Benutzerprofildienst lädt ewig

Kaskadeking · 27.07.2014, 09:30

Hi,

Gestern als ich Sims 2 gespielt habe hat sich plötzlich mein Spiel aufgehangen.
Wie jeder andere auch dachte ich mir es liegt nur am Spiel.
Also wollte ich die Priorität vom Prozess erhöhen, doch der ganze PC hat sich aufgehangen.

Ich habe den Computer neu gestartet und folgendes passiert:

1. Versuch: Keine Desktop-Symbole - PC aufgehangen
2. Versuch: Bildschirm schwarz
3. Versuch: Er bleibt bei "Warten auf Benutzerprofildienst" hängen.

Ich kann mich nur noch im abgesicherten Modus anmelden.
Systemwiederherstellung schlägt auch immer fehl, da steht immer möglicherweise ist ihre Festplatte beschädigt. Ich hab den Befehl der da stand (chkdsk /R) ausgeführt und der hat keine Fehler gefunden.

Ich hab nur folgende Software vorher installiert: Cybersoft Top Secret 2.0
Aber hab ich dann im abgesicherten Modus deinstalliert mit Revo Uninstaller.

Hier noch FRST-Log:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Kaskadeking (administrator) on KASKADEKING-PC on 27-07-2014 10:17:46
Running from C:\Users\Kaskadeking\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-01] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
IFEO\taskmgr.exe: [Debugger] "C:\USERS\KASKADEKING\DOCUMENTS\PROCESSEXPLORER\PROCEXP.EXE"
Startup: C:\Users\Kaskadeking\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC6CB5525ACE2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6F19C187-7861-4839-A7CF-716C1C6FEECE}: [NameServer]127.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default
FF Homepage: https://www.google.de
FF NetworkProxy: "autoconfig_url", "hxxp://localhost:8080/proxy.pac"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 - C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Kaskadeking\AppData\Local\Roblox\Versions\version-1112937d32504d8c\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Kaskadeking\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HTTPS-Everywhere - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\https-everywhere@eff.org [2014-06-27]
FF Extension: WOT - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-12]
FF Extension: Firebug - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\firebug@software.joehewitt.com.xpi [2014-07-01]
FF Extension: MEGA - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\firefox@mega.co.nz.xpi [2014-04-23]
FF Extension: Magic Actions for YouTube™ - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2014-07-18]
FF Extension: Stylish - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-07-18]
FF Extension: NoScript - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-16]
FF Extension: DownThemAll! - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-20]
FF Extension: Adblock Edge - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-03-15]
FF Extension: No Name - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\na8igrqn.MC-Manager\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-21]
FF Extension: No Name - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\na8igrqn.MC-Manager\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-05-21]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-24]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi

Chrome: 
=======
CHR HomePage: 
CHR Extension: (avast! Online Security) - C:\Users\Kaskadeking\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-16]
CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Kaskadeking\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2014-03-05]
CHR Extension: (Google Wallet) - C:\Users\Kaskadeking\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-01] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-01] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-01] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-01] (BlueStack Systems, Inc.)
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
S2 dnscrypt-proxy; C:\Users\Kaskadeking\Desktop\DNSCrypt Windows Service Manager Package\dnscrypt-proxy.exe [258062 2013-09-16] () [File not signed]
S3 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [642048 2014-06-07] (FileZilla Project) [File not signed]
S2 HerculesWiFi; C:\Windows\SysWOW64\\HerculesWiFiService.exe [78232 2012-07-31] (Guillemot Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-23] ()
S2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-03-05] (Microsoft Corporation) [File not signed]
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe [14407384 2014-04-14] ()
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [151648 2014-06-10] (Alfa System Programming)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-01] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-01] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-01] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-01] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-01] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-01] ()
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-01] (BlueStack Systems)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-22] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [85016 2014-03-09] (Sysinternals - www.sysinternals.com)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1065616 2012-07-11] (Realtek Semiconductor Corporation                           )
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-20] (Duplex Secure Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-06-15] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-06-15] (Acronis International GmbH)
S1 Vdsk; C:\Windows\System32\Drivers\vdsk.sys [55552 2013-09-17] (NT KERNEL RESOURCES LAB.)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-06-15] (Acronis International GmbH)
S2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-04-14] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 DfSdkS; 
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 10:09 - 2014-07-27 10:18 - 00017675 _____ () C:\Users\Kaskadeking\Desktop\FRST.txt
2014-07-27 10:09 - 2014-07-27 10:17 - 00000000 ____D () C:\FRST
2014-07-27 10:08 - 2014-07-27 04:06 - 02093568 _____ (Farbar) C:\Users\Kaskadeking\Desktop\FRST64.exe
2014-07-27 10:07 - 2014-07-27 10:07 - 00000310 _____ () C:\Windows\PFRO.log
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\ProgramData\Caphyon
2014-07-26 11:10 - 2014-06-10 16:58 - 00151648 _____ (Alfa System Programming) C:\Windows\system32\Drivers\AlfaFF.sys
2014-07-26 11:10 - 2013-09-17 19:40 - 00055552 _____ (NT KERNEL RESOURCES LAB.) C:\Windows\system32\Drivers\vdsk.sys
2014-07-26 11:09 - 2014-07-26 11:16 - 00000000 ____D () C:\Users\Public\Documents\cs
2014-07-26 10:55 - 2014-07-26 21:10 - 00000896 _____ () C:\Windows\setupact.log
2014-07-26 10:55 - 2014-07-26 21:10 - 00000021 _____ () C:\Windows\S.dirmngr
2014-07-26 10:55 - 2014-07-26 10:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 12:16 - 2014-07-25 16:37 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2014-07-25 12:14 - 2014-07-25 16:48 - 00001690 _____ () C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk
2014-07-25 10:20 - 2014-07-25 10:21 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\GiliSoft
2014-07-24 10:02 - 2014-07-24 10:03 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\.kde
2014-07-24 10:02 - 2014-07-24 10:02 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\GNU
2014-07-23 21:28 - 2014-07-23 21:52 - 00000278 _____ () C:\.htaccess
2014-07-23 20:46 - 2014-07-23 20:46 - 00000016 _____ () C:\Users\Kaskadeking\Desktop\APB Premium 1 Day.txt
2014-07-23 18:13 - 2014-07-23 18:13 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Downloaded Installations
2014-07-23 18:13 - 2014-07-23 18:13 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-07-23 18:12 - 2014-07-23 18:12 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2014-07-23 18:12 - 2014-07-23 18:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-23 18:12 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-07-23 13:52 - 2014-07-23 13:52 - 00001177 _____ () C:\Users\Kaskadeking\Desktop\Auslogics BoostSpeed.lnk
2014-07-23 13:52 - 2014-07-23 13:52 - 00000000 ____D () C:\Windows\System32\Tasks\Auslogics
2014-07-23 12:04 - 2014-07-23 14:19 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-23 10:27 - 2014-07-23 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 10:25 - 2014-07-26 20:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-21 20:26 - 2014-07-26 20:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 20:26 - 2014-07-21 20:27 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-21 20:26 - 2014-07-21 20:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-21 20:26 - 2014-07-21 20:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-21 20:26 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-21 20:26 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-21 20:26 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-21 20:20 - 2014-07-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Ruiware
2014-07-21 14:06 - 2014-07-21 14:06 - 00005884 _____ () C:\Users\Kaskadeking\AppData\Local\recently-used.xbel
2014-07-18 13:21 - 2014-07-18 13:21 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\stetic
2014-07-18 13:20 - 2014-07-18 13:21 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\MonoDevelop-Unity-4.0
2014-07-18 13:20 - 2014-07-18 13:20 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\MonoDevelop-Unity-4.0
2014-07-18 12:04 - 2014-07-18 13:36 - 00000000 ____D () C:\Users\Kaskadeking\Documents\MyGame
2014-07-18 11:52 - 2014-07-18 12:06 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Unity
2014-07-18 11:47 - 2014-07-18 12:27 - 00000000 ____D () C:\ProgramData\Unity
2014-07-18 11:47 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Apple Computer
2014-07-18 11:47 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Apple Computer
2014-07-18 11:46 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Unity
2014-07-18 11:45 - 2014-07-18 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-07-18 11:45 - 2014-07-18 11:45 - 00001128 _____ () C:\Users\Public\Desktop\Unity.lnk
2014-07-18 11:45 - 2014-07-18 11:45 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-07-18 11:37 - 2014-07-18 11:46 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-07-18 11:37 - 2014-07-18 11:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-18 11:37 - 2014-07-18 11:36 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-18 11:37 - 2014-07-18 11:36 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-18 11:37 - 2014-07-18 11:36 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-18 11:36 - 2014-07-18 11:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 11:32 - 2014-07-18 11:32 - 00001861 _____ () C:\Users\Kaskadeking\Desktop\Blender.lnk
2014-07-18 11:30 - 2014-07-18 11:30 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-07-16 14:31 - 2014-07-18 11:03 - 00000133 _____ () C:\Users\Kaskadeking\SciTE.session
2014-07-16 14:15 - 2014-07-16 14:15 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Lua Projects
2014-07-16 14:12 - 2014-07-16 14:12 - 00000000 ____D () C:\Program Files (x86)\Lua
2014-07-10 19:02 - 2014-07-10 19:02 - 00001368 _____ () C:\Users\Kaskadeking\Desktop\ROBLOX Player.lnk
2014-07-10 19:01 - 2014-07-12 14:18 - 00001380 _____ () C:\Users\Kaskadeking\Desktop\ROBLOX Studio 2013.lnk
2014-07-10 19:01 - 2014-07-12 14:18 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-07-10 19:01 - 2014-07-12 14:18 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Roblox
2014-07-09 21:36 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 21:36 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 21:36 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 21:36 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 21:36 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 21:36 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 21:36 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 21:36 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 21:36 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 21:36 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 21:36 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 21:36 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 21:36 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 21:36 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 21:36 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 21:36 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 21:36 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 21:36 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 21:36 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 21:36 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 21:36 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 21:36 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 21:36 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 21:36 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 21:36 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 21:36 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 21:36 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 21:36 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 21:36 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 21:36 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 21:36 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 21:36 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 21:36 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 21:36 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 21:36 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 21:36 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 21:36 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 21:36 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 21:36 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 21:36 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 21:36 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 21:36 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 21:36 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 21:36 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 21:36 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 21:36 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 21:36 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 21:36 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 21:36 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 21:36 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 21:36 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 21:36 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 21:36 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 21:36 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 21:36 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 21:36 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 21:36 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 21:36 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 21:36 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 21:36 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 21:36 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 21:36 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 21:34 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 21:34 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 21:34 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Xamasoft
2014-07-07 21:14 - 2014-07-18 11:22 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Audacity
2014-07-05 11:33 - 2014-07-05 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-07-05 11:29 - 2014-07-05 21:59 - 00000000 ____D () C:\xampp
2014-07-03 20:16 - 2014-07-03 20:16 - 00000222 _____ () C:\Users\Kaskadeking\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-07-03 20:01 - 2014-07-18 14:36 - 00073784 _____ () C:\Users\Kaskadeking\Desktop\KsTBeats - Projekte (VLC Netzwerkstream).xspf
2014-07-02 14:28 - 2014-07-02 17:03 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\DVDVideoSoft
2014-07-01 19:11 - 2014-07-01 19:11 - 00000568 _____ () C:\Users\Kaskadeking\Documents\kaskadekingde@live.de (0x2D011EB4) rev.asc
2014-07-01 19:08 - 2014-07-01 19:08 - 00000568 _____ () C:\Users\Kaskadeking\Documents\kaskadekingde@gmail.com (0xDF5CFF9B) rev.asc
2014-07-01 19:01 - 2014-07-24 13:02 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\gnupg
2014-07-01 19:01 - 2014-07-01 19:01 - 00000000 ____D () C:\ProgramData\GNU
2014-07-01 19:01 - 2014-07-01 19:01 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-07-01 16:22 - 2014-07-01 16:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-01 14:55 - 2014-07-23 10:32 - 00001264 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-07-01 14:55 - 2014-07-23 10:32 - 00001252 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-07-01 14:55 - 2014-07-23 10:32 - 00000000 ____D () C:\Program Files\paint.net
2014-07-01 14:54 - 2014-07-01 14:58 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\paint.net
2014-06-28 16:26 - 2014-06-28 16:26 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-06-28 15:01 - 2014-06-28 15:01 - 00000000 ____D () C:\Users\Kaskadeking\Desktop\DNSCrypt Windows Service Manager Package
2014-06-28 10:48 - 2014-06-28 10:48 - 00001290 _____ () C:\Users\Kaskadeking\Desktop\Auslogics Disk Defrag Professional.lnk
2014-06-28 10:48 - 2014-06-28 10:48 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Auslogics
2014-06-27 13:46 - 2014-06-27 13:46 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Razer
2014-06-27 13:46 - 2014-06-27 13:46 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Razer_Inc
2014-06-27 13:45 - 2014-06-27 13:45 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00002133 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\ProgramData\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\Program Files (x86)\Razer

