Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Iminet - Windows 7 - nicht löschbar

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 05.03.2014, 12:38   #1
eims
 
Iminet - Windows 7 - nicht löschbar - Standard

Iminet - Windows 7 - nicht löschbar



Moin Moin,

ich habe mir gestern auf meinem Windows 7-PC ein Schriftfont installiert und dabei wohl Iminent gefangen. Nun habe ich schon als Laie einiges versucht, aber es verschwindet nicht.

Ich starte immer wieder bei hxxp://start.iminent.com/StartWeb/1031/homepage/ egal wasich alles versuche.

Generell ist der PC mit Avast geschützt.



Schritt 1:
  • Deinstalliert: Iminent (gestern), CC Cleaner, Spybot
  • Startseite Chrome verändert.
  • Suchmaschine Iminet bei Chrome entfernt
  • Verlauf, etc. geleert

Schritt 2:
ADW-Cleaner laufen lassen.

Code:
ATTFilter
# AdwCleaner v3.020 - Bericht erstellt am 05/03/2014 um 11:54:55
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : XXX- ZOCKSTATION
# Gestartet von : C:\Users\XXX\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v19.0.2 (de)

[ Datei : C:\Users\XXX\AppData\Roaming\Mozilla\Firefox\Profiles\uwqnhpc7.default\prefs.js ]


-\\ Google Chrome v33.0.1750.146

[ Datei : C:\Users\XXX\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [7038 octets] - [04/03/2014 14:50:29]
AdwCleaner[R1].txt - [1048 octets] - [05/03/2014 08:27:33]
AdwCleaner[R2].txt - [1169 octets] - [05/03/2014 11:54:12]
AdwCleaner[S0].txt - [6489 octets] - [04/03/2014 14:51:25]
AdwCleaner[S1].txt - [1110 octets] - [05/03/2014 08:34:40]
AdwCleaner[S2].txt - [1091 octets] - [05/03/2014 11:54:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1151 octets] ##########
         

Schritt 3:
ESET Online:
Code:
ATTFilter
C:\Users\XXX\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YWOTQ3AA\IMinentToolbar[1].exe	Win32/Toolbar.Montiera.E evtl. unerwünschte Anwendung	gelöscht - in Quarantäne kopiert
C:\Users\bes\Documents\The Witcher\Witcher Trainer.exe	Variante von Win32/GameHack.F potenziell unsichere Anwendung	gelöscht - in Quarantäne kopiert
         
Schritt 4:
TFC funktioniert bei mir nicht. Selbst als Admin gestartet passiert nix, außer dass der ganze PC hängt und per Stromtrennung neu gestartet werden muss. Komme nicht einmal in den Tastmanager.

Schritt 5:
Defogger geht ebenfalls nicht.
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:21 on 05/03/2014 (xxx)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         
Schritt 6:
FRST ausgeführt.

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2014 02
Ran by xxx (administrator) on ZOCKSTATION on 05-03-2014 12:23:14
Running from C:\Users\xxx\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8067616 2009-08-18] (Realtek Semiconductor)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-11] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-370369212-4230283123-1917507749-1001\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-05-24] (AMD)
HKU\S-1-5-21-370369212-4230283123-1917507749-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] - C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-370369212-4230283123-1917507749-1001\...\MountPoints2: {0e4ca233-3007-11e2-9be2-00252283a1ee} - E:\pushinst.exe
AppInit_DLLs-x32: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll" File Not Found
Startup: C:\Users\bes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x39E28CC7E6A0CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&r=
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\bes\AppData\Roaming\Mozilla\Firefox\Profiles\uwqnhpc7.default
FF Homepage: www.t-online.de
FF SelectedSearchEngine: StartWeb
FF Homepage: user_pref("browser.startup.homepage", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()
FF Plugin: @videolan.org/vlc,version=2.0.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-10-02]

