| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach einWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.06.2014, 14:34
| #1 |
| |  Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Guten Tag, ich habe seit einigen Wochen das Problem, dass während des Spielens immer wieder Blackscreens und Grafikfehler auftauchen (nach den Grafikfehlern friert der PC ein) Außerdem läuft der Ton 1-2 Sekunden normal weiter und wird dann zu einem lauten "brrrrr" . Manchmal ist alles nach ein paar Sekunden wieder in Ordnung, meistens jedoch muss der PC vollständig neu gestartet werden. Ich weiß selbst nicht mehr weiter. Weder das Anti-Virus-Programm Avast noch andere Viren- und Malwaredetektoren finden etwas. Ich bitte um Hilfe. MfG King1ooo Geändert von King1ooo (24.06.2014 um 14:44 Uhr) |
|
24.06.2014, 16:10
| #2 |
| /// TB-Ausbilder   |  Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Ich glaube zwar weniger, dass Malware der Grund ist, aber ich werfe gerne einen Blick auf deine System, vielleicht findet sich ja doch was: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
|
|
24.06.2014, 16:38
| #3 |
| | Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Dankeschön das du mir probierst zu helfen!
__________________FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by Finke (administrator) on FINKE-PC on 24-06-2014 17:34:30
Running from C:\Users\Finke\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
HKU\S-1-5-21-192447134-3286355768-180963176-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-192447134-3286355768-180963176-1000\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2048368 2012-07-18] (Gainward Co. Ltd.)
HKU\S-1-5-21-192447134-3286355768-180963176-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-06-20] (Electronic Arts)
HKU\S-1-5-21-192447134-3286355768-180963176-1000\...\MountPoints2: {8754815b-9616-11e3-9995-10bf487eed43} - F:\setup.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [202560 2014-05-23] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [171840 2014-05-23] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => "C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {08A97858-4B7A-D929-9D18-2E1DBE8DAB68} - No File
BHO-x32: No Name - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default
FF Homepage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
FF SelectedSearchEngine: Yahoo! (Avast)
FF NewTab: about:newtab
FF DefaultSearchEngine: Yahoo! (Avast)
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Keyword.URL: https://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\Extensions\staged [2014-01-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-09]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-16]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR HomePage: https://de.yahoo.com?fr=hp-avast&type=avastbcl
CHR StartupUrls: "https://de.yahoo.com?fr=hp-avast&type=avastbcl"
CHR DefaultSearchKeyword: www.yahoo.com
CHR DefaultSearchProvider: Yahoo! (Avast)
CHR DefaultSearchURL: https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-24]
CHR Extension: (Google Drive) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-24]
CHR Extension: (YouTube) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-24]
CHR Extension: (Google-Suche) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-24]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-03-17]
CHR Extension: (GFACE Experience Plugin) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol [2014-01-03]
CHR Extension: (avast! Online Security) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-10]
CHR Extension: (Google Wallet) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Battlefield Play4Free) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-12-06]
CHR Extension: (Google Mail) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-24]
CHR Extension: (Extutil) - C:\Users\Finke\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-01-16]
CHR Extension: (Managera) - C:\Users\Finke\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-01-16]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-25] (AVAST Software)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-10-15] (Futuremark)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-27] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
S3 Survarium Update Service; C:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe [77432 2014-05-02] ()
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-25] ()
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce))
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [100712 2006-06-14] (Protection Technology (StarForce))
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-24 17:34 - 2014-06-24 17:34 - 00020009 _____ () C:\Users\Finke\Desktop\FRST.txt
2014-06-24 17:34 - 2014-06-24 17:34 - 00000000 ____D () C:\FRST
2014-06-24 17:33 - 2014-06-24 17:33 - 02082816 _____ (Farbar) C:\Users\Finke\Desktop\FRST64.exe
2014-06-24 15:26 - 2014-06-24 15:26 - 00007334 _____ () C:\Users\Finke\Desktop\OpenDocument Text (neu).odt
2014-06-24 13:04 - 2014-06-24 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-24 13:04 - 2014-06-24 13:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-19 16:15 - 2014-06-20 16:04 - 00000000 ____D () C:\Users\Finke\AppData\Local\Adobe
2014-06-16 16:13 - 2014-06-16 16:13 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-14 13:12 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-14 13:12 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-14 12:07 - 2014-06-14 12:07 - 00000000 ____D () C:\Users\Finke\AppData\Local\SearchProtect
2014-06-14 12:06 - 2014-06-19 16:14 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-14 10:41 - 2014-06-14 10:41 - 00000220 _____ () C:\Users\Finke\Desktop\Sid Meier's Civilization V.url
2014-06-14 09:33 - 2014-06-14 09:33 - 00485368 _____ () C:\Windows\Minidump\061414-13026-01.dmp
2014-06-11 13:17 - 2014-06-11 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 13:17 - 2014-06-11 13:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-09 15:51 - 2014-06-09 15:52 - 00000000 ____D () C:\AdwCleaner
2014-06-09 15:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-09 10:35 - 2014-06-09 10:35 - 00004442 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-09 10:35 - 2014-06-09 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 10:35 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-09 10:35 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-09 10:35 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-09 10:35 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-07 17:20 - 2014-06-09 17:34 - 00000000 ____D () C:\Users\Finke\AppData\Local\SniperV2
2014-06-06 15:16 - 2014-06-06 15:16 - 00497360 _____ () C:\Windows\Minidump\060614-14227-01.dmp
2014-06-05 19:04 - 2014-06-24 17:32 - 00000000 ____D () C:\Users\Finke\Documents\FIFA World
2014-06-05 19:04 - 2014-06-05 19:04 - 00001185 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-06-05 19:04 - 2014-06-05 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-06-05 18:32 - 2014-06-24 16:22 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-05 18:31 - 2014-06-05 18:32 - 00000000 ____D () C:\Users\Finke\AppData\Local\Origin
2014-06-05 18:29 - 2014-06-05 18:29 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-06-05 18:29 - 2014-06-05 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-06-05 17:06 - 2014-06-05 17:06 - 00000221 _____ () C:\Users\Finke\Desktop\Sniper Elite V2.url
2014-05-28 15:10 - 2014-05-28 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-26 14:50 - 2014-05-26 14:50 - 00000000 ____D () C:\Users\Finke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-05-26 14:50 - 2014-05-26 14:50 - 00000000 ____D () C:\ProgramData\Sophos
2014-05-26 14:50 - 2014-05-26 14:50 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-05-26 14:12 - 2014-05-26 14:17 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-26 14:12 - 2014-05-26 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-26 14:11 - 2014-05-26 14:12 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-26 13:02 - 2014-05-26 13:02 - 00000000 ____D () C:\Users\Finke\AppData\Local\Genesis_05261102
2014-05-25 17:11 - 2014-05-25 17:11 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-25 17:11 - 2014-05-25 17:11 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
==================== One Month Modified Files and Folders =======
2014-06-24 17:34 - 2014-06-24 17:34 - 00020009 _____ () C:\Users\Finke\Desktop\FRST.txt
2014-06-24 17:34 - 2014-06-24 17:34 - 00000000 ____D () C:\FRST
2014-06-24 17:33 - 2014-06-24 17:33 - 02082816 _____ (Farbar) C:\Users\Finke\Desktop\FRST64.exe
2014-06-24 17:32 - 2014-06-05 19:04 - 00000000 ____D () C:\Users\Finke\Documents\FIFA World
2014-06-24 16:22 - 2014-06-05 18:32 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-24 16:21 - 2013-04-04 18:20 - 00000000 ____D () C:\ProgramData\Origin
2014-06-24 16:21 - 2013-04-04 18:20 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-24 15:26 - 2014-06-24 15:26 - 00007334 _____ () C:\Users\Finke\Desktop\OpenDocument Text (neu).odt
2014-06-24 15:18 - 2011-04-12 09:43 - 00710502 _____ () C:\Windows\system32\perfh007.dat
2014-06-24 15:18 - 2011-04-12 09:43 - 00154832 _____ () C:\Windows\system32\perfc007.dat
