| |
| |||||||
Log-Analyse und Auswertung: Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
18.04.2014, 03:41
| #1 |
| |  Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! MSI All in One PC/ Win 7 Spiele ruckeln, youtube ruckelt Firefox laeuft sehr instabil und hat auslastungen manchmal bis 100% Youtube ruckelt und Videos eine Qual. Vollbild kannste ganz vergessen... Meine Games ruckeln auch alle??? Ich habe gemacht: Defragmentiert, Add-Ons geloescht, Firefox neuinstalliert, Autostart changed, Win 7 Styles alle ausgemacht (hat defenetiv etwas gebracht), Unnoetige Programme entfernt, Usb Sachen alle abgeschlossen. Vor ein paar Monaten war noch alles einwandfrei konnte alles Zocken , Youtube keine Probleme... Und jetzt haengt der ganze PC staendig ueberlastet wegen irgendetwas  Computer: MSI All-in One PC Wind Top AE2220 4 GB Ram / Dual Core 2.20 Ghz/ Windows 7 "SP1"Home Prof. denke ich Hab mal einen Hijack This Log gemacht fuer alle faelle.... Viele Files werden vermisst??? Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:23:53 PM, on 4/17/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.17041) Boot mode: Normal Running processes: C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe H:\Tools\HijackThis\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.firetab.org/?type=ds3nt R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Re-markit - {87b95a68-4b41-4eba-aef6-bbfbd6f5338b} - C:\Program Files (x86)\Re-markit\136.dll (file missing) O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Orbit\Orbitdownloader\GrabPro.dll (file missing) O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: &Download by Orbit - res://D:\Orbit\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://D:\Orbit\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: Add to &Hot Keyboard - D:\Keyboard\Hot Keyboard Pro\IEScript.htm O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Orbit\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://D:\Orbit\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: AddonsHelper - Unknown owner - C:\Users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe O23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\windows\Installer\MSIA30B.tmp O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing) O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: RzKLService - Unknown owner - G:\Tools\Game Booster\Razer Game Booster\RzKLService.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9848 bytes Wuerde mich sehr freuen auf ein paar Hilfreiche Antworten und hoffentlich ein Experte dabei  Google spuckt nichts sinnvolles aus >.< Vielleicht hat auch jemand dasselbe Problem mit Java, Games, und das einzelne Prozesse 100% der CPU verbrauchen! Ich hatte wesentlich aeltere PCs die fluessiger gelaufen sind mit !!XP!! Mein alter Laptop ist Pentium 4 "XP" total Hardwareschwach und funktioniert 20X Besser! Ist Windows 7 wirklich so behindert und muellt Microsoft seine Sachen einfach nur zu sodass jeder verdammte Computer in diesem Haus macken hat??? Ich hatte mit Windows XP Nieee Probleme gehabt und das ist das erste mal das ich im Internet was frage ??? Nomma Gruss an alle |
|
18.04.2014, 09:21
| #2 |
| /// the machine /// TB-Ausbilder    | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
19.04.2014, 07:53
| #3 |
| | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! FRST Logfile:
__________________FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by AE2220 (administrator) on AE2220-MSI on 19-04-2014 00:39:03
Running from C:\Users\AE2220\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
() C:\windows\Installer\MSIA30B.tmp
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
() C:\Users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Voobly) D:\Voobly\Voobly\voobly.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Adobe Systems, Inc.) C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe
(Microsoft Corporation) C:\windows\system32\taskmgr.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8123936 2009-09-29] (Realtek Semiconductor)
HKU\S-1-5-21-1939352424-2229013223-1877745406-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
HKU\S-1-5-21-1939352424-2229013223-1877745406-1000\...\MountPoints2: {c3dff4d8-6f28-11e3-b3b3-40618695619a} - F:\Setup.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo Suche ? Websuche & Suchmaschine
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = This message is from the Microsoft Safety & Security Center
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {0A61C410-92EC-437B-B957-7DA2EC9EE1AB} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z013&form=ZGAIDF
SearchScopes: HKCU - {119BA1B7-7A4A-41CC-98F4-E12A870148D5} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
SearchScopes: HKCU - {27E73922-7662-41EA-A216-AECDB2DBF16B} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=^TV&apn_dtid=^OSJ000^YY^US&apn_uid=336330A7-11C7-448A-98DB-5C85A77DC2BF&apn_sauid=7D35C715-9615-4AF5-A2B8-CACEFB69BB52
SearchScopes: HKCU - {409DD3B4-D1F8-EC6E-EDBD-2367FDA78762} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z015&form=ZGAIDF
SearchScopes: HKCU - {645701DB-0A59-AE3F-8D62-BAA040AFB663} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z007&form=ZGAIDF
SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://www.firetab.org/?type=ds3se&p={searchTerms}
SearchScopes: HKCU - {7464A306-2EAF-4276-B5F5-BD4999D78154} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Re-markit - {87b95a68-4b41-4eba-aef6-bbfbd6f5338b} - C:\Program Files (x86)\Re-markit\136.dll No File
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll ()
Toolbar: HKLM-x32 - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Orbit\Orbitdownloader\GrabPro.dll No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\windows\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog9 01 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 02 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 06 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 07 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 16 C:\windows\SysWOW64\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog5-x64 10 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
Winsock: Catalog9-x64 01 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
Winsock: Catalog9-x64 16 %SystemRoot%\system32\PrxerDrv.dll [76392] (Initex)
FireFox:
========
FF ProfilePath: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.firetab.org/?type=ds3hp
FF Keyword.URL: hxxp://www.google.ch/search?q=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\073d507f-c1e4-4900-a608-f2f72a45ecda.xml
FF SearchPlugin: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\19a2a37c-71fc-4038-a28f-21d36f1dea1e.xml
FF SearchPlugin: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\fd551b1e-7045-4376-9fcc-cff745591c32.xml
FF Extension: Flashblock - C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-04-16]
FF Extension: Personas Plus - C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\Extensions\personas@christopher.beard.xpi [2013-09-20]
FF Extension: Stylish - C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-09-20]
FF Extension: Adblock Plus - C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-22]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-04-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-04-18]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-04-18]
FF HKLM-x32\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\AE2220\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\AE2220\AppData\Roaming\Helper [2014-04-01]
FF HKCU\...\Firefox\Extensions: [{b40fb246-2931-467d-a5d5-cf7d3954ef82}] - C:\Program Files (x86)\Re-markit\136.xpi
==================== Services (Whitelisted) =================
R2 AddonsHelper; C:\Users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-12-17] ()
R2 HyperDeskCustomThemeEnabler; C:\windows\Installer\MSIA30B.tmp [102400 2011-04-22] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-08] (LogMeIn, Inc.)
R2 OberonGameConsoleService; C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [44432 2010-02-17] ()
S2 RzKLService; G:\Tools\Game Booster\Razer Game Booster\RzKLService.exe [X]
S4 Update Kozaka; "C:\Program Files (x86)\Kozaka\updateKozaka.exe" [X]
==================== Drivers (Whitelisted) ====================
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16512 2007-02-06] (Adaptec)
S3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [364800 2009-08-12] (AVerMedia TECHNOLOGIES, Inc.)
R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
S3 MEMSWEEP2; C:\windows\system32\19C8.tmp [6144 2009-06-18] (Sophos Plc)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
S3 SPC620; C:\Windows\System32\drivers\SPC620.sys [581120 2007-09-28] (Philips )
S3 SPC620m; C:\Windows\System32\drivers\SPC620m.sys [8192 2007-09-28] (Philips )
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PROCEXP151; \??\C:\windows\system32\Drivers\PROCEXP151.SYS [X]
S3 WinRing0_1_2_0; \??\G:\Tools\Game Booster\Game Booster 3\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-19 00:39 - 2014-04-19 00:39 - 00014011 _____ () C:\Users\AE2220\Desktop\FRST.txt
2014-04-19 00:38 - 2014-04-19 00:39 - 00000000 ____D () C:\FRST
2014-04-19 00:38 - 2014-04-19 00:38 - 02158592 _____ (Farbar) C:\Users\AE2220\Desktop\FRST64.exe
2014-04-18 17:45 - 2014-04-18 21:06 - 00063644 _____ () C:\Users\AE2220\Desktop\4 Islands V2 (new).scx
2014-04-18 01:22 - 2014-04-18 14:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-17 20:43 - 2014-04-17 21:06 - 00000116 _____ () C:\Users\AE2220\Desktop\New Text Document.txt
2014-04-17 19:39 - 2014-04-17 19:39 - 00002935 _____ () C:\Users\AE2220\Desktop\HiJackThis.lnk
2014-04-17 19:39 - 2014-04-17 19:39 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-04-16 23:08 - 2014-04-16 23:08 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-16 23:08 - 2014-04-16 23:08 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 22:58 - 2014-03-06 04:21 - 23549440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-16 22:58 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-16 22:58 - 2014-03-06 03:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-16 22:58 - 2014-03-06 02:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-16 22:58 - 2014-03-06 02:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-16 22:58 - 2014-03-06 02:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-16 22:58 - 2014-03-06 02:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-16 22:58 - 2014-03-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-16 22:58 - 2014-03-06 02:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-16 22:58 - 2014-03-06 02:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-16 22:58 - 2014-03-06 02:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-16 22:58 - 2014-03-06 02:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-16 22:58 - 2014-03-06 02:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-16 22:58 - 2014-03-06 02:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-16 22:58 - 2014-03-06 02:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-16 22:58 - 2014-03-06 01:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-16 22:58 - 2014-03-06 01:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-16 22:58 - 2014-03-06 01:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-16 22:58 - 2014-03-06 01:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-16 22:58 - 2014-03-06 01:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-16 22:58 - 2014-03-06 01:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-16 22:58 - 2014-03-06 01:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-16 22:58 - 2014-03-06 01:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-16 22:58 - 2014-03-06 01:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-16 22:58 - 2014-03-06 01:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-16 22:58 - 2014-03-06 01:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-16 22:58 - 2014-03-06 01:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-16 22:58 - 2014-03-06 00:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-16 22:57 - 2014-03-06 03:19 - 17387008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-16 22:57 - 2014-03-06 02:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-16 22:57 - 2014-03-06 02:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-16 22:57 - 2014-03-06 02:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-16 22:57 - 2014-03-06 02:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-16 22:57 - 2014-03-06 02:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-16 22:57 - 2014-03-06 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-16 22:57 - 2014-03-06 01:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-16 22:57 - 2014-03-06 01:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-16 22:57 - 2014-03-06 01:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-16 22:57 - 2014-03-06 01:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-16 22:57 - 2014-03-06 00:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-16 22:57 - 2014-03-06 00:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-16 22:57 - 2014-03-06 00:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-16 22:57 - 2014-03-06 00:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-16 22:57 - 2014-03-05 23:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-16 22:57 - 2014-03-05 23:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-16 22:57 - 2014-03-05 23:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-16 22:57 - 2014-03-05 23:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-16 22:57 - 2014-03-05 23:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-16 22:24 - 2014-04-16 22:24 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-16 22:18 - 2014-04-16 22:18 - 22736080 _____ (Mozilla) C:\Users\AE2220\Desktop\Firefox Setup 24.2.0esr.exe
