Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   PC stürtz beim Spielen ständig ab (https://www.trojaner-board.de/166357-pc-stuertz-beim-spielen-staendig-ab.html)

Help1 22.04.2015 19:26
PC stürtz beim Spielen ständig ab
 
Hallo ich bin neu hier und hab ich sonderlich viel Ahnung von Computern. Seit heute hab ich aber ein Problem mit meinem PC. Wenn ich Spiele stürzt der PC mit einem lautem zirpendem Geräusch (kommt eindeutig aus dem Headset) nach 15 bis 20 Minuten ständig ab dabei wird der Bildschirm einfach schwarz und der PC startet ohne Fehlermeldung ein neu (ich spiele das Spiel schon seit 3 Jahren ohne Probleme). Ich schließe auch einen Virus nicht aus. Weiterhin zuckt die Maus auch manchmal komisch herum vielleicht könnt ihr mir ja helfen.

System:

Windows 7 Home Premium (32 bit)
Prozessor: Intel Core 2 Quad CPU Q8300 @ 2.50 GHz (Treiber neuster Stand)
Grafikkarte: NVIDIA GeForce GT 240 (Treiber neuster Stand)

schrauber 22.04.2015 21:25
Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Help1 23.04.2015 13:24
Hallo erstmal danke für die schnell Antwort. :) Das Spiele scheint jetzt nachdem ich einen ältern Treiber für die Grafikkarte geladen hab wieder zu funktionieren...
In dem Log werden ja alle möglichen Dateinamen etc. gelistet ist das ungefährlich wenn ich das hier einfach poste?
Edit: In der Addition.txt ist sind auch mehrere Fehler des Spiels gelistet....

schrauber 24.04.2015 07:52
Du kannst den Benutzernamen durch *** ersetzen, ansonsten steht da nix wichtiges drin :)

Help1 24.04.2015 19:17
Hier die beiden Logs:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2015 01
Ran by *** (administrator) on ***-PC on 23-04-2015 14:18:53
Running from C:\Users\***\Desktop
Loaded Profiles: *** (Available profiles: *** & ***)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================


       
Code:

       
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 22-04-2015 01
Ran by *** at 2015-04-23 14:19:34
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ACD/Labs Software in C:\Program Files\ACDFREE12\ (HKLM\...\ACDLabs in C__Program_Files_ACDFREE12_) (Version: v12.00, FREE - ACD/Labs)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Audacity 2.0.5 (HKLM\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avidemux 2.6 (32-bit) (HKLM\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
AVS Video ReMaker 4.2.1.152 (HKLM\...\AVS Video ReMaker_is1) (Version: 4.2.1.152 - Online Media Technologies Ltd.)
Blacklight: Retribution (HKLM\...\Steam App 209870) (Version:  - Zombie, Inc.)
Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version:  - )
Canon MP250 series Benutzerregistrierung (HKLM\...\Canon MP250 series Benutzerregistrierung) (Version:  - )
Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Corel MediaOne (HKLM\...\{A062A15F-9CAC-4B88-98DF-87628A0BD721}) (Version: 2.100.0000 - Corel Corporation)
CorelDRAW Essential Edition 3 (HKLM\...\_{ADDBE07D-95B8-4789-9C76-187FFF9624B4}) (Version:  - Corel Corporation)
CorelDRAW Essential Edition 3 (Version: 3.0 - Corel Corporation) Hidden
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2214 - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2129 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DE (Version: 3.0 - Corel Corporation) Hidden
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Studio version 6.5.0.301 (HKLM\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.53.113 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.53.113 - DVDVideoSoft Ltd.)
FreeOCR v5.4 (HKLM\...\freeocr_is1) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Hofer Foto Manager Free (HKLM\...\Hofer Foto Manager Free D) (Version: 6.0.1.491 - MAGIX AG)
Hunting Unlimited 2009 1.0 (HKLM\...\Hunting Unlimited 2009) (Version: 1.0 - ValuSoft)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Jagd Simulator 2011 (HKLM\...\{732A67B6-2581-4434-AE64-9A34CCF943D1}) (Version:  - )
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
KCL Manager 3.4 (HKLM\...\KCL Manager_is1) (Version:  - KCL)
Landwirtschafts Simulator 15 (HKLM\...\FarmingSimulator2015DE_is1) (Version: 1.1.0.0 - GIANTS Software)
Landwirtschafts Simulator 2013 (HKLM\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
Landwirtschafts-Simulator 2009 (HKLM\...\FarmingSimulator2009DE_is1) (Version:  - GIANTS Software)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Office Live Add-in 1.4 (HKLM\...\{AE3CF174-872C-46C6-B9F6-C0593F3BC7B8}) (Version: 2.0.3008.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (HKLM\...\{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
MORE! 3 Grammar Practice (HKLM\...\MoreGrammarPractice3) (Version: V1.0-AT - Helbling Languages )
MORE! 3 Grammar Practice (Version: 1.0 - Helbling Languages ) Hidden
MORE! 4 Grammar Practice (HKLM\...\MoreGrammarPractice4) (Version: V1.01-AT - Helbling Languages )
MORE! 4 Grammar Practice (Version: 1.01 - Helbling Languages ) Hidden
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.1 (x86 de) (HKLM\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
PlanetSide 2 (HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sniper Ghost Warrior 2 Demo (HKLM\...\Steam App 34880) (Version:  - City Interactive)
Sniper: Ghost Warrior (HKLM\...\Steam App 34830) (Version:  - City Interactive)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
System Explorer 5.9.4 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
VSDC Free Video Editor Version 2.1.9.201 (HKLM\...\VSDC Free Video Editor_is1) (Version: 2.1.9.201 - Flash-Integro LLC)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.10 beta 3 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.3 - win.rar GmbH)
Wireshark 1.10.8 (32-bit) (HKLM\...\Wireshark) (Version: 1.10.8 - The Wireshark developer community, hxxp://www.wireshark.org)
X10 Hardware(TM) (HKLM\...\X10Hardware) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-568113160-3411366880-767183668-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-568113160-3411366880-767183668-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-568113160-3411366880-767183668-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-568113160-3411366880-767183668-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-568113160-3411366880-767183668-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-568113160-3411366880-767183668-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-568113160-3411366880-767183668-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\***\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\FileSyncApi.dll (Microsoft Corporation)