2014-06-24 15:18 - 2009-07-14 07:13 - 01651686 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-24 15:17 - 2013-04-06 18:35 - 00000000 ____D () C:\Users\Finke\AppData\Roaming\uTorrent
2014-06-24 15:10 - 2009-07-14 06:45 - 00022544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-24 15:10 - 2009-07-14 06:45 - 00022544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-24 15:07 - 2013-12-14 13:00 - 00000000 ____D () C:\Users\Finke\AppData\Local\LogMeIn Hamachi
2014-06-24 15:06 - 2013-02-08 11:43 - 01795086 _____ () C:\Windows\WindowsUpdate.log
2014-06-24 15:03 - 2013-02-25 20:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-24 15:02 - 2009-07-14 06:51 - 00084573 _____ () C:\Windows\setupact.log
2014-06-24 13:04 - 2014-06-24 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-24 13:04 - 2014-06-24 13:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-22 17:05 - 2013-11-23 11:01 - 00788480 ___SH () C:\Users\Finke\Desktop\Thumbs.db
2014-06-22 11:56 - 2013-02-08 11:43 - 00000000 ____D () C:\Users\Finke
2014-06-22 11:39 - 2014-03-08 16:26 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-06-21 18:37 - 2013-02-15 21:02 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-21 18:35 - 2013-07-20 14:29 - 00000000 ____D () C:\IgniteGT
2014-06-21 08:38 - 2013-02-15 20:11 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-06-20 18:25 - 2013-04-09 13:51 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-06-20 16:04 - 2014-06-19 16:15 - 00000000 ____D () C:\Users\Finke\AppData\Local\Adobe
2014-06-19 16:14 - 2014-06-14 12:06 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-19 16:14 - 2013-02-09 12:37 - 00002163 _____ () C:\Users\Finke\Desktop\Google Chrome.lnk
2014-06-19 16:14 - 2013-02-08 13:26 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-19 16:12 - 2013-02-08 13:26 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-19 16:12 - 2013-02-08 13:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-19 16:12 - 2013-02-08 13:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-18 14:26 - 2013-12-30 13:44 - 00000000 ____D () C:\Program Files (x86)\Bohemia Interactive
2014-06-17 17:06 - 2013-02-26 16:34 - 00000000 ____D () C:\Users\Finke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-17 15:40 - 2010-11-21 05:47 - 00805756 _____ () C:\Windows\PFRO.log
2014-06-16 16:13 - 2014-06-16 16:13 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-16 16:13 - 2013-12-10 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-16 16:12 - 2013-12-10 00:00 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job
2014-06-14 13:16 - 2013-02-08 12:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-14 13:12 - 2013-02-08 12:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-14 12:08 - 2013-03-03 15:06 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-14 12:07 - 2014-06-14 12:07 - 00000000 ____D () C:\Users\Finke\AppData\Local\SearchProtect
2014-06-14 12:07 - 2014-03-08 16:26 - 00000000 ____D () C:\Temp
2014-06-14 12:07 - 2013-03-03 15:06 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-14 10:41 - 2014-06-14 10:41 - 00000220 _____ () C:\Users\Finke\Desktop\Sid Meier's Civilization V.url
2014-06-14 10:38 - 2013-02-09 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed III
2014-06-14 10:14 - 2013-04-09 13:31 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-14 10:11 - 2013-03-03 15:05 - 00000000 ____D () C:\Games
2014-06-14 10:09 - 2013-06-11 09:36 - 00000000 ____D () C:\Users\Finke\Desktop\Games
2014-06-14 10:04 - 2013-03-27 10:32 - 00000000 ____D () C:\Users\Finke\Documents\My Games
2014-06-14 09:33 - 2014-06-14 09:33 - 00485368 _____ () C:\Windows\Minidump\061414-13026-01.dmp
2014-06-14 09:33 - 2013-11-21 14:58 - 324532208 _____ () C:\Windows\MEMORY.DMP
2014-06-14 09:33 - 2013-05-26 09:31 - 00000000 ____D () C:\Windows\Minidump
2014-06-11 13:17 - 2014-06-11 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 13:17 - 2014-06-11 13:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 13:17 - 2014-04-22 13:14 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-09 17:34 - 2014-06-07 17:20 - 00000000 ____D () C:\Users\Finke\AppData\Local\SniperV2
2014-06-09 17:22 - 2013-06-12 08:41 - 00012288 ____H () C:\Users\Finke\Desktop\photothumb.db
2014-06-09 15:52 - 2014-06-09 15:51 - 00000000 ____D () C:\AdwCleaner
2014-06-09 10:36 - 2013-10-18 15:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-09 10:35 - 2014-06-09 10:35 - 00004442 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-09 10:35 - 2014-06-09 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 10:35 - 2014-01-15 17:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-07 17:17 - 2013-02-08 12:11 - 00972261 _____ () C:\Windows\DirectX.log
2014-06-06 15:16 - 2014-06-06 15:16 - 00497360 _____ () C:\Windows\Minidump\060614-14227-01.dmp
2014-06-06 08:40 - 2013-12-05 17:58 - 00000000 ____D () C:\Users\Finke\AppData\Local\NVIDIA Corporation
2014-06-06 08:40 - 2013-02-08 12:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-06 08:40 - 2013-02-08 12:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-05 19:04 - 2014-06-05 19:04 - 00001185 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-06-05 19:04 - 2014-06-05 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-06-05 19:04 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-05 18:32 - 2014-06-05 18:31 - 00000000 ____D () C:\Users\Finke\AppData\Local\Origin
2014-06-05 18:29 - 2014-06-05 18:29 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-06-05 18:29 - 2014-06-05 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-06-05 17:06 - 2014-06-05 17:06 - 00000221 _____ () C:\Users\Finke\Desktop\Sniper Elite V2.url
2014-06-01 17:17 - 2013-02-08 13:46 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-28 16:22 - 2013-07-19 17:21 - 00000000 ____D () C:\ProgramData\siaife! sAvie
2014-05-28 15:35 - 2014-03-23 10:41 - 00000000 ____D () C:\Users\Finke\AppData\Local\Black_Tree_Gaming
2014-05-28 15:17 - 2013-02-08 14:44 - 00000000 ____D () C:\Windows\de
2014-05-28 15:10 - 2014-05-28 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-26 14:50 - 2014-05-26 14:50 - 00000000 ____D () C:\Users\Finke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sophos
2014-05-26 14:50 - 2014-05-26 14:50 - 00000000 ____D () C:\ProgramData\Sophos
2014-05-26 14:50 - 2014-05-26 14:50 - 00000000 ____D () C:\Program Files (x86)\Sophos
2014-05-26 14:17 - 2014-05-26 14:12 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-05-26 14:12 - 2014-05-26 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-05-26 14:12 - 2014-05-26 14:11 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-05-26 14:11 - 2013-02-08 11:55 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-26 13:02 - 2014-05-26 13:02 - 00000000 ____D () C:\Users\Finke\AppData\Local\Genesis_05261102
2014-05-25 17:12 - 2014-01-09 16:25 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-05-25 17:12 - 2013-12-10 00:00 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-05-25 17:12 - 2013-12-10 00:00 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-05-25 17:11 - 2014-05-25 17:11 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-05-25 17:11 - 2014-05-25 17:11 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-05-25 17:11 - 2013-12-10 00:00 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-05-25 17:11 - 2013-12-10 00:00 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-05-25 17:11 - 2013-12-10 00:00 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-05-25 17:11 - 2013-12-10 00:00 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-05-25 17:11 - 2013-12-10 00:00 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
Files to move or delete:
====================
C:\Users\Finke\jagex_cl_runescape_LIVE.dat
C:\Users\Finke\jagex_cl_runescape_LIVE1.dat
C:\Users\Finke\random.dat
Some content of TEMP:
====================
C:\Users\Finke\AppData\Local\Temp\13f74de17e26f3435f01a2bd6f9c57bc.dll
C:\Users\Finke\AppData\Local\Temp\1_Offer_10.exe
C:\Users\Finke\AppData\Local\Temp\aacenc3.exe
C:\Users\Finke\AppData\Local\Temp\amazonicon_v3.exe
C:\Users\Finke\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Finke\AppData\Local\Temp\APNSetup.exe
C:\Users\Finke\AppData\Local\Temp\APNStub.exe
C:\Users\Finke\AppData\Local\Temp\BackupSetup.exe
C:\Users\Finke\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\Finke\AppData\Local\Temp\burnsetup.exe
C:\Users\Finke\AppData\Local\Temp\ccittfax3.exe
C:\Users\Finke\AppData\Local\Temp\doxillionsetup.exe
C:\Users\Finke\AppData\Local\Temp\f.exe
C:\Users\Finke\AppData\Local\Temp\gb3-setup.exe
C:\Users\Finke\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Finke\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Finke\AppData\Local\Temp\htmlayout.dll
C:\Users\Finke\AppData\Local\Temp\i4jdel0.exe
C:\Users\Finke\AppData\Local\Temp\i4jdel1.exe
C:\Users\Finke\AppData\Local\Temp\jansi-32-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Finke\AppData\Local\Temp\jansi-64-git-Bukkit-1.4.7-R1.0-b2624jnks.dll
C:\Users\Finke\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Finke\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Finke\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Finke\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Finke\AppData\Local\Temp\jre_setup.exe
C:\Users\Finke\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Finke\AppData\Local\Temp\MyClaroTB.exe
C:\Users\Finke\AppData\Local\Temp\nse2F09.exe
