Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups

Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups


Log-Analyse und Auswertung: Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 21.01.2014, 14:40   #1
sorrowabused
 
Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups - Standard

Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups


Hallo!

Ich hoffe mir kann hier jemand helfen. Ich habe ein paar Lösungsansätze versucht, kam allerdings bis dato zu keinem Ergebnis.

Seit etwa zwei Wochen plagen mich merkwürdige Werbeeinblendungen und verlinkungen. Bei willkürlichen Klicks auf einem Link (unter FireFox), verlinkt der Tab sich freihändig über mehrere Seiten bis hin zu einer Werbung. Ausserdem tauchen des öfteren in der unteren linken Ecke kleine Werbefenster (Flash) und in der unteren rechten Ecke kleine Skype-Popups (allerdings auch nur Flash) auf. Alles lässt sich schließen, aber die Häufigkeit nimmt zu. Selbst bei Steam tauchen diese Phänomene auf.

Ich habe es bisher mit MalwareBytes, Adwcleaner, AdAware und JRT versucht (nach diversen anderen Foren), allerdings hat keines der Programme etwas gefunden. Leider habe ich davon auch keine Logfiles mehr, kann aber bei Bedarf ein paar anfertigen.

Ich hänge nachfolgend die Logs zu Defogger und FRST an, GMER funktioniert leider nicht. Wärend des Scans stürzt das Programm grundsätzlich ab.


Schritt 1: defogger
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 14:00 on 21/01/2014 (scarecrow)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
HKCU:DAEMON Tools Lite -> Removed

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)