==================== Restore Points  =========================

13-02-2015 22:17:57 Geplanter Prüfpunkt
22-04-2015 19:46:50 DirectX wurde installiert

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1B3104E0-FE5F-4468-9504-E37B6B0136E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-25] (Google Inc.)
Task: {285CBAD7-4DB1-4861-9BA1-0DB6F354B3EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {2B1AA5EB-1CC5-44B2-AAB3-7D12FDCC00F1} - System32\Tasks\Driver Booster SkipUAC (***) => C:\Program Files\IObit\Driver Booster\DriverBooster.exe
Task: {6D90F0CA-1AC9-489D-BBBB-D13CCAF30BDA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-25] (Google Inc.)
Task: {816E5AD9-6363-4D40-B8AB-1D8BA898361C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {AB760BC6-4AC9-4D81-8A6D-42677D88ACB1} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
Task: {D5265D34-ED66-4ED0-AD83-C055F8ABC647} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {E9085CB1-33FA-402E-B996-7EA3EF8642A2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {F4A401F0-2D87-4F3E-9D8D-D1F14E7DB3FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {F8BA7F42-49DD-4214-951C-E449287A0921} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-09-27 09:42 - 2013-10-23 09:19 - 00092448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-04-13 12:59 - 2014-05-20 03:11 - 00080040 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2014-04-14 08:45 - 2014-04-14 12:45 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe
2007-06-05 13:20 - 2007-06-05 13:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2015-04-15 16:31 - 2015-04-15 16:31 - 16863920 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\sony.com -> sony.com

IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\100sexlinks.com -> 100sexlinks.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\101hotteens.com -> 101hotteens.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\101lottery.com -> 101lottery.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\123expressview.com -> 123expressview.com
IE restricted site: HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\123found.com -> 123found.com

There are 4784 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-568113160-3411366880-767183668-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdvancedSystemCareService7 => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: WSearch => 2
MSCONFIG\startupreg: Advanced SystemCare 7 => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

==================== Accounts: =============================

Administrator (S-1-5-21-568113160-3411366880-767183668-500 - Administrator - Disabled)
*** (S-1-5-21-568113160-3411366880-767183668-1000 - Administrator - Enabled) => C:\Users\***
Gast (S-1-5-21-568113160-3411366880-767183668-501 - Limited - Disabled)
*** (S-1-5-21-568113160-3411366880-767183668-1001 - Limited - Enabled) => C:\Users\***

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2015 07:46:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {00776029-2f01-494d-8ba4-b57183f408b8}

Error: (03/29/2015 05:37:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BLR.exe, Version: 1.4.0.5, Zeitstempel: 0x532878b2
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xf1d6d000
ID des fehlerhaften Prozesses: 0x9dc
Startzeit der fehlerhaften Anwendung: 0xBLR.exe0
Pfad der fehlerhaften Anwendung: BLR.exe1
Pfad des fehlerhaften Moduls: BLR.exe2
Berichtskennung: BLR.exe3

Error: (02/26/2015 08:31:12 PM) (Source: SystemExplorerHelpService) (EventID: 0) (User: )
Description: Unknown Exception during invoke Function 3

Error: (02/14/2015 02:02:21 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (02/13/2015 10:13:59 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.

Error: (12/24/2014 00:32:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BLR.exe, Version: 1.4.0.5, Zeitstempel: 0x532878b2
Name des fehlerhaften Moduls: BLR.exe, Version: 1.4.0.5, Zeitstempel: 0x532878b2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x008e3237
ID des fehlerhaften Prozesses: 0xa54
Startzeit der fehlerhaften Anwendung: 0xBLR.exe0
Pfad der fehlerhaften Anwendung: BLR.exe1
Pfad des fehlerhaften Moduls: BLR.exe2
Berichtskennung: BLR.exe3

Error: (12/12/2014 05:01:46 PM) (Source: MsiInstaller) (EventID: 1024) (User: ***-PC)
Description: Produkt: Adobe Reader XI (11.0.09) - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011010}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/27/2014 04:56:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 6.21.0.104 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c50

Startzeit: 01d00a4421865510

Endzeit: 7

Anwendungspfad: C:\Program Files\Skype\Phone\Skype.exe

Berichts-ID:

Error: (11/22/2014 00:16:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FreeYouTubeToMP3Converter.exe, Version 3.12.50.1111 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f20

Startzeit: 01d0063ce7df1e60

Endzeit: 13

Anwendungspfad: C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe

Berichts-ID: a19ce441-7230-11e4-b025-4061862af10e

Error: (11/12/2014 06:19:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BLR.exe, Version 1.4.0.5 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3a8

Startzeit: 01cffe8946b465a0

Endzeit: 203

Anwendungspfad: C:\Program Files\Steam\SteamApps\common\blacklightretribution\Blacklight Retribution\Live\Binaries\Win32\BLR.exe

Berichts-ID:


System errors:
=============
Error: (04/23/2015 01:58:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "X10 Device Network Service" wurde nicht richtig gestartet.