2014-04-16 21:33 - 2014-04-16 21:34 - 09230024 _____ (Adobe Systems Incorporated) C:\Users\AE2220\Desktop\install_flash_player_11_active_x_11.3.300.268.exe
2014-04-16 19:27 - 2014-04-16 19:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 05:11 - 2014-04-16 23:38 - 00000000 ____D () C:\Users\AE2220\Desktop\Mouse
2014-04-09 05:16 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-09 05:16 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-09 05:16 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 05:16 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-09 05:16 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-09 05:16 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-09 05:16 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-09 05:16 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-09 05:16 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-09 05:16 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-09 05:16 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-09 05:16 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-09 05:16 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-09 03:19 - 2014-04-10 01:36 - 00013862 _____ () C:\windows\DPINST.LOG
2014-04-01 22:00 - 2014-04-01 22:00 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Helper
2014-03-30 14:45 - 2014-04-02 23:35 - 00000000 ____D () C:\Program Files (x86)\AnotherLifeClient
2014-03-30 13:44 - 2014-04-01 00:41 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-03-30 01:00 - 2014-04-19 00:34 - 00003311 _____ () C:\windows\setupact.log
2014-03-30 01:00 - 2014-03-30 01:00 - 00000000 _____ () C:\windows\setuperr.log
2014-03-25 00:31 - 2014-04-16 12:42 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Paint.NET
2014-03-23 13:22 - 2014-03-23 13:22 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Skype
2014-03-21 23:21 - 2014-03-21 23:21 - 00000000 ____D () C:\Users\AE2220\AppData\Local\{8F109DD0-7D91-4526-9234-4EC6F608E588}
2014-03-20 11:43 - 2014-03-20 11:44 - 00000000 ____D () C:\Users\AE2220\AppData\Local\{46733B4D-2BF8-4F6B-84CF-889AB22CA2AB}
==================== One Month Modified Files and Folders =======
2014-04-19 00:39 - 2014-04-19 00:39 - 00014011 _____ () C:\Users\AE2220\Desktop\FRST.txt
2014-04-19 00:39 - 2014-04-19 00:38 - 00000000 ____D () C:\FRST
2014-04-19 00:38 - 2014-04-19 00:38 - 02158592 _____ (Farbar) C:\Users\AE2220\Desktop\FRST64.exe
2014-04-19 00:38 - 2012-02-04 00:59 - 00003938 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2014-04-19 00:34 - 2014-03-30 01:00 - 00003311 _____ () C:\windows\setupact.log
2014-04-19 00:27 - 2014-03-06 04:16 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-19 00:03 - 2013-08-26 15:53 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\vlc
2014-04-18 22:48 - 2011-04-15 17:51 - 01713626 _____ () C:\windows\WindowsUpdate.log
2014-04-18 22:08 - 2013-12-27 22:40 - 00004604 _____ () C:\aoesync.txt
2014-04-18 22:00 - 2013-12-17 20:04 - 00000796 _____ () C:\windows\Tasks\At2.job
2014-04-18 22:00 - 2013-11-04 01:51 - 00000796 _____ () C:\windows\Tasks\At1.job
2014-04-18 21:10 - 2011-04-20 19:30 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Skype
2014-04-18 21:06 - 2014-04-18 17:45 - 00063644 _____ () C:\Users\AE2220\Desktop\4 Islands V2 (new).scx
2014-04-18 18:27 - 2014-03-06 04:16 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-18 18:21 - 2009-07-13 22:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-18 18:21 - 2009-07-13 22:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-18 14:56 - 2009-07-13 23:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-18 14:52 - 2014-04-18 01:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-18 14:51 - 2011-04-24 01:26 - 00000412 _____ () C:\windows\Tasks\PC Optimizer Pro64 startups.job
2014-04-18 14:50 - 2013-09-05 00:35 - 00140468 _____ () C:\windows\PFRO.log
2014-04-18 14:50 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-17 21:06 - 2014-04-17 20:43 - 00000116 _____ () C:\Users\AE2220\Desktop\New Text Document.txt
2014-04-17 19:39 - 2014-04-17 19:39 - 00002935 _____ () C:\Users\AE2220\Desktop\HiJackThis.lnk
2014-04-17 19:39 - 2014-04-17 19:39 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-04-17 19:33 - 2013-10-02 13:42 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\.minecraft
2014-04-17 15:08 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2014-04-17 12:44 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-16 23:38 - 2014-04-16 05:11 - 00000000 ____D () C:\Users\AE2220\Desktop\Mouse
2014-04-16 23:08 - 2014-04-16 23:08 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-16 23:08 - 2014-04-16 23:08 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 23:08 - 2011-04-22 17:03 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Adobe
2014-04-16 22:50 - 2013-09-04 23:27 - 00000000 ____D () C:\ProgramData\Avira
2014-04-16 22:24 - 2014-04-16 22:24 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-16 22:18 - 2014-04-16 22:18 - 22736080 _____ (Mozilla) C:\Users\AE2220\Desktop\Firefox Setup 24.2.0esr.exe
2014-04-16 21:34 - 2014-04-16 21:33 - 09230024 _____ (Adobe Systems Incorporated) C:\Users\AE2220\Desktop\install_flash_player_11_active_x_11.3.300.268.exe
2014-04-16 19:27 - 2014-04-16 19:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 12:42 - 2014-03-25 00:31 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Paint.NET
2014-04-12 18:10 - 2013-08-22 05:21 - 00000000 ____D () C:\Users\AE2220\AppData\Local\LogMeIn Hamachi
2014-04-12 06:57 - 2011-04-20 19:33 - 00027047 _____ () C:\windows\system32\lvcoinst.log
2014-04-10 03:06 - 2013-08-14 22:06 - 00000000 ____D () C:\windows\system32\MRT
2014-04-10 03:01 - 2011-04-20 23:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-10 01:46 - 2014-02-21 19:52 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-04-10 01:46 - 2014-02-21 19:52 - 00000000 ____D () C:\ProgramData\install_clap
2014-04-10 01:36 - 2014-04-09 03:19 - 00013862 _____ () C:\windows\DPINST.LOG
2014-04-10 01:32 - 2011-04-20 19:42 - 00000000 ____D () C:\Users\AE2220\AppData\Local\LogiShrd
2014-04-10 01:32 - 2011-04-20 19:41 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-04-10 01:32 - 2010-04-10 11:31 - 00000000 ____D () C:\Program Files (x86)\msi
2014-04-02 23:35 - 2014-03-30 14:45 - 00000000 ____D () C:\Program Files (x86)\AnotherLifeClient
2014-04-02 21:16 - 2013-09-08 01:22 - 00000784 _____ () C:\Users\AE2220\Desktop\SpeedFan.lnk
2014-04-02 18:22 - 2014-03-06 04:16 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 18:22 - 2014-03-06 04:16 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 22:00 - 2014-04-01 22:00 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Helper
2014-04-01 00:41 - 2014-03-30 13:44 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-04-01 00:41 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\registration
2014-04-01 00:41 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\AppCompat
2014-03-31 22:44 - 2011-04-20 19:30 - 00000000 ____D () C:\Users\AE2220
2014-03-31 22:44 - 2009-07-13 22:45 - 00439896 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-31 09:35 - 2011-04-20 20:04 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-03-30 14:45 - 2011-04-20 19:30 - 00116936 _____ () C:\Users\AE2220\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 13:46 - 2011-04-25 16:53 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-03-30 01:00 - 2014-03-30 01:00 - 00000000 _____ () C:\windows\setuperr.log
2014-03-23 13:22 - 2014-03-23 13:22 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Skype
2014-03-23 13:22 - 2011-04-20 20:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-23 13:22 - 2010-04-10 11:35 - 00000000 ____D () C:\ProgramData\Skype
2014-03-22 12:54 - 2009-07-13 23:08 - 00032562 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-03-21 23:21 - 2014-03-21 23:21 - 00000000 ____D () C:\Users\AE2220\AppData\Local\{8F109DD0-7D91-4526-9234-4EC6F608E588}
2014-03-21 16:16 - 2013-08-26 17:06 - 00000000 ____D () C:\Users\AE2220\Desktop\Things
2014-03-20 22:11 - 2011-04-24 16:58 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Orbit
2014-03-20 11:44 - 2014-03-20 11:43 - 00000000 ____D () C:\Users\AE2220\AppData\Local\{46733B4D-2BF8-4F6B-84CF-889AB22CA2AB}
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
Some content of TEMP:
====================
C:\Users\AE2220\AppData\Local\Temp\avgnt.exe
C:\Users\AE2220\AppData\Local\Temp\nsb504A.exe
C:\Users\AE2220\AppData\Local\Temp\nsr1D74.exe
C:\Users\AE2220\AppData\Local\Temp\nsw17C8.exe
C:\Users\AE2220\AppData\Local\Temp\nsw48DA.exe
C:\Users\AE2220\AppData\Local\Temp\nsz259B.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-19 00:32
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014 01
Ran by AE2220 at 2014-04-19 00:39:41
Running from C:\Users\AE2220\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Another Life Client 1.52 (HKLM-x32\...\{D4E82BDF-6252-4761-A020-37DBC34C7617}}_is1) (Version: 1.52 - Tim Witschel Serververmietung)
AnotherLife Client version 1.3 (HKLM-x32\...\{1B305614-536F-47B0-917D-140C1D2477BA}}_is1) (Version: 1.3 - Tim Witschel Serververmietung)
Command & Conquer™ Alarmstufe Rot 3 Der Aufstand (HKLM-x32\...\{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}) (Version: 1.0.1.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Völker (HKLM-x32\...\Die Völker) (Version: - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.)
Frets On Fire (HKLM-x32\...\Frets on Fire) (Version: 1.2.451-win32 - )
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Half-Life 2 (HKCU\...\Half-Life 2) (Version: - )
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Just Cause 1.00.0000 (HKLM-x32\...\{C9E270CC-AE42-4BD8-B9C6-1EB3A8657FF5}) (Version: 1.00.0000 - Eidos)
Logitech H800 (HKLM-x32\...\{E7A8414E-944B-4D73-9F3F-C4E5266DF85C}) (Version: 1.0.034 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version: - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 24.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 24.4.0 (x86 en-US)) (Version: 24.4.0 - Mozilla)
msi EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.2.0.103 - msi)
msi EasyViewer (x32 Version: 1.2.0.103 - msi) Hidden
MSI Game Corner Console (HKLM-x32\...\{10219E71-68B2-459C-A605-D59E2321C3EC}_is1) (Version: 5.5.0.2 - Oberon Media, Inc.)
msi Software Install_x64 (HKLM\...\{07690F1C-04B1-4060-9691-6748ED1826B9}) (Version: 3.0.909.3001 - msi)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Orbit Downloader (HKLM-x32\...\Orbit_is1) (Version: - Orbit Downloader: the ultra file & social media (YouTube etc..) download manager)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.2.00.03250 - Sony Corporation)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0130 - REALTEK Semiconductor Corp.)