C:\Users\Finke\AppData\Local\Temp\nsj2BCD.exe
C:\Users\Finke\AppData\Local\Temp\nsj3235.exe
C:\Users\Finke\AppData\Local\Temp\nsjFCDC.exe
C:\Users\Finke\AppData\Local\Temp\nso4000.tmp.exe
C:\Users\Finke\AppData\Local\Temp\nso56.exe
C:\Users\Finke\AppData\Local\Temp\nsoF904.exe
C:\Users\Finke\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Finke\AppData\Local\Temp\nvStInst.exe
C:\Users\Finke\AppData\Local\Temp\oi_{3523C4AA-9E01-46D1-B8B6-159E3790BB46}.exe
C:\Users\Finke\AppData\Local\Temp\OnlineWeatherSetup.exe
C:\Users\Finke\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Finke\AppData\Local\Temp\PlaylistCreator3_Setup.exe
C:\Users\Finke\AppData\Local\Temp\PreExe_ID_13667.exe
C:\Users\Finke\AppData\Local\Temp\prismsetup.exe
C:\Users\Finke\AppData\Local\Temp\pstagesetup.exe
C:\Users\Finke\AppData\Local\Temp\Quarantine.exe
C:\Users\Finke\AppData\Local\Temp\safeguard.exe
C:\Users\Finke\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Finke\AppData\Local\Temp\sdapskill.exe
C:\Users\Finke\AppData\Local\Temp\sdaspwn.exe
C:\Users\Finke\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Finke\AppData\Local\Temp\SendMsg.dll
C:\Users\Finke\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Finke\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Finke\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Finke\AppData\Local\Temp\tmp_minecraft.exe
C:\Users\Finke\AppData\Local\Temp\ubiAF9.tmp.exe
C:\Users\Finke\AppData\Local\Temp\uninst1.exe
C:\Users\Finke\AppData\Local\Temp\Uninstall.exe
C:\Users\Finke\AppData\Local\Temp\wpsetup.exe
C:\Users\Finke\AppData\Local\Temp\x264enc5.exe
C:\Users\Finke\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Finke\AppData\Local\Temp\zlib1.exe
C:\Users\Finke\AppData\Local\Temp\_is8E4A.exe
C:\Users\Finke\AppData\Local\Temp\_is9C3E.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-12-09 21:13
==================== End Of Log ============================
und hier die Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by Finke at 2014-06-24 17:35:16
Running from C:\Users\Finke\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Disabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.5 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version: - Zombie, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deponia (HKLM-x32\...\Deponia) (Version: 1.0 - Daedalic Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 1.0.1087.5 - Infernum Productions AG)
Driver San Francisco (HKLM-x32\...\Driver San Francisco) (Version: 1.4.0.0 - Ubisoft)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 6.0.0.41706 - Electronic Arts, Inc.)
Edna Bricht Aus - Sammler Edition (HKLM-x32\...\EdnaSE) (Version: 1.2 - Daedalic Entertainment)
EXPERTool v8.5 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.5.0.1 - Gainward Co. Ltd.)
Express Burn (HKLM-x32\...\ExpressBurn) (Version: - NCH Software)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{B8E78E04-6020-4CD2-BEAB-7BB6E9EF75C3}) (Version: 4.22.211 - Futuremark)
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.6405.2 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Green Line 4 Sprachtrainer (HKLM-x32\...\{577F714E-6F8C-4257-B936-58D0CF85F314}) (Version: 1.00.000 - Klett)
HAWKEN (HKLM-x32\...\Steam App 271290) (Version: - Adhesive Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{A7096369-9332-466C-8357-08770CDCE277}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
InetStat (HKCU\...\InetStat) (Version: 0.4 - InetStat)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-19caac35-fbb4-4162-80ba-c9dd085caced) (Version: - Epic Games, Inc.)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3 - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Paranormal BETA_5 (HKLM-x32\...\Paranormal) (Version: BETA_5 - Matt Cohen)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: - NCH Software)
PlanetSide 2 (HKCU\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.0.68.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version: - )
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Special Force 2 1.0 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
Sprachtrainer Fonts (HKLM-x32\...\{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}) (Version: 1.00.01 - Ernst Klett Verlag GmbH)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 1050 J410 series Produkten (HKLM\...\{F76D4E7F-4AC6-48DC-9ABB-E9769DD24977}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.21d - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
The Cave version 1.0 (HKLM-x32\...\{0260552F-E225-44F3-B29C-715F77F30CCD}_is1) (Version: 1.0 - joker1659)
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version: - Hi-Rez Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
War Thunder Launcher 1.0.1.302 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Restore Points =========================
16-06-2014 14:11:55 avast! antivirus system restore point
20-06-2014 16:24:57 Installed Ubisoft Game Launcher
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {055FF6A3-DA6E-4D97-988E-2B6F8758EBF3} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\WSCStub.exe
Task: {13642D50-0035-48A6-826E-196EFF996EEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-19] (Adobe Systems Incorporated)
Task: {1DD1C5DC-4156-4F3B-BEE7-A17C3F922B2B} - System32\Tasks\ASUS\i-Setup104713 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {21A6968F-5090-48F9-A5F0-06399CCD5555} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {3CC27586-C647-4EFE-8617-030CE5608DB5} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {4077EC64-7CC7-4FC7-A26A-74F88E6462DA} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\SymErr.exe
Task: {407A4C89-2DA5-4DAA-B64E-9831E6B03D98} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {4ED2D329-356B-4C97-B63F-E7227736805F} - System32\Tasks\{B4B19C2D-256F-4A9E-A823-993164E2BA2A} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {7C8A545E-68E4-4000-96E6-8EF3E845B056} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {8328B81F-4446-45EA-BEDA-45E3C234150C} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\SymErr.exe
Task: {B44B2E75-489F-4589-91E1-B4E9B5F2A38B} - System32\Tasks\hpUrlLauncher.exe => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\utils\hpUrlLauncher.exe [2010-11-17] (Hewlett-Packard Co.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6ab9574f6394.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-02-08 12:13 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-02-16 09:57 - 2014-04-27 14:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-24 13:04 - 2014-06-24 13:04 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062400\algo.dll
2014-01-21 17:11 - 2012-11-20 17:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
2014-01-21 17:11 - 2013-03-18 15:53 - 07477262 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\avcodec-54.dll
2014-01-21 17:11 - 2013-03-18 15:53 - 00156174 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\keutil-51.dll
2014-01-21 17:11 - 2013-03-18 15:53 - 01191950 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\avformat-54.dll
2014-01-21 17:11 - 2013-03-18 15:53 - 00333326 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\swscale-2.dll
2014-05-23 15:19 - 2014-04-30 02:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 16:07 - 2014-04-30 02:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-23 15:19 - 2014-04-30 02:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-09 15:24 - 2014-04-30 02:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-12 18:10 - 2014-05-17 03:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-23 15:20 - 2014-05-29 19:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-23 15:19 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-02-25 08:39 - 2014-05-29 19:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-02-19 12:48 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-02-25 08:39 - 2014-05-29 19:36 - 00131264 _____ () C:\Program Files (x86)\Steam\bin\audio.dll
2012-09-07 16:37 - 2013-06-15 01:49 - 00071680 _____ () C:\Program Files (x86)\Steam\bin\mssmp3.asi
2013-07-10 12:31 - 2013-06-15 01:49 - 00153088 _____ () C:\Program Files (x86)\Steam\bin\mssvoice.asi
2013-12-09 23:59 - 2013-12-09 23:59 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2013-02-08 12:04 - 2012-02-07 18:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-06-05 18:31 - 2014-06-20 16:05 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-06-05 18:31 - 2014-06-20 16:05 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-06-05 18:31 - 2014-06-20 16:05 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-06-05 18:31 - 2014-06-20 16:05 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-06-05 18:31 - 2014-06-20 16:05 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-06-05 18:31 - 2014-06-20 16:05 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-06-05 18:31 - 2014-06-20 16:05 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-06-05 18:31 - 2014-06-20 16:05 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: Application Updater => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: winzipersvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Finke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^crack fifa 14 + keygen.exe.vir => C:\Windows\pss\crack fifa 14 + keygen.exe.vir.Startup
