Internet langsam seit ca.1woche aba nur bei mir!

DreamiHD · 16.01.2014, 11:13

Hallo liebe Community

Ich habe seit tagen das problem das ich seiten oder programme öffne (internet programme)
das ich einen ping/ms von 1200-4000 bekomme.
Ich habe eine 16k Leitung & mein bruder hängt auch an der selben leitung doch wenn er
Spielt oder Surft im browser bleibt sein ping ganz normal wenn ich aba mein pc anmache
und dan eine seite auf mache wird der ping zuhoch um zu surfen oder sonst was zu machen
bei mein bruder bleibt der ping dan ca. 10 sek und bei mir bleibt er dan auf die 700-1200.

Was habe ich schon versucht? :
ich habe schon versucht sachen zu löschen die ich mir gedownloadet habe,
firefox habe ich auch neu gedownloadet aba davor habe ich es gelöscht (deinstalliert)
und ich habe antivir dürchlaufen lassen aba da kahm auch nix bei raus.

Bei weiteren fragen fragt einfach :/

bitte um hilfe

schrauber · 16.01.2014, 11:30

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

DreamiHD · 16.01.2014, 11:40

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014 03
Ran by Light (administrator) on LIGHT-PC on 16-01-2014 11:18:54
Running from C:\Users\Light\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-13] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Aeria Ignite] - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-09-03] (Adobe Systems Incorporated)
HKCU\...\Run: [Akamai NetSession Interface] - "C:\Users\Light\AppData\Local\Akamai\netsession_win.exe"
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-07-07] (AMD)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-01-26] ()
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKCU\...\Run: [Media Finder] - "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
HKCU\...\Run: [RocketDock] - "C:\Program Files (x86)\RocketDock\RocketDock.exe"
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3551576 2013-11-29] (Electronic Arts)
HKCU\...\Run: [Overwolf] - C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKCU\...\Run: [AdobeBridge] - [x]
MountPoints2: {1a531387-52ad-11e2-a76c-d1d47cb01f56} - F:\pushinst.exe
AppInit_DLLs:   [ ] ()
AppInit_DLLs-x32:   [ ] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.b1.org/?bsrc=hmior&chid=c167991
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=042c6b630000000000008c89a5814150
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x6CC5BA84570DCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d25e6422-63d1-4e5f-8ec0-c316660e75d5&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=14/04/2013&type=hp1000
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=1371734833
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Before = hxxp://search.babylon.com/?babsrc=HP_ss_din2g&mntrId=042C8C89A5814150&affID=121631&tt=180613_ndt4&tsp=4920
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page Before = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d25e6422-63d1-4e5f-8ec0-c316660e75d5&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=14/04/2013&type=hp1000
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=1371734833
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=1371734833
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=1371734833
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=1371734833
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=1371734833
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=0
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=0
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=0
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d25e6422-63d1-4e5f-8ec0-c316660e75d5&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=14/04/2013&type=hp1000
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=0
SearchScopes: HKCU - DefaultScope {90E8D5EB-68AF-4F41-A69D-2F0877B5BBA8} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=042c6b630000000000008c89a5814150&r=950
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=d25e6422-63d1-4e5f-8ec0-c316660e75d5&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=14/04/2013&type=hp1000
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=042C8C89A5814150&affID=122852&tt=02102013_mx15rbra&tsp=5034
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=WDCXWD2500AAKX-001CA0_WD-WMAYUM92648026480&ts=0
SearchScopes: HKCU - {90E8D5EB-68AF-4F41-A69D-2F0877B5BBA8} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=042c6b630000000000008c89a5814150&r=950
SearchScopes: HKCU - {B0424107-1B96-42F2-8F20-913A158739D4} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848
SearchScopes: HKCU - {E774B7E5-8125-45AF-862E-01E5D0D54A75} URL = hxxp://search.ividi.org/?q={searchTerms}&src=tbsp&id=042c6b630000000000008c89a5814150&affilt=3&r=496
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\d5hlfjse.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin64-0.98.dll No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - FireShot - {6E6E744E-4D20-4ce3-9A7A-26DFFFE22F68} - C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\d5hlfjse.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\fsaddin-0.98.dll No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default
FF user.js: detected! => C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\user.js
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @ei.FromDocToPDF_65.com/Plugin - C:\Program Files (x86)\FromDocToPDF_65EI\Installr\1.bin\NP65EISB.dll (FromDocToPDF)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Light\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\searchplugins\eventscripts-addon-manager.xml
FF SearchPlugin: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\searchplugins\ividi.xml
FF SearchPlugin: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\qvo6.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: General Crawler - C:\Users\Light\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2013-06-20]
FF Extension: NASA Night Launch - C:\Users\Light\AppData\Roaming\Mozilla\Firefox\Profiles\g3qa89e1.default\Extensions\nasanightlaunch@example.com.xpi [2013-06-23]