Chrome: 
=======
CHR HomePage: hxxp://www.t-online.de/
CHR RestoreOnStartup: "sync": {
      "acknowledged_types": [ "Bookmarks", "Preferences", "Passwords", "Autofill Profiles", "Autofill", "Themes", "Typed URLs", "Extensions", "Search Engines", "Sessions", "Apps", "App settings", "Extension settings", "App Notifications", "History Delete Directives", "Dictionary", "Favicon Images", "Favicon Tracking", "Priority Preferences", "Tabs", "Encryption keys" ],
      "app_notifications": true,
      "app_settings": true,
      "apps": true,
      "autofill": true,
      "autofill_profile": true,
      "bookmarks": false,
      "dictionary": true,
      "encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAOXSprh8/OkyJ1y6FL4DrhgAAAAACAAAAAAAQZgAAAAEAACAAAABE9qBTTeXftAHUAdEVOSP3aKAswd7xdIOCGhw9iFdhRgAAAAAOgAAAAAIAACAAAADHICL0sgsiSHF5NcKgrTTGpGa3xB9tnBYRYYfiRTz56EAAAAAhwh/UkuWVKptOmbsZF0FtkD24y2HqftWReYeZzzkB5JxQsoW8InU2+h5jKrxhbbwbV38Oy93mnfou8bRNpwTKQAAAABh9HwsT9elo4wXnfmspMO1TBFBc5qUmkHCx+o46+gp+828dCZJfY40G5zZTP08cDXztog1Pgz7vJkdEMB3Pfgg=",
      "extension_settings": true,
      "extensions": true,
      "favicon_images": true,
      "favicon_tracking": true,
      "favicons_syncing_enabled": true,
      "has_setup_completed": true,
      "history_delete_directives": true,
      "keep_everything_synced": false,
      "keystore_encryption_bootstrap_token": "AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAdf4GiUp2802Rh6xMAlOmEwAAAAACAAAAAAAQZgAAAAEAACAAAADO9+87Oy+iTG6dNOEhuhcTMh1qWNHbpAevXIKPiQD64wAAAAAOgAAAAAIAACAAAAB0mnYusMbvunRCCt5qmrBwi/SJbgD1HIz9AbGrwc964lAAAAAlqvAQSvtuBFd/89ZkJQ2PAy1eeAYTlzgs6g0s2Hlzdl77cae9D3wXzzOKIknHkAZyW4WtCm3haj8y/ee056LAUtLqa/OnO1FeM4PQofntkUAAAAAZnp9YLnJ1C/exvMSPzZ3JkjqRmozpHcu7SUx2w1FMsVJiOToJrOiyhW63mClQWtpLb/gPZI1WOlfl0sTc6EwY",
      "last_synced_time": "13038491967582765",
      "passwords": true,
      "preferences": true,
      "priority_preferences": true,
      "search_engines": true,
      "session_sync_guid": "session_syncOcWGUrqX53ahAv0Uws7GlA==",
      "sessions": true,
      "suppress_start": false,
      "tabs": true,
      "themes": true,
      "typed_urls"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Extension: (Google Docs) - C:\Users\bes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-23]
CHR Extension: (Google Drive) - C:\Users\bes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-23]
CHR Extension: (YouTube) - C:\Users\bes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-23]
CHR Extension: (Google-Suche) - C:\Users\bes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-23]
CHR Extension: (Google Wallet) - C:\Users\bes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Google Mail) - C:\Users\bes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-23]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-11] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-25] ()