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 10:18 - 2014-07-27 10:09 - 00017675 _____ () C:\Users\Kaskadeking\Desktop\FRST.txt
2014-07-27 10:17 - 2014-07-27 10:09 - 00000000 ____D () C:\FRST
2014-07-27 10:16 - 2013-11-17 15:19 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Notepad++
2014-07-27 10:07 - 2014-07-27 10:07 - 00000310 _____ () C:\Windows\PFRO.log
2014-07-27 04:06 - 2014-07-27 10:08 - 02093568 _____ (Farbar) C:\Users\Kaskadeking\Desktop\FRST64.exe
2014-07-26 21:29 - 2009-07-14 19:58 - 00715748 _____ () C:\Windows\system32\perfh007.dat
2014-07-26 21:29 - 2009-07-14 19:58 - 00157044 _____ () C:\Windows\system32\perfc007.dat
2014-07-26 21:29 - 2009-07-14 07:13 - 01669414 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-26 21:11 - 2014-01-11 14:36 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-26 21:10 - 2014-07-26 10:55 - 00000896 _____ () C:\Windows\setupact.log
2014-07-26 21:10 - 2014-07-26 10:55 - 00000021 _____ () C:\Windows\S.dirmngr
2014-07-26 21:10 - 2014-02-16 12:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 21:10 - 2013-11-16 11:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-26 21:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-26 20:54 - 2014-07-23 10:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-26 20:54 - 2014-07-21 20:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-26 20:49 - 2014-02-06 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-26 11:16 - 2014-07-26 11:09 - 00000000 ____D () C:\Users\Public\Documents\cs
2014-07-26 11:15 - 2014-06-09 16:48 - 00001024 _____ () C:\.rnd
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\ProgramData\Caphyon
2014-07-26 11:04 - 2009-07-14 06:45 - 00022032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-26 11:04 - 2009-07-14 06:45 - 00022032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-26 11:03 - 2014-04-05 19:05 - 01586967 _____ () C:\Windows\WindowsUpdate.log
2014-07-26 10:56 - 2013-11-16 12:24 - 00000000 ____D () C:\ProgramData\VMware
2014-07-26 10:55 - 2014-07-26 10:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 16:48 - 2014-07-25 12:14 - 00001690 _____ () C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk
2014-07-25 16:38 - 2013-12-08 18:08 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-25 16:37 - 2014-07-25 12:16 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2014-07-25 16:37 - 2014-04-05 13:42 - 00000000 ____D () C:\Users\Kaskadeking\Documents\EA Games
2014-07-25 12:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-25 10:26 - 2013-12-03 16:12 - 00010752 _____ () C:\Users\Kaskadeking\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-25 10:21 - 2014-07-25 10:20 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\GiliSoft
2014-07-24 17:01 - 2013-11-17 17:47 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-24 15:21 - 2014-04-05 17:20 - 00001948 _____ () C:\Windows\Sandboxie.ini
2014-07-24 13:02 - 2014-07-01 19:01 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\gnupg
2014-07-24 12:43 - 2013-12-08 18:17 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-24 12:31 - 2014-02-13 18:12 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Visual Studio 2013
2014-07-24 10:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-24 10:03 - 2014-07-24 10:02 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\.kde
2014-07-24 10:02 - 2014-07-24 10:02 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\GNU
2014-07-24 10:01 - 2013-12-24 11:37 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-24 10:00 - 2013-11-16 11:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 21:52 - 2014-07-23 21:28 - 00000278 _____ () C:\.htaccess
2014-07-23 20:46 - 2014-07-23 20:46 - 00000016 _____ () C:\Users\Kaskadeking\Desktop\APB Premium 1 Day.txt
2014-07-23 20:23 - 2014-03-08 10:53 - 00000000 ____D () C:\Users\Kaskadeking\Stuff
2014-07-23 18:13 - 2014-07-23 18:13 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Downloaded Installations
2014-07-23 18:13 - 2014-07-23 18:13 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-07-23 18:13 - 2014-03-30 15:30 - 00000000 ____D () C:\Users\Kaskadeking\Documents\My Games
2014-07-23 18:12 - 2014-07-23 18:12 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2014-07-23 18:12 - 2014-07-23 18:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-23 18:12 - 2014-02-05 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-23 17:20 - 2014-03-16 14:45 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\.minecraft
2014-07-23 14:19 - 2014-07-23 12:04 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-23 14:19 - 2014-05-31 22:12 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-23 14:08 - 2014-05-31 20:15 - 00281288 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-23 13:52 - 2014-07-23 13:52 - 00001177 _____ () C:\Users\Kaskadeking\Desktop\Auslogics BoostSpeed.lnk
2014-07-23 13:52 - 2014-07-23 13:52 - 00000000 ____D () C:\Windows\System32\Tasks\Auslogics
2014-07-23 13:52 - 2014-06-08 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-23 13:52 - 2014-06-08 19:37 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-07-23 12:18 - 2014-05-31 22:12 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-23 12:04 - 2014-05-31 21:54 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\PunkBuster
2014-07-23 11:52 - 2013-11-16 11:48 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Thunderbird
2014-07-23 10:33 - 2013-11-16 12:18 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Skype
2014-07-23 10:32 - 2014-07-01 14:55 - 00001264 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-07-23 10:32 - 2014-07-01 14:55 - 00001252 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-07-23 10:32 - 2014-07-01 14:55 - 00000000 ____D () C:\Program Files\paint.net
2014-07-23 10:29 - 2014-04-05 18:35 - 00002008 _____ () C:\Users\Kaskadeking\Desktop\FileZilla Client.lnk
2014-07-23 10:29 - 2014-01-12 11:26 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\FileZilla
2014-07-23 10:29 - 2014-01-12 11:25 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-23 10:27 - 2014-07-23 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 20:27 - 2014-07-21 20:26 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-21 20:27 - 2014-07-21 20:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-21 20:26 - 2014-07-21 20:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-21 20:22 - 2014-06-09 10:52 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-21 20:20 - 2014-07-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Ruiware
2014-07-21 18:47 - 2013-11-16 12:29 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\VMware
2014-07-21 18:47 - 2013-11-16 12:29 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\VMware
2014-07-21 18:42 - 2014-05-13 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-07-21 18:40 - 2013-11-26 15:52 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Virtual Machines
2014-07-21 18:08 - 2013-11-17 17:27 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\EpickingDE
2014-07-21 16:11 - 2013-11-16 10:56 - 00000000 ____D () C:\Users\Kaskadeking
2014-07-21 16:08 - 2013-11-16 12:27 - 00000000 ___RD () C:\Users\Kaskadeking\Dropbox
2014-07-21 16:07 - 2013-11-16 13:48 - 00000000 ____D () C:\Users\Kaskadeking\.gimp-2.8
2014-07-21 15:43 - 2014-06-15 14:46 - 00000000 ___RD () C:\Users\Kaskadeking\Sync
2014-07-21 14:33 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-21 14:06 - 2014-07-21 14:06 - 00005884 _____ () C:\Users\Kaskadeking\AppData\Local\recently-used.xbel
2014-07-21 14:06 - 2013-11-16 14:05 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\gtk-2.0
2014-07-21 10:15 - 2013-11-16 12:24 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Dropbox
2014-07-21 10:14 - 2014-03-03 17:06 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\DropboxMaster
2014-07-20 09:39 - 2014-05-24 18:20 - 00001555 _____ () C:\Users\Kaskadeking\Desktop\KeePass2.lnk
2014-07-18 16:31 - 2014-06-25 21:14 - 00000000 ____D () C:\Users\Kaskadeking\Documents\FIFA World
2014-07-18 14:59 - 2014-07-18 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-07-18 14:59 - 2013-11-16 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-18 14:37 - 2013-11-16 18:37 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\vlc
2014-07-18 14:36 - 2014-07-03 20:01 - 00073784 _____ () C:\Users\Kaskadeking\Desktop\KsTBeats - Projekte (VLC Netzwerkstream).xspf
2014-07-18 14:15 - 2013-12-26 16:57 - 00000000 ____D () C:\Users\Kaskadeking\.thumbnails
2014-07-18 13:36 - 2014-07-18 12:04 - 00000000 ____D () C:\Users\Kaskadeking\Documents\MyGame
2014-07-18 13:21 - 2014-07-18 13:21 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\stetic
2014-07-18 13:21 - 2014-07-18 13:20 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\MonoDevelop-Unity-4.0
2014-07-18 13:20 - 2014-07-18 13:20 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\MonoDevelop-Unity-4.0
2014-07-18 12:27 - 2014-07-18 11:47 - 00000000 ____D () C:\ProgramData\Unity
2014-07-18 12:06 - 2014-07-18 11:52 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Unity
2014-07-18 11:47 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Apple Computer
2014-07-18 11:47 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Apple Computer
2014-07-18 11:47 - 2014-07-18 11:46 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Unity
2014-07-18 11:46 - 2014-07-18 11:37 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-07-18 11:45 - 2014-07-18 11:45 - 00001128 _____ () C:\Users\Public\Desktop\Unity.lnk
2014-07-18 11:45 - 2014-07-18 11:45 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-07-18 11:36 - 2014-07-18 11:37 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-18 11:36 - 2014-07-18 11:37 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-18 11:36 - 2014-07-18 11:37 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-18 11:36 - 2014-07-18 11:37 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-18 11:36 - 2014-07-18 11:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 11:32 - 2014-07-18 11:32 - 00001861 _____ () C:\Users\Kaskadeking\Desktop\Blender.lnk
2014-07-18 11:30 - 2014-07-18 11:30 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-07-18 11:22 - 2014-07-07 21:14 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Audacity
2014-07-18 11:11 - 2014-04-16 15:09 - 00000000 ____D () C:\Program Files (x86)\Minecraft Manager
2014-07-18 11:03 - 2014-07-16 14:31 - 00000133 _____ () C:\Users\Kaskadeking\SciTE.session
2014-07-16 14:15 - 2014-07-16 14:15 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Lua Projects
2014-07-16 14:12 - 2014-07-16 14:12 - 00000000 ____D () C:\Program Files (x86)\Lua
2014-07-15 08:39 - 2014-06-14 18:58 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-15 08:39 - 2014-06-14 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-12 14:18 - 2014-07-10 19:01 - 00001380 _____ () C:\Users\Kaskadeking\Desktop\ROBLOX Studio 2013.lnk
2014-07-12 14:18 - 2014-07-10 19:01 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-07-12 14:18 - 2014-07-10 19:01 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Roblox
2014-07-12 12:31 - 2009-07-14 04:34 - 00000120 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-07-12 11:47 - 2013-11-16 12:16 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\TS3Client
2014-07-11 21:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-11 18:52 - 2014-06-25 14:46 - 00000000 ____D () C:\Users\Kaskadeking\Documents\SteamCMD Games
2014-07-10 19:02 - 2014-07-10 19:02 - 00001368 _____ () C:\Users\Kaskadeking\Desktop\ROBLOX Player.lnk
2014-07-10 10:15 - 2009-07-14 06:45 - 00304952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 22:31 - 2014-02-08 21:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 22:29 - 2014-02-08 21:53 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 17:35 - 2014-02-06 17:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 17:35 - 2013-11-16 12:41 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 17:35 - 2013-11-16 12:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Xamasoft
2014-07-07 16:16 - 2014-04-20 11:49 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-07 16:16 - 2014-04-20 11:49 - 00001094 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-07 11:57 - 2013-12-08 18:09 - 00000000 ____D () C:\ProgramData\Origin
2014-07-05 21:59 - 2014-07-05 11:29 - 00000000 ____D () C:\xampp
2014-07-05 11:33 - 2014-07-05 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-07-04 12:44 - 2013-12-24 11:37 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 20:16 - 2014-07-03 20:16 - 00000222 _____ () C:\Users\Kaskadeking\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-07-02 17:03 - 2014-07-02 14:28 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\DVDVideoSoft
2014-07-01 19:50 - 2014-01-11 12:45 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\DAEMON Tools Lite
2014-07-01 19:11 - 2014-07-01 19:11 - 00000568 _____ () C:\Users\Kaskadeking\Documents\kaskadekingde@live.de (0x2D011EB4) rev.asc
2014-07-01 19:08 - 2014-07-01 19:08 - 00000568 _____ () C:\Users\Kaskadeking\Documents\kaskadekingde@gmail.com (0xDF5CFF9B) rev.asc
2014-07-01 19:01 - 2014-07-01 19:01 - 00000000 ____D () C:\ProgramData\GNU
2014-07-01 19:01 - 2014-07-01 19:01 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-07-01 17:16 - 2013-12-09 17:43 - 00000000 ____D () C:\Windows\Minidump
2014-07-01 16:23 - 2014-04-03 20:16 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-01 16:22 - 2014-07-01 16:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-01 16:22 - 2014-04-19 12:34 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-01 16:22 - 2013-12-24 11:37 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-01 14:58 - 2014-07-01 14:54 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\paint.net
2014-06-30 15:13 - 2014-05-31 16:01 - 00000923 _____ () C:\Users\Kaskadeking\Desktop\TrueCrypt.lnk
2014-06-29 12:45 - 2014-06-22 16:24 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images
2014-06-28 16:26 - 2014-06-28 16:26 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-06-28 15:01 - 2014-06-28 15:01 - 00000000 ____D () C:\Users\Kaskadeking\Desktop\DNSCrypt Windows Service Manager Package
2014-06-28 11:14 - 2014-06-20 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inno Key Generator
2014-06-28 11:14 - 2014-06-20 16:23 - 00000000 ____D () C:\Program Files (x86)\MJ Freelancing
2014-06-28 10:48 - 2014-06-28 10:48 - 00001290 _____ () C:\Users\Kaskadeking\Desktop\Auslogics Disk Defrag Professional.lnk
2014-06-28 10:48 - 2014-06-28 10:48 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Auslogics
2014-06-28 10:48 - 2014-06-08 19:37 - 00000000 ____D () C:\ProgramData\Auslogics
2014-06-27 18:01 - 2013-12-25 21:15 - 00000000 __SHD () C:\Users\Kaskadeking\Desktop\RAMMap
2014-06-27 13:46 - 2014-06-27 13:46 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Razer
2014-06-27 13:46 - 2014-06-27 13:46 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Razer_Inc
2014-06-27 13:45 - 2014-06-27 13:45 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00002133 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\ProgramData\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\Program Files (x86)\Razer