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Update Service (x32 Version: 4.1.0 - <no manufacturer>) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
WindTouch3D_x64 (HKLM-x32\...\InstallShield_{B6FC1F2E-3C04-4BF0-A4D9-2F0372D494A4}) (Version: - )
WindTouch3D_x64 (Version: 0.9.2.6 - msi) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
17-04-2014 04:11:21 Removed Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
17-04-2014 04:55:25 Removed Skype Click to Call
17-04-2014 04:57:19 Windows Update
18-04-2014 01:39:27 Installed HiJackThis
==================== Hosts content: ==========================
2009-07-13 20:34 - 2009-06-10 15:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1E3DDA4E-B3F7-4738-8431-509189BFE73D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {2F0A79FC-7517-4036-AEBE-938224E5979A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {53221499-7E93-443F-B067-166D4A69811B} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {547E66E0-11C8-4870-B038-CB9E66EB27F5} - System32\Tasks\MyDefrag v4.3.1 Monthly => G:\Tools\Mydefrag\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD
Task: {6223C238-7FC3-4EFB-95EA-68C7C5D17FD2} - \GoforFilesUpdate ATTENTION ====> No Task File
Task: {7617EDED-F629-407E-B93A-602E184CA5C8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1939352424-2229013223-1877745406-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8265ADC5-8499-4BED-AE0D-9057F67E0305} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1939352424-2229013223-1877745406-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} - \Re-markit Update ATTENTION ====> No Task File
Task: {8FFD59FF-8B52-45F2-A607-9BF68AE920E7} - System32\Tasks\At1 => net
Task: {A7005A4F-0537-45FD-88E3-CC5408FB3226} - System32\Tasks\Game_Booster_AutoUpdate => G:\Tools\Game Booster\Game Booster 3\AutoUpdate.exe
Task: {BFB59161-1941-477B-8B8E-C5A6F71A51FC} - System32\Tasks\MyDefrag v4.3.1 Daily => G:\Tools\Mydefrag\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD
Task: {CD9F2D53-5F6B-4E32-AD44-5DD7D4361D8F} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {E40BF1FA-9D86-4182-B0AA-0A111B854615} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F64F7D01-9424-404D-BDB2-69470394F15F} - System32\Tasks\At2 => net
Task: C:\windows\Tasks\At1.job => ?
Task: C:\windows\Tasks\At2.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-11-13 20:18 - 2012-11-22 19:57 - 00057448 _____ () C:\windows\system32\PrxerNsp.dll
2011-04-22 22:30 - 2011-04-22 22:30 - 00102400 _____ () C:\windows\Installer\MSIA30B.tmp
2013-12-17 20:04 - 2013-12-17 20:04 - 00896512 ____N () C:\Users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe
2010-04-10 12:00 - 2010-02-17 16:54 - 00044432 _____ () C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
2005-06-07 12:26 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 00618496 _____ () D:\Voobly\Voobly\gui.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 01978368 _____ () D:\Voobly\Voobly\QtCore4.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 07266304 _____ () D:\Voobly\Voobly\QtGui4.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 00643072 _____ () D:\Voobly\Voobly\QtNetwork4.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 02138112 _____ () D:\Voobly\Voobly\lobby.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 01044480 _____ () D:\Voobly\Voobly\messenger.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 00651264 _____ () D:\Voobly\Voobly\vooblynat1.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 00499712 _____ () D:\Voobly\Voobly\vooblynat3.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 00536576 _____ () D:\Voobly\Voobly\launch.dll
2013-12-28 18:19 - 2014-04-09 22:04 - 01196032 _____ () D:\Voobly\Voobly\anticheat1.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 00019456 _____ () D:\Voobly\Voobly\imageformats\qgif4.dll
2013-12-28 18:19 - 2013-11-05 09:49 - 00131072 _____ () D:\Voobly\Voobly\imageformats\qjpeg4.dll
2014-04-18 01:22 - 2014-04-18 01:22 - 03287664 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-16 23:08 - 2014-04-16 23:08 - 16351920 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\windows\system32\nvawy.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\NVCOAWY.DLL:KAVICHS
AlternateDataStreams: C:\windows\system32\NVCOSMU.DLL:KAVICHS
AlternateDataStreams: C:\windows\system32\nvdisp.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\nvraidco.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\nvraiins.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoDa.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoDe.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEng.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoENU.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEs.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEsm.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoFi.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoFr.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoIt.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoJa.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoKo.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoNl.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoNo.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoPtb.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoRu.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoSv.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoZhc.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoZht.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\nvsmu.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\nvuawy.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\nvudisp.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\nvusmu.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecir.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecirhid.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecirhidma.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvamacpi.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvsmu.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvstor64.sys:KAVICHS
AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29
AlternateDataStreams: C:\ProgramData\TEMP:793ABD2B
AlternateDataStreams: C:\ProgramData\TEMP:7E68DD27
AlternateDataStreams: C:\ProgramData\TEMP:8173A019
AlternateDataStreams: C:\ProgramData\TEMP:D091E13E
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^AE2220^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Logitech H800 => C:\Program Files (x86)\Logitech\H800\H800.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "D:\Virtual CloneDrive\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Voobly => "D:\Voobly\Voobly\voobly.exe" --startup
MSCONFIG\startupreg: Weather => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
MSCONFIG\startupreg: WindTouch3D => "%ProgramFiles%\msi\WindTouch\WindTouch3D.exe" Min
MSCONFIG\startupreg: YouCam Service6 => "G:\Tools\cyberlink cam\YouCam6\YouCamService6.exe" /s
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Description: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Description: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/16/2014 00:43:27 PM) (Source: MsiInstaller) (User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: D:\Programms\Paint.net\Staging\PaintDotNet_805338772.msi
Error: (04/16/2014 00:43:04 PM) (Source: MsiInstaller) (User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: G:\Tools\Paint.net\Staging\PaintDotNet_805338772.msi
Error: (04/16/2014 00:42:29 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d885228f-f0e1-49ae-9d8a-f15f533fb981}
Error: (04/16/2014 00:41:45 PM) (Source: MsiInstaller) (User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: D:\Programms\Paint.net\Staging\PaintDotNet_805338772.msi
Error: (04/16/2014 00:41:10 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d885228f-f0e1-49ae-9d8a-f15f533fb981}
Error: (04/10/2014 01:45:45 AM) (Source: MsiInstaller) (User: AE2220-msi)
Description: Product: Avira SearchFree Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall:
Mozilla Firefox
Error: (04/04/2014 11:06:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: EmpiresX.Exe, version: 0.1.6.1115, time stamp: 0x3844ad66
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x00038e19
Faulting process id: 0xca8
Faulting application start time: 0xEmpiresX.Exe0
Faulting application path: EmpiresX.Exe1
Faulting module path: EmpiresX.Exe2
Report Id: EmpiresX.Exe3
Error: (03/25/2014 00:31:04 AM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {27c1ad3d-c839-4fc3-a24b-63e75c781213}
Error: (03/20/2014 02:05:25 PM) (Source: Avira Antivirus) (User: NT AUTHORITY)
Description: 0x0
Error: (03/20/2014 01:25:47 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 28.0.0.5186, time stamp: 0x53240e37
Faulting module name: xul.dll, version: 28.0.0.5186, time stamp: 0x53240e04
Exception code: 0xc0000005
Fault offset: 0x00184729
Faulting process id: 0xf34
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
System errors:
=============
Error: (04/18/2014 11:40:21 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (04/18/2014 05:47:39 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (04/18/2014 02:50:56 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32
Error: (04/18/2014 02:50:46 PM) (Source: Service Control Manager) (User: )
Description: The RzKLService service failed to start due to the following error:
%%2
Error: (04/18/2014 02:50:38 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:53:10 AM on 4/18/2014 was unexpected.
Error: (04/18/2014 02:50:09 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (04/18/2014 03:25:30 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (04/18/2014 01:23:10 AM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (04/17/2014 00:45:30 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32
Error: (04/17/2014 00:45:25 PM) (Source: Service Control Manager) (User: )
Description: The RzKLService service failed to start due to the following error:
%%2
Microsoft Office Sessions:
=========================
Error: (04/16/2014 00:43:27 PM) (Source: MsiInstaller)(User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: D:\Programms\Paint.net\Staging\PaintDotNet_805338772.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/16/2014 00:43:04 PM) (Source: MsiInstaller)(User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: G:\Tools\Paint.net\Staging\PaintDotNet_805338772.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/16/2014 00:42:29 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d885228f-f0e1-49ae-9d8a-f15f533fb981}
Error: (04/16/2014 00:41:45 PM) (Source: MsiInstaller)(User: AE2220-msi)
Description: Product: Paint.NET v3.5.11 -- Error 1316. A network error occurred while attempting to read from the file: D:\Programms\Paint.net\Staging\PaintDotNet_805338772.msi(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/16/2014 00:41:10 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {d885228f-f0e1-49ae-9d8a-f15f533fb981}
Error: (04/10/2014 01:45:45 AM) (Source: MsiInstaller)(User: AE2220-msi)
Description: Product: Avira SearchFree Toolbar -- Error 25001. The following applications must be closed before continuing the uninstall:
Mozilla Firefox (NULL)(NULL)(NULL)(NULL)(NULL)
Error: (04/04/2014 11:06:59 PM) (Source: Application Error)(User: )
Description: EmpiresX.Exe0.1.6.11153844ad66ntdll.dll6.1.7601.18247521ea8e7c000000500038e19ca801cf508bdedc6640d:\games\age of empires & the rise of rome\EmpiresX.ExeC:\windows\SysWOW64\ntdll.dll1d9d1360-bc80-11e3-97ca-40618695619a
Error: (03/25/2014 00:31:04 AM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {27c1ad3d-c839-4fc3-a24b-63e75c781213}
Error: (03/20/2014 02:05:25 PM) (Source: Avira Antivirus)(User: NT AUTHORITY)
Description: 0x0
Error: (03/20/2014 01:25:47 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37xul.dll28.0.0.518653240e04c000000500184729f3401cf446faff344c0C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll6fd05ab0-b065-11e3-b260-40618695619a
CodeIntegrity Errors:
===================================
Date: 2014-02-16 21:44:06.673
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 21:44:06.544
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 21:44:06.409
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 21:44:06.282
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:19.868
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:19.644
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:19.416
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:19.183
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:07.439
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:07.214
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 44%
Total physical RAM: 3839.24 MB
Available physical RAM: 2129.8 MB
Total Pagefile: 7676.66 MB
Available Pagefile: 5962.82 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (OS_Install) (Fixed) (Total:106.77 GB) (Free:28.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:335.77 GB) (Free:241.13 GB) NTFS
Drive h: (Externe Festplatte) (Fixed) (Total:931.51 GB) (Free:345.46 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 78DACBF2)
Partition 1: (Not Active) - (Size=23 GB) - (Type=27)
Partition 2: (Active) - (Size=356 MB) - (Type=27)
Partition 3: (Not Active) - (Size=107 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=336 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 932 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ich weiss immernoch ne menge scheisse dabei -.-... Ich mach schon immer beim Installieren die Haken weg.... aber das kanns doch net sein.... Ich habe noch nicht Fixen geklickt!! Achso wo der die ganzen Programme nicht gefunden hat das liegt an meiner Externen Festplatte die ich manchmal abstecke!!! Nur damit ihr bescheid wisst |
|
19.04.2014, 19:31
| #4 |
| /// the machine /// TB-Ausbilder | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.04.2014, 10:04
| #5 |
| | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! Ok Ich werde das machen koenntest du bitte mal vielleicht erklaeren was los ist mit meinem PC? Danke fuer deine Hilfe!! Kali_Yuga Combofix Logfile: Code:
ATTFilter ComboFix 14-04-19.01 - AE2220 04/20/2014 2:47.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2561 [GMT -6:00]
Running from: c:\users\AE2220\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\DNSErrorHelper\bhO.dll
c:\users\AE2220\AppData\Roaming\.#
c:\users\AE2220\AppData\Roaming\.#\MBX@14F0@2072780.###
c:\users\AE2220\AppData\Roaming\.#\MBX@14F0@20727B0.###
c:\users\AE2220\AppData\Roaming\.#\MBX@1F68@3F2780.###
c:\users\AE2220\AppData\Roaming\.#\MBX@1F68@3F27B0.###
c:\users\AE2220\AppData\Roaming\AE2220log.dat
c:\windows\IsUn0407.exe
c:\windows\SysWow64\install
.