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-11] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-02] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-12] (DT Soft Ltd)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-05 12:23 - 2014-03-05 12:23 - 00016454 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-03-05 12:23 - 2014-03-05 12:23 - 00000000 ____D () C:\FRST
2014-03-05 12:20 - 2014-03-05 12:21 - 00000468 _____ () C:\Users\xxx\Downloads\defogger_disable.log
2014-03-05 12:20 - 2014-03-05 12:20 - 02156544 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-03-05 12:20 - 2014-03-05 12:20 - 00000000 _____ () C:\Users\bes\defogger_reenable
2014-03-05 12:19 - 2014-03-05 12:19 - 00050477 _____ () C:\Users\xxx\Downloads\Defogger.exe
2014-03-05 11:59 - 2014-03-05 11:59 - 00448512 _____ (OldTimer Tools) C:\Users\xxx\Downloads\TFC.exe
2014-03-05 10:34 - 2014-03-05 11:57 - 00001964 _____ () C:\Users\bes\Desktop\Neues Textdokument.txt
2014-03-05 10:31 - 2014-03-05 10:32 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-05 08:48 - 2014-03-05 08:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-05 08:48 - 2014-03-05 08:49 - 00000000 ____D () C:\Program Files\iTunes
2014-03-05 08:48 - 2014-03-05 08:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-05 08:48 - 2014-03-05 08:48 - 00000000 ____D () C:\Program Files\iPod
2014-03-05 08:34 - 2014-03-05 08:34 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-05 08:29 - 2014-03-05 08:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-04 14:50 - 2014-03-05 11:54 - 00000000 ____D () C:\AdwCleaner
2014-03-04 14:49 - 2014-03-04 14:50 - 01244192 _____ () C:\Users\xxx\Downloads\adwcleaner.exe
2014-03-04 09:11 - 2014-03-04 09:11 - 00000000 ____D () C:\Users\bes\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2014-02-25 21:40 - 2014-02-25 22:07 - 00000000 ____D () C:\Users\xxx\AppData\Local\Ubisoft Game Launcher
2014-02-25 21:40 - 2014-02-25 21:50 - 00000000 ____D () C:\Users\xxx\Documents\Assassin's Creed III
2014-02-25 21:40 - 2014-02-25 21:40 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-25 21:40 - 2014-02-25 21:40 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-25 21:40 - 2014-02-25 21:40 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-25 21:40 - 2014-02-25 21:40 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-25 21:40 - 2014-02-24 13:45 - 03123272 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-02-24 07:59 - 2014-02-24 07:59 - 00000000 ____D () C:\Windows\de
2014-02-24 07:58 - 2014-02-24 07:58 - 00000000 ____D () C:\Program Files\Windows Live
2014-02-21 16:52 - 2014-02-21 16:52 - 00000000 ____D () C:\Users\bes\AppData\Roaming\WDC
2014-02-21 16:49 - 2014-02-21 16:49 - 00000000 ____D () C:\ProgramData\Sun
2014-02-21 16:49 - 2014-02-21 16:49 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-21 16:48 - 2014-02-21 16:48 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-21 16:48 - 2014-02-21 16:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-21 16:48 - 2014-02-21 16:48 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-21 16:48 - 2014-02-21 16:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-21 16:48 - 2014-02-21 16:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-19 17:19 - 2014-02-19 17:19 - 00000000 ____D () C:\Users\xxx\Documents\Rechtsstreit Tadago
2014-02-14 21:04 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 21:04 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 21:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 21:04 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 21:04 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 21:04 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 21:04 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 21:04 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 21:04 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 21:04 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-14 21:04 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-14 21:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-14 21:04 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-14 21:04 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-14 21:04 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-14 21:04 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-14 21:04 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-14 21:04 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-14 11:01 - 2014-02-14 11:01 - 00000000 ____D () C:\Users\bes\AppData\Local\WB Games
2014-02-14 09:55 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-14 09:55 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 09:55 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-14 09:55 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-14 09:28 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-14 09:28 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 09:24 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 09:24 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 09:24 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-14 09:24 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-14 09:16 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 09:16 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-14 09:14 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 09:14 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 09:14 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 09:14 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 09:14 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 09:14 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 09:14 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 09:14 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 09:14 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 09:14 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 09:14 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 09:14 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 09:14 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 09:14 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-14 09:14 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 09:14 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-14 09:14 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-14 09:14 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-14 09:14 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 09:14 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-14 09:14 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-14 09:14 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 09:14 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-14 09:14 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-14 09:14 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-14 09:14 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-14 09:14 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 09:14 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 09:14 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-14 09:14 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-14 09:14 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 09:14 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-14 09:14 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 09:14 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-14 09:14 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-14 09:13 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-14 09:13 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 09:13 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-14 09:13 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