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 20:27

==================== End Of Log ============================

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Kaskadeking at 2014-07-27 10:18:17
Running from C:\Users\Kaskadeking\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 6 v.6.0.10 (HKLM-x32\...\{C92AB6F1-770F-EA32-6CF7-8A0792FA1A4B}_is1) (Version: 6.0.10 - Ashampoo GmbH & Co. KG)
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 6.5.6.0 - Auslogics Labs Pty Ltd)
Auslogics Disk Defrag Professional (HKLM-x32\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.3.9.0 - Auslogics Software Pty Ltd)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AxCrypt 1.7.3156.0 (HKLM\...\{8B49CDB9-824C-44D6-A5D3-D0235D3030B8}) (Version: 1.7.3156.0 - Axantum Software AB)
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.0.0.45489 - Electronic Arts, Inc.)
EaseUS Data Recovery Wizard 7.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 7.0_is1) (Version:  - EaseUS)
EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
FileZilla Client 3.9.0.1 (HKCU\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.45 - FileZilla Project)
Fireflies Screensaver (remove only) (HKLM-x32\...\Fireflies) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version:  - Size Five Games)
Hercules WiFi Station N (HKLM-x32\...\{120E5B08-DC3C-4DCD-AAB0-0BB5EB225929}) (Version: 7.0.0.0 - Hercules)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
Inno Setup Version 5.5.4 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.4 - jrsoftware.org)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.11.12 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version:  - Daniel Rebelo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2013 Express Prerequisites x64 - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (HKLM-x32\...\{42da2807-2142-4f67-816d-684a640cd6ff}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Windows SDK .NET Framework Tools (30514) (Version: 7.1.30514 - Microsoft) Hidden
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Intellisense and Reference Assemblies (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 31.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MultiCommander (HKCU\...\MultiCommander) (Version:  - )
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.2 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX v8.10.29 (HKLM-x32\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Pokemon Online 2.4.1 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version:  - Dreambelievers)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ROBLOX Player for Kaskadeking (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio 2013 for Kaskadeking (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
RT 7 Lite (64-Bit) (HKCU\...\RT 7 Lite x64) (Version: 2.6.0 - Rockers Team)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
S4 League_EU (HKLM-x32\...\{6DCD0B4D-EC6E-46C4-921B-F108450467C2}) (Version: 1.00.0000 - )
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version:  - SEGA)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
tools-freebsd (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unity (HKLM-x32\...\Unity) (Version: 4.5.2f1 - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
updateSystem.NET (HKLM\...\8d7ea403-65fb-4276-8ada-3b39f0fe2461) (Version: 1.5.2.515 - Maximilian Krauss)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc)
VMware Workstation (Version: 10.0.2 - VMware, Inc.) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version:  - Team17 Software Ltd.)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
Zombie Panic Source (HKLM-x32\...\Steam App 17500) (Version:  - Zombie Panic Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