-=E.O.F=-

Schritt 2: FRST
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-01-2014 04
Ran by scarecrow (administrator) on SCARECROW-PC on 21-01-2014 14:03:09
Running from C:\Users\scarecrow\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareTray.exe
(Valve Corporation) F:\Steam\Steam.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareTray.exe [3987288 2013-12-11] ()
HKCU\...\Run: [Steam] - F:\Steam\steam.exe [1815976 2014-01-16] (Valve Corporation)
HKCU\...\Policies\Explorer: [NoInternetOpenWith] 1
MountPoints2: {d14d742d-0feb-11e3-855f-806e6f6e6963} - H:\Bin\ASSETUP.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x98D5FC2ACCA5CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\scarecrow\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\Extensions\ich@maltegoetz.de [2014-01-17]
FF Extension: Real-Debrid - Plugin - C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\Extensions\real@debrid [2014-01-17]
FF Extension: Secure Login - C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\Extensions\secureLogin@blueimp.net [2014-01-17]
FF Extension: YouTube Unblocker - C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-17]
FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\Extensions\info@convert2mp3.net.xpi [2014-01-17]
FF Extension: WEB.DE MailCheck - C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\Extensions\toolbar@web.de.xpi [2014-01-17]
FF Extension: All-in-One Sidebar - C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2014-01-17]
FF Extension: Adblock Plus - C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-17]
FF Extension: {e47172a4-fb9c-46f9-9c3d-50ff1f9cf84e} - C:\Users\scarecrow\AppData\Roaming\Mozilla\Firefox\Profiles\i55tetwn.default\Extensions\{e47172a4-fb9c-46f9-9c3d-50ff1f9cf84e}.xpi [2014-01-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2013-12-20]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-01-08] ()
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [484592 2013-09-26] (BitRaider, LLC)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareService.exe [513736 2013-12-11] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-02] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2727936 2011-12-20] (C-Media Inc)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-11-09] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 BRDriver64; \??\C:\ProgramData\BitRaider\BRDriver64.sys [x]
U4 SR; 
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-21 14:03 - 2014-01-21 14:03 - 00012326 _____ C:\Users\scarecrow\Desktop\FRST.txt
2014-01-21 14:02 - 2014-01-21 14:02 - 00000000 ____D C:\FRST
2014-01-21 14:00 - 2014-01-21 14:00 - 00000660 _____ C:\Users\scarecrow\Desktop\defogger_disable.log
2014-01-21 14:00 - 2014-01-21 14:00 - 00000188 _____ C:\Users\scarecrow\defogger_reenable
2014-01-20 12:36 - 2014-01-20 12:36 - 02076672 _____ (Farbar) C:\Users\scarecrow\Desktop\FRST64.exe
2014-01-20 12:36 - 2014-01-20 12:36 - 00370610 _____ C:\Users\scarecrow\Desktop\gmer_2.1.19323.zip
2014-01-20 12:35 - 2014-01-20 12:35 - 00050477 _____ C:\Users\scarecrow\Desktop\Defogger.exe
2014-01-20 12:27 - 2014-01-20 12:27 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\LavasoftStatistics
2014-01-20 12:18 - 2014-01-20 12:18 - 00000000 ____D C:\Program Files\Lavasoft
2014-01-20 12:17 - 2014-01-20 12:17 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Lavasoft
2014-01-20 12:17 - 2014-01-20 12:17 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2014-01-20 12:16 - 2014-01-20 12:16 - 00000000 ____D C:\ProgramData\Lavasoft
2014-01-20 01:39 - 2014-01-20 01:39 - 00001998 _____ C:\Users\scarecrow\Desktop\mkv2vob.lnk
2014-01-20 01:39 - 2014-01-20 01:39 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mkv2vob
2014-01-20 01:39 - 2014-01-20 01:39 - 00000000 ____D C:\Program Files (x86)\mkv2vob
2014-01-19 21:36 - 2014-01-19 22:08 - 00000813 _____ C:\Users\scarecrow\Desktop\Neues Textdokument (2).txt
2014-01-18 12:27 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-18 12:27 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-18 12:27 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-18 12:27 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-18 12:27 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-18 12:27 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-18 12:27 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-18 12:27 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-18 12:27 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-17 23:45 - 2014-01-17 23:45 - 00000366 _____ C:\Windows\DirectX.log
2014-01-17 15:50 - 2014-01-17 15:50 - 00000000 ___SD C:\Users\scarecrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-01-17 15:50 - 2014-01-17 15:50 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\OpenOffice
2014-01-17 15:50 - 2014-01-17 15:50 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2014-01-17 13:33 - 2014-01-17 13:33 - 00000000 ____D C:\Windows\ERUNT
2014-01-17 13:27 - 2014-01-20 12:09 - 00000000 ____D C:\AdwCleaner
2014-01-17 13:24 - 2014-01-21 14:01 - 00001904 _____ C:\Windows\setupact.log
2014-01-17 13:24 - 2014-01-17 13:24 - 00001638 _____ C:\Windows\PFRO.log
2014-01-17 13:24 - 2014-01-17 13:24 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 13:21 - 2014-01-17 13:21 - 00000000 ____D C:\Users\scarecrow\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-17 12:18 - 2014-01-17 12:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-12 14:18 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-12 14:18 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00357152 _____ C:\Windows\system32\NvIFROpenGL.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00314656 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00168616 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-01-12 14:18 - 2013-12-19 21:33 - 00141336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-01-12 14:18 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-12 14:18 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-10 19:48 - 2014-01-12 10:25 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Awesomium
2014-01-08 00:34 - 2014-01-08 00:47 - 00000000 ____D C:\Users\scarecrow\Documents\DayZ
2014-01-08 00:34 - 2014-01-08 00:46 - 00000000 ____D C:\Users\scarecrow\AppData\Local\DayZ
2014-01-07 23:59 - 2014-01-07 23:59 - 00000000 ____D C:\Users\scarecrow\Documents\Elder Scrolls Online
2014-01-07 23:59 - 2014-01-07 23:59 - 00000000 ____D C:\ProgramData\Elder Scrolls Online
2014-01-07 20:24 - 2014-01-07 20:24 - 00000000 ____D C:\Users\scarecrow\Documents\Wolfire
2014-01-07 20:24 - 2014-01-07 20:24 - 00000000 ____D C:\Users\scarecrow\AppData\Local\Chromium
2014-01-07 20:22 - 2014-01-07 20:22 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overgrowth
2014-01-06 16:44 - 2014-01-06 16:44 - 00000000 ____D C:\Users\scarecrow\Documents\Games for Windows - LIVE Demos
2014-01-06 16:33 - 2014-01-06 16:33 - 00000000 ____D C:\Windows\pss
2014-01-05 22:41 - 2014-01-12 14:14 - 00000000 ____D C:\Users\scarecrow\AppData\Local\Warframe
2014-01-04 02:05 - 2014-01-04 02:05 - 00000000 ____D C:\Users\scarecrow\Documents\wmshua
2014-01-04 00:56 - 2014-01-17 12:20 - 00000000 ____D C:\Program Files (x86)\PdaNet for Android
2014-01-04 00:56 - 2011-11-25 01:25 - 00015360 _____ (June Fabrics Technology Inc.) C:\Windows\system32\Drivers\pneteth.sys
2014-01-04 00:44 - 2014-01-17 12:22 - 00000000 ____D C:\Program Files (x86)\Kingo Android ROOT
2014-01-04 00:44 - 2014-01-04 00:44 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\ZJMedia
2014-01-04 00:44 - 2014-01-04 00:44 - 00000000 ____D C:\Users\scarecrow\AppData\Local\ZJMedia