MSCONFIG\startupfolder: C:^Users^Finke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^explorer.exe.vir => C:\Windows\pss\explorer.exe.vir.Startup
MSCONFIG\startupfolder: C:^Users^Finke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Finke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Finke\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: uTorrent => "C:\Users\Finke\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/24/2014 03:05:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/24/2014 01:26:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/24/2014 01:03:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/23/2014 03:02:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2014 02:41:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2014 01:00:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2014 09:46:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2014 06:17:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2014 10:22:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2014 09:24:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm fifaworld.exe, Version 6.1.0.42598 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1168
Startzeit: 01cf8d21ae6f7541
Endzeit: 25
Anwendungspfad: C:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exe
Berichts-ID: ffa654d9-f914-11e3-90ab-10bf487eed43
System errors:
=============
Error: (06/24/2014 03:04:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (06/24/2014 03:04:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (06/24/2014 03:04:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (06/24/2014 03:04:45 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (06/24/2014 03:04:46 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (06/24/2014 03:04:45 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (06/24/2014 03:04:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (06/24/2014 03:04:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (06/24/2014 03:04:35 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (06/24/2014 03:03:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01a
sfsync04
Microsoft Office Sessions:
=========================
Error: (06/24/2014 03:05:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/24/2014 01:26:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/24/2014 01:03:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/23/2014 03:02:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2014 02:41:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2014 01:00:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/22/2014 09:46:33 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2014 06:17:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2014 10:22:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/21/2014 09:24:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: fifaworld.exe6.1.0.42598116801cf8d21ae6f754125C:\Program Files (x86)\Origin Games\FIFA World\fifaworld.exeffa654d9-f914-11e3-90ab-10bf487eed43
==================== Memory info ===========================
Percentage of memory in use: 28%
Total physical RAM: 8148.65 MB
Available physical RAM: 5851.21 MB
Total Pagefile: 11696.83 MB
Available Pagefile: 8783.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:216.19 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4EBF6974)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
25.06.2014, 12:32
| #4 |
| /// TB-Ausbilder | Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Servus, ok, wir beginnen so: Scan mit Combofix
|
|
25.06.2014, 13:20
| #5 |
| | Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Sooooo Hier die Combofix.txt Code:
ATTFilter ComboFix 14-06-24.01 - Finke 25.06.2014 14:02:21.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8149.6240 [GMT 2:00]
ausgeführt von:: c:\users\Finke\Desktop\ComboFix.exe
AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
c:\program files (x86)\SearchProtect\Main\bin\SPTool.dll
c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
c:\program files (x86)\SearchProtect\UI\bin\cltmngui.exe
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js
c:\program files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\windows\IsUn0407.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-05-25 bis 2014-06-25 ))))))))))))))))))))))))))))))
.
.
2014-06-25 12:11 . 2014-06-25 12:11 -------- d-----w- c:\users\hedev\AppData\Local\temp
2014-06-25 12:11 . 2014-06-25 12:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-25 12:06 . 2014-06-25 12:06 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{33A25547-80C0-4A08-9B50-122989D2B539}\offreg.dll
2014-06-24 15:34 . 2014-06-24 15:35 -------- d-----w- C:\FRST
2014-06-24 11:04 . 2014-06-24 11:04 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2014-06-19 14:15 . 2014-06-20 14:04 -------- d-----w- c:\users\Finke\AppData\Local\Adobe
2014-06-14 10:07 . 2014-06-14 10:07 -------- d-----w- c:\users\Finke\AppData\Local\SearchProtect
2014-06-11 11:17 . 2014-06-11 11:17 -------- d-----w- c:\program files\McAfee Security Scan
2014-06-09 13:51 . 2010-08-30 06:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-09 13:51 . 2014-06-09 13:52 -------- d-----w- C:\AdwCleaner
2014-06-09 08:35 . 2014-06-09 08:35 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-06-09 08:35 . 2014-05-07 13:02 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-07 15:20 . 2014-06-09 15:34 -------- d-----w- c:\users\Finke\AppData\Local\SniperV2
2014-06-05 16:32 . 2014-06-24 14:22 -------- d-----w- c:\program files (x86)\Origin Games
2014-06-05 16:31 . 2014-06-05 16:32 -------- d-----w- c:\users\Finke\AppData\Local\Origin
2014-05-28 13:10 . 2014-05-28 13:10 -------- d-----w- c:\programdata\Malwarebytes
2014-05-26 12:50 . 2014-05-26 12:50 -------- d-----w- c:\programdata\Sophos
2014-05-26 12:50 . 2014-05-26 12:50 73728 ----a-r- c:\users\Finke\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe1_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-05-26 12:50 . 2014-05-26 12:50 73728 ----a-r- c:\users\Finke\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\SVRTgui.exe_810EDD9E2F0A4E2BACF86673C38D9F48.exe
2014-05-26 12:50 . 2014-05-26 12:50 73728 ----a-r- c:\users\Finke\AppData\Roaming\Microsoft\Installer\{B829E117-D072-41EA-9606-9826A38D34C1}\ARPPRODUCTICON.exe
2014-05-26 12:50 . 2014-05-26 12:50 -------- d-----w- c:\program files (x86)\Sophos
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-19 14:12 . 2013-02-08 11:26 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-19 14:12 . 2013-02-08 11:26 699056 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-01 15:17 . 2013-02-08 11:46 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-05-25 15:12 . 2013-12-09 22:00 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-05-25 15:12 . 2013-12-09 22:00 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-25 15:12 . 2014-01-09 14:25 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-05-25 15:11 . 2013-12-09 22:00 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-25 15:11 . 2014-05-25 15:11 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-25 15:11 . 2014-05-25 15:11 43152 ----a-w- c:\windows\avastSS.scr
2014-05-25 15:11 . 2013-12-09 22:00 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-25 15:11 . 2013-12-09 22:00 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-25 15:11 . 2013-12-09 22:00 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-25 15:11 . 2013-12-09 22:00 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-05-20 02:44 . 2013-12-08 10:36 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2013-12-08 10:36 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2013-12-08 10:36 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-12-08 10:36 18531568 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2013-12-08 10:36 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-19 13:51 . 2013-02-16 08:02 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-05-19 13:51 . 2013-02-16 07:57 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-05-18 09:15 . 2013-02-16 07:57 280792 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-04-27 12:39 . 2013-02-16 07:57 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-05-29 1754816]
"TBPanel"="c:\program files (x86)\EXPERTool\TBPanel.exe" [2012-07-18 2048368]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2014-06-20 3595608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-06 3890208]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2012-09-23 3477640]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-06-23 3816272]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.150\SSScheduler.exe [2014-4-9 332016]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys;c:\windows\SYSNATIVE\drivers\sfdrv01a.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Survarium Update Service;Survarium Update Service;c:\program files (x86)\Survarium\game\binaries\x86\survarium_service.exe;c:\program files (x86)\Survarium\game\binaries\x86\survarium_service.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-14 06:52 1091912 ----a-w- c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-08 14:12]
.
2014-06-16 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-25 15:11]
.
2014-06-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cf906c7b3ae06a.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09 10:36]
.