Chrome: 
=======
CHR HomePage: hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=48&cc=&mi=042c6b630000000000008c89a5814150
CHR DefaultSearchKeyword: softonic
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=042c6b630000000000008c89a5814150
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (FromDocToPDF Installer Plugin Stub) - C:\Program Files (x86)\FromDocToPDF_65EI\Installr\1.bin\NP65EISB.dll (FromDocToPDF)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.149\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Light\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (Google Docs) - C:\Users\Light\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 [2013-07-10]
CHR Extension: (Google Drive) - C:\Users\Light\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 [2013-07-10]
CHR Extension: (YouTube) - C:\Users\Light\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 [2013-07-10]
CHR Extension: (Google Search) - C:\Users\Light\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 [2013-07-10]
CHR Extension: (General Crawler) - C:\Users\Light\AppData\Local\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.6_0 [2013-07-08]
CHR Extension: (Improved Search) - C:\Users\Light\AppData\Local\Google\Chrome\User Data\Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena\1.2_0 [2013-07-10]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Light\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 [2013-09-23]
CHR Extension: (Gmail) - C:\Users\Light\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 [2013-07-08]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2013-07-08]
CHR HKLM-x32\...\Chrome\Extension: [dednnpigldgdbpgcdpfppmlcnnbjciel] - C:\Users\Light\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx [2013-06-20]
CHR HKLM-x32\...\Chrome\Extension: [lpmkgpnbiojfaoklbkpfneikocaobfai] - C:\Users\Light\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx [2013-06-20]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-09-05] (Perfect World Entertainment Inc)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-26] ()
R2 MSSQL$PRISMATICFLYFF; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 MySQL56; C:\ProgramData\MySQL\MySQL Server 5.6\my.ini [14244 2013-05-27] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4687672 2012-05-15] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-16] ()