==================== One Month Modified Files and Folders =======

2014-01-21 14:03 - 2014-01-21 14:03 - 00012326 _____ C:\Users\scarecrow\Desktop\FRST.txt
2014-01-21 14:02 - 2014-01-21 14:02 - 00000000 ____D C:\FRST
2014-01-21 14:01 - 2014-01-17 13:24 - 00001904 _____ C:\Windows\setupact.log
2014-01-21 14:01 - 2013-08-28 15:34 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-21 14:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-21 14:00 - 2014-01-21 14:00 - 00000660 _____ C:\Users\scarecrow\Desktop\defogger_disable.log
2014-01-21 14:00 - 2014-01-21 14:00 - 00000188 _____ C:\Users\scarecrow\defogger_reenable
2014-01-21 14:00 - 2013-08-28 15:26 - 00000000 ____D C:\Users\scarecrow
2014-01-21 14:00 - 2013-08-28 15:15 - 01657158 _____ C:\Windows\WindowsUpdate.log
2014-01-21 13:30 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-21 13:30 - 2009-07-14 05:45 - 00021072 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-20 22:06 - 2013-12-09 11:20 - 00000000 ____D C:\Users\scarecrow\AppData\Local\Last.fm
2014-01-20 20:25 - 2013-11-29 00:03 - 00000000 ____D C:\ProgramData\PMS
2014-01-20 17:38 - 2013-12-09 12:38 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\MyPhoneExplorer
2014-01-20 14:25 - 2013-10-13 17:09 - 00000000 ____D C:\Windows\Re-Aktivierung
2014-01-20 13:09 - 2013-12-12 22:25 - 00001366 _____ C:\Windows\system32\Drivers\etc\hosts.txt
2014-01-20 12:36 - 2014-01-20 12:36 - 02076672 _____ (Farbar) C:\Users\scarecrow\Desktop\FRST64.exe
2014-01-20 12:36 - 2014-01-20 12:36 - 00370610 _____ C:\Users\scarecrow\Desktop\gmer_2.1.19323.zip
2014-01-20 12:35 - 2014-01-20 12:35 - 00050477 _____ C:\Users\scarecrow\Desktop\Defogger.exe
2014-01-20 12:27 - 2014-01-20 12:27 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\LavasoftStatistics
2014-01-20 12:18 - 2014-01-20 12:18 - 00000000 ____D C:\Program Files\Lavasoft
2014-01-20 12:17 - 2014-01-20 12:17 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Lavasoft
2014-01-20 12:17 - 2014-01-20 12:17 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2014-01-20 12:16 - 2014-01-20 12:16 - 00000000 ____D C:\ProgramData\Lavasoft
2014-01-20 12:09 - 2014-01-17 13:27 - 00000000 ____D C:\AdwCleaner
2014-01-20 02:16 - 2013-08-28 20:48 - 00000000 ____D C:\Users\scarecrow\AppData\Local\JDownloader v2.0
2014-01-20 02:11 - 2013-08-28 18:52 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\vlc
2014-01-20 01:39 - 2014-01-20 01:39 - 00001998 _____ C:\Users\scarecrow\Desktop\mkv2vob.lnk
2014-01-20 01:39 - 2014-01-20 01:39 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mkv2vob
2014-01-20 01:39 - 2014-01-20 01:39 - 00000000 ____D C:\Program Files (x86)\mkv2vob
2014-01-19 22:08 - 2014-01-19 21:36 - 00000813 _____ C:\Users\scarecrow\Desktop\Neues Textdokument (2).txt
2014-01-19 03:13 - 2013-09-01 13:40 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Skype
2014-01-19 01:35 - 2013-09-22 23:43 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2014-01-19 01:35 - 2013-09-22 23:43 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2014-01-18 23:12 - 2013-08-28 17:14 - 00000000 ____D C:\Program Files (x86)\Origin
2014-01-18 14:05 - 2010-11-21 07:50 - 00699416 _____ C:\Windows\system32\perfh007.dat
2014-01-18 14:05 - 2010-11-21 07:50 - 00149556 _____ C:\Windows\system32\perfc007.dat
2014-01-18 14:05 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-18 14:02 - 2009-07-14 05:45 - 00396736 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-18 12:29 - 2013-08-28 16:38 - 00000000 ____D C:\Windows\system32\MRT
2014-01-18 12:27 - 2013-08-28 16:38 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-17 23:45 - 2014-01-17 23:45 - 00000366 _____ C:\Windows\DirectX.log
2014-01-17 21:57 - 2013-08-28 15:26 - 00093712 _____ C:\Users\scarecrow\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-17 16:00 - 2013-08-28 18:53 - 00000000 ____D C:\Users\scarecrow\Desktop\Berichtsheft
2014-01-17 15:50 - 2014-01-17 15:50 - 00000000 ___SD C:\Users\scarecrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1