23-07-2014 16:09:02 DirectX wurde installiert
26-07-2014 09:02:31 Revo Uninstaller's restore point - GiliSoft Video Editor 6.5.0
26-07-2014 09:09:30 Установлено CyberSafe Top Secret 2

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-27 10:17 - 00512567 ____A C:\Windows\system32\Drivers\etc\hosts
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {26715208-6CDA-44E1-88A9-826487D14CAF} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {43D22127-E6CC-4924-A0A0-9B03986D8BA5} - System32\Tasks\{222D721A-5FAE-44BF-9CC9-3287A5198C86} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1618
Task: {4C75E13B-8905-4A9E-AEB1-0FEAA20302D5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {528F1604-2E56-41E0-A41F-FB1BA70D7251} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn Kaskadeking logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2014-07-16] (Auslogics)
Task: {57D5AB86-97A2-4586-B345-495EDCD051E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11] (Google Inc.)
Task: {5DF92A72-03FC-4802-BBB0-767A91F1491D} - System32\Tasks\Eingabeaufforderung mit Systemrechten => cmd.exe 
Task: {76CBC28E-FF43-41A5-9856-C5069199BC7E} - System32\Tasks\{C38F636B-85FD-4911-BBE0-98CB89257A69} => C:\Users\Kaskadeking\Desktop\TheMovies-Recovery.exe
Task: {888379CF-FDFF-41ED-8326-58973DC3894D} - System32\Tasks\{C7C57895-A707-4234-9D05-BEB662BF1504} => C:\Users\Kaskadeking\Desktop\TheMovies-Recovery.exe
Task: {A5B29B19-E273-4004-862C-2C92057AA5C6} - System32\Tasks\WiFiN => C:\Program Files (x86)\Hercules\WiFi Station N\WiFiN.exe [2012-07-31] ()
Task: {B2927C61-F596-49D2-A2ED-C07AE20DE8C3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-01] (AVAST Software)
Task: {B50E5808-AA27-465A-AB0A-2F47942BE1B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-01 10:32 - 2013-10-01 10:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:09CB0963D684C924

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: DirMngr => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\startupfolder: C:^Users^Kaskadeking^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
MSCONFIG\startupreg: NoIPDUCv4 => "C:\Program Files (x86)\No-IP\DUC40.exe" /minimize
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"

==================== Faulty Device Manager Devices =============

Name: avast! Revert
Description: avast! Revert
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: avast! VM Monitor
Description: avast! VM Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VMware VMCI Host Device
Description: VMware VMCI Host Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: vmci
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: NVIDIA nForce 10/100 Mbps Ethernet 
Description: NVIDIA nForce Networking Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVNET
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2014 08:53:01 PM) (Source: MsiInstaller) (EventID: 11719) (User: Kaskadeking-PC)
Description: Продукт: CyberSafe Top Secret 2 -- Ошибка 1719. Не удается получить доступ к службе установщика Windows. Возможно, Windows работает в защищенном режиме или неправильно установлен установщик Windows. Обратитесь в службу поддержки.

Error: (07/26/2014 08:52:57 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" ; Beschreibung = Revo Uninstaller's restore point - CyberSafe Top Secret 2; Fehler = 0x8007043c).

Error: (07/26/2014 08:52:13 PM) (Source: MsiInstaller) (EventID: 11719) (User: Kaskadeking-PC)
Description: Продукт: CyberSafe Top Secret 2 -- Ошибка 1719. Не удается получить доступ к службе установщика Windows. Возможно, Windows работает в защищенном режиме или неправильно установлен установщик Windows. Обратитесь в службу поддержки.

Error: (07/26/2014 08:51:07 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Unbekannter Fehler bei der Systemwiederherstellung: (Установлено CyberSafe Top Secret 2). Zusätzliche Informationen: 0x80070057.

Error: (07/26/2014 08:47:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "CoCreateInstance" ist ein unerwarteter Fehler aufgetreten. hr = 0x80010108, Das aufgerufene Objekt wurde von den Clients getrennt.
.


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {fa47527c-a211-4326-ab6b-f237812ca0c9}

Error: (07/26/2014 08:46:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volumenschattenkopie-Dienst-Informationen: Der COM-Server mit CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} und dem Namen "CEventSystem" kann nicht gestartet werden. [0x80010108, Das aufgerufene Objekt wurde von den Clients getrennt.
]


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {fa47527c-a211-4326-ab6b-f237812ca0c9}

Error: (07/26/2014 10:56:28 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (07/27/2014 10:08:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 10:08:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 10:08:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 10:08:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 10:08:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 10:08:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 10:08:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 10:08:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 10:08:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 10:08:18 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================
Error: (07/26/2014 08:53:01 PM) (Source: MsiInstaller) (EventID: 11719) (User: Kaskadeking-PC)
Description: Продукт: CyberSafe Top Secret 2 -- Ошибка 1719. Не удается получить доступ к службе установщика Windows. Возможно, Windows работает в защищенном режиме или неправильно установлен установщик Windows. Обратитесь в службу поддержки.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/26/2014 08:52:57 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" Revo Uninstaller's restore point - CyberSafe Top Secret 20x8007043c

Error: (07/26/2014 08:52:13 PM) (Source: MsiInstaller) (EventID: 11719) (User: Kaskadeking-PC)
Description: Продукт: CyberSafe Top Secret 2 -- Ошибка 1719. Не удается получить доступ к службе установщика Windows. Возможно, Windows работает в защищенном режиме или неправильно установлен установщик Windows. Обратитесь в службу поддержки.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/26/2014 08:51:07 PM) (Source: System Restore) (EventID: 8210) (User: )
Description: Установлено CyberSafe Top Secret 20x80070057

Error: (07/26/2014 08:47:59 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x80010108, Das aufgerufene Objekt wurde von den Clients getrennt.


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {fa47527c-a211-4326-ab6b-f237812ca0c9}

Error: (07/26/2014 08:46:34 PM) (Source: VSS) (EventID: 13) (User: )
Description: {4e14fba2-2e22-11d1-9964-00c04fbbb345}CEventSystem0x80010108, Das aufgerufene Objekt wurde von den Clients getrennt.


Vorgang:
   Generator wird abonniert

Kontext:
   Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Generatorname: WMI Writer
   Generatorinstanz-ID: {fa47527c-a211-4326-ab6b-f237812ca0c9}

Error: (07/26/2014 10:56:28 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


CodeIntegrity Errors:
===================================
  Date: 2014-04-05 16:57:48.834
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-05 16:57:48.663
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 11%
Total physical RAM: 6143.3 MB
Available physical RAM: 5418.36 MB
Total Pagefile: 12284.79 MB
Available Pagefile: 11576.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:228.79 GB) (Free:54.09 GB) NTFS
Drive f: () (Removable) (Total:7.46 GB) (Free:7.11 GB) FAT32
Drive w: (Windows 7 x64 Universal) (Fixed) (Total:4 GB) (Free:0.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 9CF2274C)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=229 GB) - (Type=OF Extended)
Partition 3: (Active) - (Size=4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber · 27.07.2014, 10:02

hi,

Zitat:

Also wollte ich die Priorität vom Prozess erhöhen

Das macht man niemals!

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Kaskadeking · 27.07.2014, 12:33

Zitat:

Zitat von schrauber

Das macht man niemals!

Mein PC hat mich ja eh davor abgehalten

MBAM:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 27.07.2014
Suchlauf-Zeit: 11:19:09
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.27.04
Rootkit Datenbank: v2014.07.17.01
Lizenz: Premium
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Kaskadeking

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 329257
Verstrichene Zeit: 15 Min, 5 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

AdwCleaner:

Code:

ATTFilter

# AdwCleaner v3.216 - Bericht erstellt am 27/07/2014 um 11:36:57
# Aktualisiert 17/07/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kaskadeking - KASKADEKING-PC
# Gestartet von : C:\Users\Kaskadeking\Desktop\adwcleaner_3.216.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\prefs.js ]


[ Datei : C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\na8igrqn.MC-Manager\prefs.js ]


-\\ Google Chrome v36.0.1985.125

[ Datei : C:\Users\Kaskadeking\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [939 octets] - [27/07/2014 11:36:57]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [998 octets] ##########

