Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.04.2014, 04:41   #1
Kali_Yuga
 
Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



MSI All in One PC/ Win 7 Spiele ruckeln, youtube ruckelt

Firefox laeuft sehr instabil und hat auslastungen manchmal bis 100%
Youtube ruckelt und Videos eine Qual. Vollbild kannste ganz vergessen... Meine Games ruckeln auch alle???

Ich habe gemacht: Defragmentiert, Add-Ons geloescht, Firefox neuinstalliert, Autostart changed, Win 7 Styles alle ausgemacht (hat defenetiv etwas gebracht)
,
Unnoetige Programme entfernt, Usb Sachen alle abgeschlossen.

Vor ein paar Monaten war noch alles einwandfrei konnte alles Zocken , Youtube keine Probleme... Und jetzt haengt der ganze PC staendig ueberlastet wegen irgendetwas

Computer: MSI All-in One PC Wind Top AE2220
4 GB Ram / Dual Core 2.20 Ghz/ Windows 7 "SP1"Home Prof. denke ich

Hab mal einen Hijack This Log gemacht fuer alle faelle....
Viele Files werden vermisst???

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:23:53 PM, on 4/17/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17041)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
H:\Tools\HijackThis\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.firetab.org/?type=ds3nt
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Re-markit - {87b95a68-4b41-4eba-aef6-bbfbd6f5338b} - C:\Program Files (x86)\Re-markit\136.dll (file missing)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Orbit\Orbitdownloader\GrabPro.dll (file missing)
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: &Download by Orbit - res://D:\Orbit\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://D:\Orbit\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Add to &Hot Keyboard - D:\Keyboard\Hot Keyboard Pro\IEScript.htm
O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Orbit\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://D:\Orbit\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: AddonsHelper - Unknown owner - C:\Users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\windows\Installer\MSIA30B.tmp
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: RzKLService - Unknown owner - G:\Tools\Game Booster\Razer Game Booster\RzKLService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9848 bytes


Wuerde mich sehr freuen auf ein paar Hilfreiche Antworten und hoffentlich ein Experte dabei

Google spuckt nichts sinnvolles aus >.<

Vielleicht hat auch jemand dasselbe Problem mit Java, Games, und das einzelne Prozesse 100% der CPU verbrauchen!

Ich hatte wesentlich aeltere PCs die fluessiger gelaufen sind mit !!XP!!
Mein alter Laptop ist Pentium 4 "XP" total Hardwareschwach und funktioniert 20X Besser!
Ist Windows 7 wirklich so behindert und muellt Microsoft seine Sachen einfach nur zu sodass jeder verdammte Computer in diesem Haus macken hat???

Ich hatte mit Windows XP Nieee Probleme gehabt und das ist das erste mal das ich im Internet was frage ???


Nomma Gruss an alle

Alt 18.04.2014, 10:21   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 19.04.2014, 08:53   #3
Kali_Yuga
 
Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by AE2220 (administrator) on AE2220-MSI on 19-04-2014 00:39:03
Running from C:\Users\AE2220\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
() C:\windows\Installer\MSIA30B.tmp
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
() C:\Users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Voobly) D:\Voobly\Voobly\voobly.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Microsoft Corporation) C:\windows\system32\taskmgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8123936 2009-09-29] (Realtek Semiconductor)
HKU\S-1-5-21-1939352424-2229013223-1877745406-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1939352424-2229013223-1877745406-1000\...\MountPoints2: {c3dff4d8-6f28-11e3-b3b3-40618695619a} - F:\Setup.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo Suche ? Websuche & Suchmaschine
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = This message is from the Microsoft Safety & Security Center
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {0A61C410-92EC-437B-B957-7DA2EC9EE1AB} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z013&form=ZGAIDF
SearchScopes: HKCU - {119BA1B7-7A4A-41CC-98F4-E12A870148D5} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
SearchScopes: HKCU - {27E73922-7662-41EA-A216-AECDB2DBF16B} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=336330A7-11C7-448A-98DB-5C85A77DC2BF&apn_sauid=7D35C715-9615-4AF5-A2B8-CACEFB69BB52
SearchScopes: HKCU - {409DD3B4-D1F8-EC6E-EDBD-2367FDA78762} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z015&form=ZGAIDF
SearchScopes: HKCU - {645701DB-0A59-AE3F-8D62-BAA040AFB663} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z007&form=ZGAIDF
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {7464A306-2EAF-4276-B5F5-BD4999D78154} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Re-markit - {87b95a68-4b41-4eba-aef6-bbfbd6f5338b} - C:\Program Files (x86)\Re-markit\136.dll No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Orbit\Orbitdownloader\GrabPro.dll No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\windows\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog9 01 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 02 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 06 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 07 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 16 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog5-x64 10 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
Winsock: Catalog9-x64 01 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 16 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)

FireFox:
========
FF ProfilePath: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.firetab.org/?type=ds3hp
FF Keyword.URL: hxxp://www.google.ch/search?q=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\073d507f-c1e4-4900-a608-f2f72a45ecda.xml
FF SearchPlugin: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\19a2a37c-71fc-4038-a28f-21d36f1dea1e.xml
FF SearchPlugin: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\fd551b1e-7045-4376-9fcc-cff745591c32.xml
FF Extension: Flashblock - C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-04-16]
FF Extension: Personas Plus - C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\Extensions\personas@christopher.beard.xpi [2013-09-20]
FF Extension: Stylish - C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-09-20]
FF Extension: Adblock Plus - C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-18]
FF HKLM-x32\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\AE2220\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\AE2220\AppData\Roaming\Helper [2014-04-01]
FF HKCU\...\Firefox\Extensions: [{b40fb246-2931-467d-a5d5-cf7d3954ef82}] - C:\Program Files (x86)\Re-markit\136.xpi

==================== Services (Whitelisted) =================

R2 AddonsHelper; C:\Users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-12-17] ()
R2 HyperDeskCustomThemeEnabler; C:\windows\Installer\MSIA30B.tmp [102400 2011-04-22] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-08] (LogMeIn, Inc.)
R2 OberonGameConsoleService; C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [44432 2010-02-17] ()
S2 RzKLService; G:\Tools\Game Booster\Razer Game Booster\RzKLService.exe [X]
S4 Update Kozaka; "C:\Program Files (x86)\Kozaka\updateKozaka.exe" [X]

==================== Drivers (Whitelisted) ====================

S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16512 2007-02-06] (Adaptec)
S3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [364800 2009-08-12] (AVerMedia TECHNOLOGIES, Inc.)
R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 MEMSWEEP2; C:\windows\system32\19C8.tmp [6144 2009-06-18] (Sophos Plc)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
S3 SPC620; C:\Windows\System32\drivers\SPC620.sys [581120 2007-09-28] (Philips                                                     )
S3 SPC620m; C:\Windows\System32\drivers\SPC620m.sys [8192 2007-09-28] (Philips                                                     )
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PROCEXP151; \??\C:\windows\system32\Drivers\PROCEXP151.SYS [X]
S3 WinRing0_1_2_0; \??\G:\Tools\Game Booster\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-19 00:39 - 2014-04-19 00:39 - 00014011 _____ () C:\Users\AE2220\Desktop\FRST.txt
2014-04-19 00:38 - 2014-04-19 00:39 - 00000000 ____D () C:\FRST
2014-04-19 00:38 - 2014-04-19 00:38 - 02158592 _____ (Farbar) C:\Users\AE2220\Desktop\FRST64.exe
2014-04-18 17:45 - 2014-04-18 21:06 - 00063644 _____ () C:\Users\AE2220\Desktop\4 Islands V2 (new).scx
2014-04-18 01:22 - 2014-04-18 14:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-17 20:43 - 2014-04-17 21:06 - 00000116 _____ () C:\Users\AE2220\Desktop\New Text Document.txt
2014-04-17 19:39 - 2014-04-17 19:39 - 00002935 _____ () C:\Users\AE2220\Desktop\HiJackThis.lnk
2014-04-17 19:39 - 2014-04-17 19:39 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-04-16 23:08 - 2014-04-16 23:08 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-16 23:08 - 2014-04-16 23:08 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 22:58 - 2014-03-06 04:21 - 23549440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-16 22:58 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-16 22:58 - 2014-03-06 03:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-16 22:58 - 2014-03-06 02:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-16 22:58 - 2014-03-06 02:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-16 22:58 - 2014-03-06 02:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-16 22:58 - 2014-03-06 02:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-16 22:58 - 2014-03-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-16 22:58 - 2014-03-06 02:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-16 22:58 - 2014-03-06 02:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-16 22:58 - 2014-03-06 02:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-16 22:58 - 2014-03-06 02:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-16 22:58 - 2014-03-06 02:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-16 22:58 - 2014-03-06 02:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-16 22:58 - 2014-03-06 02:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-16 22:58 - 2014-03-06 01:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-16 22:58 - 2014-03-06 01:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-16 22:58 - 2014-03-06 01:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-16 22:58 - 2014-03-06 01:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-16 22:58 - 2014-03-06 01:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-16 22:58 - 2014-03-06 01:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-16 22:58 - 2014-03-06 01:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-16 22:58 - 2014-03-06 01:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-16 22:58 - 2014-03-06 01:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-16 22:58 - 2014-03-06 01:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-16 22:58 - 2014-03-06 01:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-16 22:58 - 2014-03-06 01:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-16 22:58 - 2014-03-06 00:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-16 22:57 - 2014-03-06 03:19 - 17387008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-16 22:57 - 2014-03-06 02:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-16 22:57 - 2014-03-06 02:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-16 22:57 - 2014-03-06 02:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-16 22:57 - 2014-03-06 02:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-16 22:57 - 2014-03-06 02:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-16 22:57 - 2014-03-06 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-16 22:57 - 2014-03-06 01:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-16 22:57 - 2014-03-06 01:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-16 22:57 - 2014-03-06 01:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-16 22:57 - 2014-03-06 01:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-16 22:57 - 2014-03-06 00:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-16 22:57 - 2014-03-06 00:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-16 22:57 - 2014-03-06 00:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-16 22:57 - 2014-03-06 00:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-16 22:57 - 2014-03-05 23:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-16 22:57 - 2014-03-05 23:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-16 22:57 - 2014-03-05 23:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-16 22:57 - 2014-03-05 23:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-16 22:57 - 2014-03-05 23:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-16 22:24 - 2014-04-16 22:24 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-16 22:18 - 2014-04-16 22:18 - 22736080 _____ (Mozilla) C:\Users\AE2220\Desktop\Firefox Setup 24.2.0esr.exe
2014-04-16 21:33 - 2014-04-16 21:34 - 09230024 _____ (Adobe Systems Incorporated) C:\Users\AE2220\Desktop\install_flash_player_11_active_x_11.3.300.268.exe
2014-04-16 19:27 - 2014-04-16 19:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 05:11 - 2014-04-16 23:38 - 00000000 ____D () C:\Users\AE2220\Desktop\Mouse
2014-04-09 05:16 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-09 05:16 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-09 05:16 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 05:16 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-09 05:16 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-09 05:16 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-09 05:16 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-09 05:16 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-09 05:16 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-09 05:16 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-09 05:16 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-09 05:16 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-09 05:16 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-09 03:19 - 2014-04-10 01:36 - 00013862 _____ () C:\windows\DPINST.LOG
2014-04-01 22:00 - 2014-04-01 22:00 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Helper
2014-03-30 14:45 - 2014-04-02 23:35 - 00000000 ____D () C:\Program Files (x86)\AnotherLifeClient
2014-03-30 13:44 - 2014-04-01 00:41 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-03-30 01:00 - 2014-04-19 00:34 - 00003311 _____ () C:\windows\setupact.log
2014-03-30 01:00 - 2014-03-30 01:00 - 00000000 _____ () C:\windows\setuperr.log
2014-03-25 00:31 - 2014-04-16 12:42 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Paint.NET
2014-03-23 13:22 - 2014-03-23 13:22 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Skype
2014-03-21 23:21 - 2014-03-21 23:21 - 00000000 ____D () C:\Users\AE2220\AppData\Local\{8F109DD0-7D91-4526-9234-4EC6F608E588}
2014-03-20 11:43 - 2014-03-20 11:44 - 00000000 ____D () C:\Users\AE2220\AppData\Local\{46733B4D-2BF8-4F6B-84CF-889AB22CA2AB}