Error: (04/22/2015 09:50:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "X10 Device Network Service" wurde nicht richtig gestartet.

Error: (04/22/2015 09:47:40 PM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 12291) (User: NT-AUTORITÄT)
Description: Das SAM-Modul konnte den TCP/IP- bzw. SPX/IPX-Listening-Thread nicht starten.

Error: (04/22/2015 09:47:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD
DfsC
discache
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf

Error: (04/22/2015 09:47:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (04/22/2015 09:47:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (04/22/2015 09:47:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (04/22/2015 09:47:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst "Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%31

Error: (04/22/2015 09:47:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Arbeitsstationsdienst" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (04/22/2015 09:47:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerkspeicher-Schnittstellendienst" ist vom Dienst "NSI proxy service driver." abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%31


Microsoft Office Sessions:
=========================
Error: (04/22/2015 07:46:49 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {00776029-2f01-494d-8ba4-b57183f408b8}

Error: (03/29/2015 05:37:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BLR.exe1.4.0.5532878b2unknown0.0.0.000000000c0000005f1d6d0009dc01d06a31c3f0b410C:\Program Files\Steam\SteamApps\common\blacklightretribution\Blacklight Retribution\Live\Binaries\Win32\BLR.exeunknown87865340-d629-11e4-a636-4061862af10e

Error: (02/26/2015 08:31:12 PM) (Source: SystemExplorerHelpService) (EventID: 0) (User: )
Description: Unknown Exception during invoke Function 3

Error: (02/14/2015 02:02:21 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dllc:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll2

Error: (02/13/2015 10:13:59 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dllc:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll2

Error: (12/24/2014 00:32:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BLR.exe1.4.0.5532878b2BLR.exe1.4.0.5532878b2c0000005008e3237a5401d01f555891be20C:\Program Files\Steam\SteamApps\common\blacklightretribution\Blacklight Retribution\Live\Binaries\Win32\BLR.exeC:\Program Files\Steam\SteamApps\common\blacklightretribution\Blacklight Retribution\Live\Binaries\Win32\BLR.exe1b222150-8b58-11e4-a674-4061862af10e

Error: (12/12/2014 05:01:46 PM) (Source: MsiInstaller) (EventID: 1024) (User: ***-PC)
Description: Adobe Reader XI (11.0.09) - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011010}1625(NULL)(NULL)(NULL)

Error: (11/27/2014 04:56:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.21.0.104c5001d00a44218655107C:\Program Files\Skype\Phone\Skype.exe

Error: (11/22/2014 00:16:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: FreeYouTubeToMP3Converter.exe3.12.50.1111f2001d0063ce7df1e6013C:\Program Files\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exea19ce441-7230-11e4-b025-4061862af10e

Error: (11/12/2014 06:19:55 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: BLR.exe1.4.0.53a801cffe8946b465a0203C:\Program Files\Steam\SteamApps\common\blacklightretribution\Blacklight Retribution\Live\Binaries\Win32\BLR.exe


==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 3071.3 MB
Available physical RAM: 1616.81 MB
Total Pagefile: 6140.9 MB
Available Pagefile: 4294.35 MB
Total Virtual: 2999.88 MB
Available Virtual: 2837.23 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:910.41 GB) (Free:807.73 GB) NTFS
Drive d: (Recover) (Fixed) (Total:20 GB) (Free:10.31 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B32E645E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=910.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================

--- --- ---

--- --- ---


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PSIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Mister Group) C:\Program Files\System Explorer\SystemExplorer.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Mister Group) C:\Program Files\System Explorer\service\SystemExplorerService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [SystemExplorerAutoStart] => C:\Program Files\System Explorer\SystemExplorer.exe [3385192 2014-09-15] (Mister Group)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\MountPoints2: {9213f2ca-c2ef-11e3-9c7a-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com/
HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com/
SearchScopes: HKU\S-1-5-21-568113160-3411366880-767183668-1000 -> {B4971287-645C-483C-AEAB-F12DDD011522} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-27] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2014-02-13] (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-27] (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2014-11-11] (DVDVideoSoft Ltd.)
Toolbar: HKU\S-1-5-21-568113160-3411366880-767183668-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default
FF Homepage: https://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-26] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\user.js [2014-04-13]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\11-suche.xml [2014-04-13]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\englische-ergebnisse.xml [2014-04-13]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\gmx-suche-sterreich.xml [2014-04-13]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\gmx-suche.xml [2014-04-13]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\google-images.xml [2014-09-20]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\google-maps.xml [2014-09-20]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\lastminute.xml [2014-04-13]
FF SearchPlugin: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\webde-suche.xml [2014-04-13]
FF Extension: GMX MailCheck - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\Extensions\toolbar@gmx.net [2015-04-17]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-13]
FF HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\extensions\cliqz@cliqz.com