2014-01-17 15:50 - 2014-01-17 15:50 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\OpenOffice
2014-01-17 15:50 - 2014-01-17 15:50 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2014-01-17 15:49 - 2013-10-13 16:42 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-17 15:49 - 2013-10-13 16:42 - 00000000 ____D C:\Program Files\Microsoft Office
2014-01-17 15:49 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2014-01-17 15:48 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2014-01-17 15:48 - 2009-07-14 03:34 - 00000387 _____ C:\Windows\win.ini
2014-01-17 13:33 - 2014-01-17 13:33 - 00000000 ____D C:\Windows\ERUNT
2014-01-17 13:24 - 2014-01-17 13:24 - 00001638 _____ C:\Windows\PFRO.log
2014-01-17 13:24 - 2014-01-17 13:24 - 00000000 _____ C:\Windows\setuperr.log
2014-01-17 13:21 - 2014-01-17 13:21 - 00000000 ____D C:\Users\scarecrow\Documents\Benutzerdefinierte Office-Vorlagen
2014-01-17 12:26 - 2013-12-17 17:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-17 12:22 - 2014-01-04 00:44 - 00000000 ____D C:\Program Files (x86)\Kingo Android ROOT
2014-01-17 12:21 - 2013-08-29 17:25 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2014-01-17 12:21 - 2013-08-28 15:30 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2014-01-17 12:20 - 2014-01-04 00:56 - 00000000 ____D C:\Program Files (x86)\PdaNet for Android
2014-01-17 12:19 - 2013-08-28 15:49 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Mozilla
2014-01-17 12:18 - 2014-01-17 12:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-17 12:18 - 2013-12-20 01:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-17 12:16 - 2013-11-03 09:46 - 00000000 ____D C:\Windows\Minidump
2014-01-16 22:50 - 2013-09-23 00:02 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2014-01-14 21:12 - 2013-09-29 00:54 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-01-12 16:31 - 2013-10-17 22:32 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\TS3Client
2014-01-12 14:20 - 2013-08-28 15:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-12 14:14 - 2014-01-05 22:41 - 00000000 ____D C:\Users\scarecrow\AppData\Local\Warframe
2014-01-12 10:25 - 2014-01-10 19:48 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Awesomium
2014-01-08 00:47 - 2014-01-08 00:34 - 00000000 ____D C:\Users\scarecrow\Documents\DayZ
2014-01-08 00:46 - 2014-01-08 00:34 - 00000000 ____D C:\Users\scarecrow\AppData\Local\DayZ
2014-01-07 23:59 - 2014-01-07 23:59 - 00000000 ____D C:\Users\scarecrow\Documents\Elder Scrolls Online
2014-01-07 23:59 - 2014-01-07 23:59 - 00000000 ____D C:\ProgramData\Elder Scrolls Online
2014-01-07 20:24 - 2014-01-07 20:24 - 00000000 ____D C:\Users\scarecrow\Documents\Wolfire
2014-01-07 20:24 - 2014-01-07 20:24 - 00000000 ____D C:\Users\scarecrow\AppData\Local\Chromium
2014-01-07 20:22 - 2014-01-07 20:22 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overgrowth
2014-01-06 16:44 - 2014-01-06 16:44 - 00000000 ____D C:\Users\scarecrow\Documents\Games for Windows - LIVE Demos
2014-01-06 16:33 - 2014-01-06 16:33 - 00000000 ____D C:\Windows\pss
2014-01-06 16:33 - 2013-08-28 15:27 - 00000000 ___RD C:\Users\scarecrow\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-04 22:32 - 2013-08-28 18:53 - 00001119 _____ C:\Users\scarecrow\Desktop\Neues Textdokument.txt
2014-01-04 02:05 - 2014-01-04 02:05 - 00000000 ____D C:\Users\scarecrow\Documents\wmshua
2014-01-04 00:44 - 2014-01-04 00:44 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\ZJMedia
2014-01-04 00:44 - 2014-01-04 00:44 - 00000000 ____D C:\Users\scarecrow\AppData\Local\ZJMedia
2013-12-27 16:18 - 2013-11-14 23:34 - 00000000 ____D C:\Users\scarecrow\AppData\Roaming\uTorrent
2013-12-26 19:07 - 2013-08-28 17:22 - 00000934 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-12-24 02:43 - 2013-09-01 13:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-12-24 02:43 - 2013-09-01 13:40 - 00000000 ____D C:\ProgramData\Skype