.
((((((((((((((((((((((((( Files Created from 2014-03-20 to 2014-04-20 )))))))))))))))))))))))))))))))
.
.
2014-04-20 08:56 . 2014-04-20 08:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-20 08:53 . 2014-04-20 08:53 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49CFF6C5-4BE5-443A-98DF-9194A1BA7342}\offreg.dll
2014-04-19 06:38 . 2014-04-19 06:40 -------- d-----w- C:\FRST
2014-04-19 00:01 . 2014-04-17 11:31 10651704 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{49CFF6C5-4BE5-443A-98DF-9194A1BA7342}\mpengine.dll
2014-04-18 01:39 . 2014-04-18 01:39 388096 ----a-r- c:\users\AE2220\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-04-17 05:08 . 2014-04-17 05:08 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-17 05:08 . 2014-04-17 05:08 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-17 04:57 . 2014-03-06 08:57 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-04-17 01:27 . 2014-04-17 01:27 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-04-02 04:00 . 2014-04-02 04:00 -------- d-----w- c:\users\AE2220\AppData\Roaming\Helper
2014-03-30 20:45 . 2014-04-03 05:35 -------- d-----w- c:\program files (x86)\AnotherLifeClient
2014-03-30 19:44 . 2014-04-01 06:41 -------- d-----w- c:\program files (x86)\PCTechHotline
2014-03-25 06:31 . 2014-04-16 18:42 -------- d-----w- c:\users\AE2220\AppData\Local\Paint.NET
2014-03-23 19:22 . 2014-03-23 19:22 -------- d-----w- c:\users\AE2220\AppData\Local\Skype
2014-03-23 19:22 . 2014-03-23 19:22 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-10 09:01 . 2011-04-21 05:38 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-31 15:35 . 2011-04-21 02:04 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-03-04 09:17 . 2014-04-09 11:16 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-02-07 01:23 . 2014-03-12 00:42 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 23:14 . 2014-02-04 23:14 53248 ----a-w- c:\windows\SysWow64\unrar.dll
2014-02-04 23:09 . 2014-02-04 23:14 4358144 ----a-w- c:\windows\uncsetup.exe
2014-02-04 02:32 . 2014-03-12 00:41 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-12 00:41 624128 ----a-w- c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-12 00:41 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-12 00:41 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-01-29 02:32 . 2014-03-12 00:42 484864 ----a-w- c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-12 00:42 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-01-28 02:32 . 2014-03-12 00:42 228864 ----a-w- c:\windows\system32\wwansvc.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AddonsHelper;AddonsHelper;c:\users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe;c:\users\AE2220\AppData\Local\Temp\OCS\Downloads\9f8cc62c3640bf6eb115b4c78bb22a3f\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 RzKLService;RzKLService;g:\tools\Game Booster\Razer Game Booster\RzKLService.exe;g:\tools\Game Booster\Razer Game Booster\RzKLService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AVerPola;AVerMedia USB Polaris Series Capture Service;c:\windows\system32\DRIVERS\AVerPola.sys;c:\windows\SYSNATIVE\DRIVERS\AVerPola.sys [x]
R3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys;c:\windows\SYSNATIVE\DRIVERS\enecir.sys [x]
R3 enecirhid;ENE CIR HID Receiver;c:\windows\system32\DRIVERS\enecirhid.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhid.sys [x]
R3 enecirhidma;ENE CIR HIDmini Filter;c:\windows\system32\DRIVERS\enecirhidma.sys;c:\windows\SYSNATIVE\DRIVERS\enecirhidma.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech Webcam C260(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\19C8.tmp;c:\windows\SYSNATIVE\19C8.tmp [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys;c:\windows\SYSNATIVE\DRIVERS\phaudlwr.sys [x]
R3 PROCEXP151;PROCEXP151;c:\windows\system32\Drivers\PROCEXP151.SYS;c:\windows\SYSNATIVE\Drivers\PROCEXP151.SYS [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SPC620;Philips SPC620NC PC Camera;c:\windows\system32\drivers\SPC620.sys;c:\windows\SYSNATIVE\drivers\SPC620.sys [x]
R3 SPC620m;Philips SPC620NC PC Cameram;c:\windows\system32\drivers\SPC620m.sys;c:\windows\SYSNATIVE\drivers\SPC620m.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;g:\tools\Game Booster\Game Booster 3\Driver\WinRing0x64.sys;g:\tools\Game Booster\Game Booster 3\Driver\WinRing0x64.sys [x]
R4 Update Kozaka;Update Kozaka;c:\program files (x86)\Kozaka\updateKozaka.exe;c:\program files (x86)\Kozaka\updateKozaka.exe [x]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys;c:\windows\SYSNATIVE\DRIVERS\NVAMACPI.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HyperDeskCustomThemeEnabler;HyperDesk's Custom Theme Enabler;c:\windows\Installer\MSIA30B.tmp;c:\windows\Installer\MSIA30B.tmp [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe;c:\program files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [x]
S3 clwvd6;CyberLink WebCam Virtual Driver 6.0 Service;c:\windows\system32\DRIVERS\clwvd6.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd6.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192se.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06 10:16]
.
2014-04-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06 10:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-09-30 8123936]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.firetab.org/?type=ds3nt
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearchAssistant = hxxp://www.google.com
IE: &Download by Orbit - d:\orbit\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - d:\orbit\Orbitdownloader\orbitmxt.dll/204
IE: Add to &Hot Keyboard - d:\keyboard\Hot Keyboard Pro\IEScript.htm
IE: Do&wnload selected by Orbit - d:\orbit\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - d:\orbit\Orbitdownloader\orbitmxt.dll/202
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
LSP: %SystemRoot%\system32\PrxerDrv.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.firetab.org/?type=ds3hp
FF - prefs.js: keyword.URL - hxxp://www.google.ch/search?q=
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2014-04-16 22:05; {3d7eb24f-2740-49df-8937-200b1cc08f8a}; c:\users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{87b95a68-4b41-4eba-aef6-bbfbd6f5338b} - c:\program files (x86)\Re-markit\136.dll
BHO-{9B6B03F1-16CF-4491-BBBB-E872802DD717} - c:\programdata\DNSErrorHelper\bho.dll
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-Age of Empires 2.0 - g:\games\Age of Empires 2\UNINSTAL.EXE
AddRemove-Age of Empires Gold 1.0 - d:\age of empires & the rise of rome\UNINSTAL.EXE
AddRemove-Age of Empires II: The Conquerors Expansion 1.0 - g:\games\Age of Empires 2\UNINSTALX.EXE
AddRemove-Die Völker - c:\windows\IsUn0407.exe
AddRemove-Frets on Fire - d:\frets on fire 1.2\Frets on Fire\Uninstall.exe
AddRemove-Orbit_is1 - d:\orbit\Orbitdownloader\unins000.exe
AddRemove-Proxifier_is1 - d:\proxifier\Proxifier\unins000.exe
AddRemove-{1B305614-536F-47B0-917D-140C1D2477BA}}_is1 - d:\gta san andreas\AL Samp\AnotherLifeClient\AnotherLifeClient\unins000.exe
AddRemove-Half-Life 2 - d:\hl2\HL2 New\Half-Life 2(no steam)\Uninstal.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\HyperDeskCustomThemeEnabler]
"ImagePath"="\"c:\windows\Installer\MSIA30B.tmp\" -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\19C8.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-04-20 03:01:47
ComboFix-quarantined-files.txt 2014-04-20 09:01
.
Pre-Run: 31,479,939,072 bytes free
Post-Run: 32,345,821,184 bytes free
.