Chrome:
=======
CHR Profile: C:\Users\***\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25]
CHR Extension: (Google Drive) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR Extension: (Gmail) - C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1843896 2015-02-10] (Microsoft Corporation)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-04-14] ()
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567144 2014-08-13] (Mister Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 14:18 - 2015-04-23 14:19 - 00014394 _____ () C:\Users\***\Desktop\FRST.txt
2015-04-23 14:18 - 2015-04-23 14:18 - 00000000 ____D () C:\FRST
2015-04-23 14:17 - 2015-04-23 14:17 - 01139200 _____ (Farbar) C:\Users\***\Desktop\FRST.exe
2015-04-22 21:51 - 2015-04-22 21:51 - 00007597 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2015-04-22 21:47 - 2015-04-22 21:47 - 00666344 _____ () C:\Windows\Minidump\042215-11778-01.dmp
2015-04-22 21:33 - 2015-04-22 21:33 - 00375712 _____ () C:\Windows\Minidump\042215-16972-01.dmp
2015-04-22 19:59 - 2015-04-22 20:00 - 00407272 _____ () C:\Windows\Minidump\042215-17565-01.dmp
2015-04-22 19:46 - 2015-04-23 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-22 19:46 - 2015-04-22 19:46 - 00000000 ____D () C:\Users\***\AppData\Local\NVIDIA Corporation
2015-04-22 19:46 - 2015-04-22 19:46 - 00000000 ____D () C:\Users\***\AppData\Local\NVIDIA
2015-04-22 19:46 - 2015-04-22 19:46 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2015-04-22 19:46 - 2014-07-25 16:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll
2015-04-22 19:46 - 2014-07-25 16:01 - 01126480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2015-04-22 19:45 - 2014-07-02 07:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-22 19:43 - 2014-08-11 22:19 - 00162592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2015-04-22 19:43 - 2014-08-11 22:19 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2015-04-22 19:43 - 2014-07-02 22:54 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll
2015-04-22 19:43 - 2014-07-02 22:54 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll
2015-04-22 19:43 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2015-04-22 19:43 - 2014-03-31 18:42 - 00034080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2015-04-22 19:42 - 2015-04-22 19:42 - 00000000 ____D () C:\NVIDIA
2015-04-22 19:17 - 2015-04-22 19:42 - 218685256 _____ (NVIDIA Corporation) C:\Users\***\Downloads\340.52-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-04-22 19:08 - 2015-04-22 19:08 - 00411576 _____ () C:\Windows\Minidump\042215-18626-01.dmp
2015-04-22 18:41 - 2015-04-22 18:41 - 00003288 ____N () C:\bootsqm.dat
2015-04-22 18:35 - 2015-04-22 18:35 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2015-04-21 20:52 - 2015-04-21 20:53 - 00477385 ____H () C:\Users\***\Desktop\Cache.mxc3
2015-04-20 15:49 - 2015-04-20 16:01 - 34736426 _____ () C:\Users\***\Downloads\torbrowser-install-4.0.8_de.exe
2015-04-17 16:33 - 2015-04-17 16:33 - 00000000 ____D () C:\Users\***\Tracing
2015-04-16 21:11 - 2015-04-21 20:52 - 00000000 ____D () C:\Users\***\Desktop\Ordner1
2015-04-08 20:18 - 2015-04-08 20:19 - 00004030 _____ () C:\Users\***\Desktop\Neues Textdokument (3).txt
2015-04-01 17:11 - 2015-04-01 17:22 - 00000000 ____D () C:\Users\***\Desktop\Ordner2
2015-03-29 17:37 - 2015-03-29 17:37 - 00000000 ____D () C:\Users\***\AppData\Local\CrashDumps
2015-03-27 19:15 - 2015-03-28 13:30 - 00000751 _____ () C:\Users\***\Desktop\Neues Textdokument (2).txt
2015-03-24 16:33 - 2015-03-24 16:40 - 34737321 _____ () C:\Users\***\Downloads\torbrowser-install-4.0.5_de.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 14:09 - 2014-08-07 20:30 - 00000000 ____D () C:\Users\***\AppData\Roaming\Skype
2015-04-23 14:05 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-23 14:05 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-23 14:02 - 2009-09-24 16:43 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-23 14:01 - 2014-04-13 11:50 - 01309516 _____ () C:\Windows\WindowsUpdate.log
2015-04-23 13:56 - 2015-03-01 13:10 - 00009475 _____ () C:\Windows\setupact.log