==================== One Month Modified Files and Folders =======

2014-04-19 00:39 - 2014-04-19 00:39 - 00014011 _____ () C:\Users\AE2220\Desktop\FRST.txt
2014-04-19 00:39 - 2014-04-19 00:38 - 00000000 ____D () C:\FRST
2014-04-19 00:38 - 2014-04-19 00:38 - 02158592 _____ (Farbar) C:\Users\AE2220\Desktop\FRST64.exe
2014-04-19 00:38 - 2012-02-04 00:59 - 00003938 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2014-04-19 00:34 - 2014-03-30 01:00 - 00003311 _____ () C:\windows\setupact.log
2014-04-19 00:27 - 2014-03-06 04:16 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-19 00:03 - 2013-08-26 15:53 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\vlc
2014-04-18 22:48 - 2011-04-15 17:51 - 01713626 _____ () C:\windows\WindowsUpdate.log
2014-04-18 22:08 - 2013-12-27 22:40 - 00004604 _____ () C:\aoesync.txt
2014-04-18 22:00 - 2013-12-17 20:04 - 00000796 _____ () C:\windows\Tasks\At2.job
2014-04-18 22:00 - 2013-11-04 01:51 - 00000796 _____ () C:\windows\Tasks\At1.job
2014-04-18 21:10 - 2011-04-20 19:30 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Skype
2014-04-18 21:06 - 2014-04-18 17:45 - 00063644 _____ () C:\Users\AE2220\Desktop\4 Islands V2 (new).scx
2014-04-18 18:27 - 2014-03-06 04:16 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-18 18:21 - 2009-07-13 22:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-18 18:21 - 2009-07-13 22:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-18 14:56 - 2009-07-13 23:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-18 14:52 - 2014-04-18 01:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-18 14:51 - 2011-04-24 01:26 - 00000412 _____ () C:\windows\Tasks\PC Optimizer Pro64 startups.job
2014-04-18 14:50 - 2013-09-05 00:35 - 00140468 _____ () C:\windows\PFRO.log
2014-04-18 14:50 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-17 21:06 - 2014-04-17 20:43 - 00000116 _____ () C:\Users\AE2220\Desktop\New Text Document.txt
2014-04-17 19:39 - 2014-04-17 19:39 - 00002935 _____ () C:\Users\AE2220\Desktop\HiJackThis.lnk
2014-04-17 19:39 - 2014-04-17 19:39 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-04-17 19:33 - 2013-10-02 13:42 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\.minecraft
2014-04-17 15:08 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2014-04-17 12:44 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-16 23:38 - 2014-04-16 05:11 - 00000000 ____D () C:\Users\AE2220\Desktop\Mouse
2014-04-16 23:08 - 2014-04-16 23:08 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-16 23:08 - 2014-04-16 23:08 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 23:08 - 2011-04-22 17:03 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Adobe
2014-04-16 22:50 - 2013-09-04 23:27 - 00000000 ____D () C:\ProgramData\Avira
2014-04-16 22:24 - 2014-04-16 22:24 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-16 22:18 - 2014-04-16 22:18 - 22736080 _____ (Mozilla) C:\Users\AE2220\Desktop\Firefox Setup 24.2.0esr.exe
2014-04-16 21:34 - 2014-04-16 21:33 - 09230024 _____ (Adobe Systems Incorporated) C:\Users\AE2220\Desktop\install_flash_player_11_active_x_11.3.300.268.exe
2014-04-16 19:27 - 2014-04-16 19:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 12:42 - 2014-03-25 00:31 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Paint.NET
2014-04-12 18:10 - 2013-08-22 05:21 - 00000000 ____D () C:\Users\AE2220\AppData\Local\LogMeIn Hamachi
2014-04-12 06:57 - 2011-04-20 19:33 - 00027047 _____ () C:\windows\system32\lvcoinst.log
2014-04-10 03:06 - 2013-08-14 22:06 - 00000000 ____D () C:\windows\system32\MRT
2014-04-10 03:01 - 2011-04-20 23:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-10 01:46 - 2014-02-21 19:52 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-04-10 01:46 - 2014-02-21 19:52 - 00000000 ____D () C:\ProgramData\install_clap
2014-04-10 01:36 - 2014-04-09 03:19 - 00013862 _____ () C:\windows\DPINST.LOG
2014-04-10 01:32 - 2011-04-20 19:42 - 00000000 ____D () C:\Users\AE2220\AppData\Local\LogiShrd
2014-04-10 01:32 - 2011-04-20 19:41 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-04-10 01:32 - 2010-04-10 11:31 - 00000000 ____D () C:\Program Files (x86)\msi
2014-04-02 23:35 - 2014-03-30 14:45 - 00000000 ____D () C:\Program Files (x86)\AnotherLifeClient
2014-04-02 21:16 - 2013-09-08 01:22 - 00000784 _____ () C:\Users\AE2220\Desktop\SpeedFan.lnk
2014-04-02 18:22 - 2014-03-06 04:16 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 18:22 - 2014-03-06 04:16 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 22:00 - 2014-04-01 22:00 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Helper
2014-04-01 00:41 - 2014-03-30 13:44 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-04-01 00:41 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\registration
2014-04-01 00:41 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\AppCompat
2014-03-31 22:44 - 2011-04-20 19:30 - 00000000 ____D () C:\Users\AE2220
2014-03-31 22:44 - 2009-07-13 22:45 - 00439896 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-31 09:35 - 2011-04-20 20:04 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-03-30 14:45 - 2011-04-20 19:30 - 00116936 _____ () C:\Users\AE2220\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 13:46 - 2011-04-25 16:53 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-03-30 01:00 - 2014-03-30 01:00 - 00000000 _____ () C:\windows\setuperr.log
2014-03-23 13:22 - 2014-03-23 13:22 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Skype
2014-03-23 13:22 - 2011-04-20 20:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-23 13:22 - 2010-04-10 11:35 - 00000000 ____D () C:\ProgramData\Skype
2014-03-22 12:54 - 2009-07-13 23:08 - 00032562 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-03-21 23:21 - 2014-03-21 23:21 - 00000000 ____D () C:\Users\AE2220\AppData\Local\{8F109DD0-7D91-4526-9234-4EC6F608E588}
2014-03-21 16:16 - 2013-08-26 17:06 - 00000000 ____D () C:\Users\AE2220\Desktop\Things
2014-03-20 22:11 - 2011-04-24 16:58 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Orbit
2014-03-20 11:44 - 2014-03-20 11:43 - 00000000 ____D () C:\Users\AE2220\AppData\Local\{46733B4D-2BF8-4F6B-84CF-889AB22CA2AB}

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job


Some content of TEMP:
====================
C:\Users\AE2220\AppData\Local\Temp\avgnt.exe
C:\Users\AE2220\AppData\Local\Temp\nsb504A.exe
C:\Users\AE2220\AppData\Local\Temp\nsr1D74.exe
C:\Users\AE2220\AppData\Local\Temp\nsw17C8.exe
C:\Users\AE2220\AppData\Local\Temp\nsw48DA.exe
C:\Users\AE2220\AppData\Local\Temp\nsz259B.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 00:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014 01
Ran by AE2220 at 2014-04-19 00:39:41
Running from C:\Users\AE2220\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Another Life Client 1.52 (HKLM-x32\...\{D4E82BDF-6252-4761-A020-37DBC34C7617}}_is1) (Version: 1.52 - Tim Witschel Serververmietung)
AnotherLife Client version 1.3 (HKLM-x32\...\{1B305614-536F-47B0-917D-140C1D2477BA}}_is1) (Version: 1.3 - Tim Witschel Serververmietung)
Command & Conquer™ Alarmstufe Rot 3 Der Aufstand (HKLM-x32\...\{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}) (Version: 1.0.1.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Völker (HKLM-x32\...\Die Völker) (Version:  - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.)
Frets On Fire (HKLM-x32\...\Frets on Fire) (Version: 1.2.451-win32 - )
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Half-Life 2 (HKCU\...\Half-Life 2) (Version:  - )
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Just Cause 1.00.0000 (HKLM-x32\...\{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}) (Version: 1.00.0000 - Eidos)
Logitech H800 (HKLM-x32\...\{E7A8414E-944B-4D73-9F3F-C4E5266DF85C}) (Version: 1.0.034 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 24.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 24.4.0 (x86 en-US)) (Version: 24.4.0 - Mozilla)
msi EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.2.0.103 - msi)
msi EasyViewer (x32 Version: 1.2.0.103 - msi) Hidden
MSI Game Corner Console (HKLM-x32\...\{10219E71-68B2-459C-A605-D59E2321C3EC}_is1) (Version: 5.5.0.2 - Oberon Media, Inc.)
msi Software Install_x64 (HKLM\...\{07690F1C-04B1-4060-9691-6748ED1826B9}) (Version: 3.0.909.3001 - msi)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version:  - Orbit Downloader: the ultra file & social media (YouTube etc..) download manager)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.2.00.03250 - Sony Corporation)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0130 - REALTEK Semiconductor Corp.)
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Update Service (x32 Version: 4.1.0 - <no manufacturer>) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
WindTouch3D_x64 (HKLM-x32\...\InstallShield_{B6FC1F2E-3C04-4BF0-A4D9-2F0372D494A4}) (Version:  - )
WindTouch3D_x64 (Version: 0.9.2.6 - msi) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Restore Points  =========================