JRT:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Kaskadeking on 27.07.2014 at 11:42:31,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Kaskadeking\AppData\Roaming\mozilla\firefox\profiles\3tx73yav.default\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27.07.2014 at 11:45:42,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Kaskadeking (administrator) on KASKADEKING-PC on 27-07-2014 11:47:51
Running from C:\Users\Kaskadeking\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart 
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-01] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Run: [FileHippo.com] => C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe [307712 2012-11-23] (FileHippo.com)
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-4058871879-2829469030-3260525534-1000\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
IFEO\taskmgr.exe: [Debugger] "C:\USERS\KASKADEKING\DOCUMENTS\PROCESSEXPLORER\PROCEXP.EXE"
Startup: C:\Users\Kaskadeking\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: AcronisSyncError -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncInProgress -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers: AcronisSyncOk -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll ()
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC6CB5525ACE2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 - C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 - C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Kaskadeking\AppData\Local\Roblox\Versions\version-1112937d32504d8c\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Kaskadeking\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HTTPS-Everywhere - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\https-everywhere@eff.org [2014-06-27]
FF Extension: WOT - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-12]
FF Extension: Firebug - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\firebug@software.joehewitt.com.xpi [2014-07-01]
FF Extension: MEGA - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\firefox@mega.co.nz.xpi [2014-04-23]
FF Extension: Magic Actions for YouTube™ - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\jid0-UVAeBCfd34Kk5usS8A1CBiobvM8@jetpack.xpi [2014-07-18]
FF Extension: Stylish - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-07-18]
FF Extension: NoScript - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-11-16]
FF Extension: DownThemAll! - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-11-20]
FF Extension: Adblock Edge - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\3tx73yav.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-03-15]
FF Extension: No Name - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\na8igrqn.MC-Manager\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-05-21]
FF Extension: No Name - C:\Users\Kaskadeking\AppData\Roaming\Mozilla\Firefox\Profiles\na8igrqn.MC-Manager\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-05-21]
FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-24]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (avast! Online Security) - C:\Users\Kaskadeking\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-16]
CHR Extension: (SmallringFX DarkBlue Theme) - C:\Users\Kaskadeking\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk [2014-03-05]
CHR Extension: (Google Wallet) - C:\Users\Kaskadeking\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-11]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-01] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-01] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-01] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-01] (BlueStack Systems, Inc.)
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
S2 dnscrypt-proxy; C:\Users\Kaskadeking\Desktop\DNSCrypt Windows Service Manager Package\dnscrypt-proxy.exe [258062 2013-09-16] () [File not signed]
S3 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [642048 2014-06-07] (FileZilla Project) [File not signed]
S2 HerculesWiFi; C:\Windows\SysWOW64\\HerculesWiFiService.exe [78232 2012-07-31] (Guillemot Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-23] ()
S2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-03-05] (Microsoft Corporation) [File not signed]
S2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Player\vmware-hostd.exe [14407384 2014-04-14] ()
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 AlfaFF; C:\Windows\System32\Drivers\AlfaFF.sys [151648 2014-06-10] (Alfa System Programming)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-01] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-01] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-01] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-01] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-01] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-01] ()
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-01] (BlueStack Systems)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-06-22] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [17480 2013-03-07] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [13896 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [9800 2013-03-07] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
U5 PROCMON23; C:\Windows\System32\Drivers\PROCMON23.sys [85016 2014-03-09] (Sysinternals - www.sysinternals.com)
R3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1065616 2012-07-11] (Realtek Semiconductor Corporation                           )
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-06-20] (Duplex Secure Ltd.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-06-15] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-06-15] (Acronis International GmbH)
S1 Vdsk; C:\Windows\System32\Drivers\vdsk.sys [55552 2013-09-17] (NT KERNEL RESOURCES LAB.)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-06-15] (Acronis International GmbH)
S2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-04-14] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 DfSdkS; 
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 11:47 - 2014-07-27 11:47 - 00017802 _____ () C:\Users\Kaskadeking\Desktop\FRST.txt
2014-07-27 11:45 - 2014-07-27 11:45 - 00000838 _____ () C:\Users\Kaskadeking\Desktop\JRT.txt
2014-07-27 11:40 - 2014-07-27 11:40 - 01016261 _____ (Thisisu) C:\Users\Kaskadeking\Desktop\JRT.exe
2014-07-27 10:53 - 2014-07-27 11:35 - 00001159 _____ () C:\Users\Kaskadeking\Downloads\mbam.txt
2014-07-27 10:09 - 2014-07-27 11:47 - 00000000 ____D () C:\FRST
2014-07-27 10:08 - 2014-07-27 04:06 - 02093568 _____ (Farbar) C:\Users\Kaskadeking\Desktop\FRST64.exe
2014-07-27 10:07 - 2014-07-27 10:07 - 00000310 _____ () C:\Windows\PFRO.log
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\ProgramData\Caphyon
2014-07-26 11:10 - 2014-06-10 16:58 - 00151648 _____ (Alfa System Programming) C:\Windows\system32\Drivers\AlfaFF.sys
2014-07-26 11:10 - 2013-09-17 19:40 - 00055552 _____ (NT KERNEL RESOURCES LAB.) C:\Windows\system32\Drivers\vdsk.sys
2014-07-26 11:09 - 2014-07-26 11:16 - 00000000 ____D () C:\Users\Public\Documents\cs
2014-07-26 10:55 - 2014-07-26 21:10 - 00000896 _____ () C:\Windows\setupact.log
2014-07-26 10:55 - 2014-07-26 21:10 - 00000021 _____ () C:\Windows\S.dirmngr
2014-07-26 10:55 - 2014-07-26 10:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 12:16 - 2014-07-25 16:37 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2014-07-25 12:14 - 2014-07-25 16:48 - 00001690 _____ () C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk
2014-07-25 10:20 - 2014-07-25 10:21 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\GiliSoft
2014-07-24 10:02 - 2014-07-24 10:03 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\.kde
2014-07-24 10:02 - 2014-07-24 10:02 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\GNU
2014-07-23 21:28 - 2014-07-23 21:52 - 00000278 _____ () C:\.htaccess
2014-07-23 20:46 - 2014-07-23 20:46 - 00000016 _____ () C:\Users\Kaskadeking\Desktop\APB Premium 1 Day.txt
2014-07-23 18:13 - 2014-07-23 18:13 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Downloaded Installations
2014-07-23 18:13 - 2014-07-23 18:13 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-07-23 18:12 - 2014-07-23 18:12 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2014-07-23 18:12 - 2014-07-23 18:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-23 18:12 - 2008-07-12 08:18 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2014-07-23 18:12 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-07-23 13:52 - 2014-07-23 13:52 - 00001177 _____ () C:\Users\Kaskadeking\Desktop\Auslogics BoostSpeed.lnk
2014-07-23 13:52 - 2014-07-23 13:52 - 00000000 ____D () C:\Windows\System32\Tasks\Auslogics
2014-07-23 12:04 - 2014-07-23 14:19 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-23 10:27 - 2014-07-23 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-23 10:25 - 2014-07-26 20:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-21 20:26 - 2014-07-27 11:19 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-21 20:26 - 2014-07-21 20:27 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-21 20:26 - 2014-07-21 20:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-21 20:26 - 2014-07-21 20:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-21 20:26 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-21 20:26 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-21 20:26 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-21 20:20 - 2014-07-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Ruiware
2014-07-21 14:06 - 2014-07-21 14:06 - 00005884 _____ () C:\Users\Kaskadeking\AppData\Local\recently-used.xbel
2014-07-18 13:21 - 2014-07-18 13:21 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\stetic
2014-07-18 13:20 - 2014-07-18 13:21 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\MonoDevelop-Unity-4.0
2014-07-18 13:20 - 2014-07-18 13:20 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\MonoDevelop-Unity-4.0
2014-07-18 12:04 - 2014-07-18 13:36 - 00000000 ____D () C:\Users\Kaskadeking\Documents\MyGame
2014-07-18 11:52 - 2014-07-18 12:06 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Unity
2014-07-18 11:47 - 2014-07-18 12:27 - 00000000 ____D () C:\ProgramData\Unity
2014-07-18 11:47 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Apple Computer
2014-07-18 11:47 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Apple Computer
2014-07-18 11:46 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Unity
2014-07-18 11:45 - 2014-07-18 14:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-07-18 11:45 - 2014-07-18 11:45 - 00001128 _____ () C:\Users\Public\Desktop\Unity.lnk
2014-07-18 11:45 - 2014-07-18 11:45 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-07-18 11:37 - 2014-07-18 11:46 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-07-18 11:37 - 2014-07-18 11:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-18 11:37 - 2014-07-18 11:36 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-18 11:37 - 2014-07-18 11:36 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-18 11:37 - 2014-07-18 11:36 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-18 11:36 - 2014-07-18 11:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 11:32 - 2014-07-18 11:32 - 00001861 _____ () C:\Users\Kaskadeking\Desktop\Blender.lnk
2014-07-18 11:30 - 2014-07-18 11:30 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-07-16 14:31 - 2014-07-18 11:03 - 00000133 _____ () C:\Users\Kaskadeking\SciTE.session
2014-07-16 14:15 - 2014-07-16 14:15 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Lua Projects
2014-07-16 14:12 - 2014-07-16 14:12 - 00000000 ____D () C:\Program Files (x86)\Lua
2014-07-10 19:02 - 2014-07-10 19:02 - 00001368 _____ () C:\Users\Kaskadeking\Desktop\ROBLOX Player.lnk
2014-07-10 19:01 - 2014-07-12 14:18 - 00001380 _____ () C:\Users\Kaskadeking\Desktop\ROBLOX Studio 2013.lnk
2014-07-10 19:01 - 2014-07-12 14:18 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-07-10 19:01 - 2014-07-12 14:18 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Roblox
2014-07-09 21:36 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 21:36 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 21:36 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 21:36 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 21:36 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 21:36 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 21:36 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 21:36 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 21:36 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 21:36 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 21:36 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 21:36 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 21:36 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 21:36 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 21:36 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 21:36 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 21:36 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 21:36 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 21:36 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 21:36 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 21:36 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 21:36 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 21:36 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 21:36 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 21:36 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 21:36 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 21:36 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 21:36 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 21:36 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 21:36 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 21:36 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 21:36 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 21:36 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 21:36 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 21:36 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 21:36 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 21:36 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 21:36 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 21:36 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 21:36 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 21:36 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 21:36 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 21:36 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 21:36 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 21:36 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 21:36 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 21:36 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 21:36 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 21:36 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 21:36 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 21:36 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 21:36 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 21:36 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 21:36 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 21:36 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 21:36 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 21:36 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 21:36 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 21:36 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 21:36 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 21:36 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 21:36 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 21:34 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 21:34 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 21:34 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Xamasoft
2014-07-07 21:14 - 2014-07-18 11:22 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Audacity
2014-07-05 11:33 - 2014-07-05 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-07-05 11:29 - 2014-07-05 21:59 - 00000000 ____D () C:\xampp
2014-07-03 20:16 - 2014-07-03 20:16 - 00000222 _____ () C:\Users\Kaskadeking\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-07-03 20:01 - 2014-07-18 14:36 - 00073784 _____ () C:\Users\Kaskadeking\Desktop\KsTBeats - Projekte (VLC Netzwerkstream).xspf
2014-07-02 14:28 - 2014-07-02 17:03 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\DVDVideoSoft
2014-07-01 19:11 - 2014-07-01 19:11 - 00000568 _____ () C:\Users\Kaskadeking\Documents\kaskadekingde@live.de (0x2D011EB4) rev.asc
2014-07-01 19:08 - 2014-07-01 19:08 - 00000568 _____ () C:\Users\Kaskadeking\Documents\kaskadekingde@gmail.com (0xDF5CFF9B) rev.asc
2014-07-01 19:01 - 2014-07-24 13:02 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\gnupg
2014-07-01 19:01 - 2014-07-01 19:01 - 00000000 ____D () C:\ProgramData\GNU
2014-07-01 19:01 - 2014-07-01 19:01 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-07-01 16:22 - 2014-07-01 16:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-01 14:55 - 2014-07-23 10:32 - 00001264 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-07-01 14:55 - 2014-07-23 10:32 - 00001252 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-07-01 14:55 - 2014-07-23 10:32 - 00000000 ____D () C:\Program Files\paint.net
2014-07-01 14:54 - 2014-07-01 14:58 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\paint.net
2014-06-28 16:26 - 2014-06-28 16:26 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-06-28 15:01 - 2014-06-28 15:01 - 00000000 ____D () C:\Users\Kaskadeking\Desktop\DNSCrypt Windows Service Manager Package
2014-06-28 10:48 - 2014-06-28 10:48 - 00001290 _____ () C:\Users\Kaskadeking\Desktop\Auslogics Disk Defrag Professional.lnk
2014-06-28 10:48 - 2014-06-28 10:48 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Auslogics
2014-06-27 13:46 - 2014-06-27 13:46 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Razer
2014-06-27 13:46 - 2014-06-27 13:46 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Razer_Inc
2014-06-27 13:45 - 2014-06-27 13:45 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00002133 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\ProgramData\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\Program Files (x86)\Razer