- - End Of File - - C3E069B7770FDC3A7070D96E954BD869
A3bis6C5chenE4F47E84449veraendertFFda07sEDganze4874hier3517B43A31 |
|
20.04.2014, 18:32
| #6 |
| /// the machine /// TB-Ausbilder | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! |
|
21.04.2014, 02:45
| #7 |
| | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 4/20/2014 Scan Time: 1:04:19 PM Logfile: mbam.txt Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.04.20.06 Rootkit Database: v2014.03.27.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: AE2220 Scan Type: Threat Scan Result: Completed Objects Scanned: 271823 Time Elapsed: 14 min, 11 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 12 PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\CLASSES\APPID\{562B9316-C08A-444A-9482-62080DD851AE}, , [bc44e21e3ac637c94fa30a422dd54ab6], PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{562B9316-C08A-444A-9482-62080DD851AE}, , [bc44e21e3ac637c94fa30a422dd54ab6], PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [b14fd62a0ff1af5137bf1afd2bd7817f], PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [b14fd62a0ff1af5137bf1afd2bd7817f], PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [b14fd62a0ff1af5137bf1afd2bd7817f], PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [b14fd62a0ff1af5137bf1afd2bd7817f], PUP.Optional.Kozaka.A, HKLM\SOFTWARE\WOW6432NODE\Kozaka, , [b54b3cc4639d7b85da737729d132f907], PUP.Optional.Kozaka.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Kozaka, , [8d73dd235ca45da3d2796a3608fbe719], PUP.Optional.Kozaka.A, HKU\S-1-5-21-1939352424-2229013223-1877745406-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Kozaka, , [eb1557a9907026da8dc1109053b0ea16], PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-1939352424-2229013223-1877745406-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Protection, , [8f71ea1633cd5da38fdec0bb3ec4a35d], PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{87b95a68-4b41-4eba-aef6-bbfbd6f5338b}, , [e31d2cd4b74903fd66a436f5dc28a060], PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{87B95A68-4B41-4EBA-AEF6-BBFBD6F5338B}, , [e31d2cd4b74903fd66a436f5dc28a060], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 2 PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me, , [59a74db3de22f30d8a7e342dd92952ae], PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\cache, , [59a74db3de22f30d8a7e342dd92952ae], Files: 5 PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\nengine.dll, , [45bb1de3d42c7e828f0d242bc83929d7], PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Local\genienext\nengine.dll, , [946cd32dc23edb25900c85cad72a758b], PUP.Optional.Conduit.A, C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\conduit-search.xml, , [8f71d12f47b9867ae98e6212fa080ef2], PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\nengine.cookie, , [59a74db3de22f30d8a7e342dd92952ae], PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\cache\spark.bin, , [59a74db3de22f30d8a7e342dd92952ae], Physical Sectors: 0 (No malicious items detected) (end) Sorry ich bin zu dumm das in Codes zu packen...  ADW Cleaner laesst sich nicht updaten ... kann das also nicht ausfuehren!! Ich muss das Update manuell runterladen, kann es aber nicht finden. Ich habe das letzdere Programm auch schon runtergeladen soll ich wenigstens den Log schonmal dir geben? Ich mach einfach was du sagst ohne zu hinterfragen xD sag dochma voller Viren oder was? Kann gut moeglich sein ich hatte 7 Detections mit Malwarebites... Ich weiss bisher doch noch nicht ob sich was gebessert hat dafuer muss ich den Computer erstmal belasten mit irgentwas werde es ausprobieren die Stunden! Nomma danke fuer Hilfe   Kali_Yuga |
|
21.04.2014, 20:48
| #8 |
| /// the machine /// TB-Ausbilder | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
AdwCleaner löschen und neu laden mit dem Link oben, da brauch man nix updaten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.04.2014, 02:35
| #9 |
| | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! MBam: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 4/20/2014 Scan Time: 1:04:19 PM Logfile: mbam.txt Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.04.20.06 Rootkit Database: v2014.03.27.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Chameleon: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: AE2220 Scan Type: Threat Scan Result: Completed Objects Scanned: 271823 Time Elapsed: 14 min, 11 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 12 PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\CLASSES\APPID\{562B9316-C08A-444A-9482-62080DD851AE}, , [bc44e21e3ac637c94fa30a422dd54ab6], PUP.Optional.SpeedAnalysis3.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{562B9316-C08A-444A-9482-62080DD851AE}, , [bc44e21e3ac637c94fa30a422dd54ab6], PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [b14fd62a0ff1af5137bf1afd2bd7817f], PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [b14fd62a0ff1af5137bf1afd2bd7817f], PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, , [b14fd62a0ff1af5137bf1afd2bd7817f], PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, , [b14fd62a0ff1af5137bf1afd2bd7817f], PUP.Optional.Kozaka.A, HKLM\SOFTWARE\WOW6432NODE\Kozaka, , [b54b3cc4639d7b85da737729d132f907], PUP.Optional.Kozaka.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Kozaka, , [8d73dd235ca45da3d2796a3608fbe719], PUP.Optional.Kozaka.A, HKU\S-1-5-21-1939352424-2229013223-1877745406-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Kozaka, , [eb1557a9907026da8dc1109053b0ea16], PUP.Optional.MyEmoticons.A, HKU\S-1-5-21-1939352424-2229013223-1877745406-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Search Protection, , [8f71ea1633cd5da38fdec0bb3ec4a35d], PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{87b95a68-4b41-4eba-aef6-bbfbd6f5338b}, , [e31d2cd4b74903fd66a436f5dc28a060], PUP.Optional.ReMarkIt.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{87B95A68-4B41-4EBA-AEF6-BBFBD6F5338B}, , [e31d2cd4b74903fd66a436f5dc28a060], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 2 PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me, , [59a74db3de22f30d8a7e342dd92952ae], PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\cache, , [59a74db3de22f30d8a7e342dd92952ae], Files: 5 PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\nengine.dll, , [45bb1de3d42c7e828f0d242bc83929d7], PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Local\genienext\nengine.dll, , [946cd32dc23edb25900c85cad72a758b], PUP.Optional.Conduit.A, C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\searchplugins\conduit-search.xml, , [8f71d12f47b9867ae98e6212fa080ef2], PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\nengine.cookie, , [59a74db3de22f30d8a7e342dd92952ae], PUP.Optional.NextLive.A, C:\Users\AE2220\AppData\Roaming\newnext.me\cache\spark.bin, , [59a74db3de22f30d8a7e342dd92952ae], Physical Sectors: 0 (No malicious items detected) (end) Ups einfach auf Cancel geklickt und es geht warte! Code:
ATTFilter # AdwCleaner v3.102 - Report created 21/04/2014 at 17:59:56
# Updated 21/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : AE2220 - AE2220-MSI
# Running from : C:\Users\AE2220\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\DNSErrorHelper
Folder Deleted : C:\Users\AE2220\.android
Folder Deleted : C:\Users\AE2220\AppData\Local\CrashRpt
Folder Deleted : C:\Users\AE2220\AppData\Local\genienext
Folder Deleted : C:\Users\AE2220\AppData\Local\Mobogenie
Folder Deleted : C:\Users\AE2220\AppData\Local\Temp\OCS
Folder Deleted : C:\Users\AE2220\AppData\Roaming\Free Download Manager
Folder Deleted : C:\Users\AE2220\AppData\Roaming\HELPER
Folder Deleted : C:\Users\AE2220\Documents\Mobogenie
Folder Deleted : C:\Users\AE2220\Documents\Youcam
File Deleted : C:\Users\AE2220\daemonprocess.txt
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{000123B4-9B42-4900-B3F7-F4B073EFC214}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-00A7-7A786E7484D7}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061FB-EB79-4568-A03C-3CE26D68DAE9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061FB-EB79-4568-A03C-3CE26D68DAE9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C55BBCD6-41AD-48AD-9953-3609C48EACC7}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Orbit\Orbitdownloader\orbitdm.exe]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [D:\Orbit\Orbitdownloader\orbitnet.exe]
Key Deleted : HKCU\Software\OCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Orbit_is1
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17041
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v24.4.0 (en-US)
[ File : C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\pge1g4b5.default\prefs.js ]
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.firetab.org/?type=ds3hp");
Line Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1394099922153");
Line Deleted : user_pref("extensions.toolbar_AVIRA-V7@apn.ask.com.install-event-fired", true);
*************************
AdwCleaner[R0].txt - [8564 octets] - [12/12/2013 02:41:17]
AdwCleaner[R1].txt - [3873 octets] - [21/04/2014 17:56:42]
AdwCleaner[S0].txt - [8295 octets] - [12/12/2013 02:42:49]
AdwCleaner[S1].txt - [3694 octets] - [21/04/2014 17:59:56]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3754 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by AE2220 on Mon 04/21/2014 at 18:08:46.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-1AD8_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-1AD8_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-1AD8_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\YontooSetup-DropDownDeals-SilentInstaller-1AD8_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{27E73922-7662-41EA-A216-AECDB2DBF16B}
~~~ Files
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{09450674-A22A-4CC2-80BC-EF9BDC44F11E}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{1E5D582A-ABEB-40AC-855E-DDA05E126FB8}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{1F1462E7-3C81-448E-89E2-AF524CA1E852}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{235888DF-DB65-4DFF-976E-471D3526DE89}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{2B7DE70D-992E-4100-9AC7-8E1F75661A9A}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{46733B4D-2BF8-4F6B-84CF-889AB22CA2AB}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{745615EF-AB1D-41EC-9DED-72418C744DA4}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{74C28310-51C5-48B6-B0CA-508EAE9CE451}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{778B291E-678B-476E-BDBD-4A96E03E9531}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{8F109DD0-7D91-4526-9234-4EC6F608E588}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{96BDFFAA-CB6B-4043-954C-CEF3BBFC2E8D}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{C322B216-7B3C-4CF5-B04E-C911C01ED134}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{DAC50077-AB6E-4B50-A9E5-1857DD01C2B1}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{DB9393C8-5B83-4CE3-9B2B-8F4E3564913A}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{E2FADDD2-651D-4931-94D8-B1228E40EDD3}
Successfully deleted: [Empty Folder] C:\Users\AE2220\appdata\local\{F7603AC1-0D05-4E25-AA92-7C9360D7EF3B}
~~~ FireFox
Emptied folder: C:\Users\AE2220\AppData\Roaming\mozilla\firefox\profiles\pge1g4b5.default\minidumps [137 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 04/21/2014 at 18:34:48.78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mag vielleicht ein bisschen besser geworden sein. Youtube laeuft manchmal fluessig faengt ja dann aber doch wieder an zu laggen... genauso wie spiele, die ruckeln immernoch Allgemein geht alles jetzt bisschen fluessiger zu statten aber hatte diesen Pc schon besser funktionierend in Erinnerung... Ich habe den PC erst vor ein Paar Monaten aufgeschraubt und den ganzen Staub entfernt... Also am Staub wird es eher nicht liegen... Gruss Kali_Yuga |
|
22.04.2014, 14:20
| #10 |
| /// the machine /// TB-Ausbilder | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.04.2014, 05:04
| #11 |
| | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt!Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=3db95496eb44924b9f12a7e2b5be1a84
# engine=17982
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-23 02:33:04
# local_time=2014-04-22 08:33:04 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 0 149763834 0 0
# scanned=1111653
# found=12
# cleaned=0
# scan_time=18573
sh=4AF030634217E7EFA9BDDC59E36D3E34C7067A10 ft=1 fh=4d0f192bb851ddb5 vn="a variant of Win32/AdWare.AddLyrics.AG application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Re-markit\136.dll.vir"
sh=1E43F6D3AA51193743ECA1AE0EA71A0E24A9703A ft=1 fh=c71c0011a1c12556 vn="a variant of Win32/AdWare.AddLyrics.X application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Re-markit\ReMarkit_up.exe.vir"
sh=270360BA01FB58001F3A55601A083F6533452F4E ft=1 fh=e05606d6e6ff85e8 vn="a variant of Win32/AdWare.AddLyrics.Y application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Re-markit\Uninstall.exe.vir"
sh=5B31FB5741304E8486ACFD81E30B314B87A28E9F ft=1 fh=b4b60b69ec22cbd1 vn="a variant of Win32/Packed.VMProtect.AAA trojan" ac=I fn="H:\Games\Dirt 3\Dirt.3.-.SKIDROW\Installed\SKIDROW.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/Spatet.I trojan" ac=I fn="H:\RECYCLER\S-1-5-21-842925246-2025429265-682008880-1013\com4\hidefiles\WinMend-Folder-Hidden
Code:
ATTFilter Results of screen317's Security Check version 0.99.82
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 22
Java 7 Update 25
Java version out of Date!