17-04-2014 04:11:21 Removed Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
17-04-2014 04:55:25 Removed Skype Click to Call
17-04-2014 04:57:19 Windows Update
18-04-2014 01:39:27 Installed HiJackThis

==================== Hosts content: ==========================

2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1E3DDA4E-B3F7-4738-8431-509189BFE73D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {2F0A79FC-7517-4036-AEBE-938224E5979A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {53221499-7E93-443F-B067-166D4A69811B} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {547E66E0-11C8-4870-B038-CB9E66EB27F5} - System32\Tasks\MyDefrag v4.3.1 Monthly => G:\Tools\Mydefrag\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD
Task: {6223C238-7FC3-4EFB-95EA-68C7C5D17FD2} - \GoforFilesUpdate ATTENTION ====> No Task File
Task: {7617EDED-F629-407E-B93A-602E184CA5C8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1939352424-2229013223-1877745406-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8265ADC5-8499-4BED-AE0D-9057F67E0305} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1939352424-2229013223-1877745406-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} - \Re-markit Update ATTENTION ====> No Task File
Task: {8FFD59FF-8B52-45F2-A607-9BF68AE920E7} - System32\Tasks\At1 => net
Task: {A7005A4F-0537-45FD-88E3-CC5408FB3226} - System32\Tasks\Game_Booster_AutoUpdate => G:\Tools\Game Booster\Game Booster 3\AutoUpdate.exe
Task: {BFB59161-1941-477B-8B8E-C5A6F71A51FC} - System32\Tasks\MyDefrag v4.3.1 Daily => G:\Tools\Mydefrag\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD
Task: {CD9F2D53-5F6B-4E32-AD44-5DD7D4361D8F} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {E40BF1FA-9D86-4182-B0AA-0A111B854615} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F64F7D01-9424-404D-BDB2-69470394F15F} - System32\Tasks\At2 => net
Task: C:\windows\Tasks\At1.job => ?
Task: C:\windows\Tasks\At2.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2013-11-13 20:18 - 2012-11-22 19:57 - 00057448 _____ () C:\windows\system32\PrxerNsp.dll
2011-04-22 22:30 - 2011-04-22 22:30 - 00102400 _____ () C:\windows\Installer\MSIA30B.tmp
2013-12-17 20:04 - 2013-12-17 20:04 - 00896512 ____N () C:\Users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
2010-04-10 12:00 - 2010-02-17 16:54 - 00044432 _____ () C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
2005-06-07 12:26 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 00618496 _____ () D:\Voobly\Voobly\gui.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 01978368 _____ () D:\Voobly\Voobly\QtCore4.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 07266304 _____ () D:\Voobly\Voobly\QtGui4.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 00643072 _____ () D:\Voobly\Voobly\QtNetwork4.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 02138112 _____ () D:\Voobly\Voobly\lobby.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 01044480 _____ () D:\Voobly\Voobly\messenger.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 00651264 _____ () D:\Voobly\Voobly\vooblynat1.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 00499712 _____ () D:\Voobly\Voobly\vooblynat3.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 00536576 _____ () D:\Voobly\Voobly\launch.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 01196032 _____ () D:\Voobly\Voobly\anticheat1.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 00019456 _____ () D:\Voobly\Voobly\imageformats\qgif4.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 00131072 _____ () D:\Voobly\Voobly\imageformats\qjpeg4.dll
2014-04-18 01:22 - 2014-04-18 01:22 - 03287664 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-16 23:08 - 2014-04-16 23:08 - 16351920 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\windows\system32\nvawy.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\NVCOAWY.DLL:KAVICHS
AlternateDataStreams: C:\windows\system32\NVCOSMU.DLL:KAVICHS
AlternateDataStreams: C:\windows\system32\nvdisp.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\nvraidco.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\nvraiins.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoDa.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoDe.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEng.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoENU.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEs.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEsm.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoFi.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoFr.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoIt.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoJa.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoKo.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoNl.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoNo.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoPtb.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoRu.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoSv.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoZhc.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoZht.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\nvsmu.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\nvuawy.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\nvudisp.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\nvusmu.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecir.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecirhid.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecirhidma.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvamacpi.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvsmu.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvstor64.sys:KAVICHS
AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29
AlternateDataStreams: C:\ProgramData\TEMP:793ABD2B
AlternateDataStreams: C:\ProgramData\TEMP:7E68DD27
AlternateDataStreams: C:\ProgramData\TEMP:8173A019
AlternateDataStreams: C:\ProgramData\TEMP:D091E13E

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^AE2220^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Logitech H800 => C:\Program Files (x86)\Logitech\H800\H800.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "D:\Virtual CloneDrive\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Voobly => "D:\Voobly\Voobly\voobly.exe" --startup
MSCONFIG\startupreg: Weather => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
MSCONFIG\startupreg: WindTouch3D => "%ProgramFiles%\msi\WindTouch\WindTouch3D.exe" Min
MSCONFIG\startupreg: YouCam Service6 => "G:\Tools\cyberlink cam\YouCam6\YouCamService6.exe" /s

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Description: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Description: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/16/2014 00:43:27 PM) (Source: MsiInstaller) (User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: D:\Programms\Paint.net\Staging\PaintDotNet_805338772.msi

Error: (04/16/2014 00:43:04 PM) (Source: MsiInstaller) (User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: G:\Tools\Paint.net\Staging\PaintDotNet_805338772.msi

Error: (04/16/2014 00:42:29 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {d885228f-f0e1-49ae-9d8a-f15f533fb981}

Error: (04/16/2014 00:41:45 PM) (Source: MsiInstaller) (User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: D:\Programms\Paint.net\Staging\PaintDotNet_805338772.msi

Error: (04/16/2014 00:41:10 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {d885228f-f0e1-49ae-9d8a-f15f533fb981}

Error: (04/10/2014 01:45:45 AM) (Source: MsiInstaller) (User: AE2220-msi)
Description: Product: Avira SearchFree Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 

Mozilla Firefox

Error: (04/04/2014 11:06:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: EmpiresX.Exe, version: 0.1.6.1115, time stamp: 0x3844ad66
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x00038e19
Faulting process id: 0xca8
Faulting application start time: 0xEmpiresX.Exe0
Faulting application path: EmpiresX.Exe1
Faulting module path: EmpiresX.Exe2
Report Id: EmpiresX.Exe3

Error: (03/25/2014 00:31:04 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {27c1ad3d-c839-4fc3-a24b-63e75c781213}

Error: (03/20/2014 02:05:25 PM) (Source: Avira Antivirus) (User: NT AUTHORITY)
Description: 0x0

Error: (03/20/2014 01:25:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 28.0.0.5186, time stamp: 0x53240e37
Faulting module name: xul.dll, version: 28.0.0.5186, time stamp: 0x53240e04
Exception code: 0xc0000005
Fault offset: 0x00184729
Faulting process id: 0xf34
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3


System errors:
=============
Error: (04/18/2014 11:40:21 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/18/2014 05:47:39 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/18/2014 02:50:56 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ASPI32

Error: (04/18/2014 02:50:46 PM) (Source: Service Control Manager) (User: )
Description: The RzKLService service failed to start due to the following error: 
%%2

Error: (04/18/2014 02:50:38 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:53:10 AM on ‎4/‎18/‎2014 was unexpected.

Error: (04/18/2014 02:50:09 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/18/2014 03:25:30 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/18/2014 01:23:10 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/17/2014 00:45:30 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ASPI32

Error: (04/17/2014 00:45:25 PM) (Source: Service Control Manager) (User: )
Description: The RzKLService service failed to start due to the following error: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/16/2014 00:43:27 PM) (Source: MsiInstaller)(User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: D:\Programms\Paint.net\Staging\PaintDotNet_805338772.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/16/2014 00:43:04 PM) (Source: MsiInstaller)(User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: G:\Tools\Paint.net\Staging\PaintDotNet_805338772.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/16/2014 00:42:29 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {d885228f-f0e1-49ae-9d8a-f15f533fb981}

Error: (04/16/2014 00:41:45 PM) (Source: MsiInstaller)(User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: D:\Programms\Paint.net\Staging\PaintDotNet_805338772.msi(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/16/2014 00:41:10 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {d885228f-f0e1-49ae-9d8a-f15f533fb981}

Error: (04/10/2014 01:45:45 AM) (Source: MsiInstaller)(User: AE2220-msi)
Description: Product: Avira SearchFree Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall: 

Mozilla Firefox	(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (04/04/2014 11:06:59 PM) (Source: Application Error)(User: )
Description: EmpiresX.Exe0.1.6.11153844ad66ntdll.dll6.1.7601.18247521ea8e7c000000500038e19ca801cf508bdedc6640d:\games\age of empires & the rise of rome\EmpiresX.ExeC:\windows\SysWOW64\ntdll.dll1d9d1360-bc80-11e3-97ca-40618695619a

Error: (03/25/2014 00:31:04 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {27c1ad3d-c839-4fc3-a24b-63e75c781213}

Error: (03/20/2014 02:05:25 PM) (Source: Avira Antivirus)(User: NT AUTHORITY)
Description: 0x0

Error: (03/20/2014 01:25:47 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37xul.dll28.0.0.518653240e04c000000500184729f3401cf446faff344c0C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll6fd05ab0-b065-11e3-b260-40618695619a


CodeIntegrity Errors:
===================================
  Date: 2014-02-16 21:44:06.673
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-16 21:44:06.544
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-16 21:44:06.409
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-16 21:44:06.282
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:19.868
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:19.644
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:19.416
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:19.183
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:07.439
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:07.214
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3839.24 MB
Available physical RAM: 2129.8 MB
Total Pagefile: 7676.66 MB
Available Pagefile: 5962.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:106.77 GB) (Free:28.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:335.77 GB) (Free:241.13 GB) NTFS
Drive h: (Externe Festplatte) (Fixed) (Total:931.51 GB) (Free:345.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 78DACBF2)
Partition 1: (Not Active) - (Size=23 GB) - (Type=27)
Partition 2: (Active) - (Size=356 MB) - (Type=27)
Partition 3: (Not Active) - (Size=107 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=336 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

Ich weiss immernoch ne menge scheisse dabei -.-... Ich mach schon immer beim Installieren die Haken weg.... aber das kanns doch net sein.... Ich habe noch nicht Fixen geklickt!!