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 11:47 - 2014-07-27 11:47 - 00017802 _____ () C:\Users\Kaskadeking\Desktop\FRST.txt
2014-07-27 11:47 - 2014-07-27 10:09 - 00000000 ____D () C:\FRST
2014-07-27 11:45 - 2014-07-27 11:45 - 00000838 _____ () C:\Users\Kaskadeking\Desktop\JRT.txt
2014-07-27 11:40 - 2014-07-27 11:40 - 01016261 _____ (Thisisu) C:\Users\Kaskadeking\Desktop\JRT.exe
2014-07-27 11:35 - 2014-07-27 10:53 - 00001159 _____ () C:\Users\Kaskadeking\Downloads\mbam.txt
2014-07-27 11:19 - 2014-07-21 20:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 10:16 - 2013-11-17 15:19 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Notepad++
2014-07-27 10:07 - 2014-07-27 10:07 - 00000310 _____ () C:\Windows\PFRO.log
2014-07-27 04:06 - 2014-07-27 10:08 - 02093568 _____ (Farbar) C:\Users\Kaskadeking\Desktop\FRST64.exe
2014-07-26 21:29 - 2009-07-14 19:58 - 00715748 _____ () C:\Windows\system32\perfh007.dat
2014-07-26 21:29 - 2009-07-14 19:58 - 00157044 _____ () C:\Windows\system32\perfc007.dat
2014-07-26 21:29 - 2009-07-14 07:13 - 01669414 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-26 21:11 - 2014-01-11 14:36 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-26 21:10 - 2014-07-26 10:55 - 00000896 _____ () C:\Windows\setupact.log
2014-07-26 21:10 - 2014-07-26 10:55 - 00000021 _____ () C:\Windows\S.dirmngr
2014-07-26 21:10 - 2014-02-16 12:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 21:10 - 2013-11-16 11:00 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-26 21:10 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-26 20:54 - 2014-07-23 10:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-26 20:49 - 2014-02-06 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-26 11:16 - 2014-07-26 11:09 - 00000000 ____D () C:\Users\Public\Documents\cs
2014-07-26 11:15 - 2014-06-09 16:48 - 00001024 _____ () C:\.rnd
2014-07-26 11:10 - 2014-07-26 11:10 - 00000000 ____D () C:\ProgramData\Caphyon
2014-07-26 11:04 - 2009-07-14 06:45 - 00022032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-26 11:04 - 2009-07-14 06:45 - 00022032 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-26 11:03 - 2014-04-05 19:05 - 01586967 _____ () C:\Windows\WindowsUpdate.log
2014-07-26 10:56 - 2013-11-16 12:24 - 00000000 ____D () C:\ProgramData\VMware
2014-07-26 10:55 - 2014-07-26 10:55 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-25 16:48 - 2014-07-25 12:14 - 00001690 _____ () C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk
2014-07-25 16:38 - 2013-12-08 18:08 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-25 16:37 - 2014-07-25 12:16 - 00000000 ____D () C:\Users\Public\Documents\EA Games
2014-07-25 16:37 - 2014-04-05 13:42 - 00000000 ____D () C:\Users\Kaskadeking\Documents\EA Games
2014-07-25 12:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-25 10:26 - 2013-12-03 16:12 - 00010752 _____ () C:\Users\Kaskadeking\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-25 10:21 - 2014-07-25 10:20 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\GiliSoft
2014-07-24 17:01 - 2013-11-17 17:47 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-24 15:21 - 2014-04-05 17:20 - 00001948 _____ () C:\Windows\Sandboxie.ini
2014-07-24 13:02 - 2014-07-01 19:01 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\gnupg
2014-07-24 12:43 - 2013-12-08 18:17 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-07-24 12:31 - 2014-02-13 18:12 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Visual Studio 2013
2014-07-24 10:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-24 10:03 - 2014-07-24 10:02 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\.kde
2014-07-24 10:02 - 2014-07-24 10:02 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\GNU
2014-07-24 10:01 - 2013-12-24 11:37 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-24 10:00 - 2013-11-16 11:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-23 21:52 - 2014-07-23 21:28 - 00000278 _____ () C:\.htaccess
2014-07-23 20:46 - 2014-07-23 20:46 - 00000016 _____ () C:\Users\Kaskadeking\Desktop\APB Premium 1 Day.txt
2014-07-23 20:23 - 2014-03-08 10:53 - 00000000 ____D () C:\Users\Kaskadeking\Stuff
2014-07-23 18:13 - 2014-07-23 18:13 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Downloaded Installations
2014-07-23 18:13 - 2014-07-23 18:13 - 00000000 ____D () C:\Program Files (x86)\AMD
2014-07-23 18:13 - 2014-03-30 15:30 - 00000000 ____D () C:\Users\Kaskadeking\Documents\My Games
2014-07-23 18:12 - 2014-07-23 18:12 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2014-07-23 18:12 - 2014-07-23 18:12 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-07-23 18:12 - 2014-02-05 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-23 17:20 - 2014-03-16 14:45 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\.minecraft
2014-07-23 14:19 - 2014-07-23 12:04 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-07-23 14:19 - 2014-05-31 22:12 - 00290776 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-23 14:08 - 2014-05-31 20:15 - 00281288 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-23 13:52 - 2014-07-23 13:52 - 00001177 _____ () C:\Users\Kaskadeking\Desktop\Auslogics BoostSpeed.lnk
2014-07-23 13:52 - 2014-07-23 13:52 - 00000000 ____D () C:\Windows\System32\Tasks\Auslogics
2014-07-23 13:52 - 2014-06-08 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-23 13:52 - 2014-06-08 19:37 - 00000000 ____D () C:\Program Files (x86)\Auslogics
2014-07-23 12:18 - 2014-05-31 22:12 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-23 12:04 - 2014-05-31 21:54 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\PunkBuster
2014-07-23 11:52 - 2013-11-16 11:48 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Thunderbird
2014-07-23 10:33 - 2013-11-16 12:18 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Skype
2014-07-23 10:32 - 2014-07-01 14:55 - 00001264 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-07-23 10:32 - 2014-07-01 14:55 - 00001252 _____ () C:\Users\Public\Desktop\paint.net.lnk
2014-07-23 10:32 - 2014-07-01 14:55 - 00000000 ____D () C:\Program Files\paint.net
2014-07-23 10:29 - 2014-04-05 18:35 - 00002008 _____ () C:\Users\Kaskadeking\Desktop\FileZilla Client.lnk
2014-07-23 10:29 - 2014-01-12 11:26 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\FileZilla
2014-07-23 10:29 - 2014-01-12 11:25 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-07-23 10:27 - 2014-07-23 10:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-21 20:27 - 2014-07-21 20:26 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-21 20:27 - 2014-07-21 20:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-21 20:26 - 2014-07-21 20:26 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-21 20:22 - 2014-06-09 10:52 - 00000000 ____D () C:\ProgramData\InstallMate
2014-07-21 20:20 - 2014-07-21 20:20 - 00000000 ____D () C:\Program Files (x86)\Ruiware
2014-07-21 18:47 - 2013-11-16 12:29 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\VMware
2014-07-21 18:47 - 2013-11-16 12:29 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\VMware
2014-07-21 18:42 - 2014-05-13 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2014-07-21 18:40 - 2013-11-26 15:52 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Virtual Machines
2014-07-21 18:08 - 2013-11-17 17:27 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\EpickingDE
2014-07-21 16:11 - 2013-11-16 10:56 - 00000000 ____D () C:\Users\Kaskadeking
2014-07-21 16:08 - 2013-11-16 12:27 - 00000000 ___RD () C:\Users\Kaskadeking\Dropbox
2014-07-21 16:07 - 2013-11-16 13:48 - 00000000 ____D () C:\Users\Kaskadeking\.gimp-2.8
2014-07-21 15:43 - 2014-06-15 14:46 - 00000000 ___RD () C:\Users\Kaskadeking\Sync
2014-07-21 14:33 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-07-21 14:06 - 2014-07-21 14:06 - 00005884 _____ () C:\Users\Kaskadeking\AppData\Local\recently-used.xbel
2014-07-21 14:06 - 2013-11-16 14:05 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\gtk-2.0