==================== One Month Modified Files and Folders =======

2014-03-05 12:23 - 2014-03-05 12:23 - 00016454 _____ () C:\Users\xxx\Downloads\FRST.txt
2014-03-05 12:23 - 2014-03-05 12:23 - 00000000 ____D () C:\FRST
2014-03-05 12:21 - 2014-03-05 12:20 - 00000468 _____ () C:\Users\xxx\Downloads\defogger_disable.log
2014-03-05 12:21 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-05 12:21 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-05 12:20 - 2014-03-05 12:20 - 02156544 _____ (Farbar) C:\Users\xxx\Downloads\FRST64.exe
2014-03-05 12:20 - 2014-03-05 12:20 - 00000000 _____ () C:\Users\bes\defogger_reenable
2014-03-05 12:20 - 2012-10-02 22:27 - 00000000 ____D () C:\Users\bes
2014-03-05 12:19 - 2014-03-05 12:19 - 00050477 _____ () C:\Users\xxx\Downloads\Defogger.exe
2014-03-05 12:17 - 2012-10-02 22:23 - 01368611 _____ () C:\Windows\WindowsUpdate.log
2014-03-05 12:14 - 2013-03-23 09:22 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-05 12:14 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-05 12:13 - 2013-09-19 18:22 - 00017397 _____ () C:\Windows\setupact.log
2014-03-05 12:02 - 2012-10-02 22:48 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-05 12:00 - 2013-03-23 09:22 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-05 11:59 - 2014-03-05 11:59 - 00448512 _____ (OldTimer Tools) C:\Users\xxx\Downloads\TFC.exe
2014-03-05 11:57 - 2014-03-05 10:34 - 00001964 _____ () C:\Users\bes\Desktop\Neues Textdokument.txt
2014-03-05 11:55 - 2014-01-06 22:06 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-03-05 11:55 - 2013-09-19 18:22 - 00250164 _____ () C:\Windows\PFRO.log
2014-03-05 11:54 - 2014-03-04 14:50 - 00000000 ____D () C:\AdwCleaner
2014-03-05 11:17 - 2014-02-01 17:40 - 00000000 ____D () C:\Users\bes\Documents\The Witcher
2014-03-05 10:40 - 2013-01-28 21:48 - 00000000 ____D () C:\Users\bes\AppData\Roaming\vlc
2014-03-05 10:32 - 2014-03-05 10:31 - 00000085 _____ () C:\Windows\wininit.ini
2014-03-05 10:32 - 2014-01-06 22:06 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-05 10:30 - 2013-05-21 20:39 - 00000000 ____D () C:\Program Files (x86)\FreeTime
2014-03-05 09:15 - 2012-11-16 19:26 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-05 08:55 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-03-05 08:55 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-03-05 08:55 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-05 08:49 - 2014-03-05 08:48 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-05 08:49 - 2014-03-05 08:48 - 00000000 ____D () C:\Program Files\iTunes
2014-03-05 08:49 - 2014-03-05 08:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-05 08:48 - 2014-03-05 08:48 - 00000000 ____D () C:\Program Files\iPod
2014-03-05 08:34 - 2014-03-05 08:34 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-05 08:29 - 2014-03-05 08:29 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-03-04 15:04 - 2014-02-01 17:40 - 00000000 ____D () C:\Users\bes\AppData\Local\The Witcher
2014-03-04 14:57 - 2012-10-28 10:57 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-04 14:50 - 2014-03-04 14:49 - 01244192 _____ () C:\Users\bes\Downloads\adwcleaner.exe
2014-03-04 09:30 - 2012-10-02 22:41 - 00064800 _____ () C:\Users\xxx\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-04 09:29 - 2009-07-14 05:45 - 00296632 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-04 09:11 - 2014-03-04 09:11 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl
2014-03-04 09:11 - 2012-10-02 23:08 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 09:11 - 2012-10-02 23:08 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-27 18:02 - 2012-10-02 23:08 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 16:21 - 2012-10-03 15:06 - 00000000 ____D () C:\Users\xxx\AppData\Local\Paint.NET
2014-02-25 22:07 - 2014-02-25 21:40 - 00000000 ____D () C:\Users\bes\AppData\Local\Ubisoft Game Launcher
2014-02-25 21:50 - 2014-02-25 21:40 - 00000000 ____D () C:\Users\bes\Documents\Assassin's Creed III
2014-02-25 21:40 - 2014-02-25 21:40 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-25 21:40 - 2014-02-25 21:40 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-25 21:40 - 2014-02-25 21:40 - 00000000 ____D () C:\Users\bes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-25 21:40 - 2014-02-25 21:40 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-25 21:39 - 2013-10-03 13:44 - 00083498 _____ () C:\Windows\DirectX.log
2014-02-24 13:45 - 2014-02-25 21:40 - 03123272 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-02-24 07:59 - 2014-02-24 07:59 - 00000000 ____D () C:\Windows\de
2014-02-24 07:58 - 2014-02-24 07:58 - 00000000 ____D () C:\Program Files\Windows Live
2014-02-24 07:58 - 2012-10-02 23:11 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-22 09:17 - 2012-10-02 23:02 - 00000000 ____D () C:\Users\xxx\AppData\Local\Windows Live
2014-02-21 16:52 - 2014-02-21 16:52 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\WDC
2014-02-21 16:49 - 2014-02-21 16:49 - 00000000 ____D () C:\ProgramData\Sun
2014-02-21 16:49 - 2014-02-21 16:49 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-21 16:48 - 2014-02-21 16:48 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-21 16:48 - 2014-02-21 16:48 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-21 16:48 - 2014-02-21 16:48 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-21 16:48 - 2014-02-21 16:48 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-21 16:48 - 2014-02-21 16:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-21 15:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-19 17:19 - 2014-02-19 17:19 - 00000000 ____D () C:\Users\xxx\Documents\Rechtsstreit Tadago
2014-02-18 17:01 - 2013-10-01 13:37 - 00000000 ____D () C:\Users\xxx\AppData\Roaming\HpUpdate
2014-02-17 14:55 - 2013-03-23 09:22 - 00004100 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 14:55 - 2013-03-23 09:22 - 00003848 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-15 21:48 - 2013-08-15 20:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 21:46 - 2012-10-03 10:27 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 11:01 - 2014-02-14 11:01 - 00000000 ____D () C:\Users\bes\AppData\Local\WB Games
2014-02-11 15:51 - 2014-01-02 17:43 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-11 15:51 - 2012-10-02 22:48 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-11 15:51 - 2012-10-02 22:48 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-11 15:51 - 2012-10-02 22:48 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-11 15:51 - 2012-10-02 22:48 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-11 15:51 - 2012-10-02 22:47 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-06 13:16 - 2014-02-14 09:14 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-14 09:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-14 09:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-14 09:14 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-14 09:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-14 09:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-14 09:14 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-14 09:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-14 09:14 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-14 09:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-14 09:14 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-14 09:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-14 09:13 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-14 09:14 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-14 09:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-14 09:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-14 09:13 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-14 09:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-14 09:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 09:14 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-14 09:14 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-14 09:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 09:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-14 09:14 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-14 09:14 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-14 09:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-14 09:14 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-14 09:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:25 - 2014-02-14 09:13 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:24 - 2014-02-14 09:14 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-14 09:14 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-14 09:14 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 09:14 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 09:13 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-14 09:14 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-14 09:14 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-14 09:14 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-14 09:14 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-14 09:14 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 09:09 - 2013-02-06 11:10 - 00000000 ____D () C:\Users\bes\AppData\Roaming\FileZilla
2014-02-03 14:44 - 2014-02-02 21:17 - 00000000 ____D () C:\Users\bes\Desktop\Bahn - HVV

