daniel
 

        Aktuelle Modulversion: %Daniel-PC605
 

        Vorherige Modulversion: %Daniel-PC606
 

        Fehlercode: %Daniel-PC607
 

        Fehlerbeschreibung: %Daniel-PC608
 
 

Microsoft Office Sessions:

=========================

Error: (03/08/2014 00:42:24 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (03/08/2014 00:36:11 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (03/08/2014 00:34:54 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (03/08/2014 00:22:44 PM) (Source: System Restore)(User: )

Description: C:\Windows\servicing\TrustedInstaller.exeWindows Modules Installer0x80070422
 

Error: (03/08/2014 00:22:44 PM) (Source: System Restore)(User: )

Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422
 

Error: (03/08/2014 11:32:55 AM) (Source: System Restore)(User: )

Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x80070422
 

Error: (03/08/2014 10:11:28 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (09/08/2012 02:15:50 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (09/08/2012 02:00:12 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (09/08/2012 01:45:54 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 29%

Total physical RAM: 8097.94 MB

Available physical RAM: 5670.73 MB

Total Pagefile: 16194.07 MB

Available Pagefile: 13399.77 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB
 

==================== Drives ================================
 

Drive c: (System) (Fixed) (Total:120.5 GB) (Free:84.96 GB) NTFS

Drive d: (Spiele) (Fixed) (Total:294.87 GB) (Free:122.06 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 466 GB) (Disk ID: 552A1495)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=120 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=345 GB) - (Type=05)
 

==================== End Of Log ============================