Ja auch offline habe ich die probleme

Was macht die Suche nach einer Scheibe?

Hey Schrauber sry das ich mich so lange nicht gemeldet habe...
habe wieder probleme mit dem pc soll ich einen neuen thread starten oder hier einfach fortfahren

Hast Du denn mittlerweile ne Scheibe gefunden und mal damit WIndows repariert? Was für Probleme?

ja habe endlich mal ne scheibe organisieren können habe seit dem mein pc auch mal wieder komplett neu aufgesetzt...
ja momentan habe ich das Problem, wenn ich den Internet Explorer (Google Chrome in diesem Fall) verschiedene bzw meldungen erscheinen z.b. diese:
(Please Update to the Latest Version)

und ja der pc mal wieder träge reagiert

Wie jetzt, Du hast jetzt komplett neu aufgesetzt?

FRST öffnen, Haken setzen bei Additional und scannen, poste bitte beide Logfiles.

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Pierre (administrator) on PIERRE-PC on 03-06-2014 04:39:16
Running from C:\Users\Pierre\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Winstep Software Technologies) C:\Program Files (x86)\Winstep\Nexus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(Xfire Inc.) E:\Program Files (x86)\Xfire\Xfire.exe
(Xfire Inc.) E:\Program Files (x86)\Xfire\Xfire.exe
() E:\Program Files (x86)\Xfire\xfire64.exe
(TeamSpeak Systems GmbH) E:\Program Files (x86)\teamspeak\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ExpoThemes-Driver] => C:\Program Files (x86)\ExpoThemes\ExpoThemes Manager.exe [573952 2014-01-28] (ExpoThemes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-26] (AVAST Software)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-10-23] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIskuFX] => C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [540672 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [ExpoThemes-Driver] => C:\Program Files\ExpoThemes\ExpoThemes Manager.exe /s
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-04] (Microsoft Corporation)
HKU\S-1-5-21-4024735632-649279198-383424856-1000\...\Run: [NeXuS] => C:\Program Files (x86)\Winstep\Nexus.exe [16957056 2012-03-28] (Winstep Software Technologies)
HKU\S-1-5-21-4024735632-649279198-383424856-1000\...\MountPoints2: {4ffee3f4-c3dd-11e3-912f-0019dbf2e8ce} - F:\SETUP.EXE
HKU\S-1-5-21-4024735632-649279198-383424856-1000\...\MountPoints2: {8fe6bb05-9fa8-11e3-a951-806e6f6e6963} - D:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk
ShortcutTarget: Roccat Talk.lnk -> C:\Windows\Installer\{605D671E-1D1E-4840-84D9-BFACE17F160D}\NewShortcut1_38373BA15BEE4DD08E16D3720C304537.exe (Flexera Software LLC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x40EF0479B733CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=MFBCCF9ED-C7AA-4788-B67F-CB5CD68138CF&SearchSource=58&CUI=&UM=5&UP=SP21FAAF52-2788-4A13-BE51-8E10A0947534&q={searchTerms}&SSPV=
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-27]
CHR Extension: (Google Drive) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (YouTube) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Google-Suche) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (avast! Online Security) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-02]
CHR Extension: (No Name) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip [2014-04-18]
CHR Extension: (Google Wallet) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-27]
CHR Extension: (Google Mail) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-06]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-14] ()
S4 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-15] (Disc Soft Ltd)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-03-03] (Windows (R) Win 7 DDK provider)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-03 04:39 - 2014-06-03 04:39 - 00010481 _____ () C:\Users\Pierre\Downloads\FRST.txt
2014-06-03 04:38 - 2014-06-03 04:39 - 00000000 ____D () C:\FRST
2014-06-03 04:37 - 2014-06-03 04:37 - 02068992 _____ (Farbar) C:\Users\Pierre\Downloads\FRST64.exe
2014-06-02 14:29 - 2014-06-02 14:29 - 01020031 _____ () C:\Users\Pierre\Downloads\14012116294883_usa_M44_45_north_america.wotreplay
2014-06-02 11:47 - 2014-06-02 11:49 - 00000000 ____D () C:\AdwCleaner
2014-06-02 11:47 - 2014-06-02 11:47 - 01327971 _____ () C:\Users\Pierre\Downloads\adwcleaner_3.211.exe
2014-06-02 11:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-01 20:37 - 2014-06-01 20:37 - 00004536 _____ () C:\Users\Pierre\Desktop\mwbytes.xml
2014-06-01 20:37 - 2014-06-01 20:37 - 00001889 _____ () C:\Users\Pierre\Desktop\mwbytes.txt
2014-06-01 20:17 - 2014-06-01 20:17 - 00004042 _____ () C:\Users\Pierre\Desktop\Windows-Kompatibilitätsbericht.htm
2014-06-01 20:01 - 2014-06-01 20:18 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-06-01 20:01 - 2014-06-01 20:18 - 00001908 _____ () C:\Windows\diagerr.xml
2014-05-27 12:56 - 2014-06-01 22:09 - 00000243 _____ () C:\Users\Pierre\Desktop\Anwerbe text.txt
2014-05-15 23:47 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 23:47 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 23:47 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 23:47 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 23:47 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 23:47 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 09:13 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 09:13 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 09:13 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 09:13 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 09:13 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 09:13 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 09:12 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 09:12 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 09:12 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 09:12 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 09:12 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 09:12 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 09:12 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 09:12 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 09:12 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 09:12 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 09:12 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 09:12 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 09:12 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 09:12 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 09:12 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-06 21:49 - 2014-05-06 21:49 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-06 21:48 - 2014-05-06 21:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 21:48 - 2014-05-06 21:48 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 21:33 - 2014-05-16 15:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 16:25 - 2014-05-05 16:25 - 00000000 __SHD () C:\Users\Pierre\AppData\Local\EmieUserList
2014-05-05 16:25 - 2014-05-05 16:25 - 00000000 __SHD () C:\Users\Pierre\AppData\Local\EmieSiteList
2014-05-05 00:18 - 2014-05-05 00:18 - 00001952 _____ () C:\Users\Public\Desktop\OMC ModPack entfernen.lnk
2014-05-05 00:18 - 2014-05-05 00:18 - 00000973 _____ () C:\Users\Public\Desktop\OMC ModPack Aktualisierung- Rekonfiguration.lnk
2014-05-04 23:40 - 2014-05-04 23:40 - 02263304 _____ (Odem Mortis ) C:\Users\Pierre\Downloads\OMC_ModPack_0.9.0.11.exe
2014-05-04 21:04 - 2014-06-01 21:13 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-04 21:04 - 2014-06-01 21:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-04 21:04 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-04 21:04 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-04 21:04 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-04 21:04 - 2014-05-04 21:04 - 00001120 _____ () C:\Users\Pierre\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-04 21:02 - 2014-05-04 21:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pierre\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-04 16:07 - 2014-05-04 16:07 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-04 16:07 - 2014-05-04 16:07 - 00000000 _____ () C:\autoexec.bat
2014-05-04 16:06 - 2014-05-05 16:25 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-04 16:01 - 2014-05-04 16:01 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Pierre\Downloads\SpyHunter-Installer.exe