==================== Drivers (Whitelisted) ====================

S3 AtiDCM; C:\Users\Light\AppData\Local\Temp\atidcmxx.sys [23552 2011-06-07] (Advanced Micro Devices, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-28] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-04] (AVM Berlin)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-04] (AVM GmbH)
S3 hcw95bda; C:\Windows\System32\Drivers\hcw95bda.sys [658944 2011-04-04] (Hauppauge Computer Works, Inc.)
S3 hcw95rc; C:\Windows\System32\DRIVERS\hcw95rc.sys [19840 2011-04-04] (Hauppauge Computer Works, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [29672 2013-01-21] (REALiX(tm))
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
U3 fgloapow; \??\C:\Users\Light\AppData\Local\Temp\fgloapow.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-16 11:19 - 2014-01-16 11:19 - 00377856 _____ C:\Users\Light\Downloads\gmer_2.1.19163.exe
2014-01-16 11:18 - 2014-01-16 11:20 - 00022642 _____ C:\Users\Light\Downloads\FRST.txt
2014-01-16 11:18 - 2014-01-16 11:18 - 02076160 _____ (Farbar) C:\Users\Light\Downloads\FRST64.exe
2014-01-16 11:18 - 2014-01-16 11:18 - 00000000 ____D C:\FRST
2014-01-16 08:44 - 2014-01-16 08:44 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-16 08:44 - 2014-01-16 08:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-16 08:41 - 2014-01-16 08:44 - 23867560 _____ (Mozilla) C:\Users\Light\Downloads\Firefox_Setup_26.0.exe
2014-01-16 08:34 - 2014-01-16 08:37 - 00001068 _____ C:\Users\Light\Desktop\Neues Textdokument (3).txt
2014-01-16 07:50 - 2014-01-16 07:50 - 00000000 ____D C:\26a7b4dfc531c4543ae4721ec1558b
2014-01-12 18:00 - 2014-01-12 18:00 - 00000963 _____ C:\Users\Public\Desktop\Steam.lnk
2014-01-06 13:10 - 2014-01-06 13:10 - 00000000 ____D C:\steampipetools
2014-01-06 13:10 - 2014-01-06 13:10 - 00000000 ____D C:\ProgramData\PWD
2014-01-06 02:31 - 2014-01-06 02:31 - 00000044 _____ C:\Users\Light\jagex_cl_runescape_LIVE.dat
2014-01-06 02:31 - 2014-01-06 02:31 - 00000000 ____D C:\Users\Light\jagexcache
2014-01-06 02:29 - 2014-01-06 02:29 - 00000000 ____D C:\.jagex_cache_32
2013-12-25 02:51 - 2013-12-25 02:51 - 00000000 ____D C:\Users\Light\Desktop\plugins
2013-12-25 01:49 - 2013-12-28 07:58 - 00000000 ____D C:\Users\Light\Desktop\mcprivat
2013-12-20 23:56 - 2014-01-16 08:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-19 14:10 - 2014-01-05 14:10 - 00000087 _____ C:\Users\Light\AppData\Roaming\WB.CFG
2013-12-18 18:04 - 2014-01-13 05:35 - 00000000 ____D C:\Users\Light\AppData\Local\DayZ
2013-12-18 18:04 - 2013-12-18 18:04 - 00000000 ____D C:\Users\Light\Documents\DayZ