2015-04-23 13:56 - 2014-06-25 21:21 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-23 13:56 - 2009-10-22 15:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-23 13:56 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-22 22:29 - 2014-06-21 14:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-22 22:00 - 2014-04-14 12:45 - 00283032 _____ () C:\Windows\system32\PnkBstrB.xtr
2015-04-22 22:00 - 2014-04-14 08:45 - 00283032 _____ () C:\Windows\system32\PnkBstrB.exe
2015-04-22 22:00 - 2014-04-14 08:45 - 00140360 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2015-04-22 21:58 - 2014-04-13 18:00 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-22 21:47 - 2015-03-02 19:11 - 340978407 _____ () C:\Windows\MEMORY.DMP
2015-04-22 21:47 - 2014-05-12 17:57 - 00000000 ____D () C:\Windows\Minidump
2015-04-22 21:37 - 2014-04-14 08:45 - 00283032 _____ () C:\Windows\system32\PnkBstrB.ex0
2015-04-22 20:47 - 2014-06-25 21:21 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-22 19:47 - 2014-09-27 09:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-22 19:46 - 2009-10-22 14:23 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-04-22 17:54 - 2014-04-13 13:00 - 00000000 ___RD () C:\Users\***\Desktop\Musik
2015-04-21 22:20 - 2014-06-05 19:57 - 00000000 ____D () C:\Users\***\Documents\DVDVideoSoft
2015-04-21 20:53 - 2014-09-27 15:33 - 00000000 ____D () C:\Users\***\Desktop\Minecraft backup 2
2015-04-21 20:53 - 2014-09-27 13:22 - 00000000 ____D () C:\Users\***\Desktop\versions
2015-04-21 20:53 - 2014-05-26 17:02 - 00000000 ____D () C:\Users\***\Desktop\schule
2015-04-21 20:52 - 2014-10-02 17:10 - 00000000 ____D () C:\Users\***\Desktop\LB Photo Realism x256 10.0.0-converted-1374012707213
2015-04-21 20:52 - 2014-09-27 15:59 - 00000000 ____D () C:\Users\***\Desktop\DIM-1 360 Mining
2015-04-21 20:52 - 2014-09-27 13:15 - 00000000 ____D () C:\Users\***\Desktop\Minecraft backup
2015-04-21 20:43 - 2014-06-05 19:57 - 00000000 ____D () C:\Users\***\AppData\Roaming\DVDVideoSoft
2015-04-21 20:30 - 2014-06-08 22:33 - 00000601 _____ () C:\Users\***\Documents\grstyles.stl
2015-04-21 18:10 - 2014-06-08 19:52 - 00000007 _____ () C:\Users\***\Documents\LastLab.sk
2015-04-21 17:32 - 2014-04-14 16:43 - 00000000 ___RD () C:\Users\***\Desktop\Ordner5
2015-04-21 14:25 - 2014-06-08 19:40 - 00000644 _____ () C:\Users\***\Documents\UserStl.sk
2015-04-20 16:05 - 2014-10-20 12:46 - 00000000 ____D () C:\Users\***\Desktop\Tor Browser
2015-04-17 16:33 - 2014-09-21 12:57 - 00000000 ___RD () C:\Program Files\Skype
2015-04-17 16:33 - 2014-08-07 20:30 - 00000000 ____D () C:\ProgramData\Skype
2015-04-17 16:33 - 2014-04-13 11:51 - 00000000 ____D () C:\Users\***
2015-04-17 12:32 - 2014-04-29 15:22 - 00000000 ____D () C:\Users\***\Desktop\Sonstiges
2015-04-16 21:13 - 2014-08-05 20:04 - 00000000 ____D () C:\Users\***\Desktop\Ordner
2015-04-15 16:31 - 2014-06-21 14:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 16:31 - 2014-06-21 14:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-14 14:40 - 2015-03-18 16:36 - 00000000 ____D () C:\Users\***\Desktop\Ordner6
2015-04-13 21:01 - 2014-09-08 13:00 - 00000000 ____D () C:\Users\***\Desktop\Ordner7
2015-04-10 20:39 - 2014-04-13 12:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-09 12:13 - 2014-04-13 12:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-08 18:59 - 2015-03-14 15:55 - 00000000 ____D () C:\Users\***\Desktop\Ordner8
2015-03-24 21:01 - 2015-01-11 11:45 - 00000000 ____D () C:\Users\***\Documents\Hunting Unlimited 2009
2015-03-24 18:17 - 2015-03-04 18:15 - 00000000 ____D () C:\Users\***\Desktop\Veraltet
2015-03-24 17:49 - 2014-11-21 17:39 - 00001203 _____ () C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-03-24 17:49 - 2014-11-21 17:39 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2015-03-24 17:49 - 2014-04-13 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-03-24 17:48 - 2014-11-21 17:39 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-03-24 17:47 - 2014-11-21 17:39 - 00000000 ____D () C:\Program Files\Free Codec Pack
2015-03-24 17:47 - 2014-04-13 12:46 - 00000000 ____D () C:\Users\***\AppData\Roaming\DVDVideoSoft