Some content of TEMP:
====================
C:\Users\xxx\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-03 17:34

==================== End Of Log ============================
         
--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2014 02
Ran by bes at 2014-03-05 12:23:46
Running from C:\Users\bes\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio 2012 v.10.0.15 (HKLM-x32\...\Ashampoo Burning Studio 2012_is1) (Version: 10.0.15 - Ashampoo GmbH & Co. KG)
Assassin’s Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
ATI AVIVO64 Codecs (Version: 11.6.0.10524 - ATI Technologies Inc.) Hidden
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.1219.1521.27485 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
DAoC Portal (HKLM-x32\...\{EC9359B3-2548-4DB1-B322-6D71A17501F9}) (Version: 2.8.2 - Dawn of Light)
DAOC-Charplan (HKLM-x32\...\DAOCCharplan) (Version:  - )
Dark Age of Camelot (HKLM-x32\...\Dark Age of Camelot) (Version:  - Electronic Arts)
Day of Defeat (HKLM-x32\...\Steam App 30) (Version:  - Valve)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dropbox (HKCU\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.206.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 19.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 19.0.2 (x86 de)) (Version: 19.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 19.0.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{B28DBCBA-60F8-40ED-B35B-F510C327946C}) (Version: 4.00.9702 - Apache Software Foundation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller  Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0008 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.0.133.gd18ed589 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TeamViewer 7 (HKLM-x32\...\TeamViewer 7) (Version: 7.0.14563 - TeamViewer)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version:  - Team17)