Adobe Flash Player 13.0.0.182
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (28.0)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
Und hier als allerletztes noch eine FRST Bitteschoen FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by AE2220 (administrator) on AE2220-MSI on 22-04-2014 21:35:17
Running from C:\Users\AE2220\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
() C:\windows\Installer\MSIA30B.tmp
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\windows\SYSTEM32\WISPTIS.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8123936 2009-09-29] (Realtek Semiconductor)
HKU\S-1-5-21-1939352424-2229013223-1877745406-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0A61C410-92EC-437B-B957-7DA2EC9EE1AB} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z013&form=ZGAIDF
SearchScopes: HKCU - {119BA1B7-7A4A-41CC-98F4-E12A870148D5} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
SearchScopes: HKCU - {409DD3B4-D1F8-EC6E-EDBD-2367FDA78762} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z015&form=ZGAIDF
SearchScopes: HKCU - {645701DB-0A59-AE3F-8D62-BAA040AFB663} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z007&form=ZGAIDF
SearchScopes: HKCU - {7464A306-2EAF-4276-B5F5-BD4999D78154} URL =
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 10 C:\windows\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog5-x64 10 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\AE2220\AppData\Roaming\Mozilla\Firefox\Profiles\p1h1sw2n.default-1398201592115
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKCU\...\Firefox\Extensions: [{b40fb246-2931-467d-a5d5-cf7d3954ef82}] - C:\Program Files (x86)\Re-markit\136.xpi
==================== Services (Whitelisted) =================
R2 HyperDeskCustomThemeEnabler; C:\windows\Installer\MSIA30B.tmp [102400 2011-04-22] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-08] (LogMeIn, Inc.)
R2 OberonGameConsoleService; C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe [44432 2010-02-17] ()
S2 RzKLService; G:\Tools\Game Booster\Razer Game Booster\RzKLService.exe [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [16512 2007-02-06] (Adaptec)
S3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [364800 2009-08-12] (AVerMedia TECHNOLOGIES, Inc.)
R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-20] (Malwarebytes Corporation)
S3 MEMSWEEP2; C:\windows\system32\19C8.tmp [6144 2009-06-18] (Sophos Plc)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [28192 2009-07-17] (NVIDIA Corporation)
S3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-20] (Philips Applied Technologies)
S3 SPC620; C:\Windows\System32\drivers\SPC620.sys [581120 2007-09-28] (Philips )
S3 SPC620m; C:\Windows\System32\drivers\SPC620m.sys [8192 2007-09-28] (Philips )
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 PROCEXP151; \??\C:\windows\system32\Drivers\PROCEXP151.SYS [X]
S3 WinRing0_1_2_0; \??\G:\Tools\Game Booster\Game Booster 3\Driver\WinRing0x64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-22 21:35 - 2014-04-22 21:35 - 00008855 _____ () C:\Users\AE2220\Desktop\FRST.txt
2014-04-22 21:29 - 2014-04-22 21:29 - 02061312 _____ (Farbar) C:\Users\AE2220\Desktop\FRST64.exe
2014-04-22 21:24 - 2014-04-22 21:24 - 00855379 _____ () C:\Users\AE2220\Desktop\SecurityCheck.exe
2014-04-22 21:23 - 2014-04-22 21:23 - 00005495 _____ () C:\Users\AE2220\Desktop\New Text Document.txt
2014-04-22 15:16 - 2014-04-22 15:16 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 15:16 - 2014-04-22 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-22 15:16 - 2014-04-22 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 18:34 - 2014-04-21 18:34 - 00003213 _____ () C:\Users\AE2220\Desktop\JRT.txt
2014-04-20 13:23 - 2014-04-20 13:23 - 00000000 ____D () C:\windows\ERUNT
2014-04-20 12:48 - 2014-04-20 12:50 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 12:48 - 2014-04-20 12:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 12:48 - 2014-04-20 12:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-20 12:48 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-20 12:48 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-20 12:48 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-20 03:01 - 2014-04-20 03:01 - 00013847 _____ () C:\ComboFix.txt
2014-04-20 02:44 - 2014-04-20 03:01 - 00000000 ____D () C:\Qoobox
2014-04-20 02:44 - 2014-04-20 02:57 - 00000000 ____D () C:\windows\erdnt
2014-04-20 02:44 - 2011-06-26 00:45 - 00256000 _____ () C:\windows\PEV.exe
2014-04-20 02:44 - 2010-11-07 11:20 - 00208896 _____ () C:\windows\MBR.exe
2014-04-20 02:44 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00098816 _____ () C:\windows\sed.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00080412 _____ () C:\windows\grep.exe
2014-04-20 02:44 - 2000-08-30 18:00 - 00068096 _____ () C:\windows\zip.exe
2014-04-19 00:38 - 2014-04-22 21:35 - 00000000 ____D () C:\FRST
2014-04-17 19:39 - 2014-04-17 19:39 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-04-16 23:08 - 2014-04-16 23:08 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-16 23:08 - 2014-04-16 23:08 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 22:58 - 2014-03-06 04:21 - 23549440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-04-16 22:58 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-04-16 22:58 - 2014-03-06 03:31 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-04-16 22:58 - 2014-03-06 02:59 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-04-16 22:58 - 2014-03-06 02:57 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-04-16 22:58 - 2014-03-06 02:40 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-04-16 22:58 - 2014-03-06 02:39 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-04-16 22:58 - 2014-03-06 02:32 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-04-16 22:58 - 2014-03-06 02:32 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-04-16 22:58 - 2014-03-06 02:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-04-16 22:58 - 2014-03-06 02:28 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-04-16 22:58 - 2014-03-06 02:09 - 00453120 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-04-16 22:58 - 2014-03-06 02:03 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-04-16 22:58 - 2014-03-06 02:02 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-04-16 22:58 - 2014-03-06 02:02 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-04-16 22:58 - 2014-03-06 01:56 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-04-16 22:58 - 2014-03-06 01:48 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-04-16 22:58 - 2014-03-06 01:46 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-04-16 22:58 - 2014-03-06 01:45 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-04-16 22:58 - 2014-03-06 01:42 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-04-16 22:58 - 2014-03-06 01:40 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-04-16 22:58 - 2014-03-06 01:38 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-04-16 22:58 - 2014-03-06 01:22 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-04-16 22:58 - 2014-03-06 01:21 - 00628736 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-04-16 22:58 - 2014-03-06 01:13 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-16 22:58 - 2014-03-06 01:07 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-04-16 22:58 - 2014-03-06 01:01 - 00244224 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-04-16 22:58 - 2014-03-06 00:46 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-04-16 22:57 - 2014-03-06 03:19 - 17387008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-04-16 22:57 - 2014-03-06 02:57 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-04-16 22:57 - 2014-03-06 02:53 - 02767360 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-04-16 22:57 - 2014-03-06 02:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-04-16 22:57 - 2014-03-06 02:15 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-04-16 22:57 - 2014-03-06 02:11 - 05784064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-04-16 22:57 - 2014-03-06 02:01 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-04-16 22:57 - 2014-03-06 01:47 - 02178048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-04-16 22:57 - 2014-03-06 01:46 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-04-16 22:57 - 2014-03-06 01:36 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-04-16 22:57 - 2014-03-06 01:11 - 02043904 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-04-16 22:57 - 2014-03-06 00:53 - 13551104 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-04-16 22:57 - 2014-03-06 00:40 - 01967104 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-04-16 22:57 - 2014-03-06 00:36 - 11745792 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-04-16 22:57 - 2014-03-06 00:22 - 02260480 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-04-16 22:57 - 2014-03-05 23:58 - 01400832 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-04-16 22:57 - 2014-03-05 23:50 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-04-16 22:57 - 2014-03-05 23:43 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-04-16 22:57 - 2014-03-05 23:41 - 01789440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-04-16 22:57 - 2014-03-05 23:36 - 01143808 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-04-16 19:27 - 2014-04-16 19:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-09 05:16 - 2014-03-04 03:44 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2014-04-09 05:16 - 2014-03-04 03:44 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2014-04-09 05:16 - 2014-03-04 03:17 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2014-04-09 05:16 - 2014-03-04 03:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2014-04-09 05:16 - 2014-03-04 03:16 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2014-04-09 05:16 - 2014-03-04 03:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2014-04-09 05:16 - 2014-03-04 02:09 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2014-04-09 05:16 - 2014-03-04 02:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2014-04-09 05:16 - 2014-02-03 20:35 - 00274880 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
2014-04-09 05:16 - 2014-02-03 20:35 - 00190912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\storport.sys
2014-04-09 05:16 - 2014-02-03 20:35 - 00027584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Diskdump.sys
2014-04-09 05:16 - 2014-02-03 20:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\iologmsg.dll
2014-04-09 05:16 - 2014-02-03 20:00 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\iologmsg.dll
2014-04-09 05:16 - 2014-01-23 20:37 - 01684928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2014-04-09 03:19 - 2014-04-10 01:36 - 00013862 _____ () C:\windows\DPINST.LOG
2014-03-30 14:45 - 2014-04-02 23:35 - 00000000 ____D () C:\Program Files (x86)\AnotherLifeClient
2014-03-30 13:44 - 2014-04-01 00:41 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-03-30 01:00 - 2014-04-22 13:25 - 00003983 _____ () C:\windows\setupact.log
2014-03-30 01:00 - 2014-03-30 01:00 - 00000000 _____ () C:\windows\setuperr.log
2014-03-25 00:31 - 2014-04-16 12:42 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Paint.NET
2014-03-23 13:22 - 2014-03-23 13:22 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Skype
==================== One Month Modified Files and Folders =======
2014-04-22 21:35 - 2014-04-22 21:35 - 00008855 _____ () C:\Users\AE2220\Desktop\FRST.txt
2014-04-22 21:35 - 2014-04-19 00:38 - 00000000 ____D () C:\FRST
2014-04-22 21:29 - 2014-04-22 21:29 - 02061312 _____ (Farbar) C:\Users\AE2220\Desktop\FRST64.exe
2014-04-22 21:27 - 2014-03-06 04:16 - 00000898 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-22 21:24 - 2014-04-22 21:24 - 00855379 _____ () C:\Users\AE2220\Desktop\SecurityCheck.exe
2014-04-22 21:23 - 2014-04-22 21:23 - 00005495 _____ () C:\Users\AE2220\Desktop\New Text Document.txt
2014-04-22 20:19 - 2011-04-15 17:51 - 01832048 _____ () C:\windows\WindowsUpdate.log
2014-04-22 19:34 - 2013-12-27 22:40 - 00004583 _____ () C:\aoesync.txt
2014-04-22 18:27 - 2014-03-06 04:16 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-22 18:06 - 2012-02-04 00:59 - 00003938 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{0E626F3C-8A24-4FFB-84FD-07195C3D7244}
2014-04-22 18:00 - 2013-08-26 15:53 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\vlc
2014-04-22 17:59 - 2011-04-20 19:30 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Skype
2014-04-22 17:53 - 2013-08-26 17:06 - 00000000 ____D () C:\Users\AE2220\Desktop\Things
2014-04-22 15:39 - 2010-04-10 11:10 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-22 15:17 - 2011-04-20 19:47 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Mozilla
2014-04-22 15:16 - 2014-04-22 15:16 - 00001161 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-22 15:16 - 2014-04-22 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-22 15:16 - 2014-04-22 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-22 13:32 - 2009-07-13 22:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-22 13:32 - 2009-07-13 22:45 - 00025840 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-22 13:31 - 2009-07-13 23:13 - 00782510 _____ () C:\windows\system32\PerfStringBackup.INI
2014-04-22 13:25 - 2014-03-30 01:00 - 00003983 _____ () C:\windows\setupact.log