2013-12-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09 10:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-05-25 15:11 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mStart Page = https://de.yahoo.com?fr=hp-avast&type=avastbcl
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.bing.com/search?q={searchTerms}
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\
FF - prefs.js: browser.search.defaulturl - hxxps://de.search.yahoo.com/yhs/search
FF - prefs.js: browser.startup.homepage - hxxps://de.yahoo.com?fr=hp-avast&type=avastbcl
FF - prefs.js: browser.search.selectedEngine - Yahoo! (Avast)
FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/yhs/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{08A97858-4B7A-D929-9D18-2E1DBE8DAB68} - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0407.EXE
AddRemove-Driver San Francisco - c:\users\Finke\Desktop\Mein Ordner\San Fransico\Uninstall\Uninstall.exe
AddRemove-Fraps - c:\fraps\uninstall.exe
AddRemove-Paranormal - c:\program files (x86)\Paranormal\uninst.exe
AddRemove-{0260552F-E225-44F3-B29C-715F77F30CCD}_is1 - c:\program files (x86)\The Cave\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1 - c:\games\World_of_Tanks\unins000.exe
AddRemove-{C31556D7-F2B9-4787-B223-F7A035067E89}_is1 - c:\program files (x86)\Dragon's Prophet\unins000.exe
AddRemove-InetStat - c:\users\Finke\AppData\Roaming\InetStat\inetstat.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-192447134-3286355768-180963176-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-192447134-3286355768-180963176-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-25 14:14:28
ComboFix-quarantined-files.txt 2014-06-25 12:14
.
Vor Suchlauf: 15 Verzeichnis(se), 231.906.795.520 Bytes frei
Nach Suchlauf: 20 Verzeichnis(se), 241.416.953.856 Bytes frei
.
- - End Of File - - A9A14DA8422270A215846F92DA033FE2
A36C5E4F47E84449FF07ED3517B43A31
|
|
26.06.2014, 19:26
| #6 |
| /// TB-Ausbilder | Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann. Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
27.06.2014, 14:46
| #7 |
| | Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Ok hier: AdwCleaner: Code:
ATTFilter # AdwCleaner v3.213 - Bericht erstellt am 27/06/2014 um 14:55:39
# Aktualisiert 23/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Finke - FINKE-PC
# Gestartet von : C:\Users\Finke\Desktop\adwcleaner_3.213.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Finke\AppData\Local\SearchProtect
Datei Gelöscht : C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\searchplugins\trovi-search.xml
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323909&octid=EB_ORIGINAL_CTID&ISID=M2BA6A069-1100-451E-B73A-8D2ADD5180FD&SearchSource=58&CUI=&UM=5&UP=SP896D7283-2E75-4176-A996-DB83EBFCC2F7&q={searchTerms}&SSPV=
Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb
*************************
AdwCleaner[R0].txt - [15389 octets] - [09/06/2014 15:51:10]
AdwCleaner[R1].txt - [2053 octets] - [27/06/2014 14:53:51]
AdwCleaner[S0].txt - [13942 octets] - [09/06/2014 15:51:56]
AdwCleaner[S1].txt - [1911 octets] - [27/06/2014 14:55:39]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1971 octets] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 27.06.2014 Suchlauf-Zeit: 15:04:45 Logdatei: Malwarebytes Anti-Malware .txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.06.27.05 Rootkit Datenbank: v2014.06.23.02 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Finke Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 299378 Verstrichene Zeit: 8 Min, 51 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter Zoek.exe v5.0.0.0 Updated 22-06-2014
Tool run by Finke on 27.06.2014 at 15:24:19,10.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Finke\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
27.06.2014 15:25:43 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-192447134-3286355768-180963176-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB} deleted successfully
HKEY_USERS\S-1-5-21-192447134-3286355768-180963176-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08A97858-4B7A-D929-9D18-2E1DBE8DAB68} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\prefs.js:
user_pref("browser.startup.homepage", "https://de.yahoo.com?fr=hp-avast&type=avastbcl");
user_pref("browser.search.defaulturl", "https://de.search.yahoo.com/yhs/search");
user_pref("browser.newtab.url", "about:newtab");
user_pref("browser.search.defaultengine", "Yahoo! (Avast)");
user_pref("browser.search.defaultenginename", "Yahoo! (Avast)");
user_pref("browser.search.selectedEngine", "Yahoo! (Avast)");
user_pref("browser.search.order.1", "Yahoo! (Avast)");
user_pref("keyword.URL", "https://de.search.yahoo.com/yhs/search");
user_pref("browser.search.useDBForOrder", false);
Added to C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
==== Deleting Files \ Folders ======================
C:\Users\Finke\.android deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\Finke\ChromeExtensions deleted
C:\PROGRA~3\siaife! sAvie deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Finke\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\Users\Finke\Searches deleted
C:\Users\Finke\AppData\LocalLow\siaife! sAvie deleted
C:\Users\Finke\AppData\LocalLow\SearchNewTab deleted
C:\Users\Finke\AppData\LocalLow\boost_interprocess deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\extensions\staged deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [16.03.2014 15:06]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 12:36]
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[23.09.2012 21:43]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[25.05.2014 17:11]
GFACE Experience Plugin - Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejdlfmdbdibkbfdpjocdaolcheehmpol
avast Online Security - Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://de.yahoo.com?fr=hp-avast&type=avastbcl"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://de.yahoo.com?fr=hp-avast&type=avastbcl"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://de.yahoo.com?fr=hp-avast&type=avastbcl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://www.bing.com/search?q={searchTerms}"
"SearchAssistant"="hxxp://www.bing.com/search?q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="hxxp://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== Reset Google Chrome ======================
C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyOverride"="<local>"
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Finke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Finke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Finke\AppData\Local\Mozilla\Firefox\Profiles\tr9o5jg4.default\Cache will be emptied at reboot
==== Empty Chrome Cache ======================
C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=67 folders=48 15344844 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Finke\AppData\Local\Temp will be emptied at reboot
C:\Users\hedev\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Finke\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on 27.06.2014 at 15:37:02,94 ======================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-06-2014
Ran by Finke (administrator) on FINKE-PC on 27-06-2014 15:40:42
Running from C:\Users\Finke\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(BitTorrent Inc.) C:\Users\Finke\AppData\Roaming\uTorrent\uTorrent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3477640 2012-09-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)
HKU\S-1-5-21-192447134-3286355768-180963176-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-192447134-3286355768-180963176-1000\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2048368 2012-07-18] (Gainward Co. Ltd.)
HKU\S-1-5-21-192447134-3286355768-180963176-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-06-26] (Electronic Arts)
HKU\S-1-5-21-192447134-3286355768-180963176-1000\...\Run: [uTorrent] => C:\Users\Finke\AppData\Roaming\uTorrent\uTorrent.exe [1671504 2014-06-26] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default
FF NewTab: hxxp://www.google.com/
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Finke\AppData\Roaming\Mozilla\Firefox\Profiles\tr9o5jg4.default\searchplugins\yahoo-avast.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-12-09]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-03-16]
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-24]
CHR Extension: (Google Drive) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-24]
CHR Extension: (YouTube) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-24]
CHR Extension: (Google-Suche) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-24]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-03-17]