==================== Files in the root of some directories =======

2014-04-14 08:45 - 2014-04-14 08:45 - 0138056 _____ () C:\Users\***\AppData\Roaming\PnkBstrK.sys
2015-04-22 21:51 - 2015-04-22 21:51 - 0007597 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2014-04-13 18:02 - 2014-04-13 18:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\***\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\***\AppData\Local\Temp\nvStInst.exe
C:\Users\***\AppData\Local\Temp\SkypeSetup.exe
C:\Users\***\AppData\Local\Temp\tmd_34012365.exe
C:\Users\***\AppData\Local\Temp\tmd_34014686.exe
C:\Users\***\AppData\Local\Temp\tmd_34016589.exe
C:\Users\***\AppData\Local\Temp\MSETUP4.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 22:11

==================== End Of Log ============================

schrauber 25.04.2015 14:57
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Help1 25.04.2015 20:11
Hallo hatte inzwischen das Problem mit dem Spiel erneut nachdem ich das Log mit Malwarebytes Anti-Malware erstellt hab...
Hier die Logs :):
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 25.04.2015
Suchlauf-Zeit: 19:30:59
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.03.09.05
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Felix

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 359867
Verstrichene Zeit: 14 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 10
Backdoor.Bot, C:\Users\Felix\Downloads\Audacity - CHIP-Installer.exe, In Quarantäne, [a4d584bf088257dfff0a412c817f7c84],
PUP.Optional.Downloader, C:\Users\Felix\Downloads\SketchUp Make 2014 - CHIP-Installer.exe, In Quarantäne, [f1889aa90f7b979f168a8eddc63a748c],
PUP.Optional.Giga, C:\Users\Felix\Downloads\Sniper_-Ghost-Warrior-lnstall.exe, In Quarantäne, [4633fd465832ed492aa7586d877ec23e],
PUP.Optional.Downloader, C:\Users\Felix\Downloads\System Explorer - CHIP-Installer.exe, In Quarantäne, [ff7ae261d3b7a88e4e527eedd72946ba],
Backdoor.Bot, C:\Users\Felix\Downloads\Avidemux 32 Bit - CHIP-Installer.exe, In Quarantäne, [55244ff4d3b7ea4c46c3e786df21c23e],
Backdoor.Bot, C:\Users\Felix\Downloads\ChemSketch - CHIP-Installer.exe, In Quarantäne, [e9908fb4addd75c1d03991dce31d2ad6],
PUP.Optional.Downloader, C:\Users\Felix\Downloads\TCPView - CHIP-Installer.exe, In Quarantäne, [1465fc47bfcb44f21b855813e41c827e],
Backdoor.Bot, C:\Users\Felix\Downloads\VSDC Free Video Editor - CHIP-Installer.exe, In Quarantäne, [dd9c46fd82089b9b9e6b96d7b05027d9],
Backdoor.Bot, C:\Users\Felix\Downloads\Pinnacle VideoSpin - CHIP-Installer.exe, In Quarantäne, [98e184bf1d6d181ea1682c4104fc3ec2],
Backdoor.Bot, C:\Users\Mama\Downloads\Grewe Scanner Interface - CHIP-Downloader.exe, In Quarantäne, [de9b0340494139fdcc3d224b5fa1cb35],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
Code:
# AdwCleaner v4.202 - Bericht erstellt 25/04/2015 um 20:46:50
# Aktualisiert 23/04/2015 von Xplode
# Datenbank : 2015-04-23.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x86)
# Benutzername : Felix - FELIX-PC
# Gestarted von : C:\Users\Felix\Downloads\AdwCleaner_4.202.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\shd4rn04.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Mama\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\YourFileDownloader

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v37.0.2 (x86 de)


-\\ Google Chrome v42.0.2311.90


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [2454 Bytes] - [25/04/2015 20:45:37]
AdwCleaner[S0].txt - [2374 Bytes] - [25/04/2015 20:46:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2433  Bytes] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.3 (04.25.2015:1)
OS: Windows 7 Home Premium x86
Ran by Felix on 25.04.2015 at 20:54:43,52
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\System32\tasks\Driver Booster SkipUAC (Felix)



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Felix\AppData\Roaming\mozilla\firefox\profiles\bclv7j5u.default\extensions\toolbar@gmx.net
Emptied folder: C:\Users\Felix\AppData\Roaming\mozilla\firefox\profiles\bclv7j5u.default\minidumps [52 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.04.2015 at 20:56:46,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-04-2015 01
Ran by Felix (administrator) on FELIX-PC on 25-04-2015 20:58:11
Running from C:\Users\Felix\Desktop\Sonstiges
Loaded Profiles: Felix (Available profiles: Felix & Mama)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Mister Group) C:\Program Files\System Explorer\SystemExplorer.exe
(Mister Group) C:\Program Files\System Explorer\service\SystemExplorerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [SystemExplorerAutoStart] => C:\Program Files\System Explorer\SystemExplorer.exe [3385192 2014-09-15] (Mister Group)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\MountPoints2: {9213f2ca-c2ef-11e3-9c7a-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com/
HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-568113160-3411366880-767183668-1000 -> {B4971287-645C-483C-AEAB-F12DDD011522} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-27] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-27] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-568113160-3411366880-767183668-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default
FF Homepage: https://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-26] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\englische-ergebnisse.xml [2014-04-13]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\gmx-suche-sterreich.xml [2014-04-13]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\gmx-suche.xml [2014-04-13]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\google-images.xml [2014-09-20]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\google-maps.xml [2014-09-20]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\lastminute.xml [2014-04-13]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\webde-suche.xml [2014-04-13]
FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-13]
FF HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\extensions\cliqz@cliqz.com