==================== One Month Modified Files and Folders =======

2014-01-16 11:20 - 2014-01-16 11:18 - 00022642 _____ C:\Users\Light\Downloads\FRST.txt
2014-01-16 11:19 - 2014-01-16 11:19 - 00377856 _____ C:\Users\Light\Downloads\gmer_2.1.19163.exe
2014-01-16 11:19 - 2013-01-26 11:53 - 00000000 ____D C:\Users\Light\AppData\Local\PMB Files
2014-01-16 11:18 - 2014-01-16 11:18 - 02076160 _____ (Farbar) C:\Users\Light\Downloads\FRST64.exe
2014-01-16 11:18 - 2014-01-16 11:18 - 00000000 ____D C:\FRST
2014-01-16 11:02 - 2009-07-14 05:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-16 11:02 - 2009-07-14 05:45 - 00020704 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-16 10:57 - 2013-10-13 11:47 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2014-01-16 10:54 - 2013-10-13 11:45 - 00000000 ____D C:\Users\Light\AppData\Local\Battle.net
2014-01-16 10:51 - 2012-08-21 16:29 - 01959803 _____ C:\Windows\WindowsUpdate.log
2014-01-16 10:49 - 2012-09-01 01:00 - 00000000 ____D C:\Users\Light\AppData\Roaming\TS3Client
2014-01-16 10:48 - 2013-07-08 06:04 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-16 10:27 - 2012-08-21 11:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-16 08:50 - 2013-06-16 18:24 - 00000000 ____D C:\Users\Light\Desktop\Wichtige Sachen
2014-01-16 08:49 - 2013-08-16 16:11 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-16 08:48 - 2013-02-27 11:08 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-16 08:45 - 2012-09-20 21:45 - 00000000 ____D C:\Users\Light\AppData\Roaming\vlc
2014-01-16 08:44 - 2014-01-16 08:44 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-16 08:44 - 2014-01-16 08:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-16 08:44 - 2014-01-16 08:41 - 23867560 _____ (Mozilla) C:\Users\Light\Downloads\Firefox_Setup_26.0.exe
2014-01-16 08:44 - 2013-12-20 23:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-16 08:41 - 2013-01-03 21:37 - 00000000 ____D C:\Users\Light\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-01-16 08:41 - 2012-09-03 20:34 - 00000000 ____D C:\AeriaGames
2014-01-16 08:38 - 2013-11-29 10:08 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2014-01-16 08:37 - 2014-01-16 08:34 - 00001068 _____ C:\Users\Light\Desktop\Neues Textdokument (3).txt
2014-01-16 08:31 - 2012-08-29 02:01 - 00000000 ____D C:\Users\Light\Documents\My Games
2014-01-16 08:30 - 2012-08-21 10:32 - 00000000 ____D C:\Users\Light
2014-01-16 07:59 - 2012-08-21 11:00 - 00000000 ____D C:\Users\Light\AppData\Roaming\Skype
2014-01-16 07:55 - 2013-07-08 06:04 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-16 07:54 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-16 07:54 - 2009-07-14 05:51 - 00201460 _____ C:\Windows\setupact.log
2014-01-16 07:51 - 2013-08-08 00:32 - 00000000 ____D C:\Windows\system32\MRT
2014-01-16 07:50 - 2014-01-16 07:50 - 00000000 ____D C:\26a7b4dfc531c4543ae4721ec1558b
2014-01-16 07:50 - 2010-06-24 11:11 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-16 07:36 - 2013-01-11 13:27 - 00000000 ____D C:\Users\Light\AppData\Local\Adobe
2014-01-13 11:04 - 2013-07-22 03:54 - 05175808 ___SH C:\Users\Light\Desktop\Thumbs.db
2014-01-13 05:35 - 2013-12-18 18:04 - 00000000 ____D C:\Users\Light\AppData\Local\DayZ
2014-01-13 03:55 - 2013-07-08 06:03 - 00000000 ____D C:\Users\Light\AppData\Local\Deployment
2014-01-12 21:58 - 2012-08-21 16:32 - 00194122 _____ C:\Windows\PFRO.log
2014-01-12 21:52 - 2013-12-08 06:45 - 00000000 ____D C:\ProgramData\MTA San Andreas All
2014-01-12 21:52 - 2013-12-08 06:45 - 00000000 ____D C:\Program Files (x86)\MTA San Andreas 1.3
2014-01-12 18:00 - 2014-01-12 18:00 - 00000963 _____ C:\Users\Public\Desktop\Steam.lnk
2014-01-11 16:22 - 2013-10-13 11:45 - 00000000 ____D C:\Program Files (x86)\Battle.net
2014-01-06 13:10 - 2014-01-06 13:10 - 00000000 ____D C:\steampipetools
2014-01-06 13:10 - 2014-01-06 13:10 - 00000000 ____D C:\ProgramData\PWD
2014-01-06 02:31 - 2014-01-06 02:31 - 00000044 _____ C:\Users\Light\jagex_cl_runescape_LIVE.dat
2014-01-06 02:31 - 2014-01-06 02:31 - 00000000 ____D C:\Users\Light\jagexcache
2014-01-06 02:29 - 2014-01-06 02:29 - 00000000 ____D C:\.jagex_cache_32
2014-01-05 14:10 - 2013-12-19 14:10 - 00000087 _____ C:\Users\Light\AppData\Roaming\WB.CFG
2014-01-04 14:14 - 2012-08-25 02:17 - 00000000 ____D C:\Program Files\Warcraft III
2014-01-03 19:15 - 2013-06-29 18:22 - 00000600 _____ C:\Users\Light\AppData\Roaming\winscp.rnd
2014-01-03 09:20 - 2013-05-08 07:30 - 00000600 _____ C:\Users\Light\AppData\Local\PUTTY.RND
2013-12-29 07:40 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-29 07:40 - 2009-07-14 05:45 - 05000544 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-29 06:40 - 2012-08-21 10:52 - 00074400 _____ C:\Users\Light\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-29 06:05 - 2013-01-05 09:12 - 00000000 ____D C:\Games
2013-12-29 01:46 - 2012-10-20 13:06 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-12-28 07:58 - 2013-12-25 01:49 - 00000000 ____D C:\Users\Light\Desktop\mcprivat
2013-12-28 07:46 - 2013-07-04 09:56 - 00005375 _____ C:\Users\Light\Desktop\Neues Textdokument.txt
2013-12-25 02:51 - 2013-12-25 02:51 - 00000000 ____D C:\Users\Light\Desktop\plugins
2013-12-24 17:12 - 2012-08-21 11:42 - 00000000 ____D C:\Users\Light\AppData\Roaming\.minecraft
2013-12-18 18:04 - 2013-12-18 18:04 - 00000000 ____D C:\Users\Light\Documents\DayZ
2013-12-18 01:09 - 2013-06-26 00:19 - 00000000 ____D C:\Users\Light\AppData\Local\ArmA 2 OA
2013-12-17 13:44 - 2013-05-07 12:51 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-17 13:44 - 2013-03-30 06:07 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-17 13:44 - 2013-03-30 06:07 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