CHR Extension: (avast! Online Security) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-10]
CHR Extension: (Google Wallet) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Google Mail) - C:\Users\Finke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-24]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2012-09-23]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-25] (AVAST Software)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2013-10-15] (Futuremark)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-07] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-27] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
S3 Survarium Update Service; C:\Program Files (x86)\Survarium\game\binaries\x86\survarium_service.exe [77432 2014-05-02] ()
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-25] ()
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [78208 2006-08-11] (Protection Technology (StarForce))
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [100712 2006-06-14] (Protection Technology (StarForce))
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-27 15:40 - 2014-06-27 15:41 - 00017435 _____ () C:\Users\Finke\Desktop\FRST.txt
2014-06-27 15:40 - 2014-06-27 15:40 - 00000000 ____D () C:\Users\Finke\Desktop\Neuer Ordner
2014-06-27 15:38 - 2014-06-27 15:38 - 00011355 _____ () C:\Users\Finke\Desktop\zoek-results.txt
2014-06-27 15:34 - 2014-06-27 15:34 - 00000082 _____ () C:\folders.txt
2014-06-27 15:34 - 2014-06-27 15:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-27 15:25 - 2014-06-27 15:37 - 00011355 _____ () C:\zoek-results.log
2014-06-27 15:24 - 2014-06-27 15:32 - 00000000 ____D () C:\zoek_backup
2014-06-27 15:24 - 2014-06-27 15:24 - 01285120 _____ () C:\Users\Finke\Desktop\zoek.exe
2014-06-27 15:23 - 2014-06-27 15:24 - 01285120 _____ () C:\Users\Finke\Downloads\zoek.exe
2014-06-27 15:22 - 2014-06-27 15:22 - 00002055 _____ () C:\Users\Finke\Desktop\AdwCleaner[S1].txt
2014-06-27 15:21 - 2014-06-27 15:21 - 00001179 _____ () C:\Users\Finke\Desktop\ Malwarebytes Anti-Malware .txt
2014-06-27 15:03 - 2014-06-27 15:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 15:02 - 2014-06-27 15:02 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-27 15:02 - 2014-06-27 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-27 15:02 - 2014-06-27 15:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-27 15:02 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-27 15:02 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-27 15:02 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-27 15:01 - 2014-06-27 15:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Finke\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-27 14:53 - 2014-06-27 14:53 - 01342659 _____ () C:\Users\Finke\Desktop\adwcleaner_3.213.exe
2014-06-26 14:41 - 2014-06-26 14:41 - 00000851 _____ () C:\Users\Finke\Desktop\µTorrent.lnk
2014-06-26 14:41 - 2014-06-26 14:41 - 00000831 _____ () C:\Users\Finke\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-26 14:40 - 2014-06-26 14:40 - 01671504 _____ (BitTorrent Inc.) C:\Users\Finke\Desktop\uTorrent_v.3.4.2_31515.exe
2014-06-25 14:14 - 2014-06-25 14:14 - 00026167 _____ () C:\ComboFix.txt
2014-06-25 14:00 - 2014-06-25 14:14 - 00000000 ____D () C:\Qoobox
2014-06-25 14:00 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-25 14:00 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-25 14:00 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-25 14:00 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-25 14:00 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-25 14:00 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-25 14:00 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-25 14:00 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-25 13:59 - 2014-06-25 14:13 - 00000000 ____D () C:\Windows\erdnt
2014-06-25 13:58 - 2014-06-25 13:59 - 05211571 ____R (Swearware) C:\Users\Finke\Desktop\ComboFix.exe
2014-06-25 13:56 - 2014-06-25 13:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf906c7b3ae06a.job
2014-06-24 17:34 - 2014-06-27 15:40 - 00000000 ____D () C:\FRST
2014-06-24 17:33 - 2014-06-24 17:33 - 02082816 _____ (Farbar) C:\Users\Finke\Desktop\FRST64.exe
2014-06-24 13:04 - 2014-06-24 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-24 13:04 - 2014-06-24 13:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-19 16:15 - 2014-06-20 16:04 - 00000000 ____D () C:\Users\Finke\AppData\Local\Adobe
2014-06-16 16:13 - 2014-06-16 16:13 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-14 13:12 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-14 13:12 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-06-14 13:12 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-06-14 10:41 - 2014-06-25 14:26 - 00000220 _____ () C:\Users\Finke\Desktop\Sid Meier's Civilization V.url
2014-06-14 09:33 - 2014-06-14 09:33 - 00485368 _____ () C:\Windows\Minidump\061414-13026-01.dmp
2014-06-11 13:17 - 2014-06-11 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 13:17 - 2014-06-11 13:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-09 15:51 - 2014-06-27 14:55 - 00000000 ____D () C:\AdwCleaner
2014-06-09 15:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-09 10:35 - 2014-06-09 10:35 - 00004442 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-09 10:35 - 2014-06-09 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 10:35 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-09 10:35 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-06-09 10:35 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-06-09 10:35 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-06-07 17:20 - 2014-06-09 17:34 - 00000000 ____D () C:\Users\Finke\AppData\Local\SniperV2
2014-06-06 15:16 - 2014-06-06 15:16 - 00497360 _____ () C:\Windows\Minidump\060614-14227-01.dmp
2014-06-05 19:04 - 2014-06-26 15:03 - 00000000 ____D () C:\Users\Finke\Documents\FIFA World
2014-06-05 19:04 - 2014-06-25 15:04 - 00001185 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-06-05 19:04 - 2014-06-05 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-06-05 18:32 - 2014-06-24 16:22 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-05 18:31 - 2014-06-05 18:32 - 00000000 ____D () C:\Users\Finke\AppData\Local\Origin
2014-06-05 18:29 - 2014-06-05 18:29 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-06-05 18:29 - 2014-06-05 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-06-05 17:06 - 2014-06-05 17:06 - 00000221 _____ () C:\Users\Finke\Desktop\Sniper Elite V2.url
2014-05-28 15:10 - 2014-05-28 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
==================== One Month Modified Files and Folders =======
2014-06-27 15:41 - 2014-06-27 15:40 - 00017435 _____ () C:\Users\Finke\Desktop\FRST.txt
2014-06-27 15:40 - 2014-06-27 15:40 - 00000000 ____D () C:\Users\Finke\Desktop\Neuer Ordner
2014-06-27 15:40 - 2014-06-24 17:34 - 00000000 ____D () C:\FRST
2014-06-27 15:40 - 2013-02-08 11:43 - 01840229 _____ () C:\Windows\WindowsUpdate.log
2014-06-27 15:38 - 2014-06-27 15:38 - 00011355 _____ () C:\Users\Finke\Desktop\zoek-results.txt
2014-06-27 15:37 - 2014-06-27 15:25 - 00011355 _____ () C:\zoek-results.log
2014-06-27 15:37 - 2013-12-14 13:00 - 00000000 ____D () C:\Users\Finke\AppData\Local\LogMeIn Hamachi
2014-06-27 15:37 - 2013-04-06 18:35 - 00000000 ____D () C:\Users\Finke\AppData\Roaming\uTorrent
2014-06-27 15:37 - 2013-04-04 18:20 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-06-27 15:37 - 2013-02-25 20:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-27 15:35 - 2010-11-21 05:47 - 00807172 _____ () C:\Windows\PFRO.log
2014-06-27 15:35 - 2009-07-14 06:51 - 00085021 _____ () C:\Windows\setupact.log
2014-06-27 15:34 - 2014-06-27 15:34 - 00000082 _____ () C:\folders.txt
2014-06-27 15:32 - 2014-06-27 15:24 - 00000000 ____D () C:\zoek_backup
2014-06-27 15:32 - 2013-02-08 11:43 - 00000000 ____D () C:\Users\Finke
2014-06-27 15:24 - 2014-06-27 15:34 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-06-27 15:24 - 2014-06-27 15:24 - 01285120 _____ () C:\Users\Finke\Desktop\zoek.exe
2014-06-27 15:24 - 2014-06-27 15:23 - 01285120 _____ () C:\Users\Finke\Downloads\zoek.exe
2014-06-27 15:22 - 2014-06-27 15:22 - 00002055 _____ () C:\Users\Finke\Desktop\AdwCleaner[S1].txt
2014-06-27 15:21 - 2014-06-27 15:21 - 00001179 _____ () C:\Users\Finke\Desktop\ Malwarebytes Anti-Malware .txt