Chrome:
=======
CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25]
CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR Extension: (Gmail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1843896 2015-02-10] (Microsoft Corporation)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-04-14] ()
S2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567144 2014-08-13] (Mister Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-25 20:56 - 2015-04-25 20:56 - 00000953 _____ () C:\Users\Felix\Desktop\JRT.txt
2015-04-25 20:54 - 2015-04-25 20:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FELIX-PC-Windows-7-Home-Premium-(32-bit).dat
2015-04-25 20:54 - 2015-04-25 20:54 - 00000000 ____D () C:\RegBackup
2015-04-25 20:53 - 2015-04-25 20:53 - 02686590 _____ (Thisisu) C:\Users\Felix\Desktop\JRT.exe
2015-04-25 20:51 - 2015-04-25 20:51 - 00002508 _____ () C:\Users\Felix\Desktop\mbam.txt
2015-04-25 20:50 - 2015-04-25 20:50 - 00002513 _____ () C:\Users\Felix\Desktop\AdwCleaner[S0].txt
2015-04-25 20:45 - 2015-04-25 20:46 - 00000000 ____D () C:\AdwCleaner
2015-04-25 20:45 - 2015-04-25 20:45 - 02224640 _____ () C:\Users\Felix\Downloads\AdwCleaner_4.202.exe
2015-04-25 20:41 - 2015-04-25 20:41 - 00368512 _____ () C:\Windows\Minidump\042515-16848-01.dmp
2015-04-25 20:11 - 2015-04-25 20:11 - 00251760 _____ () C:\Windows\Minidump\042515-16239-01.dmp
2015-04-25 19:30 - 2015-04-25 19:30 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-25 19:27 - 2015-04-25 19:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Felix\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-24 18:08 - 2015-04-24 18:14 - 00000000 ____D () C:\Users\Mama\Desktop\Musik
2015-04-23 20:48 - 2015-04-24 18:36 - 00008817 _____ () C:\Users\Mama\FreeYouTubeToMP3Converter.xml
2015-04-23 20:48 - 2015-04-23 20:48 - 00000008 _____ () C:\Users\Mama\FreeYouTubeToMP3Converter.xml.lck
2015-04-23 20:32 - 2015-04-24 18:26 - 00000243 _____ () C:\Users\Mama\updhelper.xml
2015-04-23 20:32 - 2015-04-23 20:32 - 00000210 _____ () C:\Users\Mama\FreeYTVDownloader.xml
2015-04-23 20:32 - 2015-04-23 20:32 - 00000008 _____ () C:\Users\Mama\updhelper.xml.lck
2015-04-23 20:32 - 2015-04-23 20:32 - 00000008 _____ () C:\Users\Mama\FreeYTVDownloader.xml.lck
2015-04-23 20:29 - 2015-04-23 20:30 - 00000000 ____D () C:\Users\Mama\AppData\Local\NVIDIA Corporation
2015-04-23 20:29 - 2015-04-23 20:29 - 00000000 ____D () C:\Users\Mama\AppData\Local\NVIDIA
2015-04-23 14:18 - 2015-04-25 20:58 - 00000000 ____D () C:\FRST
2015-04-22 21:51 - 2015-04-22 21:51 - 00007597 _____ () C:\Users\Felix\AppData\Local\Resmon.ResmonCfg
2015-04-22 21:47 - 2015-04-22 21:47 - 00666344 _____ () C:\Windows\Minidump\042215-11778-01.dmp
2015-04-22 21:33 - 2015-04-22 21:33 - 00375712 _____ () C:\Windows\Minidump\042215-16972-01.dmp
2015-04-22 19:59 - 2015-04-22 20:00 - 00407272 _____ () C:\Windows\Minidump\042215-17565-01.dmp
2015-04-22 19:46 - 2015-04-23 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-22 19:46 - 2015-04-22 19:46 - 00000000 ____D () C:\Users\Felix\AppData\Local\NVIDIA Corporation
2015-04-22 19:46 - 2015-04-22 19:46 - 00000000 ____D () C:\Users\Felix\AppData\Local\NVIDIA
2015-04-22 19:46 - 2015-04-22 19:46 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2015-04-22 19:46 - 2014-07-25 16:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll
2015-04-22 19:46 - 2014-07-25 16:01 - 01126480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2015-04-22 19:45 - 2014-07-02 07:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-22 19:43 - 2014-08-11 22:19 - 00162592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2015-04-22 19:43 - 2014-08-11 22:19 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2015-04-22 19:43 - 2014-07-02 22:54 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll
2015-04-22 19:43 - 2014-07-02 22:54 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll
2015-04-22 19:43 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2015-04-22 19:43 - 2014-03-31 18:42 - 00034080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2015-04-22 19:42 - 2015-04-22 19:42 - 00000000 ____D () C:\NVIDIA
2015-04-22 19:17 - 2015-04-22 19:42 - 218685256 _____ (NVIDIA Corporation) C:\Users\Felix\Downloads\340.52-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-04-22 19:08 - 2015-04-22 19:08 - 00411576 _____ () C:\Windows\Minidump\042215-18626-01.dmp
2015-04-22 18:41 - 2015-04-22 18:41 - 00003288 ____N () C:\bootsqm.dat
2015-04-22 18:35 - 2015-04-22 18:35 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2015-04-21 20:52 - 2015-04-21 20:53 - 00477385 ____H () C:\Users\Mama\Desktop\Cache.mxc3
2015-04-20 15:49 - 2015-04-20 16:01 - 34736426 _____ () C:\Users\Felix\Downloads\torbrowser-install-4.0.8_de.exe
2015-04-17 16:33 - 2015-04-17 16:33 - 00000000 ____D () C:\Users\Felix\Tracing
2015-04-16 21:11 - 2015-04-21 20:52 - 00000000 ____D () C:\Users\Mama\Desktop\ordner1
2015-04-08 20:18 - 2015-04-08 20:19 - 00004030 _____ () C:\Users\Felix\Desktop\Neues Textdokument (3).txt
2015-04-01 17:11 - 2015-04-01 17:22 - 00000000 ____D () C:\Users\Felix\Desktop\ordner2
2015-03-29 17:37 - 2015-03-29 17:37 - 00000000 ____D () C:\Users\Felix\AppData\Local\CrashDumps