Achso wo der die ganzen Programme nicht gefunden hat das liegt an meiner Externen Festplatte die ich manchmal abstecke!!!

Nur damit ihr bescheid wisst
__________________

Alt 19.04.2014, 20:31   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.04.2014, 11:04   #5
Kali_Yuga
 
Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



Ok Ich werde das machen koenntest du bitte mal vielleicht erklaeren was los ist mit meinem PC?

Danke fuer deine Hilfe!!

Kali_Yuga

Combofix Logfile:
Code:
ATTFilter
ComboFix 14-04-19.01 - AE2220 04/20/2014   2:47.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3839.2561 [GMT -6:00]
Running from: c:\users\AE2220\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\DNSErrorHelper\bhO.dll
c:\users\AE2220\AppData\Roaming\.#
c:\users\AE2220\AppData\Roaming\.#\MBX@14F0@2072780.###
c:\users\AE2220\AppData\Roaming\.#\MBX@14F0@20727B0.###
c:\users\AE2220\AppData\Roaming\.#\MBX@1F68@3F2780.###
c:\users\AE2220\AppData\Roaming\.#\MBX@1F68@3F27B0.###
c:\users\AE2220\AppData\Roaming\AE2220log.dat
c:\windows\IsUn0407.exe
c:\windows\SysWow64\install
.
.
(((((((((((((((((((((((((   Files Created from 2014-03-20 to 2014-04-20  )))))))))))))))))))))))))))))))
.
.
2014-04-20 08:56 . 2014-04-20 08:56	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-20 08:53 . 2014-04-20 08:53	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{49CFF6C5-4BE5-443A-98DF-9194A1BA7342}\offreg.dll
2014-04-19 06:38 . 2014-04-19 06:40	--------	d-----w-	C:\FRST
2014-04-19 00:01 . 2014-04-17 11:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{49CFF6C5-4BE5-443A-98DF-9194A1BA7342}\mpengine.dll
2014-04-18 01:39 . 2014-04-18 01:39	388096	----a-r-	c:\users\AE2220\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-04-17 05:08 . 2014-04-17 05:08	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-17 05:08 . 2014-04-17 05:08	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-17 04:57 . 2014-03-06 08:57	48640	----a-w-	c:\windows\system32\ieetwproxystub.dll
2014-04-17 01:27 . 2014-04-17 01:27	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2014-04-02 04:00 . 2014-04-02 04:00	--------	d-----w-	c:\users\AE2220\AppData\Roaming\Helper
2014-03-30 20:45 . 2014-04-03 05:35	--------	d-----w-	c:\program files (x86)\AnotherLifeClient
2014-03-30 19:44 . 2014-04-01 06:41	--------	d-----w-	c:\program files (x86)\PCTechHotline
2014-03-25 06:31 . 2014-04-16 18:42	--------	d-----w-	c:\users\AE2220\AppData\Local\Paint.NET
2014-03-23 19:22 . 2014-03-23 19:22	--------	d-----w-	c:\users\AE2220\AppData\Local\Skype
2014-03-23 19:22 . 2014-03-23 19:22	--------	d-----w-	c:\program files (x86)\Common Files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-10 09:01 . 2011-04-21 05:38	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-03-31 15:35 . 2011-04-21 02:04	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-04 09:17 . 2014-04-09 11:16	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2014-02-07 01:23 . 2014-03-12 00:42	3156480	----a-w-	c:\windows\system32\win32k.sys
2014-02-04 23:14 . 2014-02-04 23:14	53248	----a-w-	c:\windows\SysWow64\unrar.dll
2014-02-04 23:09 . 2014-02-04 23:14	4358144	----a-w-	c:\windows\uncsetup.exe
2014-02-04 02:32 . 2014-03-12 00:41	1424384	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-12 00:41	624128	----a-w-	c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-12 00:41	1230336	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 00:41	509440	----a-w-	c:\windows\SysWow64\qedit.dll
2014-01-29 02:32 . 2014-03-12 00:42	484864	----a-w-	c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-12 00:42	381440	----a-w-	c:\windows\SysWow64\wer.dll
2014-01-28 02:32 . 2014-03-12 00:42	228864	----a-w-	c:\windows\system32\wwansvc.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AddonsHelper;AddonsHelper;c:\users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe;c:\users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RzKLService;RzKLService;g:\tools\Game Booster\Razer Game Booster\RzKLService.exe;g:\tools\Game Booster\Razer Game Booster\RzKLService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\DRIVERS\AVerPola.sys;c:\windows\SYSNATIVE\DRIVERS\AVerPola.sys [x]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhid.sys [x]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhidma.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech Webcam C260(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\19C8.tmp;c:\windows\SYSNATIVE\19C8.tmp [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys;c:\windows\SYSNATIVE\DRIVERS\phaudlwr.sys [x]
R3 PROCEXP151;PROCEXP151;c:\windows\system32\Drivers\PROCEXP151.SYS;c:\windows\SYSNATIVE\Drivers\PROCEXP151.SYS [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SPC620;Philips SPC620NC PC Camera;c:\windows\system32\drivers\SPC620.sys;c:\windows\SYSNATIVE\drivers\SPC620.sys [x]
R3 SPC620m;Philips SPC620NC PC Cameram;c:\windows\system32\drivers\SPC620m.sys;c:\windows\SYSNATIVE\drivers\SPC620m.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;g:\tools\Game Booster\Game Booster 3\Driver\WinRing0x64.sys;g:\tools\Game Booster\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 Update Kozaka;Update Kozaka;c:\program files (x86)\Kozaka\updateKozaka.exe;c:\program files (x86)\Kozaka\updateKozaka.exe [x]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys;c:\windows\SYSNATIVE\DRIVERS\NVAMACPI.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:\windows\Installer\MSIA30B.tmp;c:\windows\Installer\MSIA30B.tmp [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe;c:\program files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 clwvd6;CyberLink WebCam Virtual Driver 6.0 Service;c:\windows\system32\DRIVERS\clwvd6.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd6.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06 10:16]
.
2014-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06 10:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-30 8123936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.firetab.org/?type=ds3nt
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearchAssistant = hxxp://www.google.com
IE: &Download by Orbit - d:\orbit\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - d:\orbit\Orbitdownloader\orbitmxt.dll/204
IE: Add to &Hot Keyboard - d:\keyboard\Hot Keyboard Pro\IEScript.htm
IE: Do&wnload selected by Orbit - d:\orbit\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - d:\orbit\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
LSP: %SystemRoot%\system32\PrxerDrv.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.firetab.org/?type=ds3hp
FF - prefs.js: keyword.URL - hxxp://www.google.ch/search?q=
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2014-04-16 22:05; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{87b95a68-4b41-4eba-aef6-bbfbd6f5338b} - c:\program files (x86)\Re-markit\136.dll
BHO-{9B6B03F1-16CF-4491-BBBB-E872802DD717} - c:\programdata\DNSErrorHelper\bho.dll
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-Age of Empires 2.0 - g:\games\Age of Empires 2\UNINSTAL.EXE
AddRemove-Age of Empires Gold 1.0 - d:\age of empires & the rise of rome\UNINSTAL.EXE
AddRemove-Age of Empires II: The Conquerors Expansion 1.0 - g:\games\Age of Empires 2\UNINSTALX.EXE
AddRemove-Die Völker - c:\windows\IsUn0407.exe
AddRemove-Frets on Fire - d:\frets on fire 1.2\Frets on Fire\Uninstall.exe
AddRemove-Orbit_is1 - d:\orbit\Orbitdownloader\unins000.exe
AddRemove-Proxifier_is1 - d:\proxifier\Proxifier\unins000.exe
AddRemove-{1B305614-536F-47B0-917D-140C1D2477BA}}_is1 - d:\gta san andreas\AL Samp\AnotherLifeClient\AnotherLifeClient\unins000.exe
AddRemove-Half-Life 2 - d:\hl2\HL2 New\Half-Life 2(no steam)\Uninstal.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HyperDeskCustomThemeEnabler]
"ImagePath"="\"c:\windows\Installer\MSIA30B.tmp\" -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\19C8.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-04-20  03:01:47
ComboFix-quarantined-files.txt  2014-04-20 09:01
.
Pre-Run: 31,479,939,072 bytes free
Post-Run: 32,345,821,184 bytes free
.
- - End Of File - - C3E069B7770FDC3A7070D96E954BD869
         
--- --- ---
A3bis6C5chenE4F47E84449veraendertFFda07sEDganze4874hier3517B43A31


Alt 20.04.2014, 19:32   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!

Alt 21.04.2014, 03:45   #7
Kali_Yuga
 
Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/20/2014
Scan Time: 1:04:19 PM
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.20.06
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: AE2220

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 271823
Time Elapsed: 14 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 12
PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\CLASSES\APPID\{562B9316-C08A-444A-9482-62080DD851AE}, , [bc44e21e3ac637c94fa30a422dd54ab6],
PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{562B9316-C08A-444A-9482-62080DD851AE}, , [bc44e21e3ac637c94fa30a422dd54ab6],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [b14fd62a0ff1af5137bf1afd2bd7817f],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [b14fd62a0ff1af5137bf1afd2bd7817f],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [b14fd62a0ff1af5137bf1afd2bd7817f],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [b14fd62a0ff1af5137bf1afd2bd7817f],
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\WOW6432NODE\Kozaka, , [b54b3cc4639d7b85da737729d132f907],
PUP.Optional.Kozaka.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Kozaka, , [8d73dd235ca45da3d2796a3608fbe719],
PUP.Optional.Kozaka.A, HKU\S-1-5-21-1939352424-2229013223-1877745406-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Kozaka, , [eb1557a9907026da8dc1109053b0ea16],
PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-1939352424-2229013223-1877745406-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Protection, , [8f71ea1633cd5da38fdec0bb3ec4a35d],
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{87b95a68-4b41-4eba-aef6-bbfbd6f5338b}, , [e31d2cd4b74903fd66a436f5dc28a060],
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{87B95A68-4B41-4EBA-AEF6-BBFBD6F5338B}, , [e31d2cd4b74903fd66a436f5dc28a060],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me, , [59a74db3de22f30d8a7e342dd92952ae],
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\cache, , [59a74db3de22f30d8a7e342dd92952ae],

Files: 5
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\nengine.dll, , [45bb1de3d42c7e828f0d242bc83929d7],
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Local\genienext\nengine.dll, , [946cd32dc23edb25900c85cad72a758b],
PUP.Optional.Conduit.A, C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\conduit-search.xml, , [8f71d12f47b9867ae98e6212fa080ef2],
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\nengine.cookie, , [59a74db3de22f30d8a7e342dd92952ae],
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\cache\spark.bin, , [59a74db3de22f30d8a7e342dd92952ae],

Physical Sectors: 0
(No malicious items detected)


(end)

Sorry ich bin zu dumm das in Codes zu packen...