2014-06-27 15:05 - 2009-07-14 06:45 - 00022544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-27 15:05 - 2009-07-14 06:45 - 00022544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-27 15:04 - 2014-06-27 15:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-27 15:02 - 2014-06-27 15:02 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-27 15:02 - 2014-06-27 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-27 15:02 - 2014-06-27 15:02 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-27 15:01 - 2014-06-27 15:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Finke\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-27 14:55 - 2014-06-09 15:51 - 00000000 ____D () C:\AdwCleaner
2014-06-27 14:53 - 2014-06-27 14:53 - 01342659 _____ () C:\Users\Finke\Desktop\adwcleaner_3.213.exe
2014-06-27 14:51 - 2013-04-04 18:20 - 00000000 ____D () C:\ProgramData\Origin
2014-06-26 15:03 - 2014-06-05 19:04 - 00000000 ____D () C:\Users\Finke\Documents\FIFA World
2014-06-26 14:41 - 2014-06-26 14:41 - 00000851 _____ () C:\Users\Finke\Desktop\µTorrent.lnk
2014-06-26 14:41 - 2014-06-26 14:41 - 00000831 _____ () C:\Users\Finke\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-26 14:40 - 2014-06-26 14:40 - 01671504 _____ (BitTorrent Inc.) C:\Users\Finke\Desktop\uTorrent_v.3.4.2_31515.exe
2014-06-26 13:28 - 2013-06-11 19:09 - 00000000 ____D () C:\Users\Finke\AppData\Local\Deployment
2014-06-25 15:04 - 2014-06-05 19:04 - 00001185 _____ () C:\Users\Public\Desktop\EA Sports FIFA World.lnk
2014-06-25 15:03 - 2013-02-08 12:11 - 00990734 _____ () C:\Windows\DirectX.log
2014-06-25 14:26 - 2014-06-14 10:41 - 00000220 _____ () C:\Users\Finke\Desktop\Sid Meier's Civilization V.url
2014-06-25 14:14 - 2014-06-25 14:14 - 00026167 _____ () C:\ComboFix.txt
2014-06-25 14:14 - 2014-06-25 14:00 - 00000000 ____D () C:\Qoobox
2014-06-25 14:14 - 2013-06-11 19:09 - 00000000 ____D () C:\Users\Finke\AppData\Local\Apps\2.0
2014-06-25 14:14 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-06-25 14:13 - 2014-06-25 13:59 - 00000000 ____D () C:\Windows\erdnt
2014-06-25 14:12 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-25 14:08 - 2013-04-06 16:45 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-25 13:59 - 2014-06-25 13:58 - 05211571 ____R (Swearware) C:\Users\Finke\Desktop\ComboFix.exe
2014-06-25 13:56 - 2014-06-25 13:56 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf906c7b3ae06a.job
2014-06-24 17:33 - 2014-06-24 17:33 - 02082816 _____ (Farbar) C:\Users\Finke\Desktop\FRST64.exe
2014-06-24 16:22 - 2014-06-05 18:32 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-06-24 15:18 - 2011-04-12 09:43 - 00710502 _____ () C:\Windows\system32\perfh007.dat
2014-06-24 15:18 - 2011-04-12 09:43 - 00154832 _____ () C:\Windows\system32\perfc007.dat
2014-06-24 15:18 - 2009-07-14 07:13 - 01651686 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-24 13:04 - 2014-06-24 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-06-24 13:04 - 2014-06-24 13:04 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-06-22 17:05 - 2013-11-23 11:01 - 00788480 ___SH () C:\Users\Finke\Desktop\Thumbs.db
2014-06-22 11:39 - 2014-03-08 16:26 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-06-21 18:37 - 2013-02-15 21:02 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-06-21 18:35 - 2013-07-20 14:29 - 00000000 ____D () C:\IgniteGT
2014-06-21 08:38 - 2013-02-15 20:11 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-06-20 18:25 - 2013-04-09 13:51 - 00000000 ____D () C:\ProgramData\Ubisoft
2014-06-20 16:04 - 2014-06-19 16:15 - 00000000 ____D () C:\Users\Finke\AppData\Local\Adobe
2014-06-19 16:14 - 2013-02-09 12:37 - 00002163 _____ () C:\Users\Finke\Desktop\Google Chrome.lnk
2014-06-19 16:14 - 2013-02-08 13:26 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-19 16:12 - 2013-02-08 13:26 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-19 16:12 - 2013-02-08 13:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-19 16:12 - 2013-02-08 13:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-18 14:26 - 2013-12-30 13:44 - 00000000 ____D () C:\Program Files (x86)\Bohemia Interactive
2014-06-17 17:06 - 2013-02-26 16:34 - 00000000 ____D () C:\Users\Finke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-16 16:13 - 2014-06-16 16:13 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-16 16:13 - 2013-12-10 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-16 16:12 - 2013-12-10 00:00 - 00000350 ____H () C:\Windows\Tasks\avast! Emergency Update.job
2014-06-14 13:16 - 2013-02-08 12:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-14 13:12 - 2013-02-08 12:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-14 12:08 - 2013-03-03 15:06 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-14 12:07 - 2014-03-08 16:26 - 00000000 ____D () C:\Temp
2014-06-14 12:07 - 2013-03-03 15:06 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-14 10:38 - 2013-02-09 13:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed III
2014-06-14 10:14 - 2013-04-09 13:31 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-14 10:11 - 2013-03-03 15:05 - 00000000 ____D () C:\Games
2014-06-14 10:09 - 2013-06-11 09:36 - 00000000 ____D () C:\Users\Finke\Desktop\Games
2014-06-14 10:04 - 2013-03-27 10:32 - 00000000 ____D () C:\Users\Finke\Documents\My Games
2014-06-14 09:33 - 2014-06-14 09:33 - 00485368 _____ () C:\Windows\Minidump\061414-13026-01.dmp
2014-06-14 09:33 - 2013-11-21 14:58 - 324532208 _____ () C:\Windows\MEMORY.DMP
2014-06-14 09:33 - 2013-05-26 09:31 - 00000000 ____D () C:\Windows\Minidump
2014-06-11 13:17 - 2014-06-11 13:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-06-11 13:17 - 2014-06-11 13:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-06-11 13:17 - 2014-04-22 13:14 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-06-09 17:34 - 2014-06-07 17:20 - 00000000 ____D () C:\Users\Finke\AppData\Local\SniperV2
2014-06-09 17:22 - 2013-06-12 08:41 - 00012288 ____H () C:\Users\Finke\Desktop\photothumb.db
2014-06-09 10:36 - 2013-10-18 15:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-09 10:35 - 2014-06-09 10:35 - 00004442 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-09 10:35 - 2014-06-09 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-09 10:35 - 2014-01-15 17:45 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-06 15:16 - 2014-06-06 15:16 - 00497360 _____ () C:\Windows\Minidump\060614-14227-01.dmp
2014-06-06 08:40 - 2013-12-05 17:58 - 00000000 ____D () C:\Users\Finke\AppData\Local\NVIDIA Corporation
2014-06-06 08:40 - 2013-02-08 12:12 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-06 08:40 - 2013-02-08 12:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-05 19:04 - 2014-06-05 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Sports FIFA World
2014-06-05 19:04 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-05 18:32 - 2014-06-05 18:31 - 00000000 ____D () C:\Users\Finke\AppData\Local\Origin
2014-06-05 18:29 - 2014-06-05 18:29 - 00000979 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-06-05 18:29 - 2014-06-05 18:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-06-05 17:06 - 2014-06-05 17:06 - 00000221 _____ () C:\Users\Finke\Desktop\Sniper Elite V2.url
2014-06-01 17:17 - 2013-02-08 13:46 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-28 15:35 - 2014-03-23 10:41 - 00000000 ____D () C:\Users\Finke\AppData\Local\Black_Tree_Gaming
2014-05-28 15:17 - 2013-02-08 14:44 - 00000000 ____D () C:\Windows\de
2014-05-28 15:10 - 2014-05-28 15:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
Files to move or delete:
====================
C:\Users\Finke\jagex_cl_runescape_LIVE.dat
C:\Users\Finke\jagex_cl_runescape_LIVE1.dat
C:\Users\Finke\random.dat
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-12-09 21:13
==================== End Of Log ============================
--- --- --- Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2014
Ran by Finke at 2014-06-27 15:41:33
Running from C:\Users\Finke\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.31515 - BitTorrent Inc.)
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.5 - Futuremark Corporation)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.00 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - Reloaded Productions)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version: - Zombie, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Deponia (HKLM-x32\...\Deponia) (Version: 1.0 - Daedalic Entertainment)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 1.0.1087.5 - Infernum Productions AG)
Driver San Francisco (HKLM-x32\...\Driver San Francisco) (Version: 1.4.0.0 - Ubisoft)
EA Sports FIFA World (HKLM-x32\...\{8F9AC744-EEF6-43DB-A4B6-FA1A18F1C640}) (Version: 6.2.0.43717 - Electronic Arts, Inc.)
Edna Bricht Aus - Sammler Edition (HKLM-x32\...\EdnaSE) (Version: 1.2 - Daedalic Entertainment)
EXPERTool v8.5 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 8.5.0.1 - Gainward Co. Ltd.)