==================== One Month Modified Files and Folders =======

2014-06-03 04:39 - 2014-06-03 04:39 - 00010481 _____ () C:\Users\Pierre\Downloads\FRST.txt
2014-06-03 04:39 - 2014-06-03 04:38 - 00000000 ____D () C:\FRST
2014-06-03 04:39 - 2014-02-27 14:22 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Temp
2014-06-03 04:37 - 2014-06-03 04:37 - 02068992 _____ (Farbar) C:\Users\Pierre\Downloads\FRST64.exe
2014-06-03 04:25 - 2014-04-18 11:25 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {49D08EE7-C3A3-4B49-93C9-067AC62A3D70}.job
2014-06-03 04:24 - 2014-03-03 04:28 - 00000000 ____D () C:\Users\Pierre\AppData\Local\PMB Files
2014-06-03 04:05 - 2014-03-01 10:26 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Xfire
2014-06-03 03:56 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 03:56 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 03:51 - 2014-02-27 14:34 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-06-03 03:51 - 2014-02-27 14:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-03 03:51 - 2014-02-27 14:16 - 01650930 _____ () C:\Windows\WindowsUpdate.log
2014-06-03 01:55 - 2009-07-14 06:51 - 00002130 _____ () C:\Windows\setupact.log
2014-06-03 01:51 - 2014-02-27 14:30 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-03 01:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-02 14:36 - 2014-04-29 23:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 14:29 - 2014-06-02 14:29 - 01020031 _____ () C:\Users\Pierre\Downloads\14012116294883_usa_M44_45_north_america.wotreplay
2014-06-02 11:51 - 2014-02-28 21:18 - 00189828 _____ () C:\Windows\PFRO.log
2014-06-02 11:49 - 2014-06-02 11:47 - 00000000 ____D () C:\AdwCleaner
2014-06-02 11:47 - 2014-06-02 11:47 - 01327971 _____ () C:\Users\Pierre\Downloads\adwcleaner_3.211.exe
2014-06-02 11:02 - 2014-03-11 19:33 - 00103736 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-02 11:00 - 2014-03-03 04:17 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\.minecraft
2014-06-02 10:54 - 2014-03-01 11:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-02 00:27 - 2014-03-11 19:33 - 00103736 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-02 00:14 - 2014-03-03 06:05 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\foobar2000
2014-06-01 22:09 - 2014-05-27 12:56 - 00000243 _____ () C:\Users\Pierre\Desktop\Anwerbe text.txt
2014-06-01 22:07 - 2014-03-20 10:10 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Skype
2014-06-01 21:13 - 2014-05-04 21:04 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 21:13 - 2014-05-04 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-01 21:13 - 2014-04-29 23:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-01 20:37 - 2014-06-01 20:37 - 00004536 _____ () C:\Users\Pierre\Desktop\mwbytes.xml
2014-06-01 20:37 - 2014-06-01 20:37 - 00001889 _____ () C:\Users\Pierre\Desktop\mwbytes.txt
2014-06-01 20:18 - 2014-06-01 20:01 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-06-01 20:18 - 2014-06-01 20:01 - 00001908 _____ () C:\Windows\diagerr.xml
2014-06-01 20:17 - 2014-06-01 20:17 - 00004042 _____ () C:\Users\Pierre\Desktop\Windows-Kompatibilitätsbericht.htm
2014-06-01 20:01 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-29 13:17 - 2009-08-07 12:18 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-05-29 13:17 - 2009-08-07 12:18 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-05-29 13:17 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 10:53 - 2014-03-03 04:28 - 00000000 ____D () C:\ProgramData\PMB Files
2014-05-23 12:20 - 2014-04-14 13:04 - 00000000 ____D () C:\ProgramData\Origin
2014-05-23 12:19 - 2014-02-27 14:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-22 01:48 - 2014-02-27 14:31 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-16 20:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 15:57 - 2014-02-27 14:24 - 00000000 ___RD () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 15:57 - 2014-02-27 14:24 - 00000000 ___RD () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 15:54 - 2014-05-06 21:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 15:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 23:46 - 2014-03-02 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 23:45 - 2014-03-02 23:01 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 21:48 - 2014-03-01 11:36 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 21:48 - 2014-03-01 11:35 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:48 - 2014-03-01 11:35 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-14 22:20 - 2014-05-01 19:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-14 22:18 - 2014-05-01 19:14 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-12 07:26 - 2014-05-04 21:04 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-04 21:04 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-04 21:04 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 08:14 - 2014-05-15 09:13 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 09:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 13:54 - 2014-03-15 11:33 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-07 10:42 - 2014-02-27 14:30 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 10:42 - 2014-02-27 14:30 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 21:49 - 2014-05-06 21:49 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-06 21:48 - 2014-05-06 21:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 21:48 - 2014-05-06 21:48 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 21:48 - 2014-03-01 11:36 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-06 21:48 - 2014-03-01 11:35 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400183321983
2014-05-06 21:48 - 2014-03-01 11:35 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400183321983
2014-05-06 21:48 - 2014-03-01 11:35 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-06 21:48 - 2014-03-01 11:35 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-06 21:48 - 2014-03-01 11:35 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-06 21:48 - 2014-03-01 11:35 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-06 06:40 - 2014-05-15 23:47 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 23:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 23:47 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 23:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 23:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 23:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 16:25 - 2014-05-05 16:25 - 00000000 __SHD () C:\Users\Pierre\AppData\Local\EmieUserList
2014-05-05 16:25 - 2014-05-05 16:25 - 00000000 __SHD () C:\Users\Pierre\AppData\Local\EmieSiteList
2014-05-05 16:25 - 2014-05-04 16:06 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-05 16:25 - 2014-03-28 01:26 - 00000000 ____D () C:\Users\Pierre\Desktop\Games
2014-05-05 16:24 - 2014-03-28 01:27 - 00000000 ____D () C:\Users\Pierre\Desktop\Programme
2014-05-05 16:21 - 2014-02-27 14:29 - 00063200 _____ () C:\Users\Pierre\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-05 16:20 - 2009-07-14 06:45 - 00290488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-05 00:18 - 2014-05-05 00:18 - 00001952 _____ () C:\Users\Public\Desktop\OMC ModPack entfernen.lnk
2014-05-05 00:18 - 2014-05-05 00:18 - 00000973 _____ () C:\Users\Public\Desktop\OMC ModPack Aktualisierung- Rekonfiguration.lnk
2014-05-05 00:18 - 2014-03-25 21:21 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack
2014-05-04 23:40 - 2014-05-04 23:40 - 02263304 _____ (Odem Mortis ) C:\Users\Pierre\Downloads\OMC_ModPack_0.9.0.11.exe
2014-05-04 23:40 - 2014-03-06 10:50 - 00000000 ____D () C:\Users\Pierre\Documents\OMC ModPack
2014-05-04 21:04 - 2014-05-04 21:04 - 00001120 _____ () C:\Users\Pierre\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-04 21:03 - 2014-05-04 21:02 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pierre\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-05-04 20:56 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\addins
2014-05-04 16:07 - 2014-05-04 16:07 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-05-04 16:07 - 2014-05-04 16:07 - 00000000 _____ () C:\autoexec.bat
2014-05-04 16:01 - 2014-05-04 16:01 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Pierre\Downloads\SpyHunter-Installer.exe

Some content of TEMP:
====================
C:\Users\Pierre\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Pierre\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pierre\AppData\Local\Temp\nvStInst.exe
C:\Users\Pierre\AppData\Local\Temp\Quarantine.exe
C:\Users\Pierre\AppData\Local\Temp\SHSetup.exe
C:\Users\Pierre\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pierre\AppData\Local\Temp\sonarinst.exe
C:\Users\Pierre\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 00:54

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Pierre at 2014-06-03 04:39:48
Running from C:\Users\Pierre\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30768 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
diclovit's mod pack 1.10.4 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 1.10.4 - diclovit)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nexus 12.2 (HKLM-x32\...\Winstep Xtreme_is1) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.47.1 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Oblivion - BTmod 2.20 (HKLM-x32\...\BTmod) (Version: 2.20 - Beider & Tikigod)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Oblivion-Schilder-Mod-v0.5 (HKLM-x32\...\Oblivion-Schilder-Mod_is1) (Version:  - Ferron)
OMC ModPack Version 0.9.0.0 (HKLM-x32\...\{CF9086F7-0490-42CE-8029-09CCB8FB942A}_is1) (Version: 0.9.0.0 - Odem Mortis)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4518 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version:  - Roccat GmbH)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0002 - Roccat GmbH)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Xfire (HKLM-x32\...\Xfire) (Version:  - )