Some content of TEMP:
====================
C:\Users\scarecrow\AppData\Local\Temp\jna2209890819700268543.dll
C:\Users\scarecrow\AppData\Local\Temp\jna5082740804828120018.dll
C:\Users\scarecrow\AppData\Local\Temp\jna7266283488505702158.dll
C:\Users\scarecrow\AppData\Local\Temp\jna7344544420647397244.dll
C:\Users\scarecrow\AppData\Local\Temp\Quarantine.exe
C:\Users\scarecrow\AppData\Local\Temp\sonarinst.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 04:13

==================== End Of Log ============================

Schritt 2.1: FRST Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-01-2014 04
Ran by scarecrow at 2014-01-21 14:03:44
Running from C:\Users\scarecrow\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Ad-Aware Antivirus (Version: 11.1.5152.0 - Lavasoft)
AdAwareInstaller (Version: 11.1.5152.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5152.0 - Lavasoft) Hidden
Adobe Flash Player 10 ActiveX (x32 Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (x32 Version: 10.1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (x32 Version: 12.0.7.148 - Adobe Systems, Inc.)
Anker Precision Laser Gaming Mouse version 1.2 (x32 Version: 1.2 - ANKER Technology)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Assassin's Creed IV Black Flag Version 1.0 (x32 Version: 1.0 - Ubisoft)
ASUS Xonar DG Audio Driver (Version:  - )
Battle.net (x32 Version:  - Blizzard Entertainment)
Battlefield 3™ (x32 Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (x32 Version: 1.0.0.1 - Electronic Arts)
Battlelog Web Plugins (x32 Version: 2.3.2 - EA Digital Illusions CE AB)
Beat Hazard (x32 Version:  - Cold Beam Games)
BioShock Infinite (x32 Version:  - Irrational Games)
BitRaider Web Client (x32 Version: 1.1.8.1 - BitRaider, LLC)
CCleaner (Version: 3.04 - Piriform)
Cheat Engine 6.3 (x32 Version:  - Cheat Engine)
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
Dark Souls: Prepare to Die Edition (x32 Version:  - FromSoftware)
DayZ (x32 Version:  - Bohemia Interactive)
DeathSpank (x32 Version:  - Hothead Games)
ESN Sonar (x32 Version: 0.70.4 - ESN Social Software AB)
FTL: Faster Than Light (x32 Version:  - Subset Games)
Garry's Mod (x32 Version:  - Facepunch Studios) <==== ATTENTION
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
HashCheck Shell Extension (x86-32) (x32 Version: 2.1.11.1 - Kai Liu)
Hearthstone (x32 Version:  - Blizzard Entertainment)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 24 (x32 Version: 6.0.240 - Oracle)
JDownloader 2 (Version: 2.0 - AppWork GmbH)
K-Lite Codec Pack (64-bit) v4.5.0 (Version: 4.5.0 - )
K-Lite Codec Pack 7.0.0 (Full) (x32 Version: 7.0.0 - )
Last.fm Scrobbler 2.1.36 (x32 Version:  - Last.fm)
Launchpad Enhanced (x32 Version: 0.05.000 - SWGEmu)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Mark of the Ninja (x32 Version:  - Klei Entertainment)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
mkv2vob (x32 Version: 2.4.9 - 3r1c)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MyPhoneExplorer (x32 Version: 1.8.5 - F.J. Wechselberger)
Nexus Mod Manager (Version: 0.46.0 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3221 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
OpenAL (x32 Version:  - )
OpenOffice 4.0.1 (x32 Version: 4.01.9714 - Apache Software Foundation)
Origin (x32 Version: 9.1.13.85 - Electronic Arts, Inc.)
Overgrowth (remove only) (x32 Version:  - )
PS3 Media Server (x32 Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.46.610.2011 - Realtek)
Scribblenauts Unlimited (x32 Version:  - 5th Cell Media)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU Version: 0.9.4.185.g7545a404 - Spotify AB)
Star Wars Jedi Knight Jedi Academy (x32 Version:  - )
Star Wars The Old Republic (x32 Version: 7.0.0.6 - Bioware/EA)
Star Wars: The Old Republic (x32 Version: 1.00 - Electronic Arts, Inc.)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (x32 Version:  - Team Meat)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
Terrafirma (x32 Version: 2.0.3.0 - Sean Kasun)
Terraria (x32 Version:  - Re-Logic)
The Binding of Isaac (x32 Version:  - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (x32 Version:  - Bethesda Game Studios)
The Showdown Effect (x32 Version:  - Arrowhead Game Studios)
The Stanley Parable (x32 Version:  - Galactic Cafe)
The Wolf Among Us (x32 Version: 1 - )
Tom Clancy's Splinter Cell® Blacklist™ (x32 Version: 1.03 - Ubisoft)
Tunngle beta (x32 Version:  - Tunngle.net GmbH)
Ultra Utility (x32 Version: v3 Beta 16 - BobaFett)
Unity Web Player (HKCU Version:  - Unity Technologies ApS)
Uplay (x32 Version: 3.0 - Ubisoft)
VLC media player 2.1.2 (x32 Version: 2.1.2 - VideoLAN)
Warframe (x32 Version:  - Digital Extremes)
Winamp (x32 Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.00 (64-Bit) (Version: 4.00.0 - win.rar GmbH)
Wrye Bash (x32 Version: 0.3.0.4 - Wrye & Wrye Bash Development Team)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-12-12 22:25 - 00001391 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
66.199.231.84 www.google-analytics.com.
66.199.231.84 google-analytics.com.
66.199.231.84 connect.facebook.net.
93.115.241.27 www.google-analytics.com.
93.115.241.27 google-analytics.com.
93.115.241.27 connect.facebook.net.