Express Burn (HKLM-x32\...\ExpressBurn) (Version: - NCH Software)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{B8E78E04-6020-4CD2-BEAB-7BB6E9EF75C3}) (Version: 4.22.211 - Futuremark)
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.6405.2 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Green Line 4 Sprachtrainer (HKLM-x32\...\{577F714E-6F8C-4257-B936-58D0CF85F314}) (Version: 1.00.000 - Klett)
HAWKEN (HKLM-x32\...\Steam App 271290) (Version: - Adhesive Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Deskjet 1050 J410 series - Grundlegende Software für das Gerät (HKLM\...\{A7096369-9332-466C-8357-08770CDCE277}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Hilfe (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3781 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 25.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 25.0.1 (x86 de)) (Version: 25.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-19caac35-fbb4-4162-80ba-c9dd085caced) (Version: - Epic Games, Inc.)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10600 - Nero AG)
Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.19900.9.11 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.3 - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.151.1095 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Paranormal BETA_5 (HKLM-x32\...\Paranormal) (Version: BETA_5 - Matt Cohen)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PhotoStage Slideshow Producer (HKLM-x32\...\PhotoStage) (Version: - NCH Software)
PlanetSide 2 (HKCU\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.0.68.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Red Orchestra 2: Heroes of Stalingrad - Single Player (HKLM-x32\...\Steam App 236830) (Version: - )
Rising Storm/Red Orchestra 2 Multiplayer (HKLM-x32\...\Steam App 35450) (Version: - Tripwire Interactive)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.4 - Sophos Limited)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Special Force 2 1.0 (HKLM-x32\...\Special Force 2 Beta_is1) (Version: - )
Sprachtrainer Fonts (HKLM-x32\...\{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}) (Version: 1.00.01 - Ernst Klett Verlag GmbH)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP Deskjet 1050 J410 series Produkten (HKLM\...\{F76D4E7F-4AC6-48DC-9ABB-E9769DD24977}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.21d - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
The Cave version 1.0 (HKLM-x32\...\{0260552F-E225-44F3-B29C-715F77F30CCD}_is1) (Version: 1.0 - joker1659)
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version: - Hi-Rez Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player 2.0.5 (HKLM\...\VLC media player) (Version: 2.0.5 - VideoLAN)
War Thunder Launcher 1.0.1.302 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Restore Points =========================
16-06-2014 14:11:55 avast! antivirus system restore point
20-06-2014 16:24:57 Installed Ubisoft Game Launcher
25-06-2014 12:00:13 ComboFix created restore point
25-06-2014 13:00:31 Windows Update
25-06-2014 13:02:56 DirectX wurde installiert
27-06-2014 13:25:28 zoek.exe restore point
==================== Hosts content: ==========================
2009-07-14 04:34 - 2014-06-25 14:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {055FF6A3-DA6E-4D97-988E-2B6F8758EBF3} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\WSCStub.exe
Task: {13642D50-0035-48A6-826E-196EFF996EEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-19] (Adobe Systems Incorporated)
Task: {1DD1C5DC-4156-4F3B-BEE7-A17C3F922B2B} - System32\Tasks\ASUS\i-Setup104713 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {21A6968F-5090-48F9-A5F0-06399CCD5555} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {3CC27586-C647-4EFE-8617-030CE5608DB5} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {4077EC64-7CC7-4FC7-A26A-74F88E6462DA} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\SymErr.exe
Task: {407A4C89-2DA5-4DAA-B64E-9831E6B03D98} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {4ED2D329-356B-4C97-B63F-E7227736805F} - System32\Tasks\{B4B19C2D-256F-4A9E-A823-993164E2BA2A} => Chrome.exe hxxp://ui.skype.com/ui/0/6.3.0.105/de/abandoninstall?source=lightinstaller&page=tsProgressBar
Task: {7C8A545E-68E4-4000-96E6-8EF3E845B056} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-09] (Google Inc.)
Task: {8328B81F-4446-45EA-BEDA-45E3C234150C} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\SymErr.exe
Task: {B44B2E75-489F-4589-91E1-B4E9B5F2A38B} - System32\Tasks\hpUrlLauncher.exe => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\utils\hpUrlLauncher.exe [2010-11-17] (Hewlett-Packard Co.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf906c7b3ae06a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-02-08 12:13 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-02-16 09:57 - 2014-04-27 14:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-27 14:34 - 2014-06-27 14:34 - 02787840 _____ () C:\Program Files\AVAST Software\Avast\defs\14062700\algo.dll
2014-01-21 17:11 - 2012-11-20 17:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
2014-01-21 17:11 - 2013-03-18 15:53 - 07477262 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\avcodec-54.dll
2014-01-21 17:11 - 2013-03-18 15:53 - 00156174 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\keutil-51.dll
2014-01-21 17:11 - 2013-03-18 15:53 - 01191950 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\avformat-54.dll
2014-01-21 17:11 - 2013-03-18 15:53 - 00333326 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\swscale-2.dll
2014-05-23 15:19 - 2014-04-30 02:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 16:07 - 2014-04-30 02:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-23 15:19 - 2014-04-30 02:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-09 15:24 - 2014-04-30 02:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-12 18:10 - 2014-05-17 03:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-23 15:20 - 2014-05-29 19:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-23 15:19 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-02-25 08:39 - 2014-05-29 19:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-02-19 12:48 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-11 10:51 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-06-05 18:31 - 2014-06-26 13:15 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-06-05 18:31 - 2014-06-26 13:15 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-06-05 18:31 - 2014-06-26 13:15 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-06-05 18:31 - 2014-06-26 13:15 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-06-05 18:31 - 2014-06-26 13:15 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-06-05 18:31 - 2014-06-26 13:15 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-06-05 18:31 - 2014-06-26 13:15 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-06-05 18:31 - 2014-06-26 13:15 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2013-12-09 23:59 - 2013-12-09 23:59 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2014-06-14 08:55 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2013-02-08 12:04 - 2012-02-07 18:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-14 08:55 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\Services: Application Updater => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: winzipersvc => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Finke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^crack fifa 14 + keygen.exe.vir => C:\Windows\pss\crack fifa 14 + keygen.exe.vir.Startup
MSCONFIG\startupfolder: C:^Users^Finke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^explorer.exe.vir => C:\Windows\pss\explorer.exe.vir.Startup
MSCONFIG\startupfolder: C:^Users^Finke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Finke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Finke\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: uTorrent => "C:\Users\Finke\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/27/2014 03:37:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2014 02:58:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2014 02:35:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/26/2014 02:44:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm NOTEPAD.EXE, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1084
Startzeit: 01cf913c62f37976
Endzeit: 3
Anwendungspfad: C:\Windows\system32\NOTEPAD.EXE
Berichts-ID: a4d4a5b3-fd2f-11e3-9fc0-10bf487eed43
Error: (06/26/2014 01:15:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 04:49:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 03:19:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 02:59:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CivilizationV_DX11.exe, Version 1.0.3.144 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1304
Startzeit: 01cf9074905a73d9
Endzeit: 164
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exe
Berichts-ID:
Error: (06/25/2014 02:47:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 01:54:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/27/2014 03:38:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (06/27/2014 03:38:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (06/27/2014 03:38:05 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (06/27/2014 03:38:05 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (06/27/2014 03:38:05 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (06/27/2014 03:38:05 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (06/27/2014 03:37:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2140993535
Error: (06/27/2014 03:37:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet:
%%-2140993535
Error: (06/27/2014 03:37:55 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (06/27/2014 03:36:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01a
sfsync04
Microsoft Office Sessions:
=========================
Error: (06/27/2014 03:37:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2014 02:58:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/27/2014 02:35:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/26/2014 02:44:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: NOTEPAD.EXE6.1.7600.16385108401cf913c62f379763C:\Windows\system32\NOTEPAD.EXEa4d4a5b3-fd2f-11e3-9fc0-10bf487eed43
Error: (06/26/2014 01:15:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 04:49:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 03:19:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 02:59:30 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CivilizationV_DX11.exe1.0.3.144130401cf9074905a73d9164C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\CivilizationV_DX11.exe
Error: (06/25/2014 02:47:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/25/2014 01:54:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-06-25 14:11:18.120
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-25 14:11:18.069
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Percentage of memory in use: 28%
Total physical RAM: 8148.65 MB
Available physical RAM: 5859.74 MB
Total Pagefile: 11696.83 MB
Available Pagefile: 8729.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:223.89 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4EBF6974)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
27.06.2014, 15:42
| #8 |
| /// TB-Ausbilder | Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\Finke\jagex_cl_runescape_LIVE.dat
C:\Users\Finke\jagex_cl_runescape_LIVE1.dat
C:\Users\Finke\random.dat
Reboot:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
29.06.2014, 08:27
| #9 |
| | Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Ich brauch noch etwas Zeit! |
|
29.06.2014, 09:24
| #10 |
| /// TB-Ausbilder | Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Ok  |
|
03.07.2014, 18:28
| #11 |
| /// TB-Ausbilder | Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Blackscreen oder Grafikfehler während des Spielens und Pc fiert danach ein |
| andere, avast, blackscreen, eingefrorener bildschirm, friert, gestartet, grafikfehler, guten, immer wieder, malwarede, neu, nicht mehr, ordnung, problem, sekunden, spiele, spielens, vollständig, woche, wochen |
Linear-Darstellung