Files to move or delete:
====================
C:\Users\Light\jagex_cl_runescape_LIVE.dat


Some content of TEMP:
====================
C:\Users\Light\AppData\Local\Temp\appshat-distribution.exe
C:\Users\Light\AppData\Local\Temp\AskSLib.dll
C:\Users\Light\AppData\Local\Temp\avgnt.exe
C:\Users\Light\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Light\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\Light\AppData\Local\Temp\crp3455.exe
C:\Users\Light\AppData\Local\Temp\DeltaTB.exe
C:\Users\Light\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Light\AppData\Local\Temp\Gw2.exe
C:\Users\Light\AppData\Local\Temp\hcwclear.exe
C:\Users\Light\AppData\Local\Temp\Hearthstone.Beta.Key.Generator.v2.7.exe
C:\Users\Light\AppData\Local\Temp\htmlayout.dll
C:\Users\Light\AppData\Local\Temp\i4jdel0.exe
C:\Users\Light\AppData\Local\Temp\InstallManager_GEN_GEN.exe
C:\Users\Light\AppData\Local\Temp\jansi-32-git-Bukkit-1.3.1-R2.0-b2340jnks.dll
C:\Users\Light\AppData\Local\Temp\jansi-64-git-Bukkit-1.3.1-R2.0-b2340jnks.dll
C:\Users\Light\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.1-R0.1-21-g49b0699-b2754jnks.dll
C:\Users\Light\AppData\Local\Temp\JavaRa.exe
C:\Users\Light\AppData\Local\Temp\jli.dll
C:\Users\Light\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Light\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Light\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Light\AppData\Local\Temp\jre-7u45-windows-i586.exe
C:\Users\Light\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Light\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Light\AppData\Local\Temp\keytool.exe
C:\Users\Light\AppData\Local\Temp\LyricsPal_1060-8101_v122.exe
C:\Users\Light\AppData\Local\Temp\mconduitinstaller.exe
C:\Users\Light\AppData\Local\Temp\msvcr100.dll
C:\Users\Light\AppData\Local\Temp\MyClaroTB.exe
C:\Users\Light\AppData\Local\Temp\node.exe
C:\Users\Light\AppData\Local\Temp\npp.6.3.2.Installer.exe
C:\Users\Light\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Light\AppData\Local\Temp\pricepeep_130001_0101.exe
C:\Users\Light\AppData\Local\Temp\RealPlayer_de.exe
C:\Users\Light\AppData\Local\Temp\riftuninstall.exe
C:\Users\Light\AppData\Local\Temp\setup__1546.exe
C:\Users\Light\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Light\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Light\AppData\Local\Temp\sonarinst.exe
C:\Users\Light\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Light\AppData\Local\Temp\sqlite3.exe
C:\Users\Light\AppData\Local\Temp\stubhelper.dll
C:\Users\Light\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Light\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Light\AppData\Local\Temp\tbDVDV.dll
C:\Users\Light\AppData\Local\Temp\tmp1363.exe
C:\Users\Light\AppData\Local\Temp\tmp207F.exe
C:\Users\Light\AppData\Local\Temp\tmp272F.exe
C:\Users\Light\AppData\Local\Temp\tmp8B0F.exe
C:\Users\Light\AppData\Local\Temp\tmpA254.exe
C:\Users\Light\AppData\Local\Temp\tmpA802.exe
C:\Users\Light\AppData\Local\Temp\tmpA96F.exe
C:\Users\Light\AppData\Local\Temp\tmpB06A.exe
C:\Users\Light\AppData\Local\Temp\tmpB27F.exe
C:\Users\Light\AppData\Local\Temp\tmpBFAB.exe
C:\Users\Light\AppData\Local\Temp\tmpCA3B.exe
C:\Users\Light\AppData\Local\Temp\tmpF2D7.exe
C:\Users\Light\AppData\Local\Temp\uninst1.exe
C:\Users\Light\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Light\AppData\Local\Temp\uti3444.exe
C:\Users\Light\AppData\Local\Temp\wajam_download.exe
C:\Users\Light\AppData\Local\Temp\wajam_install.exe
C:\Users\Light\AppData\Local\Temp\war3_Install.exe
C:\Users\Light\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-13 06:48