ADW Cleaner laesst sich nicht updaten ... kann das also nicht ausfuehren!!
Ich muss das Update manuell runterladen, kann es aber nicht finden.

Ich habe das letzdere Programm auch schon runtergeladen soll ich wenigstens den Log schonmal dir geben?

Ich mach einfach was du sagst ohne zu hinterfragen xD

sag dochma voller Viren oder was?
Kann gut moeglich sein ich hatte 7 Detections mit Malwarebites...
Ich weiss bisher doch noch nicht ob sich was gebessert hat dafuer muss ich den Computer erstmal belasten mit irgentwas
werde es ausprobieren die Stunden!

Nomma danke fuer Hilfe

Kali_Yuga

Alt 21.04.2014, 21:48   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.



AdwCleaner löschen und neu laden mit dem Link oben, da brauch man nix updaten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.04.2014, 03:35   #9
Kali_Yuga
 
Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



MBam:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 4/20/2014
Scan Time: 1:04:19 PM
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.20.06
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: AE2220

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 271823
Time Elapsed: 14 min, 11 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 12
PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\CLASSES\APPID\{562B9316-C08A-444A-9482-62080DD851AE}, , [bc44e21e3ac637c94fa30a422dd54ab6], 
PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{562B9316-C08A-444A-9482-62080DD851AE}, , [bc44e21e3ac637c94fa30a422dd54ab6], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [b14fd62a0ff1af5137bf1afd2bd7817f], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [b14fd62a0ff1af5137bf1afd2bd7817f], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [b14fd62a0ff1af5137bf1afd2bd7817f], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [b14fd62a0ff1af5137bf1afd2bd7817f], 
PUP.Optional.Kozaka.A, HKLM\SOFTWARE\WOW6432NODE\Kozaka, , [b54b3cc4639d7b85da737729d132f907], 
PUP.Optional.Kozaka.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Kozaka, , [8d73dd235ca45da3d2796a3608fbe719], 
PUP.Optional.Kozaka.A, HKU\S-1-5-21-1939352424-2229013223-1877745406-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Kozaka, , [eb1557a9907026da8dc1109053b0ea16], 
PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-1939352424-2229013223-1877745406-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Protection, , [8f71ea1633cd5da38fdec0bb3ec4a35d], 
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{87b95a68-4b41-4eba-aef6-bbfbd6f5338b}, , [e31d2cd4b74903fd66a436f5dc28a060], 
PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{87B95A68-4B41-4EBA-AEF6-BBFBD6F5338B}, , [e31d2cd4b74903fd66a436f5dc28a060], 

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 2
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me, , [59a74db3de22f30d8a7e342dd92952ae], 
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\cache, , [59a74db3de22f30d8a7e342dd92952ae], 

Files: 5
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\nengine.dll, , [45bb1de3d42c7e828f0d242bc83929d7], 
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Local\genienext\nengine.dll, , [946cd32dc23edb25900c85cad72a758b], 
PUP.Optional.Conduit.A, C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\conduit-search.xml, , [8f71d12f47b9867ae98e6212fa080ef2], 
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\nengine.cookie, , [59a74db3de22f30d8a7e342dd92952ae], 
PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\cache\spark.bin, , [59a74db3de22f30d8a7e342dd92952ae], 

Physical Sectors: 0
(No malicious items detected)


(end)
         


Ups einfach auf Cancel geklickt und es geht warte!

Code:
ATTFilter
# AdwCleaner v3.102 - Report created 21/04/2014 at 17:59:56
# Updated 21/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : AE2220 - AE2220-MSI
# Running from : C:\Users\AE2220\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\DNSErrorHelper
Folder Deleted : C:\Users\AE2220\.android
Folder Deleted : C:\Users\AE2220\AppData\Local\CrashRpt
Folder Deleted : C:\Users\AE2220\AppData\Local\genienext
Folder Deleted : C:\Users\AE2220\AppData\Local\Mobogenie
Folder Deleted : C:\Users\AE2220\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\AE2220\AppData\Roaming\Free Download Manager
Folder Deleted : C:\Users\AE2220\AppData\Roaming\HELPER
Folder Deleted : C:\Users\AE2220\Documents\Mobogenie
Folder Deleted : C:\Users\AE2220\Documents\Youcam
File Deleted : C:\Users\AE2220\daemonprocess.txt

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061FB-EB79-4568-A03C-3CE26D68DAE9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061FB-EB79-4568-A03C-3CE26D68DAE9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Orbit\Orbitdownloader\orbitdm.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Orbit\Orbitdownloader\orbitnet.exe]
Key Deleted : HKCU\Software\OCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v24.4.0 (en-US)

[ File : C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\prefs.js ]

Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.firetab.org/?type=ds3hp");
Line Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394099922153");
Line Deleted : user_pref("extensions.toolbar_AVIRA-V7@apn.ask.com.install-event-fired", true);

*************************

AdwCleaner[R0].txt - [8564 octets] - [12/12/2013 02:41:17]
AdwCleaner[R1].txt - [3873 octets] - [21/04/2014 17:56:42]
AdwCleaner[S0].txt - [8295 octets] - [12/12/2013 02:42:49]
AdwCleaner[S1].txt - [3694 octets] - [21/04/2014 17:59:56]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3754 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by AE2220 on Mon 04/21/2014 at 18:08:46.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-1AD8_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-1AD8_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-1AD8_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-1AD8_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{27E73922-7662-41EA-A216-AECDB2DBF16B}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{09450674-A22A-4CC2-80BC-EF9BDC44F11E}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{1E5D582A-ABEB-40AC-855E-DDA05E126FB8}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{1F1462E7-3C81-448E-89E2-AF524CA1E852}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{235888DF-DB65-4DFF-976E-471D3526DE89}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{2B7DE70D-992E-4100-9AC7-8E1F75661A9A}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{46733B4D-2BF8-4F6B-84CF-889AB22CA2AB}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{745615EF-AB1D-41EC-9DED-72418C744DA4}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{74C28310-51C5-48B6-B0CA-508EAE9CE451}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{778B291E-678B-476E-BDBD-4A96E03E9531}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{8F109DD0-7D91-4526-9234-4EC6F608E588}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{96BDFFAA-CB6B-4043-954C-CEF3BBFC2E8D}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{C322B216-7B3C-4CF5-B04E-C911C01ED134}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{DAC50077-AB6E-4B50-A9E5-1857DD01C2B1}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{DB9393C8-5B83-4CE3-9B2B-8F4E3564913A}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{E2FADDD2-651D-4931-94D8-B1228E40EDD3}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{F7603AC1-0D05-4E25-AA92-7C9360D7EF3B}



~~~ FireFox

Emptied folder: C:\Users\AE2220\AppData\Roaming\mozilla\firefox\profiles\pge1g4b5.default\minidumps [137 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 04/21/2014 at 18:34:48.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Ok denke das war jetzt alles was nu?

Mag vielleicht ein bisschen besser geworden sein. Youtube laeuft manchmal fluessig faengt ja dann aber doch wieder an zu laggen... genauso wie spiele, die ruckeln immernoch

Allgemein geht alles jetzt bisschen fluessiger zu statten aber hatte diesen Pc schon besser funktionierend in Erinnerung...

Ich habe den PC erst vor ein Paar Monaten aufgeschraubt und den ganzen Staub entfernt... Also am Staub wird es eher nicht liegen...

Gruss Kali_Yuga

Alt 22.04.2014, 15:20   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen





ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.04.2014, 06:04   #11
Kali_Yuga
 
Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!





Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3db95496eb44924b9f12a7e2b5be1a84
# engine=17982
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-23 02:33:04
# local_time=2014-04-22 08:33:04 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 149763834 0 0
# scanned=1111653
# found=12
# cleaned=0
# scan_time=18573
sh=4AF030634217E7EFA9BDDC59E36D3E34C7067A10 ft=1 fh=4d0f192bb851ddb5 vn="a variant of Win32/AdWare.AddLyrics.AG application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Re-markit\136.dll.vir"
sh=1E43F6D3AA51193743ECA1AE0EA71A0E24A9703A ft=1 fh=c71c0011a1c12556 vn="a variant of Win32/AdWare.AddLyrics.X application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Re-markit\ReMarkit_up.exe.vir"
sh=270360BA01FB58001F3A55601A083F6533452F4E ft=1 fh=e05606d6e6ff85e8 vn="a variant of Win32/AdWare.AddLyrics.Y application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Re-markit\Uninstall.exe.vir"
sh=5B31FB5741304E8486ACFD81E30B314B87A28E9F ft=1 fh=b4b60b69ec22cbd1 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="H:\Games\Dirt 3\Dirt.3.-.SKIDROW\Installed\SKIDROW.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Spatet.I trojan" ac=I fn="H:\RECYCLER\S-1-5-21-842925246-2025429265-682008880-1013\com4\hidefiles\WinMend-Folder-Hidden
         
Ey ich musste das hier ma son bissl veraendern xD hat aber 12 Dateien gefunden! der hat aber auch meine Externe ueberprueft... so das hat ne weile gedauert... ok jetzt das andere....

Code:
ATTFilter
Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 22  
 Java 7 Update 25  
 Java version out of Date! 
 Adobe Flash Player 13.0.0.182  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox (28.0) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 0% 
````````````````````End of Log``````````````````````
         
Ich hab meinen Antivirus erstmal deinstalliert unso...