==================== Scheduled Tasks (whitelisted) =============

Task: {756E86D3-E0C6-4600-90B4-061A307C1DFA} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {86A816FB-B745-4E3A-8982-CBE2FC69B2BD} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {94FBB89F-0E19-4254-A030-5183D3504728} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {E8AA4DB1-B82F-424F-80A9-F9157F2B539D} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {FA6003E2-69FE-4389-808E-312517EFAF99} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)

==================== Loaded Modules (whitelisted) =============

2013-12-11 18:23 - 2013-12-11 18:23 - 02088816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareShellExtension.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 02747720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\RCF.dll
2013-08-28 15:20 - 2011-03-02 11:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\pugixml.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00123264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\boost_filesystem-vc100-mt-1_53.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00023928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\boost_system-vc100-mt-1_53.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00055168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\boost_date_time-vc100-mt-1_53.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00102264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\boost_thread-vc100-mt-1_53.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00499576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\boost_locale-vc100-mt-1_53.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00361824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\HtmlFramework.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\libssh2.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\zlib.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00277328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\Logger.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00064856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\DllStorage.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00780656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareTrayDefaultSkin.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00142168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\Localization.dll
2013-12-11 18:23 - 2013-12-11 18:23 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\SQLite.dll
2013-12-14 23:18 - 2013-12-12 23:19 - 00142848 _____ () F:\Steam\libavresample-1.dll
2013-12-14 23:18 - 2013-11-05 02:12 - 00890592 _____ () F:\Steam\libavutil-52.dll
2013-07-01 07:20 - 2014-01-11 00:33 - 00717312 _____ () F:\Steam\SDL2.dll
2013-07-26 13:46 - 2014-01-16 18:39 - 01138088 _____ () F:\Steam\bin\chromehtml.DLL
2013-07-15 13:32 - 2014-01-11 00:33 - 20625832 _____ () F:\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () F:\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () F:\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () F:\Steam\bin\avformat-53.dll
2014-01-17 12:18 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/21/2014 02:03:14 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2014 01:23:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2014 10:07:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: SuperMeatBoy.exe, Version: 0.0.0.0, Zeitstempel: 0x4ee3490b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x424
Startzeit der fehlerhaften Anwendung: 0xSuperMeatBoy.exe0
Pfad der fehlerhaften Anwendung: SuperMeatBoy.exe1
Pfad des fehlerhaften Moduls: SuperMeatBoy.exe2
Berichtskennung: SuperMeatBoy.exe3

Error: (01/20/2014 00:11:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2014 00:04:35 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2014 01:45:38 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tsmuxer.exe, Version: 0.0.0.0, Zeitstempel: 0x48dca20a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000580fa
ID des fehlerhaften Prozesses: 0x5c4
Startzeit der fehlerhaften Anwendung: 0xtsmuxer.exe0
Pfad der fehlerhaften Anwendung: tsmuxer.exe1
Pfad des fehlerhaften Moduls: tsmuxer.exe2
Berichtskennung: tsmuxer.exe3