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2014 03
Ran by Light at 2014-01-16 11:22:11
Running from C:\Users\Light\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1280 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (x32 Version: 2.1.2.232 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CC (x32 Version: 14.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637 - Adobe Systems, Inc.)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Alien Swarm (x32 Version:  - Valve)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Fuel (Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Anomaly Warzone Earth (x32 Version:  - 11 bit studios)
APB Reloaded (x32 Version:  - Reloaded Productions)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Arc (x32 Version: 1.0.0.5510 - Perfect World Entertainment)
Archeblade (x32 Version:  - CodeBrush Games)
Arma 2 (x32 Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (x32 Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (x32 Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (x32 Version:  - )
ATI AVIVO64 Codecs (Version: 11.6.0.10707 - ATI Technologies Inc.) Hidden
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Batman: Arkham Asylum GOTY Edition (x32 Version:  - Rocksteady Studios)
Battle.net (x32 Version:  - Blizzard Entertainment)
Battlefield 3™ (x32 Version: 1.6.0.0 - Electronic Arts)
BattlEye for OA Uninstall (x32 Version:  - )
BattlEye Uninstall (x32 Version:  - )
BCC 7 OFX 64Bit (Version: 7.0.4 - Boris FX, Inc.)
Blacklight: Retribution (x32 Version:  - )
Blockland (x32 Version:  - Eric Hartman)
Bloodline Champions (x32 Version:  - Stunlock Studios)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Borderlands (x32 Version:  - Gearbox Software)
Borderlands 2 (x32 Version:  - Gearbox Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Cinema 4D version R12 (x32 Version: R12 - Salat Production)
Counter-Strike: Global Offensive (x32 Version:  - Valve)
Counter-Strike: Source (x32 Version:  - Valve)
Cube World version 0.0.1 (x32 Version: 0.0.1 - Picroma)
Dark Messiah of Might & Magic Multi-Player (x32 Version:  - Arkane Studios)
Darksiders II (x32 Version:  - Vigil Games)
DayZ (x32 Version:  - Bohemia Interactive)
DayZ Commander (x32 Version: 0.92.85 - Dotjosh Studios)
Demigod (x32 Version:  - Gas Powered Games)
Dota 2 (x32 Version:  - Valve )
F.E.A.R. 3 (x32 Version:  - Day 1 Studios)
FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2 - FileZilla Project)
Fraps (remove only) (x32 Version:  - )
Free YouTube to MP3 Converter version 3.12.16.1028 (x32 Version: 3.12.16.1028 - DVDVideoSoft Ltd.)
Garry's Mod (x32 Version:  - Garry)
GIMP 2.8.2 (Version: 2.8.2 - The GIMP Team)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Gotham City Impostors: Free To Play (x32 Version:  - Monolith Productions, Inc.)
Guardians of Middle-earth (x32 Version:  - Zombie Studios)
Guild Wars 2 (x32 Version:  - NCsoft Corporation, Ltd.)
GunZ2 (x32 Version:  - )
Hearthstone (x32 Version:  - Blizzard Entertainment)
HeidiSQL 7.0.0.4281 (x32 Version: 7.0 - Ansgar Becker)
HydraVision (x32 Version: 4.2.208.0 - ATI Technologies Inc.) Hidden
iTunes (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 25 (64-bit) (Version: 1.7.0.250 - Oracle)
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
League of Legends (x32 Version: 1.3 - Riot Games)
Left 4 Dead 2 (x32 Version:  - Valve)
Live Update 5 (x32 Version: 5.0.101 - MSI)
Magicka (x32 Version:  - Arrowhead Game Studios AB)
MechWarrior Online (x32 Version: 1.4.3.0 - Piranha Games Inc.) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (PRISMATICFLYFF) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 (x32 Version:  - Microsoft Corporation)