Und hier als allerletztes noch eine FRST Bitteschoen


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by AE2220 (administrator) on AE2220-MSI on 22-04-2014 21:35:17
Running from C:\Users\AE2220\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
() C:\windows\Installer\MSIA30B.tmp
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8123936 2009-09-29] (Realtek Semiconductor)
HKU\S-1-5-21-1939352424-2229013223-1877745406-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0A61C410-92EC-437B-B957-7DA2EC9EE1AB} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z013&form=ZGAIDF
SearchScopes: HKCU - {119BA1B7-7A4A-41CC-98F4-E12A870148D5} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
SearchScopes: HKCU - {409DD3B4-D1F8-EC6E-EDBD-2367FDA78762} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z015&form=ZGAIDF
SearchScopes: HKCU - {645701DB-0A59-AE3F-8D62-BAA040AFB663} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z007&form=ZGAIDF
SearchScopes: HKCU - {7464A306-2EAF-4276-B5F5-BD4999D78154} URL = 
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\windows\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog5-x64 10 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\p1h1sw2n.default-1398201592115
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{b40fb246-2931-467d-a5d5-cf7d3954ef82}] - C:\Program Files (x86)\Re-markit\136.xpi

==================== Services (Whitelisted) =================

R2 HyperDeskCustomThemeEnabler; C:\windows\Installer\MSIA30B.tmp [102400 2011-04-22] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-08] (LogMeIn, Inc.)
R2 OberonGameConsoleService; C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [44432 2010-02-17] ()
S2 RzKLService; G:\Tools\Game Booster\Razer Game Booster\RzKLService.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16512 2007-02-06] (Adaptec)
S3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [364800 2009-08-12] (AVerMedia TECHNOLOGIES, Inc.)
R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-20] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\windows\system32\19C8.tmp [6144 2009-06-18] (Sophos Plc)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
S3 SPC620; C:\Windows\System32\drivers\SPC620.sys [581120 2007-09-28] (Philips                                                     )
S3 SPC620m; C:\Windows\System32\drivers\SPC620m.sys [8192 2007-09-28] (Philips                                                     )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PROCEXP151; \??\C:\windows\system32\Drivers\PROCEXP151.SYS [X]
S3 WinRing0_1_2_0; \??\G:\Tools\Game Booster\Game Booster 3\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-22 21:35 - 2014-04-22 21:35 - 00008855 _____ () C:\Users\AE2220\Desktop\FRST.txt
2014-04-22 21:29 - 2014-04-22 21:29 - 02061312 _____ (Farbar) C:\Users\AE2220\Desktop\FRST64.exe
2014-04-22 21:24 - 2014-04-22 21:24 - 00855379 _____ () C:\Users\AE2220\Desktop\SecurityCheck.exe
2014-04-22 21:23 - 2014-04-22 21:23 - 00005495 _____ () C:\Users\AE2220\Desktop\New Text Document.txt
2014-04-22 15:16 - 2014-04-22 15:16 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 15:16 - 2014-04-22 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-22 15:16 - 2014-04-22 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 18:34 - 2014-04-21 18:34 - 00003213 _____ () C:\Users\AE2220\Desktop\JRT.txt
2014-04-20 13:23 - 2014-04-20 13:23 - 00000000 ____D () C:\windows\ERUNT
2014-04-20 12:48 - 2014-04-20 12:50 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 12:48 - 2014-04-20 12:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 12:48 - 2014-04-20 12:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-20 12:48 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-20 12:48 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-20 12:48 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-20 03:01 - 2014-04-20 03:01 - 00013847 _____ () C:\ComboFix.txt
2014-04-20 02:44 - 2014-04-20 03:01 - 00000000 ____D () C:\Qoobox
2014-04-20 02:44 - 2014-04-20 02:57 - 00000000 ____D () C:\windows\erdnt
2014-04-20 02:44 - 2011-06-26 00:45 - 00256000 _____ () C:\windows\PEV.exe
2014-04-20 02:44 - 2010-11-07 11:20 - 00208896 _____ () C:\windows\MBR.exe
2014-04-20 02:44 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00098816 _____ () C:\windows\sed.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00080412 _____ () C:\windows\grep.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00068096 _____ () C:\windows\zip.exe
2014-04-19 00:38 - 2014-04-22 21:35 - 00000000 ____D () C:\FRST
2014-04-17 19:39 - 2014-04-17 19:39 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-04-16 23:08 - 2014-04-16 23:08 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-16 23:08 - 2014-04-16 23:08 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 22:58 - 2014-03-06 04:21 - 23549440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-16 22:58 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-16 22:58 - 2014-03-06 03:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-16 22:58 - 2014-03-06 02:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-16 22:58 - 2014-03-06 02:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-16 22:58 - 2014-03-06 02:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-16 22:58 - 2014-03-06 02:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-16 22:58 - 2014-03-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-16 22:58 - 2014-03-06 02:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-16 22:58 - 2014-03-06 02:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-16 22:58 - 2014-03-06 02:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-16 22:58 - 2014-03-06 02:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-16 22:58 - 2014-03-06 02:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-16 22:58 - 2014-03-06 02:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-16 22:58 - 2014-03-06 02:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-16 22:58 - 2014-03-06 01:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-16 22:58 - 2014-03-06 01:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-16 22:58 - 2014-03-06 01:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-16 22:58 - 2014-03-06 01:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-16 22:58 - 2014-03-06 01:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-16 22:58 - 2014-03-06 01:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-16 22:58 - 2014-03-06 01:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-16 22:58 - 2014-03-06 01:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-16 22:58 - 2014-03-06 01:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-16 22:58 - 2014-03-06 01:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-16 22:58 - 2014-03-06 01:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-16 22:58 - 2014-03-06 01:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-16 22:58 - 2014-03-06 00:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-16 22:57 - 2014-03-06 03:19 - 17387008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-16 22:57 - 2014-03-06 02:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-16 22:57 - 2014-03-06 02:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-16 22:57 - 2014-03-06 02:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-16 22:57 - 2014-03-06 02:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-16 22:57 - 2014-03-06 02:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-16 22:57 - 2014-03-06 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-16 22:57 - 2014-03-06 01:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-16 22:57 - 2014-03-06 01:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-16 22:57 - 2014-03-06 01:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-16 22:57 - 2014-03-06 01:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-16 22:57 - 2014-03-06 00:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-16 22:57 - 2014-03-06 00:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-16 22:57 - 2014-03-06 00:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-16 22:57 - 2014-03-06 00:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-16 22:57 - 2014-03-05 23:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-16 22:57 - 2014-03-05 23:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-16 22:57 - 2014-03-05 23:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-16 22:57 - 2014-03-05 23:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-16 22:57 - 2014-03-05 23:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-16 19:27 - 2014-04-16 19:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-09 05:16 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-09 05:16 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-09 05:16 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 05:16 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-09 05:16 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-09 05:16 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-09 05:16 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-09 05:16 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-09 05:16 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-09 05:16 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-09 05:16 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-09 05:16 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-09 05:16 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-09 03:19 - 2014-04-10 01:36 - 00013862 _____ () C:\windows\DPINST.LOG
2014-03-30 14:45 - 2014-04-02 23:35 - 00000000 ____D () C:\Program Files (x86)\AnotherLifeClient
2014-03-30 13:44 - 2014-04-01 00:41 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-03-30 01:00 - 2014-04-22 13:25 - 00003983 _____ () C:\windows\setupact.log
2014-03-30 01:00 - 2014-03-30 01:00 - 00000000 _____ () C:\windows\setuperr.log
2014-03-25 00:31 - 2014-04-16 12:42 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Paint.NET
2014-03-23 13:22 - 2014-03-23 13:22 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Skype