Error: (01/20/2014 01:45:12 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tsmuxer.exe, Version: 0.0.0.0, Zeitstempel: 0x48dca20a
Name des fehlerhaften Moduls: tsmuxer.exe, Version: 0.0.0.0, Zeitstempel: 0x48dca20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000db95
ID des fehlerhaften Prozesses: 0x1694
Startzeit der fehlerhaften Anwendung: 0xtsmuxer.exe0
Pfad der fehlerhaften Anwendung: tsmuxer.exe1
Pfad des fehlerhaften Moduls: tsmuxer.exe2
Berichtskennung: tsmuxer.exe3

Error: (01/20/2014 01:42:55 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tsmuxer.exe, Version: 0.0.0.0, Zeitstempel: 0x48dca20a
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00058118
ID des fehlerhaften Prozesses: 0x16ec
Startzeit der fehlerhaften Anwendung: 0xtsmuxer.exe0
Pfad der fehlerhaften Anwendung: tsmuxer.exe1
Pfad des fehlerhaften Moduls: tsmuxer.exe2
Berichtskennung: tsmuxer.exe3

Error: (01/19/2014 09:24:45 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2014 11:56:21 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: bf4.exe, Version: 1.0.0.1, Zeitstempel: 0x52b2f858
Name des fehlerhaften Moduls: bf4.exe, Version: 1.0.0.1, Zeitstempel: 0x52b2f858
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000006f809b
ID des fehlerhaften Prozesses: 0xc08
Startzeit der fehlerhaften Anwendung: 0xbf4.exe0
Pfad der fehlerhaften Anwendung: bf4.exe1
Pfad des fehlerhaften Moduls: bf4.exe2
Berichtskennung: bf4.exe3


System errors:
=============
Error: (01/21/2014 02:02:02 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (01/21/2014 01:53:30 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/21/2014 01:22:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Net.Tcp-Portfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/21/2014 01:22:39 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Net.Tcp-Portfreigabedienst erreicht.

Error: (01/19/2014 11:23:39 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/18/2014 01:08:21 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/18/2014 02:13:09 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (01/17/2014 08:18:44 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.


Microsoft Office Sessions:
=========================
Error: (01/21/2014 02:03:14 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/21/2014 01:23:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2014 10:07:06 PM) (Source: Application Error)(User: )
Description: SuperMeatBoy.exe0.0.0.04ee3490bntdll.dll6.1.7601.18247521ea8e7c000000500038e1942401cf16238948937fF:\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exeC:\Windows\SysWOW64\ntdll.dlld095013c-8216-11e3-9da4-f46d0452383f

Error: (01/20/2014 00:11:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2014 00:04:35 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/20/2014 01:45:38 AM) (Source: Application Error)(User: )
Description: tsmuxer.exe0.0.0.048dca20antdll.dll6.1.7601.18247521ea8e7c0000005000580fa5c401cf1578f023c685C:\Program Files (x86)\mkv2vob\tools\tsmuxer.exeC:\Windows\SysWOW64\ntdll.dll2dd59141-816c-11e3-ab14-f46d0452383f

Error: (01/20/2014 01:45:12 AM) (Source: Application Error)(User: )
Description: tsmuxer.exe0.0.0.048dca20atsmuxer.exe0.0.0.048dca20ac00000050000db95169401cf1578dff7fb57C:\Program Files (x86)\mkv2vob\tools\tsmuxer.exeC:\Program Files (x86)\mkv2vob\tools\tsmuxer.exe1dfb1b94-816c-11e3-ab14-f46d0452383f

Error: (01/20/2014 01:42:55 AM) (Source: Application Error)(User: )
Description: tsmuxer.exe0.0.0.048dca20antdll.dll6.1.7601.18247521ea8e7c00000050005811816ec01cf15788ee13212C:\Program Files (x86)\mkv2vob\tools\tsmuxer.exeC:\Windows\SysWOW64\ntdll.dllccda671a-816b-11e3-ab14-f46d0452383f

Error: (01/19/2014 09:24:45 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2014 11:56:21 PM) (Source: Application Error)(User: )
Description: bf4.exe1.0.0.152b2f858bf4.exe1.0.0.152b2f858c000000500000000006f809bc0801cf149f1bf5a5b7F:\Origin Games\Battlefield 4\bf4.exeF:\Origin Games\Battlefield 4\bf4.exebf3acb2e-8093-11e3-b080-f46d0452383f


==================== Memory info =========================== 

Percentage of memory in use: 21%
Total physical RAM: 8190.12 MB
Available physical RAM: 6408.04 MB
Total Pagefile: 16378.41 MB
Available Pagefile: 14475.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.83 GB) (Free:3.53 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Musik) (Fixed) (Total:58.58 GB) (Free:9.96 GB) NTFS
Drive f: (Games) (Fixed) (Total:358.34 GB) (Free:60.24 GB) NTFS
Drive i: (Volume) (Fixed) (Total:298.08 GB) (Free:11.83 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: 435FE2AB)
Partition 1: (Not Active) - (Size=298 GB) - (Type=42)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 16FDD526)
Partition 1: (Active) - (Size=49 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=358 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Schritt 3: GMER
- Leider nicht vorhanden... gibt es vielleicht noch einen Kniff wie ich es doch zum laufen bekomme?