==================== Restore Points  =========================

21-02-2014 15:48:04 Installed Java 7 Update 51
23-02-2014 17:14:07 Windows Live Essentials
23-02-2014 17:17:08 DirectX wurde installiert
23-02-2014 17:17:34 DirectX wurde installiert
23-02-2014 17:17:59 DirectX wurde installiert
23-02-2014 17:19:05 WLSetup
24-02-2014 06:55:41 Windows Live Essentials
24-02-2014 06:56:13 DirectX wurde installiert
24-02-2014 06:56:29 DirectX wurde installiert
24-02-2014 06:56:54 DirectX wurde installiert
24-02-2014 06:57:55 WLSetup
25-02-2014 17:08:42 Windows Update
25-02-2014 17:38:17 Windows Update
25-02-2014 20:36:45 DirectX wurde installiert
26-02-2014 15:49:30 Windows Update
27-02-2014 16:59:29 Windows Update
04-03-2014 09:42:19 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {86C79B9C-DDA7-4867-A011-3B7AC425664B} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {8E51ADAB-7FDA-4476-A736-2135A2B073E1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-23] (Google Inc.)
Task: {C5B43257-D72D-46F4-BC7F-63FEFCF1D531} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-11] (AVAST Software)
Task: {F091B59F-97F1-45EE-88F2-528A3F662CC6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-23] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-02-25 21:40 - 2014-02-25 21:40 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-04 22:43 - 2014-03-04 20:03 - 02186240 _____ () C:\Program Files\AVAST Software\Avast\defs\14030401\algo.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-05 09:51 - 2013-12-05 09:51 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-04 09:05 - 2014-03-02 03:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2013-08-07 20:25 - 2013-08-07 20:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-03-04 09:05 - 2014-03-02 03:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 09:05 - 2014-03-02 03:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 09:05 - 2014-03-02 03:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 09:05 - 2014-03-02 03:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 09:05 - 2014-03-02 03:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/05/2014 00:15:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2014 00:03:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2014 11:57:41 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2014 10:33:56 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/05/2014 10:33:56 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/05/2014 08:39:23 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/05/2014 08:39:17 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/05/2014 08:37:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2014 08:34:59 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/05/2014 08:34:59 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.


System errors:
=============
Error: (03/05/2014 00:13:45 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/05/2014 00:13:52 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎05.‎03.‎2014 um 12:11:49 unerwartet heruntergefahren.

Error: (03/05/2014 00:01:49 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/05/2014 00:01:56 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎05.‎03.‎2014 um 12:00:50 unerwartet heruntergefahren.

Error: (03/05/2014 11:55:50 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/05/2014 08:36:26 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/05/2014 08:34:59 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (03/05/2014 08:22:26 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/04/2014 10:41:03 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.

Error: (03/04/2014 02:52:23 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT-AUTORITÄT)
Description: Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich an den Computerhersteller, um aktualisierte Firmware zu erhalten.


Microsoft Office Sessions:
=========================
Error: (03/05/2014 00:15:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2014 00:03:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2014 11:57:41 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2014 10:33:56 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bes\Downloads\esetsmartinstaller_deu.exe

Error: (03/05/2014 10:33:56 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bes\Downloads\esetsmartinstaller_deu (1).exe

Error: (03/05/2014 08:39:23 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bes\Downloads\esetsmartinstaller_deu (1).exe

Error: (03/05/2014 08:39:17 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bes\Downloads\esetsmartinstaller_deu (1).exe

Error: (03/05/2014 08:37:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/05/2014 08:34:59 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bes\Downloads\esetsmartinstaller_deu.exe

Error: (03/05/2014 08:34:59 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\bes\Downloads\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Percentage of memory in use: 44%
Total physical RAM: 3263.3 MB
Available physical RAM: 1819.31 MB
Total Pagefile: 6524.79 MB
Available Pagefile: 4784.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:267.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 8DA95417)
Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---





Breche nun ab und warte besser auf Hilfe

Danke und viele Grüße


///
Edit:

Habe jetzt noch folgendes gemacht und es ist wohl weg.

Code:
ATTFilter
Google Chrome:

Starten Sie den Browser, drücken Sie gleichzeitig Alt+F und klicken Sie auf Einstellungen.
Gehen Sie zu Beim Start, wählen Sie Seiten festlegen, entfernen/ändern Sie die URL und klicken Sie auf OK.
Gehen Sie zu Erscheinungsbild, wählen Sie Schaltfläche „Startseite“ anzeigen, klicken Sie auf Ändern, entfernen/ändern Sie die URL und klicken Sie auf OK.
Gehen Sie zu Suche, wählen Sie Suchmaschinen verwalten, entfernen Sie (X) den unerwünschten Suchanbieter und klicken Sie auf OK.