2014-07-21 10:15 - 2013-11-16 12:24 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Dropbox
2014-07-21 10:14 - 2014-03-03 17:06 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\DropboxMaster
2014-07-20 09:39 - 2014-05-24 18:20 - 00001555 _____ () C:\Users\Kaskadeking\Desktop\KeePass2.lnk
2014-07-18 16:31 - 2014-06-25 21:14 - 00000000 ____D () C:\Users\Kaskadeking\Documents\FIFA World
2014-07-18 14:59 - 2014-07-18 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-07-18 14:59 - 2013-11-16 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-18 14:37 - 2013-11-16 18:37 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\vlc
2014-07-18 14:36 - 2014-07-03 20:01 - 00073784 _____ () C:\Users\Kaskadeking\Desktop\KsTBeats - Projekte (VLC Netzwerkstream).xspf
2014-07-18 14:15 - 2013-12-26 16:57 - 00000000 ____D () C:\Users\Kaskadeking\.thumbnails
2014-07-18 13:36 - 2014-07-18 12:04 - 00000000 ____D () C:\Users\Kaskadeking\Documents\MyGame
2014-07-18 13:21 - 2014-07-18 13:21 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\stetic
2014-07-18 13:21 - 2014-07-18 13:20 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\MonoDevelop-Unity-4.0
2014-07-18 13:20 - 2014-07-18 13:20 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\MonoDevelop-Unity-4.0
2014-07-18 12:27 - 2014-07-18 11:47 - 00000000 ____D () C:\ProgramData\Unity
2014-07-18 12:06 - 2014-07-18 11:52 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Unity
2014-07-18 11:47 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Apple Computer
2014-07-18 11:47 - 2014-07-18 11:47 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Apple Computer
2014-07-18 11:47 - 2014-07-18 11:46 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Unity
2014-07-18 11:46 - 2014-07-18 11:37 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-07-18 11:45 - 2014-07-18 11:45 - 00001128 _____ () C:\Users\Public\Desktop\Unity.lnk
2014-07-18 11:45 - 2014-07-18 11:45 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-07-18 11:36 - 2014-07-18 11:37 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-18 11:36 - 2014-07-18 11:37 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-07-18 11:36 - 2014-07-18 11:37 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-07-18 11:36 - 2014-07-18 11:37 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-18 11:36 - 2014-07-18 11:36 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-18 11:32 - 2014-07-18 11:32 - 00001861 _____ () C:\Users\Kaskadeking\Desktop\Blender.lnk
2014-07-18 11:30 - 2014-07-18 11:30 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-07-18 11:22 - 2014-07-07 21:14 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Audacity
2014-07-18 11:11 - 2014-04-16 15:09 - 00000000 ____D () C:\Program Files (x86)\Minecraft Manager
2014-07-18 11:03 - 2014-07-16 14:31 - 00000133 _____ () C:\Users\Kaskadeking\SciTE.session
2014-07-16 14:15 - 2014-07-16 14:15 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Lua Projects
2014-07-16 14:12 - 2014-07-16 14:12 - 00000000 ____D () C:\Program Files (x86)\Lua
2014-07-15 08:39 - 2014-06-14 18:58 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-15 08:39 - 2014-06-14 18:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-12 14:18 - 2014-07-10 19:01 - 00001380 _____ () C:\Users\Kaskadeking\Desktop\ROBLOX Studio 2013.lnk
2014-07-12 14:18 - 2014-07-10 19:01 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-07-12 14:18 - 2014-07-10 19:01 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Roblox
2014-07-12 12:31 - 2009-07-14 04:34 - 00000120 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-07-12 11:47 - 2013-11-16 12:16 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\TS3Client
2014-07-11 21:29 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-11 18:52 - 2014-06-25 14:46 - 00000000 ____D () C:\Users\Kaskadeking\Documents\SteamCMD Games
2014-07-10 19:02 - 2014-07-10 19:02 - 00001368 _____ () C:\Users\Kaskadeking\Desktop\ROBLOX Player.lnk
2014-07-10 10:15 - 2009-07-14 06:45 - 00304952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-09 22:31 - 2014-02-08 21:53 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-09 22:29 - 2014-02-08 21:53 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-09 17:35 - 2014-02-06 17:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 17:35 - 2013-11-16 12:41 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 17:35 - 2013-11-16 12:41 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 19:13 - 2014-07-08 19:13 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Xamasoft
2014-07-07 16:16 - 2014-04-20 11:49 - 00001106 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-07-07 16:16 - 2014-04-20 11:49 - 00001094 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-07-07 11:57 - 2013-12-08 18:09 - 00000000 ____D () C:\ProgramData\Origin
2014-07-05 21:59 - 2014-07-05 11:29 - 00000000 ____D () C:\xampp
2014-07-05 11:33 - 2014-07-05 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2014-07-04 12:44 - 2013-12-24 11:37 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-03 20:16 - 2014-07-03 20:16 - 00000222 _____ () C:\Users\Kaskadeking\Desktop\Infinity Wars - Animated Trading Card Game.url
2014-07-02 17:03 - 2014-07-02 14:28 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\DVDVideoSoft
2014-07-01 19:50 - 2014-01-11 12:45 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\DAEMON Tools Lite
2014-07-01 19:11 - 2014-07-01 19:11 - 00000568 _____ () C:\Users\Kaskadeking\Documents\kaskadekingde@live.de (0x2D011EB4) rev.asc
2014-07-01 19:08 - 2014-07-01 19:08 - 00000568 _____ () C:\Users\Kaskadeking\Documents\kaskadekingde@gmail.com (0xDF5CFF9B) rev.asc
2014-07-01 19:01 - 2014-07-01 19:01 - 00000000 ____D () C:\ProgramData\GNU
2014-07-01 19:01 - 2014-07-01 19:01 - 00000000 ____D () C:\Program Files (x86)\GNU
2014-07-01 17:16 - 2013-12-09 17:43 - 00000000 ____D () C:\Windows\Minidump
2014-07-01 16:23 - 2014-04-03 20:16 - 00001970 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-01 16:22 - 2014-07-01 16:22 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-07-01 16:22 - 2014-04-19 12:34 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-07-01 16:22 - 2013-12-24 11:37 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-07-01 16:22 - 2013-12-24 11:37 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-07-01 14:58 - 2014-07-01 14:54 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\paint.net
2014-06-30 15:13 - 2014-05-31 16:01 - 00000923 _____ () C:\Users\Kaskadeking\Desktop\TrueCrypt.lnk
2014-06-29 12:45 - 2014-06-22 16:24 - 00000000 ____D () C:\Users\Public\Documents\DAEMON Tools Images
2014-06-28 16:26 - 2014-06-28 16:26 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-06-28 15:01 - 2014-06-28 15:01 - 00000000 ____D () C:\Users\Kaskadeking\Desktop\DNSCrypt Windows Service Manager Package
2014-06-28 11:14 - 2014-06-20 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inno Key Generator
2014-06-28 11:14 - 2014-06-20 16:23 - 00000000 ____D () C:\Program Files (x86)\MJ Freelancing
2014-06-28 10:48 - 2014-06-28 10:48 - 00001290 _____ () C:\Users\Kaskadeking\Desktop\Auslogics Disk Defrag Professional.lnk
2014-06-28 10:48 - 2014-06-28 10:48 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Roaming\Auslogics
2014-06-28 10:48 - 2014-06-08 19:37 - 00000000 ____D () C:\ProgramData\Auslogics
2014-06-27 18:01 - 2013-12-25 21:15 - 00000000 __SHD () C:\Users\Kaskadeking\Desktop\RAMMap
2014-06-27 13:46 - 2014-06-27 13:46 - 00000000 ____D () C:\Users\Kaskadeking\Documents\Razer
2014-06-27 13:46 - 2014-06-27 13:46 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Razer_Inc
2014-06-27 13:45 - 2014-06-27 13:45 - 00000000 ____D () C:\Users\Kaskadeking\AppData\Local\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00002133 _____ () C:\Users\Public\Desktop\Razer Game Booster.lnk
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\ProgramData\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-06-27 13:44 - 2014-06-27 13:44 - 00000000 ____D () C:\Program Files (x86)\Razer