==================== Restore Points  =========================

15-05-2014 21:43:20 Windows Update
21-05-2014 08:04:34 Windows Update
28-05-2014 22:00:03 Geplanter Prüfpunkt
30-05-2014 08:33:42 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1580208B-4903-47E4-BE01-95A5A75CADC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27] (Google Inc.)
Task: {9CB344F0-CD01-4150-881E-A07D9395E188} - System32\Tasks\FF Watcher {49D08EE7-C3A3-4B49-93C9-067AC62A3D70} => C:\Program Files\V-bates\PrefHelper.exe
Task: {9FA7A9E4-F0C4-4C63-A557-42A201F822B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27] (Google Inc.)
Task: {CF844E4E-1869-4AF6-B811-305B63841830} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: C:\Windows\Tasks\FF Watcher {49D08EE7-C3A3-4B49-93C9-067AC62A3D70}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-11 19:33 - 2014-04-14 15:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-21 06:10 - 2013-03-21 06:10 - 00258944 _____ () E:\Program Files (x86)\Xfire\xfire64.exe
2014-03-14 16:54 - 2014-03-14 16:54 - 00173568 _____ () E:\Program Files (x86)\teamspeak\quazip.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 01080832 _____ () E:\Program Files (x86)\teamspeak\platforms\qwindows.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 00833024 _____ () E:\Program Files (x86)\teamspeak\sqldrivers\qsqlite.dll
2013-10-23 14:15 - 2014-03-14 16:54 - 00102344 _____ () E:\Program Files (x86)\teamspeak\soundbackends\directsound_win64.dll
2013-10-23 14:15 - 2014-03-14 16:54 - 00108488 _____ () E:\Program Files (x86)\teamspeak\soundbackends\windowsaudiosession_win64.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 00030208 _____ () E:\Program Files (x86)\teamspeak\imageformats\qgif.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 00233984 _____ () E:\Program Files (x86)\teamspeak\imageformats\qjpeg.dll
2013-10-23 14:15 - 2014-03-14 16:54 - 00563656 _____ () E:\Program Files (x86)\teamspeak\plugins\clientquery_plugin.dll
2013-10-23 14:15 - 2014-03-14 16:54 - 00577480 _____ () E:\Program Files (x86)\teamspeak\plugins\teamspeak_control_plugin.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 00159232 _____ () E:\Program Files (x86)\teamspeak\accessible\qtaccessiblewidgets.dll
2014-06-02 23:52 - 2014-06-02 23:52 - 02259456 _____ () C:\Program Files\AVAST Software\Avast\defs\14060201\algo.dll
2014-04-30 00:00 - 2012-02-22 08:41 - 01085376 _____ () C:\Program Files (x86)\Winstep\wodTelnetDLX.dll
2014-03-01 11:35 - 2014-03-01 11:35 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-13 10:39 - 2012-06-23 15:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2014-03-27 15:53 - 2012-07-08 17:31 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\hiddriver.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\Services: Winstep Xtreme Service => 2
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "E:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Nexus => C:\Program Files (x86)\Winstep\Nexus.exe autostart

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/01/2014 02:52:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ts3client_win64.exe, Version: 3.0.14.0, Zeitstempel: 0x53204a50
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0xcb8
Startzeit der fehlerhaften Anwendung: 0xts3client_win64.exe0
Pfad der fehlerhaften Anwendung: ts3client_win64.exe1
Pfad des fehlerhaften Moduls: ts3client_win64.exe2
Berichtskennung: ts3client_win64.exe3

Error: (05/16/2014 04:00:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.3523, Zeitstempel: 0x5315c9f7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x39c
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3

Error: (05/12/2014 10:51:22 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to poke open firewall

Error: (05/05/2014 04:24:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Spyhunter4.exe, Version 4.17.6.4336 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: a00

Startzeit: 01cf686d188baa60

Endzeit: 3

Anwendungspfad: C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe

Berichts-ID: 98a1c3b1-d460-11e3-a74b-0019dbf2e8ce

Error: (05/01/2014 03:11:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.3523, Zeitstempel: 0x5315c9f7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0xb00
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3

Error: (04/23/2014 10:12:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iw3mp.exe, Version: 0.0.0.0, Zeitstempel: 0x4859a219
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x173c
Startzeit der fehlerhaften Anwendung: 0xiw3mp.exe0
Pfad der fehlerhaften Anwendung: iw3mp.exe1
Pfad des fehlerhaften Moduls: iw3mp.exe2
Berichtskennung: iw3mp.exe3

Error: (04/15/2014 09:34:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WorldOfTanks.exe, Version: 0.8.11.0, Zeitstempel: 0x52ef7bcc
Name des fehlerhaften Moduls: WorldOfTanks.exe, Version: 0.8.11.0, Zeitstempel: 0x52ef7bcc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001d351d
ID des fehlerhaften Prozesses: 0x13f8
Startzeit der fehlerhaften Anwendung: 0xWorldOfTanks.exe0
Pfad der fehlerhaften Anwendung: WorldOfTanks.exe1
Pfad des fehlerhaften Moduls: WorldOfTanks.exe2
Berichtskennung: WorldOfTanks.exe3

Error: (04/14/2014 03:57:41 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to poke open firewall

Error: (04/14/2014 01:04:17 PM) (Source: Windows Installer 3.1) (EventID: 4373) (User: )
Description: WindowsFür diesen Befehl ist nicht genügend Speicher verfügbar.

Error: (04/14/2014 00:59:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WorldOfTanks.exe, Version: 0.8.11.0, Zeitstempel: 0x52ef7bcc
Name des fehlerhaften Moduls: WorldOfTanks.exe, Version: 0.8.11.0, Zeitstempel: 0x52ef7bcc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001d351d
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xWorldOfTanks.exe0
Pfad der fehlerhaften Anwendung: WorldOfTanks.exe1
Pfad des fehlerhaften Moduls: WorldOfTanks.exe2
Berichtskennung: WorldOfTanks.exe3


System errors:
=============
Error: (06/03/2014 01:51:09 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (06/03/2014 01:51:20 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎06.‎2014 um 01:49:10 unerwartet heruntergefahren.

Error: (06/02/2014 11:51:10 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (06/02/2014 10:53:16 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (06/02/2014 01:42:58 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "PIERRE-PC      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.199
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (06/02/2014 00:45:44 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "PIERRE-PC      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.199
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (06/02/2014 00:45:43 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "PIERRE-PC      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.199
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (06/02/2014 00:27:40 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "PIERRE-PC      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.199
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (06/02/2014 00:27:35 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "PIERRE-PC      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.199
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (06/02/2014 00:27:16 AM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "PIERRE-PC      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.199
registriert werden. Der Computer mit IP-Adresse 192.168.2.102 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.


Microsoft Office Sessions:
=========================
Error: (06/01/2014 02:52:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ts3client_win64.exe3.0.14.053204a50ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5dcb801cf798555b7f460E:\Program Files (x86)\teamspeak\ts3client_win64.exeC:\Windows\SYSTEM32\ntdll.dllf9d62970-e926-11e3-bc29-0019dbf2e8ce

Error: (05/16/2014 04:00:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvtray.exe7.17.13.35235315c9f7ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e439c01cf710ed565e7a0C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\SYSTEM32\ntdll.dll7244d6d0-dd02-11e3-bbff-0019dbf2e8ce

Error: (05/12/2014 10:51:22 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to poke open firewall

Error: (05/05/2014 04:24:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Spyhunter4.exe4.17.6.4336a0001cf686d188baa603C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe98a1c3b1-d460-11e3-a74b-0019dbf2e8ce

Error: (05/01/2014 03:11:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvtray.exe7.17.13.35235315c9f7ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e4b0001cf641368744400C:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Windows\SYSTEM32\ntdll.dll1e681b20-d132-11e3-b2e2-0019dbf2e8ce

Error: (04/23/2014 10:12:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: iw3mp.exe0.0.0.04859a219unknown0.0.0.000000000c000000500000000173c01cf5ecb3cca0bc0E:\Program Files (x86)\COD 4\iw3mp.exeunknownf6f69900-cabe-11e3-bf6a-0019dbf2e8ce

Error: (04/15/2014 09:34:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WorldOfTanks.exe0.8.11.052ef7bccWorldOfTanks.exe0.8.11.052ef7bccc0000005001d351d13f801cf58d11ec415d0E:\Program Files (x86)\World_of_Tanks\WorldOfTanks.exeE:\Program Files (x86)\World_of_Tanks\WorldOfTanks.exef233aab0-c4d4-11e3-912f-0019dbf2e8ce

Error: (04/14/2014 03:57:41 PM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Failed to poke open firewall

Error: (04/14/2014 01:04:17 PM) (Source: Windows Installer 3.1) (EventID: 4373) (User: )
Description: WindowsFür diesen Befehl ist nicht genügend Speicher verfügbar.