==================== One Month Modified Files and Folders =======

2014-04-22 21:35 - 2014-04-22 21:35 - 00008855 _____ () C:\Users\AE2220\Desktop\FRST.txt
2014-04-22 21:35 - 2014-04-19 00:38 - 00000000 ____D () C:\FRST
2014-04-22 21:29 - 2014-04-22 21:29 - 02061312 _____ (Farbar) C:\Users\AE2220\Desktop\FRST64.exe
2014-04-22 21:27 - 2014-03-06 04:16 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-22 21:24 - 2014-04-22 21:24 - 00855379 _____ () C:\Users\AE2220\Desktop\SecurityCheck.exe
2014-04-22 21:23 - 2014-04-22 21:23 - 00005495 _____ () C:\Users\AE2220\Desktop\New Text Document.txt
2014-04-22 20:19 - 2011-04-15 17:51 - 01832048 _____ () C:\windows\WindowsUpdate.log
2014-04-22 19:34 - 2013-12-27 22:40 - 00004583 _____ () C:\aoesync.txt
2014-04-22 18:27 - 2014-03-06 04:16 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-22 18:06 - 2012-02-04 00:59 - 00003938 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2014-04-22 18:00 - 2013-08-26 15:53 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\vlc
2014-04-22 17:59 - 2011-04-20 19:30 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Skype
2014-04-22 17:53 - 2013-08-26 17:06 - 00000000 ____D () C:\Users\AE2220\Desktop\Things
2014-04-22 15:39 - 2010-04-10 11:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-22 15:17 - 2011-04-20 19:47 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Mozilla
2014-04-22 15:16 - 2014-04-22 15:16 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 15:16 - 2014-04-22 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-22 15:16 - 2014-04-22 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 13:32 - 2009-07-13 22:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-22 13:32 - 2009-07-13 22:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-22 13:31 - 2009-07-13 23:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-22 13:25 - 2014-03-30 01:00 - 00003983 _____ () C:\windows\setupact.log
2014-04-22 13:24 - 2013-09-05 00:35 - 00143744 _____ () C:\windows\PFRO.log
2014-04-22 13:24 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-21 19:30 - 2013-10-02 13:42 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\.minecraft
2014-04-21 18:34 - 2014-04-21 18:34 - 00003213 _____ () C:\Users\AE2220\Desktop\JRT.txt
2014-04-21 17:59 - 2013-12-12 02:41 - 00000000 ____D () C:\AdwCleaner
2014-04-21 17:59 - 2011-04-20 19:30 - 00000000 ____D () C:\Users\AE2220
2014-04-20 13:23 - 2014-04-20 13:23 - 00000000 ____D () C:\windows\ERUNT
2014-04-20 13:05 - 2013-08-22 05:21 - 00000000 ____D () C:\Users\AE2220\AppData\Local\LogMeIn Hamachi
2014-04-20 12:50 - 2014-04-20 12:48 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 12:48 - 2014-04-20 12:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 12:48 - 2014-04-20 12:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-20 03:01 - 2014-04-20 03:01 - 00013847 _____ () C:\ComboFix.txt
2014-04-20 03:01 - 2014-04-20 02:44 - 00000000 ____D () C:\Qoobox
2014-04-20 02:57 - 2014-04-20 02:44 - 00000000 ____D () C:\windows\erdnt
2014-04-20 02:57 - 2009-07-13 20:34 - 00000215 _____ () C:\windows\system.ini
2014-04-17 19:39 - 2014-04-17 19:39 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-04-17 15:08 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2014-04-17 12:44 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-16 23:08 - 2014-04-16 23:08 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-16 23:08 - 2014-04-16 23:08 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 23:08 - 2011-04-22 17:03 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Adobe
2014-04-16 22:50 - 2013-09-04 23:27 - 00000000 ____D () C:\ProgramData\Avira
2014-04-16 19:27 - 2014-04-16 19:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 12:42 - 2014-03-25 00:31 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Paint.NET
2014-04-12 06:57 - 2011-04-20 19:33 - 00027047 _____ () C:\windows\system32\lvcoinst.log
2014-04-10 03:06 - 2013-08-14 22:06 - 00000000 ____D () C:\windows\system32\MRT
2014-04-10 03:01 - 2011-04-20 23:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-10 01:46 - 2014-02-21 19:52 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-04-10 01:46 - 2014-02-21 19:52 - 00000000 ____D () C:\ProgramData\install_clap
2014-04-10 01:36 - 2014-04-09 03:19 - 00013862 _____ () C:\windows\DPINST.LOG
2014-04-10 01:32 - 2011-04-20 19:42 - 00000000 ____D () C:\Users\AE2220\AppData\Local\LogiShrd
2014-04-10 01:32 - 2011-04-20 19:41 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-04-10 01:32 - 2010-04-10 11:31 - 00000000 ____D () C:\Program Files (x86)\msi
2014-04-03 09:51 - 2014-04-20 12:48 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-20 12:48 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-20 12:48 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-02 23:35 - 2014-03-30 14:45 - 00000000 ____D () C:\Program Files (x86)\AnotherLifeClient
2014-04-02 21:16 - 2013-09-08 01:22 - 00000784 _____ () C:\Users\AE2220\Desktop\SpeedFan.lnk
2014-04-02 18:22 - 2014-03-06 04:16 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 18:22 - 2014-03-06 04:16 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 00:41 - 2014-03-30 13:44 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-04-01 00:41 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\registration
2014-04-01 00:41 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\AppCompat
2014-03-31 22:44 - 2009-07-13 22:45 - 00439896 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-31 09:35 - 2011-04-20 20:04 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-03-30 14:45 - 2011-04-20 19:30 - 00116936 _____ () C:\Users\AE2220\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 13:46 - 2011-04-25 16:53 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-03-30 01:00 - 2014-03-30 01:00 - 00000000 _____ () C:\windows\setuperr.log
2014-03-23 13:22 - 2014-03-23 13:22 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Skype
2014-03-23 13:22 - 2011-04-20 20:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-23 13:22 - 2010-04-10 11:35 - 00000000 ____D () C:\ProgramData\Skype

Some content of TEMP:
====================
C:\Users\AE2220\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 00:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by AE2220 at 2014-04-22 21:42:02
Running from C:\Users\AE2220\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Another Life Client 1.52 (HKLM-x32\...\{D4E82BDF-6252-4761-A020-37DBC34C7617}}_is1) (Version: 1.52 - Tim Witschel Serververmietung)
AnotherLife Client version 1.3 (HKLM-x32\...\{1B305614-536F-47B0-917D-140C1D2477BA}}_is1) (Version: 1.3 - Tim Witschel Serververmietung)
Command & Conquer™ Alarmstufe Rot 3 Der Aufstand (HKLM-x32\...\{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}) (Version: 1.0.1.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Völker (HKLM-x32\...\Die Völker) (Version:  - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.)
Frets On Fire (HKLM-x32\...\Frets on Fire) (Version: 1.2.451-win32 - )
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech H800 (HKLM-x32\...\{E7A8414E-944B-4D73-9F3F-C4E5266DF85C}) (Version: 1.0.034 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
msi EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.2.0.103 - msi)
msi EasyViewer (x32 Version: 1.2.0.103 - msi) Hidden
MSI Game Corner Console (HKLM-x32\...\{10219E71-68B2-459C-A605-D59E2321C3EC}_is1) (Version: 5.5.0.2 - Oberon Media, Inc.)
msi Software Install_x64 (HKLM\...\{07690F1C-04B1-4060-9691-6748ED1826B9}) (Version: 3.0.909.3001 - msi)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.2.00.03250 - Sony Corporation)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0130 - REALTEK Semiconductor Corp.)
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Update Service (x32 Version: 4.1.0 - <no manufacturer>) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
WindTouch3D_x64 (HKLM-x32\...\InstallShield_{B6FC1F2E-3C04-4BF0-A4D9-2F0372D494A4}) (Version:  - )
WindTouch3D_x64 (Version: 0.9.2.6 - msi) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Restore Points  =========================

22-04-2014 19:30:22 Windows Update
22-04-2014 21:13:14 Revo Uninstaller's restore point - Mozilla Firefox 24.4.0 (x86 en-US)
22-04-2014 21:38:21 Revo Uninstaller's restore point - Just Cause 1.00.0000
22-04-2014 21:38:54 Removed Just Cause

==================== Hosts content: ==========================

2009-07-13 20:34 - 2014-04-20 02:57 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1E3DDA4E-B3F7-4738-8431-509189BFE73D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {2F0A79FC-7517-4036-AEBE-938224E5979A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {53221499-7E93-443F-B067-166D4A69811B} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {547E66E0-11C8-4870-B038-CB9E66EB27F5} - System32\Tasks\MyDefrag v4.3.1 Monthly => G:\Tools\Mydefrag\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD
Task: {6223C238-7FC3-4EFB-95EA-68C7C5D17FD2} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {7617EDED-F629-407E-B93A-602E184CA5C8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1939352424-2229013223-1877745406-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8265ADC5-8499-4BED-AE0D-9057F67E0305} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1939352424-2229013223-1877745406-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} - \Re-markit Update No Task File <==== ATTENTION
Task: {A7005A4F-0537-45FD-88E3-CC5408FB3226} - System32\Tasks\Game_Booster_AutoUpdate => G:\Tools\Game Booster\Game Booster 3\AutoUpdate.exe
Task: {BFB59161-1941-477B-8B8E-C5A6F71A51FC} - System32\Tasks\MyDefrag v4.3.1 Daily => G:\Tools\Mydefrag\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD
Task: {E40BF1FA-9D86-4182-B0AA-0A111B854615} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-13 20:18 - 2012-11-22 19:57 - 00057448 _____ () C:\windows\system32\PrxerNsp.dll
2011-04-22 22:30 - 2011-04-22 22:30 - 00102400 _____ () C:\windows\Installer\MSIA30B.tmp
2010-04-10 12:00 - 2010-02-17 16:54 - 00044432 _____ () C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
2005-06-07 12:26 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-04-22 15:16 - 2014-03-15 02:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\windows\system32\nvawy.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\NVCOAWY.DLL:KAVICHS
AlternateDataStreams: C:\windows\system32\NVCOSMU.DLL:KAVICHS
AlternateDataStreams: C:\windows\system32\nvdisp.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\nvraidco.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\nvraiins.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoDa.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoDe.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEng.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoENU.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEs.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEsm.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoFi.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoFr.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoIt.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoJa.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoKo.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoNl.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoNo.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoPtb.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoRu.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoSv.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoZhc.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoZht.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\nvsmu.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\nvuawy.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\nvudisp.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\nvusmu.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecir.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecirhid.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecirhidma.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvamacpi.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvsmu.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvstor64.sys:KAVICHS
AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29
AlternateDataStreams: C:\ProgramData\TEMP:793ABD2B
AlternateDataStreams: C:\ProgramData\TEMP:7E68DD27
AlternateDataStreams: C:\ProgramData\TEMP:8173A019
AlternateDataStreams: C:\ProgramData\TEMP:D091E13E

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^AE2220^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Logitech H800 => C:\Program Files (x86)\Logitech\H800\H800.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "D:\Virtual CloneDrive\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Voobly => "D:\Voobly\Voobly\voobly.exe" --startup
MSCONFIG\startupreg: Weather => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
MSCONFIG\startupreg: WindTouch3D => "%ProgramFiles%\msi\WindTouch\WindTouch3D.exe" Min
MSCONFIG\startupreg: YouCam Service6 => "G:\Tools\cyberlink cam\YouCam6\YouCamService6.exe" /s

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Description: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Description: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2014 09:40:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/22/2014 09:10:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/22/2014 03:18:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/22/2014 03:18:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/22/2014 03:18:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/22/2014 03:18:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/21/2014 07:26:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 24.4.0.5187, time stamp: 0x5324ac07
Faulting module name: xul.dll, version: 24.4.0.5187, time stamp: 0x5324aa96
Exception code: 0xc0000005
Fault offset: 0x000aaef8
Faulting process id: 0xa7c
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3


System errors:
=============
Error: (04/22/2014 06:00:50 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/22/2014 02:18:40 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/22/2014 01:25:11 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ASPI32

Error: (04/22/2014 01:24:58 PM) (Source: Service Control Manager) (User: )
Description: The RzKLService service failed to start due to the following error: 
%%2

Error: (04/22/2014 01:24:46 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (04/22/2014 03:08:32 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service has reported an invalid current state 32.


Microsoft Office Sessions:
=========================
Error: (04/22/2014 09:40:19 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$RECYCLE.BIN\S-1-5-21-1939352424-2229013223-1877745406-1000\$R5NTCC0.exe

Error: (04/22/2014 09:10:04 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/22/2014 03:18:51 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AE2220\Desktop\esetsmartinstaller_enu.exe

Error: (04/22/2014 03:18:49 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AE2220\Desktop\esetsmartinstaller_enu.exe

Error: (04/22/2014 03:18:46 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AE2220\Desktop\esetsmartinstaller_enu.exe

Error: (04/22/2014 03:18:43 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AE2220\Downloads\esetsmartinstaller_enu.exe

Error: (04/21/2014 07:26:08 PM) (Source: Application Error)(User: )
Description: firefox.exe24.4.0.51875324ac07xul.dll24.4.0.51875324aa96c0000005000aaef8a7c01cf5dc2c2566450C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll14214730-c9bd-11e3-b086-40618695619a


CodeIntegrity Errors:
===================================
  Date: 2014-04-20 02:56:06.371
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-04-20 02:56:06.090
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-16 21:44:06.673
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-16 21:44:06.544
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-16 21:44:06.409
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-16 21:44:06.282
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:19.868
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:19.644
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:19.416
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-02 21:18:19.183
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 3839.24 MB
Available physical RAM: 1527.61 MB
Total Pagefile: 7676.66 MB
Available Pagefile: 6187.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:106.77 GB) (Free:29.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:335.77 GB) (Free:241.13 GB) NTFS
Drive h: (Externe Festplatte) (Fixed) (Total:931.51 GB) (Free:345.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 78DACBF2)
Partition 1: (Not Active) - (Size=23 GB) - (Type=27)
Partition 2: (Active) - (Size=356 MB) - (Type=27)
Partition 3: (Not Active) - (Size=107 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=336 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Ob alles wieder gut ist werde ich herausfinden! Ich poste sobald ich verbesserungen bemerke!