2014-04-22 13:24 - 2013-09-05 00:35 - 00143744 _____ () C:\windows\PFRO.log
2014-04-22 13:24 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-04-21 19:30 - 2013-10-02 13:42 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\.minecraft
2014-04-21 18:34 - 2014-04-21 18:34 - 00003213 _____ () C:\Users\AE2220\Desktop\JRT.txt
2014-04-21 17:59 - 2013-12-12 02:41 - 00000000 ____D () C:\AdwCleaner
2014-04-21 17:59 - 2011-04-20 19:30 - 00000000 ____D () C:\Users\AE2220
2014-04-20 13:23 - 2014-04-20 13:23 - 00000000 ____D () C:\windows\ERUNT
2014-04-20 13:05 - 2013-08-22 05:21 - 00000000 ____D () C:\Users\AE2220\AppData\Local\LogMeIn Hamachi
2014-04-20 12:50 - 2014-04-20 12:48 - 00119512 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 12:48 - 2014-04-20 12:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 12:48 - 2014-04-20 12:48 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-20 03:01 - 2014-04-20 03:01 - 00013847 _____ () C:\ComboFix.txt
2014-04-20 03:01 - 2014-04-20 02:44 - 00000000 ____D () C:\Qoobox
2014-04-20 02:57 - 2014-04-20 02:44 - 00000000 ____D () C:\windows\erdnt
2014-04-20 02:57 - 2009-07-13 20:34 - 00000215 _____ () C:\windows\system.ini
2014-04-17 19:39 - 2014-04-17 19:39 - 00000000 ____D () C:\Users\AE2220\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-04-17 15:08 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
2014-04-17 12:44 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\PolicyDefinitions
2014-04-16 23:08 - 2014-04-16 23:08 - 00692400 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-04-16 23:08 - 2014-04-16 23:08 - 00070832 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-16 23:08 - 2011-04-22 17:03 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Adobe
2014-04-16 22:50 - 2013-09-04 23:27 - 00000000 ____D () C:\ProgramData\Avira
2014-04-16 19:27 - 2014-04-16 19:27 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 12:42 - 2014-03-25 00:31 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Paint.NET
2014-04-12 06:57 - 2011-04-20 19:33 - 00027047 _____ () C:\windows\system32\lvcoinst.log
2014-04-10 03:06 - 2013-08-14 22:06 - 00000000 ____D () C:\windows\system32\MRT
2014-04-10 03:01 - 2011-04-20 23:38 - 90655440 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-04-10 01:46 - 2014-02-21 19:52 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-04-10 01:46 - 2014-02-21 19:52 - 00000000 ____D () C:\ProgramData\install_clap
2014-04-10 01:36 - 2014-04-09 03:19 - 00013862 _____ () C:\windows\DPINST.LOG
2014-04-10 01:32 - 2011-04-20 19:42 - 00000000 ____D () C:\Users\AE2220\AppData\Local\LogiShrd
2014-04-10 01:32 - 2011-04-20 19:41 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-04-10 01:32 - 2010-04-10 11:31 - 00000000 ____D () C:\Program Files (x86)\msi
2014-04-03 09:51 - 2014-04-20 12:48 - 00088280 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-20 12:48 - 00063192 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-20 12:48 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-04-02 23:35 - 2014-03-30 14:45 - 00000000 ____D () C:\Program Files (x86)\AnotherLifeClient
2014-04-02 21:16 - 2013-09-08 01:22 - 00000784 _____ () C:\Users\AE2220\Desktop\SpeedFan.lnk
2014-04-02 18:22 - 2014-03-06 04:16 - 00003894 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-02 18:22 - 2014-03-06 04:16 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 00:41 - 2014-03-30 13:44 - 00000000 ____D () C:\Program Files (x86)\PCTechHotline
2014-04-01 00:41 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\registration
2014-04-01 00:41 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\AppCompat
2014-03-31 22:44 - 2009-07-13 22:45 - 00439896 _____ () C:\windows\system32\FNTCACHE.DAT
2014-03-31 09:35 - 2011-04-20 20:04 - 00270496 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2014-03-30 14:45 - 2011-04-20 19:30 - 00116936 _____ () C:\Users\AE2220\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-30 13:46 - 2011-04-25 16:53 - 00000000 ____D () C:\Program Files (x86)\Nokia
2014-03-30 01:00 - 2014-03-30 01:00 - 00000000 _____ () C:\windows\setuperr.log
2014-03-23 13:22 - 2014-03-23 13:22 - 00000000 ____D () C:\Users\AE2220\AppData\Local\Skype
2014-03-23 13:22 - 2011-04-20 20:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-23 13:22 - 2010-04-10 11:35 - 00000000 ____D () C:\ProgramData\Skype
Some content of TEMP:
====================
C:\Users\AE2220\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-19 00:32
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by AE2220 at 2014-04-22 21:42:02
Running from C:\Users\AE2220\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
Another Life Client 1.52 (HKLM-x32\...\{D4E82BDF-6252-4761-A020-37DBC34C7617}}_is1) (Version: 1.52 - Tim Witschel Serververmietung)
AnotherLife Client version 1.3 (HKLM-x32\...\{1B305614-536F-47B0-917D-140C1D2477BA}}_is1) (Version: 1.3 - Tim Witschel Serververmietung)
Command & Conquer™ Alarmstufe Rot 3 Der Aufstand (HKLM-x32\...\{DDE59617-F59A-473B-BC4E-C2B81F6CD38D}) (Version: 1.0.1.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Völker (HKLM-x32\...\Die Völker) (Version: - )
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.)
Frets On Fire (HKLM-x32\...\Frets on Fire) (Version: 1.2.451-win32 - )
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Logitech H800 (HKLM-x32\...\{E7A8414E-944B-4D73-9F3F-C4E5266DF85C}) (Version: 1.0.034 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version: - )
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
msi EasyViewer (HKLM-x32\...\InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}) (Version: 1.2.0.103 - msi)
msi EasyViewer (x32 Version: 1.2.0.103 - msi) Hidden
MSI Game Corner Console (HKLM-x32\...\{10219E71-68B2-459C-A605-D59E2321C3EC}_is1) (Version: 5.5.0.2 - Oberon Media, Inc.)
msi Software Install_x64 (HKLM\...\{07690F1C-04B1-4060-9691-6748ED1826B9}) (Version: 3.0.909.3001 - msi)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.9 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.2.00.03250 - Sony Corporation)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5948 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173F09590E16}) (Version: 1.00.0130 - REALTEK Semiconductor Corp.)
Regi (Version: 1.00.0000 - InterVideo Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
Update Service (x32 Version: 4.1.0 - <no manufacturer>) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Voobly (HKLM-x32\...\Voobly_is1) (Version: Voobly - Voobly)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
WindTouch3D_x64 (HKLM-x32\...\InstallShield_{B6FC1F2E-3C04-4BF0-A4D9-2F0372D494A4}) (Version: - )
WindTouch3D_x64 (Version: 0.9.2.6 - msi) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
==================== Restore Points =========================
22-04-2014 19:30:22 Windows Update
22-04-2014 21:13:14 Revo Uninstaller's restore point - Mozilla Firefox 24.4.0 (x86 en-US)
22-04-2014 21:38:21 Revo Uninstaller's restore point - Just Cause 1.00.0000
22-04-2014 21:38:54 Removed Just Cause
==================== Hosts content: ==========================
2009-07-13 20:34 - 2014-04-20 02:57 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {1E3DDA4E-B3F7-4738-8431-509189BFE73D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {2F0A79FC-7517-4036-AEBE-938224E5979A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {53221499-7E93-443F-B067-166D4A69811B} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {547E66E0-11C8-4870-B038-CB9E66EB27F5} - System32\Tasks\MyDefrag v4.3.1 Monthly => G:\Tools\Mydefrag\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD
Task: {6223C238-7FC3-4EFB-95EA-68C7C5D17FD2} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {7617EDED-F629-407E-B93A-602E184CA5C8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1939352424-2229013223-1877745406-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8265ADC5-8499-4BED-AE0D-9057F67E0305} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1939352424-2229013223-1877745406-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} - \Re-markit Update No Task File <==== ATTENTION
Task: {A7005A4F-0537-45FD-88E3-CC5408FB3226} - System32\Tasks\Game_Booster_AutoUpdate => G:\Tools\Game Booster\Game Booster 3\AutoUpdate.exe
Task: {BFB59161-1941-477B-8B8E-C5A6F71A51FC} - System32\Tasks\MyDefrag v4.3.1 Daily => G:\Tools\Mydefrag\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD
Task: {E40BF1FA-9D86-4182-B0AA-0A111B854615} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-11-13 20:18 - 2012-11-22 19:57 - 00057448 _____ () C:\windows\system32\PrxerNsp.dll
2011-04-22 22:30 - 2011-04-22 22:30 - 00102400 _____ () C:\windows\Installer\MSIA30B.tmp
2010-04-10 12:00 - 2010-02-17 16:54 - 00044432 _____ () C:\Program Files (x86)\MSI Game Corner\Game Console\OberonGameConsoleService.exe
2005-06-07 12:26 - 2005-06-07 12:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-04-22 15:16 - 2014-03-15 02:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\windows\system32\nvawy.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\NVCOAWY.DLL:KAVICHS
AlternateDataStreams: C:\windows\system32\NVCOSMU.DLL:KAVICHS
AlternateDataStreams: C:\windows\system32\nvdisp.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\nvraidco.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\nvraiins.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoDa.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoDe.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEng.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoENU.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEs.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoEsm.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoFi.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoFr.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoIt.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoJa.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoKo.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoNl.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoNo.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoPtb.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoRu.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoSv.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoZhc.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\NvRCoZht.dll:KAVICHS
AlternateDataStreams: C:\windows\system32\nvsmu.nvu:KAVICHS
AlternateDataStreams: C:\windows\system32\nvuawy.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\nvudisp.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\nvusmu.exe:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecir.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecirhid.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\enecirhidma.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvamacpi.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvsmu.sys:KAVICHS
AlternateDataStreams: C:\windows\system32\Drivers\nvstor64.sys:KAVICHS
AlternateDataStreams: C:\ProgramData\TEMP:1D32EC29
AlternateDataStreams: C:\ProgramData\TEMP:793ABD2B
AlternateDataStreams: C:\ProgramData\TEMP:7E68DD27
AlternateDataStreams: C:\ProgramData\TEMP:8173A019
AlternateDataStreams: C:\ProgramData\TEMP:D091E13E
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^Users^AE2220^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: ares => "C:\Program Files (x86)\Ares\Ares.exe" -h
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: Logitech H800 => C:\Program Files (x86)\Logitech\H800\H800.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NokiaMServer => C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
MSCONFIG\startupreg: NokiaOviSuite2 => C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe -tray
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "D:\Virtual CloneDrive\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: Voobly => "D:\Voobly\Voobly\voobly.exe" --startup
MSCONFIG\startupreg: Weather => C:\Program Files (x86)\AWS\WeatherBug\Weather.exe 1
MSCONFIG\startupreg: WindTouch3D => "%ProgramFiles%\msi\WindTouch\WindTouch3D.exe" Min
MSCONFIG\startupreg: YouCam Service6 => "G:\Tools\cyberlink cam\YouCam6\YouCamService6.exe" /s
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Description: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Description: AVerMedia A336 MiniCard Hybrid ATSC/QAM
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/22/2014 09:40:19 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/22/2014 09:10:04 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/22/2014 03:18:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/22/2014 03:18:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/22/2014 03:18:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/22/2014 03:18:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/21/2014 07:26:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: firefox.exe, version: 24.4.0.5187, time stamp: 0x5324ac07
Faulting module name: xul.dll, version: 24.4.0.5187, time stamp: 0x5324aa96
Exception code: 0xc0000005
Fault offset: 0x000aaef8
Faulting process id: 0xa7c
Faulting application start time: 0xfirefox.exe0
Faulting application path: firefox.exe1
Faulting module path: firefox.exe2
Report Id: firefox.exe3
System errors:
=============
Error: (04/22/2014 06:00:50 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly. It has done this 1 time(s).