Microsoft SQL Server Management Studio Express (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Native Client (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mortal Kombat Kollection (x32 Version:  - Other Ocean Interactive)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MySQL Connector C++ 1.1.2 (Version: 1.1.2 - Oracle and/or its affiliates)
MySQL Connector J (x32 Version: 5.1.23 - Oracle Corporation)
MySQL Connector Net 6.6.5 (x32 Version: 6.6.5 - Oracle)
MySQL Connector/ODBC 5.2(w) (Version: 5.2.4 - Oracle Corporation)
MySQL Documents 5.6 (x32 Version: 5.6.10 - Oracle Corporation)
MySQL Examples and Samples 5.6 (x32 Version: 5.6.10 - Oracle Corporation)
MySQL Notifier 1.0.3 (x32 Version: 1.0.3 - Oracle)
MySQL Server 5.6 (Version: 5.6.10 - Oracle Corporation)
NewBlue 3D Explosions for Windows (x32 Version:  - )
NewBlue 3D Transformations for Windows (x32 Version:  - )
NewBlue Art Blends for Windows (x32 Version:  - )
NewBlue Art Effects for Windows (x32 Version:  - )
NewBlue Film Effects for Windows (x32 Version:  - )
NewBlue Motion Blends for Windows (x32 Version:  - )
NewBlue Motion Effects for Windows (x32 Version:  - )
NewBlue Paint Blends for Windows (x32 Version:  - )
NewBlue Paint Effects for Windows (x32 Version:  - )
NewBlue Sampler Pack for Windows (x32 Version:  - )
NewBlue Video Essentials for Windows (x32 Version:  - )
NewBlue Video Essentials II  for Windows (x32 Version:  - )
NewBlue Video Essentials III  for Windows (x32 Version:  - )
Notepad++ (x32 Version: 6.2.2 - )
NVIDIA PhysX (x32 Version: 9.10.0513 - NVIDIA Corporation)
Origin (x32 Version: 9.3.1.4482 - Electronic Arts, Inc.)
Pando Media Booster (x32 Version: 2.6.0.8 - Pando Networks Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Portal 2 (x32 Version:  - Valve)
PremiumSoft Navicat Premium 8.2 (x32 Version:  - PremiumSoft CyberTech Ltd.)
PremiumSoft Navicat Premium Essentials 10.1 (x32 Version: 10.1.7 - PremiumSoft CyberTech Ltd.)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Rust (x32 Version:  - Facepunch Studios) <==== ATTENTION
Scribblenauts Unlimited (x32 Version:  - 5th Cell Media)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Sniper: Ghost Warrior (x32 Version:  - City Interactive)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (x32 Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TERA (x32 Version: 19.04.02.03.hf3 - Gameforge Productions GmbH)
Terraria (x32 Version:  - Re-Logic)
The Lord of the Rings: War in the North (x32 Version:  - Snowblind Studios)
The Mighty Quest For Epic Loot (x32 Version:  - Ubisoft Montreal)
Tom Clancy's Splinter Cell: Conviction (x32 Version:  - Ubisoft Montreal)
Tools für Microsoft SQL Server 2005 (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Torchlight II (x32 Version:  - )
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU Version: 2.6.1f3_31223 - Unity Technologies ApS)
Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (x32 Version: 9.00.5000.00 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Vegas Pro 11.0 (x32 Version: 11.0.700 - Sony)
Vegas Pro 12.0 (64-bit) (Version: 12.0.563 - Sony)
Virtual Audio Cable 4.10 (Version:  - )
VLC media player 2.0.3 (x32 Version: 2.0.3 - VideoLAN)
Warcraft III (x32 Version:  - Blizzard Entertainment)
Warframe (x32 Version: 1.0.0 - Digital Extremes)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.1.5 (x32 Version: 5.1.5 - Martin Prikryl)
World of Warcraft (x32 Version:  - Blizzard Entertainment)
Youtube Downloader HD v. 2.9.5 (x32 Version:  - YoutubeDownloaderHD.com)