Error: (04/14/2014 00:59:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: WorldOfTanks.exe0.8.11.052ef7bccWorldOfTanks.exe0.8.11.052ef7bccc0000005001d351de8001cf57c1a933bab0E:\Program Files (x86)\World_of_Tanks\WorldOfTanks.exeE:\Program Files (x86)\World_of_Tanks\WorldOfTanks.exed0cfd7c0-c3c3-11e3-a6be-0019dbf2e8ce


==================== Memory info =========================== 

Percentage of memory in use: 29%
Total physical RAM: 6143.35 MB
Available physical RAM: 4357.29 MB
Total Pagefile: 12284.88 MB
Available Pagefile: 10222.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:59.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Windows_7_RTM) (CDROM) (Total:3.07 GB) (Free:0 GB) UDF
Drive e: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:714.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 329A3299)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 075895FE)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

und ich hatte noch ein mal Malwarebyte durchsuchen lassen das findet er immer wieder sobald ich den explorer öffne

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 01.06.2014
Suchlauf-Zeit: 20:37:33
Logdatei: mwbytes.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.06.01.07
Rootkit Datenbank: v2014.05.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Pierre

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 254426
Verstrichene Zeit: 14 Min, 46 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 3
PUP.Optional.Superfish.A, C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [7ecd551ea1da88aed8c67b1935cd4bb5], 
PUP.Optional.Superfish.A, C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [fe4d5c17007b1125534be6ae738fca36], 
PUP.Optional.Conduit.A, C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "search_url": "hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=MFBCCF9ED-C7AA-4788-B67F-CB5CD68138CF&SearchSource=58&CUI=&UM=5&UP=SP21FAAF52-2788-4A13-BE51-8E10A0947534&q={searchTerms}&SSPV=",), ,[ed5e7cf72d4e0135d0a397f7857fbd43]

Physische Sektoren: 0
(No malicious items detected)


(end)
         

Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.211 - Bericht erstellt am 03/06/2014 um 21:13:07
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Pierre - PIERRE-PC
# Gestartet von : C:\Users\Pierre\Downloads\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljmibnagodajacnnbifpamhggcohblip

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Google Chrome v35.0.1916.114

[ Datei : C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=MFBCCF9ED-C7AA-4788-B67F-CB5CD68138CF&SearchSource=58&CUI=&UM=5&UP=SP21FAAF52-2788-4A13-BE51-8E10A0947534&q={searchTerms}&SSPV=
Gelöscht [Extension] : ljmibnagodajacnnbifpamhggcohblip

*************************

AdwCleaner[R0].txt - [1568 octets] - [02/06/2014 11:47:27]
AdwCleaner[R1].txt - [1107 octets] - [03/06/2014 21:12:23]
AdwCleaner[S0].txt - [1827 octets] - [02/06/2014 11:49:16]
AdwCleaner[S1].txt - [1273 octets] - [03/06/2014 21:13:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1333 octets] ##########
         

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Pierre on 04.06.2014 at 19:56:19,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.06.2014 at 20:16:17,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

frst logs

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Pierre at 2014-06-04 20:40:11
Running from C:\Users\Pierre\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30768 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
diclovit's mod pack 1.10.4 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 1.10.4 - diclovit)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nexus 12.2 (HKLM-x32\...\Winstep Xtreme_is1) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.47.1 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Oblivion - BTmod 2.20 (HKLM-x32\...\BTmod) (Version: 2.20 - Beider & Tikigod)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Oblivion-Schilder-Mod-v0.5 (HKLM-x32\...\Oblivion-Schilder-Mod_is1) (Version:  - Ferron)
OMC ModPack Version 0.9.0.0 (HKLM-x32\...\{CF9086F7-0490-42CE-8029-09CCB8FB942A}_is1) (Version: 0.9.0.0 - Odem Mortis)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4518 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version:  - Roccat GmbH)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0002 - Roccat GmbH)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Xfire (HKLM-x32\...\Xfire) (Version:  - )

==================== Restore Points  =========================

21-05-2014 08:04:34 Windows Update
28-05-2014 22:00:03 Geplanter Prüfpunkt
30-05-2014 08:33:42 Windows Update
03-06-2014 13:31:24 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1580208B-4903-47E4-BE01-95A5A75CADC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27] (Google Inc.)
Task: {9CB344F0-CD01-4150-881E-A07D9395E188} - System32\Tasks\FF Watcher {49D08EE7-C3A3-4B49-93C9-067AC62A3D70} => C:\Program Files\V-bates\PrefHelper.exe
Task: {9FA7A9E4-F0C4-4C63-A557-42A201F822B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27] (Google Inc.)
Task: {CF844E4E-1869-4AF6-B811-305B63841830} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: C:\Windows\Tasks\FF Watcher {49D08EE7-C3A3-4B49-93C9-067AC62A3D70}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-11 19:33 - 2014-04-14 15:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-03 12:41 - 2014-06-03 12:41 - 02260480 _____ () C:\Program Files\AVAST Software\Avast\defs\14060300\algo.dll
2014-06-04 19:54 - 2014-06-04 19:54 - 02260480 _____ () C:\Program Files\AVAST Software\Avast\defs\14060400\algo.dll
2014-04-30 00:00 - 2012-02-22 08:41 - 01085376 _____ () C:\Program Files (x86)\Winstep\wodTelnetDLX.dll
2014-03-01 11:35 - 2014-03-01 11:35 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-13 10:39 - 2012-06-23 15:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2014-03-27 15:53 - 2012-07-08 17:31 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\hiddriver.dll
2014-01-08 12:02 - 2014-04-22 00:55 - 00340480 _____ () E:\Program Files (x86)\Steam\libavresample-1.dll
2014-05-12 22:56 - 2014-04-22 00:55 - 00471552 _____ () E:\Program Files (x86)\Steam\libavutil-53.dll
2013-07-01 08:20 - 2014-04-01 00:09 - 00754688 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2012-08-01 19:46 - 2014-04-24 00:01 - 01092288 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-08-01 19:46 - 2014-03-03 21:15 - 20626624 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll
2012-08-01 19:46 - 2013-06-15 01:49 - 01100800 _____ () E:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-08-01 19:46 - 2013-06-15 01:49 - 00124416 _____ () E:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-08-01 19:46 - 2013-06-15 01:49 - 00192000 _____ () E:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\Services: Winstep Xtreme Service => 2
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "E:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Nexus => C:\Program Files (x86)\Winstep\Nexus.exe autostart