Ich wäre trotzdem dankbar, wenn die Experten einen Blick über die Logs werfen würden bitte.
Vielleicht ist ja sonst noch was an der Kiste im Argen.
         
Danke vielmals.

Alt 05.03.2014, 13:41   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Iminet - Windows 7 - nicht löschbar - Standard

Iminet - Windows 7 - nicht löschbar



Hi,

also keine Probleme mehr?
__________________

__________________

Alt 06.03.2014, 13:09   #3
eims
 
Iminet - Windows 7 - nicht löschbar - Standard

Iminet - Windows 7 - nicht löschbar



alles ok!
__________________

Alt 07.03.2014, 13:17   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Iminet - Windows 7 - nicht löschbar - Standard

Iminet - Windows 7 - nicht löschbar



gudd
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Iminet - Windows 7 - nicht löschbar
antivirus, bonjour, branding, browser, error, fehler, firefox, flash player, ftp, google, hängt, internet, internet explorer, lws.exe, mozilla, netzwerk, preferences, prozessor, realtek, registrierungsdatenbank, registry, scan, security, services.exe, software, stick, suchmaschine, svchost.exe, win32/gamehack.f, windows



Ähnliche Themen: Iminet - Windows 7 - nicht löschbar


  1. mysearch Browser im Windows IE nicht Löschbar, dazu Malwarebytes Warnmeldung
    Plagegeister aller Art und deren Bekämpfung - 09.04.2015 (1)
  2. Windows 7 x64, Avast blockiert im sekundentakt werbung, Google chrome erweiterung "Unisiallees" unbekannt nicht löschbar
    Log-Analyse und Auswertung - 22.01.2015 (17)
  3. Nach Instalation von Iminet,kein Netzwerk mehr (kein internet mehr) Goggle Chrome und IE lassen sich nicht öffnen(weißer Bildschirm)
    Plagegeister aller Art und deren Bekämpfung - 27.12.2014 (1)
  4. WIN7: C:\windows\system32\myosprotect.dll idst nicht löschbar
    Log-Analyse und Auswertung - 20.11.2014 (9)
  5. iminet virus
    Log-Analyse und Auswertung - 03.03.2014 (13)
  6. exe Datei heruntergeladen, nicht aufgestarten, nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 04.12.2013 (1)
  7. Sporadisch öffnet sich der IE 45 mal. Hinzu erscheint ständig die (Iminet) suchmaschine als Startseite.
    Log-Analyse und Auswertung - 04.08.2013 (15)
  8. PC Performer nicht löschbar
    Plagegeister aller Art und deren Bekämpfung - 05.06.2013 (26)
  9. Programme nicht löschbar - Delta Search evtl. nicht sicher entfernt.
    Plagegeister aller Art und deren Bekämpfung - 26.05.2013 (17)
  10. Ask-Suche nicht löschbar+Windows Defender funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 22.03.2013 (1)
  11. Trojaner in HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run nicht dauerhaft löschbar
    Plagegeister aller Art und deren Bekämpfung - 27.02.2013 (32)
  12. Virtumonde.sci nicht löschbar! selbst nach Neustart nicht
    Log-Analyse und Auswertung - 29.01.2009 (1)
  13. Malware nicht löschbar!
    Plagegeister aller Art und deren Bekämpfung - 02.11.2008 (20)
  14. Virus TR/Vundo.Gen C:\WINDOWS\system32\vstr.dll nicht löschbar??
    Log-Analyse und Auswertung - 08.10.2007 (2)
  15. Was ist~DF5E74.tmp? nicht löschbar!!!
    Plagegeister aller Art und deren Bekämpfung - 05.04.2007 (6)
  16. Tr/Vundo.gen nicht löschbar
    Mülltonne - 17.10.2006 (1)
  17. Backdoor nicht löschbar!
    Plagegeister aller Art und deren Bekämpfung - 18.03.2003 (25)

Zum Thema Iminet - Windows 7 - nicht löschbar - Moin Moin, ich habe mir gestern auf meinem Windows 7-PC ein Schriftfont installiert und dabei wohl Iminent gefangen. Nun habe ich schon als Laie einiges versucht, aber es verschwindet nicht. - Iminet - Windows 7 - nicht löschbar...
Archiv
Du betrachtest: Iminet - Windows 7 - nicht löschbar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.