==================== Restore Points  =========================

16-01-2014 06:35:50 Windows Update
16-01-2014 06:50:37 Windows Update
16-01-2014 07:39:23 Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) wird entfernt

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {01CAD58A-CF0E-436C-BE47-100B2C58FA3B} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {06CEA5D7-94D9-4FEF-8D59-E22A63F381F9} - System32\Tasks\DealPly => C:\Users\Light\AppData\Roaming\DealPly\UpdateProc\UpdateTask.exe [2013-02-27] () <==== ATTENTION
Task: {283F7547-1432-425F-8D6D-8E02FE45E3C2} - System32\Tasks\Escolade => C:\Users\Light\AppData\Roaming\Oxy\Updater.exe
Task: {39A9D665-8BC0-45BC-B186-2B6D5DEB95B4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {51055E25-AFE5-43F7-A0F0-6C162A33EC63} - System32\Tasks\RunOW => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe
Task: {709BE1A0-BAF2-4445-A98D-48961930A707} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08] (Google Inc.)
Task: {839A2AC0-1D3D-449A-AED2-5B98EF133BFE} - System32\Tasks\RunAsStdUser Task => C:\Users\Light\AppData\Local\Oxy\Application\oxy.exe
Task: {91B385D5-600A-4CB8-A19E-FC8E3AB20119} - System32\Tasks\AdobeAAMUpdater-1.0-Light-PC-Light => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13] (Adobe Systems Incorporated)
Task: {A878F561-6385-44A9-8E51-811F0EEB869C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B463FD31-63EF-482A-8B46-AE08E0CC1BDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-08] (Google Inc.)
Task: {C2939668-0EE0-46F4-AA12-B6C110A1CC32} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F7AB1B08-9F86-46E3-ADC9-9D59E4A226A0} - System32\Tasks\{F2127D7D-5DB4-441E-A03A-0A710A1523D2} => C:\Users\Light\Desktop\Skypetool by CrashCube.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-30 09:01 - 2013-08-30 09:01 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-11-29 12:53 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-01-28 12:08 - 2013-01-28 12:08 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-01-28 12:08 - 2013-01-28 12:08 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-16 08:44 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-11 09:27 - 2013-12-11 09:27 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\Users\Light\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\Light\AppData\Roaming:NT

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 15

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 14


System errors:
=============
Error: (01/16/2014 10:17:32 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/16/2014 10:17:29 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/16/2014 09:58:20 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/16/2014 09:58:17 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/16/2014 08:39:55 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/16/2014 08:39:52 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

Error: (01/16/2014 07:56:38 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/16/2014 07:56:38 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (01/16/2014 07:56:38 AM) (Source: DCOM) (User: )
Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (01/16/2014 07:55:04 AM) (Source: Disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.


Microsoft Office Sessions:
=========================
Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 23

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 22

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 20

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 19

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 18

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 17

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 16

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 15

Error: (01/16/2014 09:55:39 AM) (Source: Bonjour Service)(User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 14


CodeIntegrity Errors:
===================================
  Date: 2013-04-08 07:28:32.641
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-08 07:28:32.531
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-24 23:37:45.265
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-24 23:37:45.187
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-24 23:37:45.109
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-24 23:37:44.969
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-24 14:19:47.200
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Light\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-24 14:19:47.129
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Light\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-24 14:19:46.633
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-12-24 14:19:46.564
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 8181.43 MB
Available physical RAM: 5469.25 MB
Total Pagefile: 16361.04 MB
Available Pagefile: 13155.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:106.44 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 45D7BC9D)
Partition 1: (Active) - (Size=699 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 17.01.2014, 08:34

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Internet langsam seit ca.1woche aba nur bei mir!

Plagegeister aller Art und deren Bekämpfung: Internet langsam seit ca.1woche aba nur bei mir!