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (06/04/2014 08:37:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (06/04/2014 08:37:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 25%
Total physical RAM: 6143.35 MB
Available physical RAM: 4552.32 MB
Total Pagefile: 12284.88 MB
Available Pagefile: 10418.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:61.05 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Windows_7_RTM) (CDROM) (Total:3.07 GB) (Free:0 GB) UDF
Drive e: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:707.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 329A3299)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 075895FE)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Pierre (administrator) on PIERRE-PC on 04-06-2014 20:39:08
Running from C:\Users\Pierre\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Winstep Software Technologies) C:\Program Files (x86)\Winstep\Nexus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ExpoThemes-Driver] => C:\Program Files (x86)\ExpoThemes\ExpoThemes Manager.exe [573952 2014-01-28] (ExpoThemes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-26] (AVAST Software)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-10-23] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIskuFX] => C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [540672 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [ExpoThemes-Driver] => C:\Program Files\ExpoThemes\ExpoThemes Manager.exe /s
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-04] (Microsoft Corporation)
HKU\S-1-5-21-4024735632-649279198-383424856-1000\...\Run: [NeXuS] => C:\Program Files (x86)\Winstep\Nexus.exe [16957056 2012-03-28] (Winstep Software Technologies)
HKU\S-1-5-21-4024735632-649279198-383424856-1000\...\MountPoints2: {4ffee3f4-c3dd-11e3-912f-0019dbf2e8ce} - F:\SETUP.EXE
HKU\S-1-5-21-4024735632-649279198-383424856-1000\...\MountPoints2: {8fe6bb05-9fa8-11e3-a951-806e6f6e6963} - D:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk
ShortcutTarget: Roccat Talk.lnk -> C:\Windows\Installer\{605D671E-1D1E-4840-84D9-BFACE17F160D}\NewShortcut1_38373BA15BEE4DD08E16D3720C304537.exe (Flexera Software LLC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x40EF0479B733CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=MFBCCF9ED-C7AA-4788-B67F-CB5CD68138CF&SearchSource=58&CUI=&UM=5&UP=SP21FAAF52-2788-4A13-BE51-8E10A0947534&q={searchTerms}&SSPV=
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-27]
CHR Extension: (Google Drive) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (YouTube) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Google-Suche) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (avast! Online Security) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-02]
CHR Extension: (Google Wallet) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-27]
CHR Extension: (Google Mail) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-06]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-14] ()
S4 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-15] (Disc Soft Ltd)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-03-03] (Windows (R) Win 7 DDK provider)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-04 20:16 - 2014-06-04 20:16 - 00000692 _____ () C:\Users\Pierre\Desktop\JRT.txt
2014-06-04 19:56 - 2014-06-04 19:56 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 19:55 - 2014-06-04 19:55 - 01016261 _____ (Thisisu) C:\Users\Pierre\Downloads\JRT.exe
2014-06-03 04:39 - 2014-06-04 20:39 - 00010146 _____ () C:\Users\Pierre\Downloads\FRST.txt
2014-06-03 04:39 - 2014-06-03 04:40 - 00024799 _____ () C:\Users\Pierre\Downloads\Addition.txt
2014-06-03 04:38 - 2014-06-04 20:39 - 00000000 ____D () C:\FRST
2014-06-03 04:37 - 2014-06-03 04:37 - 02068992 _____ (Farbar) C:\Users\Pierre\Downloads\FRST64.exe
2014-06-02 14:29 - 2014-06-02 14:29 - 01020031 _____ () C:\Users\Pierre\Downloads\14012116294883_usa_M44_45_north_america.wotreplay
2014-06-02 11:47 - 2014-06-03 21:13 - 00000000 ____D () C:\AdwCleaner
2014-06-02 11:47 - 2014-06-02 11:47 - 01327971 _____ () C:\Users\Pierre\Downloads\adwcleaner_3.211.exe
2014-06-02 11:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-01 20:37 - 2014-06-01 20:37 - 00004536 _____ () C:\Users\Pierre\Desktop\mwbytes.xml
2014-06-01 20:37 - 2014-06-01 20:37 - 00001889 _____ () C:\Users\Pierre\Desktop\mwbytes.txt
2014-06-01 20:17 - 2014-06-01 20:17 - 00004042 _____ () C:\Users\Pierre\Desktop\Windows-Kompatibilitätsbericht.htm
2014-06-01 20:01 - 2014-06-01 20:18 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-06-01 20:01 - 2014-06-01 20:18 - 00001908 _____ () C:\Windows\diagerr.xml
2014-05-27 12:56 - 2014-06-01 22:09 - 00000243 _____ () C:\Users\Pierre\Desktop\Anwerbe text.txt
2014-05-15 23:47 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 23:47 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 23:47 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 23:47 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 23:47 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 23:47 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 09:13 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 09:13 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 09:13 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 09:13 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 09:13 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 09:13 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 09:12 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 09:12 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 09:12 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 09:12 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 09:12 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 09:12 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 09:12 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 09:12 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 09:12 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 09:12 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 09:12 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 09:12 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 09:12 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 09:12 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 09:12 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-06 21:49 - 2014-05-06 21:49 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-06 21:48 - 2014-05-06 21:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 21:48 - 2014-05-06 21:48 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 21:33 - 2014-05-16 15:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-05 16:25 - 2014-05-05 16:25 - 00000000 __SHD () C:\Users\Pierre\AppData\Local\EmieUserList
2014-05-05 16:25 - 2014-05-05 16:25 - 00000000 __SHD () C:\Users\Pierre\AppData\Local\EmieSiteList
2014-05-05 00:18 - 2014-05-05 00:18 - 00001952 _____ () C:\Users\Public\Desktop\OMC ModPack entfernen.lnk
2014-05-05 00:18 - 2014-05-05 00:18 - 00000973 _____ () C:\Users\Public\Desktop\OMC ModPack Aktualisierung- Rekonfiguration.lnk

==================== One Month Modified Files and Folders =======

2014-06-04 20:39 - 2014-06-03 04:39 - 00010146 _____ () C:\Users\Pierre\Downloads\FRST.txt
2014-06-04 20:39 - 2014-06-03 04:38 - 00000000 ____D () C:\FRST
2014-06-04 20:39 - 2014-02-27 14:22 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Temp
2014-06-04 20:37 - 2014-02-27 14:34 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-06-04 20:37 - 2014-02-27 14:16 - 01720470 _____ () C:\Windows\WindowsUpdate.log
2014-06-04 20:25 - 2014-04-18 11:25 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {49D08EE7-C3A3-4B49-93C9-067AC62A3D70}.job
2014-06-04 20:16 - 2014-06-04 20:16 - 00000692 _____ () C:\Users\Pierre\Desktop\JRT.txt
2014-06-04 19:58 - 2014-02-27 14:30 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-04 19:56 - 2014-06-04 19:56 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 19:55 - 2014-06-04 19:55 - 01016261 _____ (Thisisu) C:\Users\Pierre\Downloads\JRT.exe
2014-06-04 19:54 - 2014-02-27 14:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-03 21:22 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 21:22 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 21:14 - 2014-02-28 21:18 - 00190138 _____ () C:\Windows\PFRO.log
2014-06-03 21:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-03 21:14 - 2009-07-14 06:51 - 00002242 _____ () C:\Windows\setupact.log
2014-06-03 21:13 - 2014-06-02 11:47 - 00000000 ____D () C:\AdwCleaner
2014-06-03 21:11 - 2014-03-01 10:26 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Xfire
2014-06-03 04:40 - 2014-06-03 04:39 - 00024799 _____ () C:\Users\Pierre\Downloads\Addition.txt
2014-06-03 04:37 - 2014-06-03 04:37 - 02068992 _____ (Farbar) C:\Users\Pierre\Downloads\FRST64.exe
2014-06-03 04:24 - 2014-03-03 04:28 - 00000000 ____D () C:\Users\Pierre\AppData\Local\PMB Files
2014-06-02 14:36 - 2014-04-29 23:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-02 14:29 - 2014-06-02 14:29 - 01020031 _____ () C:\Users\Pierre\Downloads\14012116294883_usa_M44_45_north_america.wotreplay
2014-06-02 11:47 - 2014-06-02 11:47 - 01327971 _____ () C:\Users\Pierre\Downloads\adwcleaner_3.211.exe
2014-06-02 11:02 - 2014-03-11 19:33 - 00103736 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-02 11:00 - 2014-03-03 04:17 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\.minecraft
2014-06-02 10:54 - 2014-03-01 11:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-02 00:27 - 2014-03-11 19:33 - 00103736 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-02 00:14 - 2014-03-03 06:05 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\foobar2000
2014-06-01 22:09 - 2014-05-27 12:56 - 00000243 _____ () C:\Users\Pierre\Desktop\Anwerbe text.txt
2014-06-01 22:07 - 2014-03-20 10:10 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Skype
2014-06-01 21:13 - 2014-05-04 21:04 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 21:13 - 2014-05-04 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-01 21:13 - 2014-04-29 23:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-01 20:37 - 2014-06-01 20:37 - 00004536 _____ () C:\Users\Pierre\Desktop\mwbytes.xml
2014-06-01 20:37 - 2014-06-01 20:37 - 00001889 _____ () C:\Users\Pierre\Desktop\mwbytes.txt
2014-06-01 20:18 - 2014-06-01 20:01 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-06-01 20:18 - 2014-06-01 20:01 - 00001908 _____ () C:\Windows\diagerr.xml
2014-06-01 20:17 - 2014-06-01 20:17 - 00004042 _____ () C:\Users\Pierre\Desktop\Windows-Kompatibilitätsbericht.htm
2014-06-01 20:01 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-29 13:17 - 2009-08-07 12:18 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-05-29 13:17 - 2009-08-07 12:18 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-05-29 13:17 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 10:53 - 2014-03-03 04:28 - 00000000 ____D () C:\ProgramData\PMB Files
2014-05-23 12:20 - 2014-04-14 13:04 - 00000000 ____D () C:\ProgramData\Origin
2014-05-23 12:19 - 2014-02-27 14:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-22 01:48 - 2014-02-27 14:31 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-16 20:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 15:57 - 2014-02-27 14:24 - 00000000 ___RD () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 15:57 - 2014-02-27 14:24 - 00000000 ___RD () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 15:54 - 2014-05-06 21:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 15:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 23:46 - 2014-03-02 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 23:45 - 2014-03-02 23:01 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 21:48 - 2014-03-01 11:36 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 21:48 - 2014-03-01 11:35 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:48 - 2014-03-01 11:35 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-14 22:20 - 2014-05-01 19:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-14 22:18 - 2014-05-01 19:14 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-12 07:26 - 2014-05-04 21:04 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-04 21:04 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-04 21:04 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 08:14 - 2014-05-15 09:13 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 09:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 13:54 - 2014-03-15 11:33 - 00290184 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-05-07 10:42 - 2014-02-27 14:30 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 10:42 - 2014-02-27 14:30 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-06 21:49 - 2014-05-06 21:49 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-05-06 21:48 - 2014-05-06 21:48 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-06 21:48 - 2014-05-06 21:48 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-06 21:48 - 2014-03-01 11:36 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-06 21:48 - 2014-03-01 11:35 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1400183321983
2014-05-06 21:48 - 2014-03-01 11:35 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1400183321983
2014-05-06 21:48 - 2014-03-01 11:35 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-06 21:48 - 2014-03-01 11:35 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-06 21:48 - 2014-03-01 11:35 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-06 21:48 - 2014-03-01 11:35 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-05-06 06:40 - 2014-05-15 23:47 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-15 23:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-15 23:47 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-15 23:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-15 23:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-15 23:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-05 16:25 - 2014-05-05 16:25 - 00000000 __SHD () C:\Users\Pierre\AppData\Local\EmieUserList
2014-05-05 16:25 - 2014-05-05 16:25 - 00000000 __SHD () C:\Users\Pierre\AppData\Local\EmieSiteList
2014-05-05 16:25 - 2014-05-04 16:06 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-05-05 16:25 - 2014-03-28 01:26 - 00000000 ____D () C:\Users\Pierre\Desktop\Games
2014-05-05 16:24 - 2014-03-28 01:27 - 00000000 ____D () C:\Users\Pierre\Desktop\Programme
2014-05-05 16:21 - 2014-02-27 14:29 - 00063200 _____ () C:\Users\Pierre\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-05 16:20 - 2009-07-14 06:45 - 00290488 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-05 00:18 - 2014-05-05 00:18 - 00001952 _____ () C:\Users\Public\Desktop\OMC ModPack entfernen.lnk
2014-05-05 00:18 - 2014-05-05 00:18 - 00000973 _____ () C:\Users\Public\Desktop\OMC ModPack Aktualisierung- Rekonfiguration.lnk
2014-05-05 00:18 - 2014-03-25 21:21 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack

Some content of TEMP:
====================
C:\Users\Pierre\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Pierre\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pierre\AppData\Local\Temp\nvStInst.exe
C:\Users\Pierre\AppData\Local\Temp\Quarantine.exe
C:\Users\Pierre\AppData\Local\Temp\SHSetup.exe
C:\Users\Pierre\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pierre\AppData\Local\Temp\sonarinst.exe
C:\Users\Pierre\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 00:54
         

warte nun auf weitere anweisungen

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

wegen eset

Gehe sicher, dass bei Entdeckte Bedrohungen entfernen kein Haken gesetzt ist.

warum das eigentlich der fragt mich am ende noch mal ob die gefundene bedrohungen entfernt werden sollen also da auch kein haken???

Code: Alles auswählenAufklappen

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=9d483a7c3b397c49af06e880b2a2e3b0
# engine=18552
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-05 11:28:00
# local_time=2014-06-06 01:28:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 387279 8347947 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 65091 153640730 0 0
# scanned=3948
# found=1
# cleaned=0
# scan_time=516
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pierre\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=9d483a7c3b397c49af06e880b2a2e3b0
# engine=18552
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-06 03:03:20
# local_time=2014-06-06 05:03:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 100 97 400199 8360867 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 78011 153653650 0 0
# scanned=241336
# found=9
# cleaned=0
# scan_time=12779
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pierre\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=4F0268D7B36AE783A3C2CF86859A06004A213C04 ft=1 fh=9dcca772f64bb143 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pierre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3AYZWSZ8\v-bates[1].exe"
sh=8C4606D5F82A97A1BDDDB91188F87E2D5650B43D ft=1 fh=c71c0011e8464a4f vn="Variante von Win32/InstallCore.JW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pierre\Downloads\COMPUTER_BILD-Download-Manager_fuer_cod4mw-1.6-patchsetup.exe"
sh=36FF54DE0727491E2A146B4283E747CB6BC8CF6E ft=1 fh=27ff36da8c9d42a4 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pierre\Downloads\Nexus - CHIP-Downloader.exe"
sh=D8B5FBA0238440B59E166ADCAFB4D9B7C83F9BED ft=1 fh=8e95f06f0a537b3b vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pierre\Downloads\xfire_installer_46139.exe"
sh=CA9B910CDBC9C5D8CF05C90825EE61776EC44E6A ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-4024735632-649279198-383424856-1000\$R799ADK\Backup Set 2011-05-29 190000\Backup Files 2011-05-29 190000\Backup files 13.zip"
sh=A0CC732FB1A1CCE34B8731128741EBB3A0CCAB07 ft=0 fh=0000000000000000 vn="Win32/Packed.Autoit.E.Gen evtl. unerwünschte Anwendung" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-4024735632-649279198-383424856-1000\$R799ADK\Backup Set 2011-05-29 190000\Backup Files 2012-02-26 203058\Backup files 1.zip"
sh=73A8FF627A09F9C53F988BECA367BA121FC17CD9 ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-4024735632-649279198-383424856-1000\$R799ADK\Backup Set 2011-05-29 190000\Backup Files 2012-02-26 203058\Backup files 33.zip"
sh=39ABF996BD749760B636D2DBB130FB8814DBAD8B ft=0 fh=0000000000000000 vn="Variante von Win32/InstallCore.K evtl. unerwünschte Anwendung" ac=I fn="E:\$RECYCLE.BIN\S-1-5-21-4024735632-649279198-383424856-1000\$R799ADK\Backup Set 2011-05-29 190000\Backup Files 2012-02-26 203058\Backup files 34.zip"
         

Code: Alles auswählenAufklappen

ATTFilter

 Results of screen317's Security Check version 0.99.83  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 55  
 Adobe Reader XI  
 Google Chrome 34.0.1847.137  
 Google Chrome 35.0.1916.114  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by Pierre at 2014-06-06 10:33:48
Running from C:\Users\Pierre\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.30768 - BitTorrent Inc.)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Call of Duty(R) 4 - Modern Warfare(TM) (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
diclovit's mod pack 1.10.4 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 1.10.4 - diclovit)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
foobar2000 v1.3.1 (HKLM-x32\...\foobar2000) (Version: 1.3.1 - Peter Pawlowski)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Nexus 12.2 (HKLM-x32\...\Winstep Xtreme_is1) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.47.1 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Oblivion - BTmod 2.20 (HKLM-x32\...\BTmod) (Version: 2.20 - Beider & Tikigod)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
Oblivion-Schilder-Mod-v0.5 (HKLM-x32\...\Oblivion-Schilder-Mod_is1) (Version:  - Ferron)
OMC ModPack Version 0.9.0.0 (HKLM-x32\...\{CF9086F7-0490-42CE-8029-09CCB8FB942A}_is1) (Version: 0.9.0.0 - Odem Mortis)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4518 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
ROCCAT Isku FX Keyboard Driver (HKLM-x32\...\{DC69933C-E7B0-455D-8E54-FAC1EEF046FF}) (Version:  - Roccat GmbH)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0002 - Roccat GmbH)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Starcraft (HKLM-x32\...\Starcraft) (Version:  - )
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)
Xfire (HKLM-x32\...\Xfire) (Version:  - )