Sonst Viele vielen vielen Dank fuer deine Hilfe Schrauber mal gespannt obs wirklich was gebracht hat. Eigentlich haette ich einfach neuinstalliert, aber habe keine Windows 7 CD womit ich booten kann damit ich die Festplatte einfach formatieren koennte...

Muss halt den langen weg des flickens und reparierens gehen...

So meld mich wieder..

Kali_Yuga

OK Mit windows designs immernoch bissl am ruckeln... aber ohne Transparenz ist es jetzt ganz fluessig!

OK Endresult:

Youtube - Wesentlich fluessiger auch im Vollbild. ruckelt aber hin und wieder.
Windows - laeuft ohne Transparenz ohne mucken.
Games - Gehen immernoch ueberhaupt nicht und nicht spielbar! (Auslastungen bei alten Spielen z.B Need for Speed Underground 2 bei 100%)
laufen ca. mit 1,5 Frames die Sekunde...

Hier nachdem ich Half Life 2 versucht habe zu zocken:


Nachdem man zu Windows zurueckkehrt hat man Direkt wieder 0-3% Auslastung


wenigstens der rest geht wieder fluessiger vielen Dank hat defenetiv was gebracht!

PS: XP war viel besser und einfacher

Und Windows 7 setzt noch einen Drauf!!! Nochnichtmal Paint funktioniert korrekt! Tut das mal in deren behinderten Werbungen Rein




Was soll man bloss noch tun??

Werden wieder auf den Urknall Stand gedrueckt oder wie.
Probleme die einfach nicht passieren duerfen meine Leute!!

Geändert von Kali_Yuga (23.04.2014 um 06:51 Uhr)

Alt 23.04.2014, 15:19   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



Java und Adobe updaten. Welche Funde von ESET hast du mir verheimlicht?




Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
H:\RECYCLER
Winsock: Catalog5 10 C:\windows\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog5-x64 10 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
cmd: netsh winsock reset
Task: {8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} - \Re-markit Update No Task File <==== ATTENTION
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Das mal machen:
http://www.trojaner-board.de/126216-...epair-aio.html
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.04.2014, 09:59   #13
Kali_Yuga
 
Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



Danke nachdem ich das gemacht habe funktioniert mein Internet nicht mehr junge...

Ich hab die 5 Balken bin verbunden mit dem Router es steht "Connectet" da, aber keine Verbindung zum Internet...
Bin gerade mit einem anderen PC im Internet und wollte sagen das der letzte Schritt wohl falsch wahr!!! Wie mach ich das wieder rueckgaengig?

Jetzt funktioniert garnix mehr

Meine Ip's wurden zu 192.x.x.x. ersetzt...
Ich lebe aber in den Usa und hier sind die Ips 10.0.0.x usw

wenn ich das versuche zu aendern gehts immernoch net.
Recovery ist nur 1 Backup da und das war vom selben Tag

Ich habe beide Verbindungen Lan + WLan
und keins der beiden geht jetzt auf diesem PC!

Mein Computer ist mit beiden verbunden zeigt mir aber ein kleines gelbes Warndreieck sagt mir aber nicht worum es sich handelt!
Wie kann ich deinen letzten schritt rueckgaengig machen bitte?

Alt 24.04.2014, 21:02   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



Fixlog?

Du hast den Fix korrekt ausgeführt?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.04.2014, 22:22   #15
Kali_Yuga
 
Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - Standard

Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!



Ja ich hab alles korrekt ausgefuehrt...
nur jetzt zeigt mir mein PC unter Ipconfig /all eine
192.168.0.x an.

Ich lebe in den USA und da gibt es glaube diese art von Ips net (nur lokale) soweit ich weiss!..

Ich muss wieder alle Ips auf 10.0.0.9 tauschen aber es scheint fest eingespeichert zu sein!

Wie kann ich die ganzen Internet sachen Resetten auf amerikanischen Interneteinstellungen?

Ich glaube das Fixprogramm hat meine Interneteinstellungen veraendert sodass ich netmehr ins internet zugreifen kann..

Wie gesagt ich bin verbunden mit dem Router und Modem aber kein Internet Access!!

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-04-2014
Ran by AE2220 at 2014-04-23 19:04:57 Run:1
Running from H:\Tools\Junk removal
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
H:\RECYCLER
Winsock: Catalog5 10 C:\windows\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog5-x64 10 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
cmd: netsh winsock reset
Task: {8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} - \Re-markit Update No Task File <==== ATTENTION
*****************


"H:\RECYCLER" directory move:

H:\RECYCLER\S-1-5-21-842925246-2025429265-682008880-1013\Desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-823518204-1177238915-682003330-1003\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-823518204-1177238915-682003330-1003\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-436374069-1078145449-725345543-1003\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-436374069-1078145449-725345543-1003\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-1659004503-1604221776-1417001333-500\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-1659004503-1604221776-1417001333-500\Di1.txt => Moved successfully.
H:\RECYCLER\S-1-5-21-1659004503-1604221776-1417001333-500\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-1659004503-1604221776-1417001333-500\Di2\reloaded.nfo => Moved successfully.
H:\RECYCLER\S-1-5-21-1275210071-1326574676-1417001333-1003\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-1275210071-1326574676-1417001333-1003\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\De1\hamachi.lng => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\De1\license.rtf => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\De1\ReleaseNotes.rtf => Moved successfully.
H:\RECYCLER\S-1-5-21-1004336348-1844823847-1177238915-500\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-1004336348-1844823847-1177238915-500\Dg1.url => Moved successfully.
H:\RECYCLER\S-1-5-21-1004336348-1844823847-1177238915-500\Dg2.url => Moved successfully.
H:\RECYCLER\S-1-5-21-1004336348-1844823847-1177238915-500\INFO2 => Moved successfully.
Could not move "H:\RECYCLER" directory. => Scheduled to move on reboot.

Winsock: Catalog entry 000000000010 => Deleted successfully.
Winsock: Catalog entry 000000000010 => Deleted successfully.

=========  netsh winsock reset =========

Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= End of CMD: =========

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Re-markit Update => Key deleted successfully.

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-23 19:09:31)<=

"H:\RECYCLER" => Directory could not move.

==== End of Fixlog ====
         

Geändert von Kali_Yuga (24.04.2014 um 22:41 Uhr)

Antwort

Themen zu Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!
100%, 100% cpu, alter laptop, bho, downloader, hijack this, hijackthis, internet explorer, mobogenie, mobogenie entfernen, prozesse, pup.optional.conduit.a, pup.optional.kozaka.a, pup.optional.myemoticons.a, pup.optional.nextlive.a, pup.optional.outbrowse, pup.optional.remarkit.a, pup.optional.speedanalysis3.a, software, windows, windows 7, windows xp



Ähnliche Themen: Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!


  1. Ads By Flash Games Rockstar entfernen
    Anleitungen, FAQs & Links - 15.08.2015 (2)
  2. Flash Videos (Youtube) stürzt dauernd ab...
    Log-Analyse und Auswertung - 15.02.2015 (17)
  3. Youtube.com -> Weiterleitung auf http://www.youtube.com/java.html
    Plagegeister aller Art und deren Bekämpfung - 22.10.2014 (1)
  4. Windows 7 Professional: alles langsamer, flash player, Word etc. hängen sich auf
    Log-Analyse und Auswertung - 02.10.2014 (13)
  5. YouTube Videos ohne Bild angezeigt! Neuste Version von Flash schon installiert-GoogleChrome
    Plagegeister aller Art und deren Bekämpfung - 26.02.2014 (3)
  6. trotz flash player update funktioniert youtube etc nicht
    Log-Analyse und Auswertung - 15.01.2014 (2)
  7. Das runterladen von Adobe flash player und alles was mit adobe zu tun hat , geht nicht runterzuladen. installation bricht immer ab. vielleic
    Plagegeister aller Art und deren Bekämpfung - 04.09.2013 (11)
  8. Kann nicht mehr in Vollbild gucken was machen?
    Netzwerk und Hardware - 05.10.2012 (5)
  9. Startfenster.com nach Flash / Shockwave Update, Flash Plugin stürzt dauernd ab
    Log-Analyse und Auswertung - 26.09.2012 (41)
  10. Anwendungen im Vollbild wie zB. Spiele minimieren sich
    Netzwerk und Hardware - 26.06.2012 (7)
  11. Seitenladefehler beim Aufrufen von Youtube, nur bei Youtube !
    Plagegeister aller Art und deren Bekämpfung - 31.03.2012 (2)
  12. 100€ Virus Windows Security (Vollbild)
    Log-Analyse und Auswertung - 17.02.2012 (15)
  13. CPU Auslastung seit 3 Tagen ständig auf 100% und alles laggt !
    Log-Analyse und Auswertung - 08.11.2011 (15)
  14. Pc Laggt (Videos,Musik,Games)
    Netzwerk und Hardware - 03.04.2011 (10)
  15. Vollbild Werbe Pop Up IE
    Log-Analyse und Auswertung - 24.05.2009 (1)
  16. Dualscreen Vollbild Problem
    Alles rund um Windows - 18.11.2007 (3)
  17. PC laggt bei Online-Games! Experten sind gefragt!
    Plagegeister aller Art und deren Bekämpfung - 18.10.2004 (9)

Zum Thema Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! - MSI All in One PC/ Win 7 Spiele ruckeln, youtube ruckelt Firefox laeuft sehr instabil und hat auslastungen manchmal bis 100% Youtube ruckelt und Videos eine Qual. Vollbild kannste ganz - Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!...
Archiv
Du betrachtest: Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.