Ich hoffe das liefert schonmal etwas Aufschluss. Bis auf jene Werbeprobleme läuft der PC ziemlich flüssig, also habe ich keine weiteren Probleme. Vielleicht kann mir ja jemand helfen, ich wäre sehr verbunden.

mfg
Simon

 

Themen zu Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups
4d36e972-e325-11ce-bfc1-08002be10318, ad-aware, adblock, antivirus, browser, converter, defender, explorer, firefox, flash player, helper, homepage, iexplore.exe, installation, launch, mozilla, musik, nexus, ntdll.dll, popup, popups, registry, required, security, seiten, services.exe, software, system, temp, werbefenster, windows xp, wärend


« WinXP - Weißer Bildschirm nach Anmeldung bei einem User - Abgesicherter Modus funktioniert - FRST32 bricht ab | SProtector 1.66.1133 entfernen. »


Ähnliche Themen: Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups


  1. Pop Ups und Weiterleitung zu Werbeseiten, schadsoftware installiert durch streaming software, Widerherstellung nicht möglich.
    Log-Analyse und Auswertung - 28.05.2015 (16)
  2. Ständig öffnen sich werbeseiten und Popups!
    Plagegeister aller Art und deren Bekämpfung - 01.03.2015 (17)
  3. Windows 7: ständige Weiterleitung auf Werbeseiten
    Log-Analyse und Auswertung - 31.07.2014 (9)
  4. Ständige Weiterleitung auf ominöse Werbeseiten bei Firefox mit Windows 7
    Plagegeister aller Art und deren Bekämpfung - 23.05.2014 (18)
  5. Merkwürdige Popups im Browser/auf dem Laptop(Desktop)|Bereits erste Versuche unternommen
    Log-Analyse und Auswertung - 28.09.2013 (11)
  6. Merkwürdige, plötzlich auftauchende Fake-Popups. Virus?
    Log-Analyse und Auswertung - 05.07.2013 (15)
  7. Suchmaschinen Weiterleitung auf Werbeseiten
    Plagegeister aller Art und deren Bekämpfung - 07.06.2013 (8)
  8. Weiterleitung auf Werbeseiten bei Google-Recherche
    Log-Analyse und Auswertung - 09.10.2012 (39)
  9. Ständig Weiterleitung auf unerwünschte Werbeseiten
    Plagegeister aller Art und deren Bekämpfung - 20.07.2012 (13)
  10. Weiterleitung auf Werbeseiten / Windows Sicherheitscenter deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 16.04.2012 (13)
  11. Weiterleitung auf Werbeseiten bei Google-Suchergebnissen
    Log-Analyse und Auswertung - 04.12.2011 (1)
  12. Automatische Weiterleitung zu Werbeseiten beim Anklicken von Google Suchergebnissen
    Log-Analyse und Auswertung - 15.11.2011 (21)
  13. Blue Screen, Weiterleitung auf Werbeseiten, Laufwerke nicht erkannt Hilfe!
    Plagegeister aller Art und deren Bekämpfung - 28.06.2009 (0)
  14. Weiterleitung auf Werbeseiten und anderes
    Mülltonne - 26.11.2008 (2)
  15. Weiterleitung zu Werbeseiten bei Googleergebnissen
    Plagegeister aller Art und deren Bekämpfung - 04.03.2008 (0)
  16. lächerlich hohe Auslastung und merkwürdige Popups
    Mülltonne - 28.08.2007 (0)
  17. Merkwürdige Weiterleitung
    Log-Analyse und Auswertung - 20.06.2006 (10)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups - Hallo! Ich hoffe mir kann hier jemand helfen. Ich habe ein paar Lösungsansätze versucht, kam allerdings bis dato zu keinem Ergebnis. Seit etwa zwei Wochen plagen mich merkwürdige Werbeeinblendungen und - Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups...
Archiv
Du betrachtest: Win7: Weiterleitung auf Werbeseiten, merkwürdige Popups auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19