==================== Restore Points  =========================

21-05-2014 08:04:34 Windows Update
28-05-2014 22:00:03 Geplanter Prüfpunkt
30-05-2014 08:33:42 Windows Update
03-06-2014 13:31:24 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1580208B-4903-47E4-BE01-95A5A75CADC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27] (Google Inc.)
Task: {5461FE6C-A431-4586-812B-2C0E771953F7} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4024735632-649279198-383424856-1000
Task: {9CB344F0-CD01-4150-881E-A07D9395E188} - System32\Tasks\FF Watcher {49D08EE7-C3A3-4B49-93C9-067AC62A3D70} => C:\Program Files\V-bates\PrefHelper.exe
Task: {9FA7A9E4-F0C4-4C63-A557-42A201F822B5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-27] (Google Inc.)
Task: {CF844E4E-1869-4AF6-B811-305B63841830} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-06] (AVAST Software)
Task: C:\Windows\Tasks\FF Watcher {49D08EE7-C3A3-4B49-93C9-067AC62A3D70}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-11 19:33 - 2014-04-14 15:42 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-14 16:54 - 2014-03-14 16:54 - 00173568 _____ () E:\Program Files (x86)\teamspeak\quazip.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 01080832 _____ () E:\Program Files (x86)\teamspeak\platforms\qwindows.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 00833024 _____ () E:\Program Files (x86)\teamspeak\sqldrivers\qsqlite.dll
2013-10-23 14:15 - 2014-03-14 16:54 - 00102344 _____ () E:\Program Files (x86)\teamspeak\soundbackends\directsound_win64.dll
2013-10-23 14:15 - 2014-03-14 16:54 - 00108488 _____ () E:\Program Files (x86)\teamspeak\soundbackends\windowsaudiosession_win64.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 00030208 _____ () E:\Program Files (x86)\teamspeak\imageformats\qgif.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 00233984 _____ () E:\Program Files (x86)\teamspeak\imageformats\qjpeg.dll
2013-10-23 14:15 - 2014-03-14 16:54 - 00563656 _____ () E:\Program Files (x86)\teamspeak\plugins\clientquery_plugin.dll
2013-10-23 14:15 - 2014-03-14 16:54 - 00577480 _____ () E:\Program Files (x86)\teamspeak\plugins\teamspeak_control_plugin.dll
2014-03-14 16:54 - 2014-03-14 16:54 - 00159232 _____ () E:\Program Files (x86)\teamspeak\accessible\qtaccessiblewidgets.dll
2013-03-21 06:10 - 2013-03-21 06:10 - 00258944 _____ () E:\Program Files (x86)\Xfire\xfire64.exe
2014-03-11 19:33 - 2014-06-05 07:30 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-06 10:29 - 2014-06-06 10:29 - 00854367 _____ () C:\Users\Pierre\Downloads\SecurityCheck.exe
2014-06-05 11:16 - 2014-06-05 11:16 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14060500\algo.dll
2014-06-05 23:18 - 2014-06-05 23:18 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14060503\algo.dll
2014-04-30 00:00 - 2012-02-22 08:41 - 01085376 _____ () C:\Program Files (x86)\Winstep\wodTelnetDLX.dll
2014-03-01 11:35 - 2014-03-01 11:35 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-13 10:39 - 2012-06-23 15:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2014-03-27 15:53 - 2012-07-08 17:31 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\hiddriver.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-22 01:48 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\Services: Winstep Xtreme Service => 2
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "E:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Nexus => C:\Program Files (x86)\Winstep\Nexus.exe autostart

==================== Faulty Device Manager Devices =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/06/2014 10:27:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2014 01:29:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2014 01:29:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2014 01:29:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2014 01:28:38 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2014 01:14:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (06/06/2014 01:13:37 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (06/05/2014 03:15:23 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (EventID: 6) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (06/04/2014 08:37:41 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (06/04/2014 08:37:04 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.


Microsoft Office Sessions:
=========================
Error: (06/06/2014 10:27:41 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/06/2014 01:29:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe

Error: (06/06/2014 01:29:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe

Error: (06/06/2014 01:29:20 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe

Error: (06/06/2014 01:28:38 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe

Error: (06/06/2014 01:14:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe

Error: (06/06/2014 01:13:37 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 6143.35 MB
Available physical RAM: 3619.91 MB
Total Pagefile: 12284.88 MB
Available Pagefile: 9849.35 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:59.82 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Windows_7_RTM) (CDROM) (Total:3.07 GB) (Free:0 GB) UDF
Drive e: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:705.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 329A3299)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 075895FE)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by Pierre (administrator) on PIERRE-PC on 06-06-2014 10:33:19
Running from C:\Users\Pierre\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Winstep Software Technologies) C:\Program Files (x86)\Winstep\Nexus.exe
(ROCCAT GmbH Co., Ltd.) C:\Program Files (x86)\ROCCAT\Roccat Talk\Roccat Talk.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe
(TeamSpeak Systems GmbH) E:\Program Files (x86)\teamspeak\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Xfire Inc.) E:\Program Files (x86)\Xfire\Xfire.exe
(Xfire Inc.) E:\Program Files (x86)\Xfire\Xfire.exe
() E:\Program Files (x86)\Xfire\xfire64.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
() C:\Users\Pierre\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ExpoThemes-Driver] => C:\Program Files (x86)\ExpoThemes\ExpoThemes Manager.exe [573952 2014-01-28] (ExpoThemes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-05-26] (AVAST Software)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-10-23] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIskuFX] => C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe [540672 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [ExpoThemes-Driver] => C:\Program Files\ExpoThemes\ExpoThemes Manager.exe /s
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-04] (Microsoft Corporation)
HKU\S-1-5-21-4024735632-649279198-383424856-1000\...\Run: [NeXuS] => C:\Program Files (x86)\Winstep\Nexus.exe [16957056 2012-03-28] (Winstep Software Technologies)
HKU\S-1-5-21-4024735632-649279198-383424856-1000\...\MountPoints2: {4ffee3f4-c3dd-11e3-912f-0019dbf2e8ce} - F:\SETUP.EXE
HKU\S-1-5-21-4024735632-649279198-383424856-1000\...\MountPoints2: {8fe6bb05-9fa8-11e3-a951-806e6f6e6963} - D:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Roccat Talk.lnk
ShortcutTarget: Roccat Talk.lnk -> C:\Windows\Installer\{605D671E-1D1E-4840-84D9-BFACE17F160D}\NewShortcut1_38373BA15BEE4DD08E16D3720C304537.exe (Flexera Software LLC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x40EF0479B733CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: conduit.search
CHR DefaultSearchProvider: Conduit Search
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=MFBCCF9ED-C7AA-4788-B67F-CB5CD68138CF&SearchSource=58&CUI=&UM=5&UP=SP21FAAF52-2788-4A13-BE51-8E10A0947534&q={searchTerms}&SSPV=
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-27]
CHR Extension: (Google Drive) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-27]
CHR Extension: (YouTube) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-27]
CHR Extension: (Google-Suche) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-27]
CHR Extension: (avast! Online Security) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-02]
CHR Extension: (Google Wallet) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-27]
CHR Extension: (Google Mail) - C:\Users\Pierre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-06]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-06] (AVAST Software)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-14] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [281768 2014-06-05] ()
S4 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X]

==================== Drivers (Whitelisted) ====================

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-06] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-06] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-04-15] (Disc Soft Ltd)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-03-03] (Windows (R) Win 7 DDK provider)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-06 10:29 - 2014-06-06 10:29 - 00854367 _____ () C:\Users\Pierre\Downloads\SecurityCheck.exe
2014-06-06 01:47 - 2014-06-06 01:47 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Microsoft Games
2014-06-06 01:13 - 2014-06-06 01:13 - 02347384 _____ (ESET) C:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe
2014-06-04 20:16 - 2014-06-04 20:16 - 00000692 _____ () C:\Users\Pierre\Desktop\JRT.txt
2014-06-04 19:56 - 2014-06-04 19:56 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 19:55 - 2014-06-04 19:55 - 01016261 _____ (Thisisu) C:\Users\Pierre\Downloads\JRT.exe
2014-06-03 04:39 - 2014-06-06 10:33 - 00010524 _____ () C:\Users\Pierre\Downloads\FRST.txt
2014-06-03 04:39 - 2014-06-04 20:40 - 00014687 _____ () C:\Users\Pierre\Downloads\Addition.txt
2014-06-03 04:38 - 2014-06-06 10:33 - 00000000 ____D () C:\FRST
2014-06-03 04:37 - 2014-06-03 04:37 - 02068992 _____ (Farbar) C:\Users\Pierre\Downloads\FRST64.exe
2014-06-02 14:29 - 2014-06-02 14:29 - 01020031 _____ () C:\Users\Pierre\Downloads\14012116294883_usa_M44_45_north_america.wotreplay
2014-06-02 11:47 - 2014-06-03 21:13 - 00000000 ____D () C:\AdwCleaner
2014-06-02 11:47 - 2014-06-02 11:47 - 01327971 _____ () C:\Users\Pierre\Downloads\adwcleaner_3.211.exe
2014-06-02 11:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-01 20:37 - 2014-06-01 20:37 - 00004536 _____ () C:\Users\Pierre\Desktop\mwbytes.xml
2014-06-01 20:37 - 2014-06-01 20:37 - 00001889 _____ () C:\Users\Pierre\Desktop\mwbytes.txt
2014-06-01 20:17 - 2014-06-01 20:17 - 00004042 _____ () C:\Users\Pierre\Desktop\Windows-Kompatibilitätsbericht.htm
2014-06-01 20:01 - 2014-06-01 20:18 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-06-01 20:01 - 2014-06-01 20:18 - 00001908 _____ () C:\Windows\diagerr.xml
2014-05-27 12:56 - 2014-06-05 07:06 - 00000252 _____ () C:\Users\Pierre\Desktop\Anwerbe text.txt
2014-05-15 23:47 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-15 23:47 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-15 23:47 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-15 23:47 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 23:47 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-15 23:47 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-15 09:13 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 09:13 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 09:13 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 09:13 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 09:13 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 09:13 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 09:12 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 09:12 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 09:12 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 09:12 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 09:12 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 09:12 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 09:12 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 09:12 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 09:12 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 09:12 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 09:12 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 09:12 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 09:12 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 09:12 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 09:12 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 09:12 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 09:12 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 09:12 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\Program Files\7-Zip