Error: (04/22/2014 02:18:40 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (04/22/2014 01:25:11 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ASPI32
Error: (04/22/2014 01:24:58 PM) (Source: Service Control Manager) (User: )
Description: The RzKLService service failed to start due to the following error:
%%2
Error: (04/22/2014 01:24:46 PM) (Source: Application Popup) (User: )
Description: \SystemRoot\SysWow64\Drivers\ASPI32.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
Error: (04/22/2014 03:08:32 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Driver Service service has reported an invalid current state 32.
Microsoft Office Sessions:
=========================
Error: (04/22/2014 09:40:19 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$RECYCLE.BIN\S-1-5-21-1939352424-2229013223-1877745406-1000\$R5NTCC0.exe
Error: (04/22/2014 09:10:04 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (04/22/2014 03:18:51 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AE2220\Desktop\esetsmartinstaller_enu.exe
Error: (04/22/2014 03:18:49 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AE2220\Desktop\esetsmartinstaller_enu.exe
Error: (04/22/2014 03:18:46 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AE2220\Desktop\esetsmartinstaller_enu.exe
Error: (04/22/2014 03:18:43 PM) (Source: SideBySide)(User: )
Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\AE2220\Downloads\esetsmartinstaller_enu.exe
Error: (04/21/2014 07:26:08 PM) (Source: Application Error)(User: )
Description: firefox.exe24.4.0.51875324ac07xul.dll24.4.0.51875324aa96c0000005000aaef8a7c01cf5dc2c2566450C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll14214730-c9bd-11e3-b086-40618695619a
CodeIntegrity Errors:
===================================
Date: 2014-04-20 02:56:06.371
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-04-20 02:56:06.090
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 21:44:06.673
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 21:44:06.544
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 21:44:06.409
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-16 21:44:06.282
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:19.868
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:19.644
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:19.416
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-02-02 21:18:19.183
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume8\Tools\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 60%
Total physical RAM: 3839.24 MB
Available physical RAM: 1527.61 MB
Total Pagefile: 7676.66 MB
Available Pagefile: 6187.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB
==================== Drives ================================
Drive c: (OS_Install) (Fixed) (Total:106.77 GB) (Free:29.39 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:335.77 GB) (Free:241.13 GB) NTFS
Drive h: (Externe Festplatte) (Fixed) (Total:931.51 GB) (Free:345.4 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 78DACBF2)
Partition 1: (Not Active) - (Size=23 GB) - (Type=27)
Partition 2: (Active) - (Size=356 MB) - (Type=27)
Partition 3: (Not Active) - (Size=107 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=336 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 932 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Ob alles wieder gut ist werde ich herausfinden! Ich poste sobald ich verbesserungen bemerke! Sonst Viele vielen vielen Dank fuer deine Hilfe Schrauber mal gespannt obs wirklich was gebracht hat. Eigentlich haette ich einfach neuinstalliert, aber habe keine Windows 7 CD womit ich booten kann damit ich die Festplatte einfach formatieren koennte... Muss halt den langen weg des flickens und reparierens gehen... So meld mich wieder.. Kali_Yuga OK Mit windows designs immernoch bissl am ruckeln... aber ohne Transparenz ist es jetzt ganz fluessig! OK Endresult: Youtube - Wesentlich fluessiger auch im Vollbild. ruckelt aber hin und wieder. Windows - laeuft ohne Transparenz ohne mucken. Games - Gehen immernoch ueberhaupt nicht und nicht spielbar! (Auslastungen bei alten Spielen z.B Need for Speed Underground 2 bei 100%) laufen ca. mit 1,5 Frames die Sekunde... Hier nachdem ich Half Life 2 versucht habe zu zocken: Nachdem man zu Windows zurueckkehrt hat man Direkt wieder 0-3% Auslastung wenigstens der rest geht wieder fluessiger vielen Dank hat defenetiv was gebracht! PS: XP war viel besser und einfacher Und Windows 7 setzt noch einen Drauf!!! Nochnichtmal Paint funktioniert korrekt! Tut das mal in deren behinderten Werbungen Rein Was soll man bloss noch tun?? Werden wieder auf den Urknall Stand gedrueckt oder wie. Probleme die einfach nicht passieren duerfen meine Leute!! Geändert von Kali_Yuga (23.04.2014 um 05:51 Uhr) |
|
23.04.2014, 14:19
| #12 |
| /// the machine /// TB-Ausbilder | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! Java und Adobe updaten. Welche Funde von ESET hast du mir verheimlicht? Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter H:\RECYCLER
Winsock: Catalog5 10 C:\windows\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog5-x64 10 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
cmd: netsh winsock reset
Task: {8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} - \Re-markit Update No Task File <==== ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Das mal machen: http://www.trojaner-board.de/126216-...epair-aio.html
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.04.2014, 08:59
| #13 |
| | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! Danke nachdem ich das gemacht habe funktioniert mein Internet nicht mehr junge... Ich hab die 5 Balken bin verbunden mit dem Router es steht "Connectet" da, aber keine Verbindung zum Internet... Bin gerade mit einem anderen PC im Internet und wollte sagen das der letzte Schritt wohl falsch wahr!!! Wie mach ich das wieder rueckgaengig? Jetzt funktioniert garnix mehr Meine Ip's wurden zu 192.x.x.x. ersetzt... Ich lebe aber in den Usa und hier sind die Ips 10.0.0.x usw wenn ich das versuche zu aendern gehts immernoch net. Recovery ist nur 1 Backup da und das war vom selben Tag  Ich habe beide Verbindungen Lan + WLan und keins der beiden geht jetzt auf diesem PC! Mein Computer ist mit beiden verbunden zeigt mir aber ein kleines gelbes Warndreieck sagt mir aber nicht worum es sich handelt! Wie kann ich deinen letzten schritt rueckgaengig machen bitte? |
|
24.04.2014, 20:02
| #14 |
| /// the machine /// TB-Ausbilder | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! Fixlog? Du hast den Fix korrekt ausgeführt?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.04.2014, 21:22
| #15 |
| | Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! Ja ich hab alles korrekt ausgefuehrt... nur jetzt zeigt mir mein PC unter Ipconfig /all eine 192.168.0.x an. Ich lebe in den USA und da gibt es glaube diese art von Ips net (nur lokale) soweit ich weiss!.. Ich muss wieder alle Ips auf 10.0.0.9 tauschen aber es scheint fest eingespeichert zu sein! Wie kann ich die ganzen Internet sachen Resetten auf amerikanischen Interneteinstellungen? Ich glaube das Fixprogramm hat meine Interneteinstellungen veraendert sodass ich netmehr ins internet zugreifen kann.. Wie gesagt ich bin verbunden mit dem Router und Modem aber kein Internet Access!! Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-04-2014
Ran by AE2220 at 2014-04-23 19:04:57 Run:1
Running from H:\Tools\Junk removal
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
H:\RECYCLER
Winsock: Catalog5 10 C:\windows\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog5-x64 10 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
cmd: netsh winsock reset
Task: {8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} - \Re-markit Update No Task File <==== ATTENTION
*****************
"H:\RECYCLER" directory move:
H:\RECYCLER\S-1-5-21-842925246-2025429265-682008880-1013\Desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-823518204-1177238915-682003330-1003\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-823518204-1177238915-682003330-1003\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-436374069-1078145449-725345543-1003\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-436374069-1078145449-725345543-1003\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-1659004503-1604221776-1417001333-500\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-1659004503-1604221776-1417001333-500\Di1.txt => Moved successfully.
H:\RECYCLER\S-1-5-21-1659004503-1604221776-1417001333-500\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-1659004503-1604221776-1417001333-500\Di2\reloaded.nfo => Moved successfully.
H:\RECYCLER\S-1-5-21-1275210071-1326574676-1417001333-1003\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-1275210071-1326574676-1417001333-1003\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\INFO2 => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\De1\hamachi.lng => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\De1\license.rtf => Moved successfully.
H:\RECYCLER\S-1-5-21-1229272821-602162358-682003330-500\De1\ReleaseNotes.rtf => Moved successfully.
H:\RECYCLER\S-1-5-21-1004336348-1844823847-1177238915-500\desktop.ini => Moved successfully.
H:\RECYCLER\S-1-5-21-1004336348-1844823847-1177238915-500\Dg1.url => Moved successfully.
H:\RECYCLER\S-1-5-21-1004336348-1844823847-1177238915-500\Dg2.url => Moved successfully.
H:\RECYCLER\S-1-5-21-1004336348-1844823847-1177238915-500\INFO2 => Moved successfully.
Could not move "H:\RECYCLER" directory. => Scheduled to move on reboot.
Winsock: Catalog entry 000000000010 => Deleted successfully.
Winsock: Catalog entry 000000000010 => Deleted successfully.
========= netsh winsock reset =========
Initialization Function InitHelperDll in NSHHTTP.DLL failed to start with error code 11003
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
========= End of CMD: =========
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8F2E078B-124A-44E3-9E28-E4A0ACDB14E9} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Re-markit Update => Key deleted successfully.
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-23 19:09:31)<=
"H:\RECYCLER" => Directory could not move.
==== End of Fixlog ====
Geändert von Kali_Yuga (24.04.2014 um 21:41 Uhr) |
|
| Themen zu Win 7/ Youtube, Games,Flash,Vollbild Prozesse 100% usw alles laggt! |
| 100%, 100% cpu, alter laptop, bho, downloader, hijack this, hijackthis, internet explorer, mobogenie, mobogenie entfernen, prozesse, pup.optional.conduit.a, pup.optional.kozaka.a, pup.optional.myemoticons.a, pup.optional.nextlive.a, pup.optional.outbrowse, pup.optional.remarkit.a, pup.optional.speedanalysis3.a, software, windows, windows 7, windows xp |
Linear-Darstellung