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 20:27

==================== End Of Log ============================

--- --- ---

--- --- ---

Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Kaskadeking at 2014-07-27 11:48:18
Running from C:\Users\Kaskadeking\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Acronis True Image 2014 (x32 Version: 17.0.6673 - Acronis) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 6 v.6.0.10 (HKLM-x32\...\{C92AB6F1-770F-EA32-6CF7-8A0792FA1A4B}_is1) (Version: 6.0.10 - Ashampoo GmbH & Co. KG)
Auslogics BoostSpeed (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 6.5.6.0 - Auslogics Labs Pty Ltd)
Auslogics Disk Defrag Professional (HKLM-x32\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.3.9.0 - Auslogics Software Pty Ltd)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
AxCrypt 1.7.3156.0 (HKLM\...\{8B49CDB9-824C-44D6-A5D3-D0235D3030B8}) (Version: 1.7.3156.0 - Axantum Software AB)
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 7.0.0.45489 - Electronic Arts, Inc.)
EaseUS Data Recovery Wizard 7.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 7.0_is1) (Version:  - EaseUS)
EaseUS Partition Master 9.3.0 (HKLM-x32\...\EaseUS Partition Master_is1) (Version:  - EaseUS)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
FileZilla Client 3.9.0.1 (HKCU\...\FileZilla Client) (Version: 3.9.0.1 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.45 - FileZilla Project)
Fireflies Screensaver (remove only) (HKLM-x32\...\Fireflies) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version:  - Size Five Games)
Hercules WiFi Station N (HKLM-x32\...\{120E5B08-DC3C-4DCD-AAB0-0BB5EB225929}) (Version: 7.0.0.0 - Hercules)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
Inno Setup Version 5.5.4 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.4 - jrsoftware.org)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.11.12 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Logon Screen (HKLM\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version:  - Daniel Rebelo)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013-Objektmodell Sprachpaket (x64) - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - DEU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2013 Express Prerequisites x64 - DEU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell-(Mindest)-Ressourcen (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Sprachpaket - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013-Vorbereitung (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (HKLM-x32\...\{42da2807-2142-4f67-816d-684a640cd6ff}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 für Windows Desktop - DEU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Windows SDK .NET Framework Tools (30514) (Version: 7.1.30514 - Microsoft) Hidden
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Intellisense and Reference Assemblies (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Moonbase Alpha (HKLM-x32\...\Steam App 39000) (Version:  - Virtual Heroes)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 31.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MultiCommander (HKCU\...\MultiCommander) (Version:  - )
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.2 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX v8.10.29 (HKLM-x32\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Pokemon Online 2.4.1 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version:  - Dreambelievers)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ROBLOX Player for Kaskadeking (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio 2013 for Kaskadeking (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
RT 7 Lite (64-Bit) (HKCU\...\RT 7 Lite x64) (Version: 2.6.0 - Rockers Team)
RT 7 Lite x64 (Version: 2.6.0 - Rockers Team) Hidden
S4 League_EU (HKLM-x32\...\{6DCD0B4D-EC6E-46C4-921B-F108450467C2}) (Version: 1.00.0000 - )
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Sonic Adventure DX (HKLM-x32\...\Steam App 71250) (Version:  - SEGA)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29947 - TeamViewer)
The Movies(TM) (HKLM-x32\...\InstallShield_{0556F885-2415-4666-B53E-33727E46AEA1}) (Version: 1.0 - Activision)
The Movies(TM) (x32 Version: 1.0 - Activision) Hidden
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
tools-freebsd (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Unity (HKLM-x32\...\Unity) (Version: 4.5.2f1 - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
updateSystem.NET (HKLM\...\8d7ea403-65fb-4276-8ada-3b39f0fe2461) (Version: 1.5.2.515 - Maximilian Krauss)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc)
VMware Workstation (Version: 10.0.2 - VMware, Inc.) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version:  - Team17 Software Ltd.)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
Zombie Panic Source (HKLM-x32\...\Steam App 17500) (Version:  - Zombie Panic Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4058871879-2829469030-3260525534-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kaskadeking\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Restore Points  =========================

23-07-2014 16:09:02 DirectX wurde installiert
26-07-2014 09:02:31 Revo Uninstaller's restore point - GiliSoft Video Editor 6.5.0
26-07-2014 09:09:30 Установлено CyberSafe Top Secret 2

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-07-27 10:17 - 00512567 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 ad4.abradio.cz
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 www2.a-counter.kiev.ua
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 app.activetrail.com
0.0.0.0 stat.active24stats.nl #[Tracking.Cookie]
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {26715208-6CDA-44E1-88A9-826487D14CAF} - System32\Tasks\Auslogics\BoostSpeed\Scan and Repair => Rundll32.exe TaskSchedulerHelper.dll,RunTask "BoostSpeed.exe" "-UseTray -Schedule"
Task: {43D22127-E6CC-4924-A0A0-9B03986D8BA5} - System32\Tasks\{222D721A-5FAE-44BF-9CC9-3287A5198C86} => Firefox.exe hxxp://ui.skype.com/ui/0/6.16.0.105/de/go/help.faq.installer?LastError=1618
Task: {4C75E13B-8905-4A9E-AEB1-0FEAA20302D5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {528F1604-2E56-41E0-A41F-FB1BA70D7251} - System32\Tasks\Auslogics\BoostSpeed\Start BoostSpeed оn Kaskadeking logon => C:\Program Files (x86)\Auslogics\BoostSpeed\BoostSpeed.exe [2014-07-16] (Auslogics)
Task: {57D5AB86-97A2-4586-B345-495EDCD051E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11] (Google Inc.)
Task: {5DF92A72-03FC-4802-BBB0-767A91F1491D} - System32\Tasks\Eingabeaufforderung mit Systemrechten => cmd.exe 
Task: {76CBC28E-FF43-41A5-9856-C5069199BC7E} - System32\Tasks\{C38F636B-85FD-4911-BBE0-98CB89257A69} => C:\Users\Kaskadeking\Desktop\TheMovies-Recovery.exe
Task: {888379CF-FDFF-41ED-8326-58973DC3894D} - System32\Tasks\{C7C57895-A707-4234-9D05-BEB662BF1504} => C:\Users\Kaskadeking\Desktop\TheMovies-Recovery.exe
Task: {A5B29B19-E273-4004-862C-2C92057AA5C6} - System32\Tasks\WiFiN => C:\Program Files (x86)\Hercules\WiFi Station N\WiFiN.exe [2012-07-31] ()
Task: {B2927C61-F596-49D2-A2ED-C07AE20DE8C3} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-01] (AVAST Software)
Task: {B50E5808-AA27-465A-AB0A-2F47942BE1B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-11] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-01 10:32 - 2013-10-01 10:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-05-01 21:29 - 2014-05-01 21:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-07-23 10:27 - 2014-07-23 10:27 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-09 17:35 - 2014-07-09 17:35 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Windows:09CB0963D684C924

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: DirMngr => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\startupfolder: C:^Users^Kaskadeking^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: amd_dc_opt => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
MSCONFIG\startupreg: NoIPDUCv4 => "C:\Program Files (x86)\No-IP\DUC40.exe" /minimize
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"

==================== Faulty Device Manager Devices =============

Name: avast! Revert
Description: avast! Revert
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: avast! VM Monitor
Description: avast! VM Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: VMware VMCI Host Device
Description: VMware VMCI Host Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: vmci
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: NVIDIA nForce 10/100 Mbps Ethernet 
Description: NVIDIA nForce Networking Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVNET
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (07/27/2014 11:48:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 11:48:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 11:48:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 11:46:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 11:46:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (07/27/2014 11:46:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-05 16:57:48.834
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-05 16:57:48.663
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 18%
Total physical RAM: 6143.3 MB
Available physical RAM: 4993.53 MB
Total Pagefile: 12284.79 MB
Available Pagefile: 11213.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:228.79 GB) (Free:54.06 GB) NTFS
Drive w: (Windows 7 x64 Universal) (Fixed) (Total:4 GB) (Free:0.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 9CF2274C)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=229 GB) - (Type=OF Extended)
Partition 3: (Active) - (Size=4 GB) - (Type=07 NTFS)

==================== End Of Log ============================

So nach 2 Stunden Warten war mir langweilig und hab die Systemwiederherstellung ,die plötzlich wieder funktionierte, ausgeführt.

Der Benutzerprofildienst lädt jetzt zwar ordnungsgemäß wieder aber der Desktop ist immer noch schwarz. Er funktioniert aber nach ca. 1 Minute wieder.

Vllt. ist da ja auch nur ein Nebeneffekt von der Systemwiederherstellung das der Desktop beim ersten Start so lange brauch (sehr unwahrscheinlich

)

Ich werde das ganze mal beobachten

schrauber · 27.07.2014, 14:19

Dein Benutzerprofil is kaputt. Leg ein neues an und speicher die Daten aus dem alten, bevor gar nix mehr geht.

Kaskadeking · 27.07.2014, 14:43

Davon hab ich auch gelesen. Aber bei allen kam eine Fehlermeldung, bei mir aber braucht es nur ziemlich lange. Aber ich werd es trotzdem machen ^^

schrauber · 27.07.2014, 20:13

sicher ist sicher

Kaskadeking · 28.07.2014, 10:11

Hab jetzt schonmal ein 2. Account zur Sicherheit angelegt aber seit der Systemwiederherstellung funktioniert alles wieder. Der Desktop scheint auch wieder zügig zu laden.

schrauber · 28.07.2014, 18:31

ok

27.07.2014, 14:19	#4
schrauber /// the machine /// TB-Ausbilder	Benutzerprofildienst lädt ewig Dein Benutzerprofil is kaputt. Leg ein neues an und speicher die Daten aus dem alten, bevor gar nix mehr geht. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

27.07.2014, 20:13	#6
schrauber /// the machine /// TB-Ausbilder	Benutzerprofildienst lädt ewig sicher ist sicher __________________ --> Benutzerprofildienst lädt ewig

28.07.2014, 18:31	#8
schrauber /// the machine /// TB-Ausbilder	Benutzerprofildienst lädt ewig ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Benutzerprofildienst lädt ewig

Plagegeister aller Art und deren Bekämpfung: Benutzerprofildienst lädt ewig