==================== One Month Modified Files and Folders =======

2014-06-06 10:33 - 2014-06-03 04:39 - 00010524 _____ () C:\Users\Pierre\Downloads\FRST.txt
2014-06-06 10:33 - 2014-06-03 04:38 - 00000000 ____D () C:\FRST
2014-06-06 10:33 - 2014-02-27 14:22 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Temp
2014-06-06 10:29 - 2014-06-06 10:29 - 00854367 _____ () C:\Users\Pierre\Downloads\SecurityCheck.exe
2014-06-06 10:25 - 2014-04-18 11:25 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {49D08EE7-C3A3-4B49-93C9-067AC62A3D70}.job
2014-06-06 09:47 - 2014-02-27 14:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-06 05:21 - 2014-02-27 14:16 - 01747773 _____ () C:\Windows\WindowsUpdate.log
2014-06-06 01:47 - 2014-06-06 01:47 - 00000000 ____D () C:\Users\Pierre\AppData\Local\Microsoft Games
2014-06-06 01:47 - 2014-03-01 10:56 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-06-06 01:15 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-06 01:15 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-06 01:13 - 2014-06-06 01:13 - 02347384 _____ (ESET) C:\Users\Pierre\Downloads\esetsmartinstaller_deu.exe
2014-06-05 10:47 - 2014-02-27 14:30 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-05 07:30 - 2014-03-15 11:33 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-06-05 07:30 - 2014-03-11 19:33 - 00281768 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-06-05 07:29 - 2014-03-11 19:33 - 00103736 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-06-05 07:28 - 2014-03-03 04:28 - 00000000 ____D () C:\Users\Pierre\AppData\Local\PMB Files
2014-06-05 07:28 - 2014-03-03 04:28 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-05 07:07 - 2014-04-29 23:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-05 07:06 - 2014-05-27 12:56 - 00000252 _____ () C:\Users\Pierre\Desktop\Anwerbe text.txt
2014-06-05 06:53 - 2014-02-27 14:34 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-06-05 06:53 - 2009-07-14 06:51 - 00002410 _____ () C:\Windows\setupact.log
2014-06-05 03:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-05 02:13 - 2014-03-01 10:26 - 00000000 ____D () C:\ProgramData\Xfire
2014-06-04 20:40 - 2014-06-03 04:39 - 00014687 _____ () C:\Users\Pierre\Downloads\Addition.txt
2014-06-04 20:16 - 2014-06-04 20:16 - 00000692 _____ () C:\Users\Pierre\Desktop\JRT.txt
2014-06-04 19:56 - 2014-06-04 19:56 - 00000000 ____D () C:\Windows\ERUNT
2014-06-04 19:55 - 2014-06-04 19:55 - 01016261 _____ (Thisisu) C:\Users\Pierre\Downloads\JRT.exe
2014-06-03 21:14 - 2014-02-28 21:18 - 00190138 _____ () C:\Windows\PFRO.log
2014-06-03 21:13 - 2014-06-02 11:47 - 00000000 ____D () C:\AdwCleaner
2014-06-03 21:11 - 2014-03-01 10:26 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Xfire
2014-06-03 04:37 - 2014-06-03 04:37 - 02068992 _____ (Farbar) C:\Users\Pierre\Downloads\FRST64.exe
2014-06-02 14:29 - 2014-06-02 14:29 - 01020031 _____ () C:\Users\Pierre\Downloads\14012116294883_usa_M44_45_north_america.wotreplay
2014-06-02 11:47 - 2014-06-02 11:47 - 01327971 _____ () C:\Users\Pierre\Downloads\adwcleaner_3.211.exe
2014-06-02 11:00 - 2014-03-03 04:17 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\.minecraft
2014-06-02 10:54 - 2014-03-01 11:36 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-02 00:14 - 2014-03-03 06:05 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\foobar2000
2014-06-01 22:07 - 2014-03-20 10:10 - 00000000 ____D () C:\Users\Pierre\AppData\Roaming\Skype
2014-06-01 21:13 - 2014-05-04 21:04 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-01 21:13 - 2014-05-04 21:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-01 21:13 - 2014-04-29 23:39 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-01 20:37 - 2014-06-01 20:37 - 00004536 _____ () C:\Users\Pierre\Desktop\mwbytes.xml
2014-06-01 20:37 - 2014-06-01 20:37 - 00001889 _____ () C:\Users\Pierre\Desktop\mwbytes.txt
2014-06-01 20:18 - 2014-06-01 20:01 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-06-01 20:18 - 2014-06-01 20:01 - 00001908 _____ () C:\Windows\diagerr.xml
2014-06-01 20:17 - 2014-06-01 20:17 - 00004042 _____ () C:\Users\Pierre\Desktop\Windows-Kompatibilitätsbericht.htm
2014-06-01 20:01 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-29 13:17 - 2009-08-07 12:18 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-05-29 13:17 - 2009-08-07 12:18 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-05-29 13:17 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-23 12:20 - 2014-04-14 13:04 - 00000000 ____D () C:\ProgramData\Origin
2014-05-23 12:19 - 2014-02-27 14:36 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-22 01:48 - 2014-02-27 14:31 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-16 20:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-16 15:57 - 2014-02-27 14:24 - 00000000 ___RD () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 15:57 - 2014-02-27 14:24 - 00000000 ___RD () C:\Users\Pierre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 15:54 - 2014-05-06 21:33 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-16 15:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-15 23:46 - 2014-03-02 23:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 23:45 - 2014-03-02 23:01 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 21:48 - 2014-03-01 11:36 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-15 21:48 - 2014-03-01 11:35 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-15 21:48 - 2014-03-01 11:35 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-05-14 22:29 - 2014-05-14 22:29 - 00000000 ____D () C:\Program Files\7-Zip
2014-05-14 22:20 - 2014-05-01 19:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-14 22:18 - 2014-05-01 19:14 - 00000000 ____D () C:\ProgramData\Adobe
2014-05-12 07:26 - 2014-05-04 21:04 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-04 21:04 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-04 21:04 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 08:14 - 2014-05-15 09:13 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 09:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-07 10:42 - 2014-02-27 14:30 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-07 10:42 - 2014-02-27 14:30 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Pierre\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Pierre\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pierre\AppData\Local\Temp\nvStInst.exe
C:\Users\Pierre\AppData\Local\Temp\Quarantine.exe
C:\Users\Pierre\AppData\Local\Temp\SHSetup.exe
C:\Users\Pierre\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pierre\AppData\Local\Temp\sonarinst.exe
C:\Users\Pierre\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 00:54

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

--- --- ---

also die pop ups sind weg also diese werbungen die immer kamen...
aber mein größtes besteht noch hat hauptsächlich mit spielen zu tun...
ich kann 5 min spielen und danach habe ich richtig heftige fps laggs da stürzen meine fps bis auf 8 fps (cod 4 normal 250 fps ohne probleme wot 40- 50 fps) bei sämtlichen spiele egal ob alt oder neu grafik auf minimum...
was kann da noch helfen

bin ab heute eine woche nicht erreichbar melde mich per PN zurück.

wir lassen ESET nix entfernen weil wir vorab nit wissen was es findet. Kann ja auch ein Fehlalarm dabei sein.

Mach mal dein AV Pogramm aus und teste die fps nochmal.

hmmm ok habe es probiert leider kein erfolg

How to perform a clean boot in Windows
Mach mal nen CLean Boot und teste nochmal.

auch ein sauberer neustart hat keine besserung erzielt...
also fazit nach jedem neustart kann ich ca 5-7 minuten spielen danach bekomme ich in 10 sekunden takt diese fps laggs

kann es denn sein das was auf meiner externe festplatte fest sitzt oder wurde die auch immer mit gescannt... habe mittlerweile keine ahnung mehr