2015-03-27 19:15 - 2015-03-28 13:30 - 00000751 _____ () C:\Users\Felix\Desktop\Neues Textdokument (2).txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-25 20:58 - 2014-04-29 15:22 - 00000000 ____D () C:\Users\Felix\Desktop\Sonstiges
2015-04-25 20:55 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-25 20:55 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-25 20:53 - 2014-06-08 22:33 - 00000601 _____ () C:\Users\Felix\Documents\grstyles.stl
2015-04-25 20:53 - 2009-09-24 16:43 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-25 20:50 - 2014-07-03 13:30 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-25 20:47 - 2015-03-01 13:10 - 00011211 _____ () C:\Windows\setupact.log
2015-04-25 20:47 - 2014-06-25 21:21 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-25 20:47 - 2014-06-25 21:21 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-25 20:47 - 2009-10-22 15:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-25 20:47 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-25 20:46 - 2014-04-13 11:50 - 01325935 _____ () C:\Windows\WindowsUpdate.log
2015-04-25 20:41 - 2015-03-02 19:11 - 345096064 _____ () C:\Windows\MEMORY.DMP
2015-04-25 20:41 - 2014-05-12 17:57 - 00000000 ____D () C:\Windows\Minidump
2015-04-25 20:29 - 2014-06-21 14:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-25 20:14 - 2014-04-14 12:45 - 00283032 _____ () C:\Windows\system32\PnkBstrB.xtr
2015-04-25 20:14 - 2014-04-14 08:45 - 00283032 _____ () C:\Windows\system32\PnkBstrB.exe
2015-04-25 20:14 - 2014-04-14 08:45 - 00140360 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2015-04-25 20:11 - 2015-03-19 14:24 - 00009468 _____ () C:\Windows\PFRO.log
2015-04-25 19:58 - 2014-04-14 08:45 - 00283032 _____ () C:\Windows\system32\PnkBstrB.ex0
2015-04-25 19:56 - 2014-04-13 13:00 - 00000000 ___RD () C:\Users\Felix\Desktop\Musik
2015-04-25 19:48 - 2014-04-13 12:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-25 19:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Cursors
2015-04-25 19:43 - 2014-08-07 20:30 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype
2015-04-25 19:30 - 2014-07-03 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-25 19:30 - 2014-07-03 13:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-24 18:06 - 2014-06-05 19:57 - 00000000 ____D () C:\Users\Mama\Documents\DVDVideoSoft
2015-04-24 16:21 - 2014-04-13 12:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-23 20:48 - 2014-04-16 21:34 - 00000000 ____D () C:\Users\Mama
2015-04-23 20:30 - 2014-09-27 09:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-22 21:58 - 2014-04-13 18:00 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-22 19:46 - 2009-10-22 14:23 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-04-21 20:53 - 2014-09-27 15:33 - 00000000 ____D () C:\Users\Mama\Desktop\Minecraft backup 2
2015-04-21 20:53 - 2014-09-27 13:22 - 00000000 ____D () C:\Users\Mama\Desktop\versions
2015-04-21 20:53 - 2014-05-26 17:02 - 00000000 ____D () C:\Users\Mama\Desktop\ordner
2015-04-21 20:52 - 2014-10-02 17:10 - 00000000 ____D () C:\Users\Mama\Desktop\LB Photo Realism x256 10.0.0-converted-1374012707213
2015-04-21 20:52 - 2014-09-27 15:59 - 00000000 ____D () C:\Users\Mama\Desktop\DIM-1 360 Mining
2015-04-21 20:52 - 2014-09-27 13:15 - 00000000 ____D () C:\Users\Mama\Desktop\Minecraft backup
2015-04-21 20:43 - 2014-06-05 19:57 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\DVDVideoSoft
2015-04-21 18:10 - 2014-06-08 19:52 - 00000007 _____ () C:\Users\Felix\Documents\LastLab.sk
2015-04-21 17:32 - 2014-04-14 16:43 - 00000000 ___RD () C:\Users\Felix\Desktop\ordner3
2015-04-21 14:25 - 2014-06-08 19:40 - 00000644 _____ () C:\Users\Felix\Documents\UserStl.sk
2015-04-20 16:05 - 2014-10-20 12:46 - 00000000 ____D () C:\Users\Felix\Desktop\Tor Browser
2015-04-17 16:33 - 2014-09-21 12:57 - 00000000 ___RD () C:\Program Files\Skype
2015-04-17 16:33 - 2014-08-07 20:30 - 00000000 ____D () C:\ProgramData\Skype
2015-04-17 16:33 - 2014-04-13 11:51 - 00000000 ____D () C:\Users\Felix
2015-04-16 21:13 - 2014-08-05 20:04 - 00000000 ____D () C:\Users\Mama\Desktop\ordner4
2015-04-15 16:31 - 2014-06-21 14:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 16:31 - 2014-06-21 14:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-14 14:40 - 2015-03-18 16:36 - 00000000 ____D () C:\Users\Felix\Desktop\ordner5
2015-04-14 09:37 - 2014-07-03 13:29 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-07-03 13:29 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-07-03 13:29 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-13 21:01 - 2014-09-08 13:00 - 00000000 ____D () C:\Users\Felix\Desktop\ordner6
2015-04-08 18:59 - 2015-03-14 15:55 - 00000000 ____D () C:\Users\Felix\Desktop\ordner7
==================== Files in the root of some directories =======

2014-04-14 08:45 - 2014-04-14 08:45 - 0138056 _____ () C:\Users\Felix\AppData\Roaming\PnkBstrK.sys
2015-04-22 21:51 - 2015-04-22 21:51 - 0007597 _____ () C:\Users\Felix\AppData\Local\Resmon.ResmonCfg
2014-04-13 18:02 - 2014-04-13 18:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Felix\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Felix\AppData\Local\Temp\nvStInst.exe
C:\Users\Felix\AppData\Local\Temp\Quarantine.exe
C:\Users\Felix\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Felix\AppData\Local\Temp\sqlite3.dll
C:\Users\Felix\AppData\Local\Temp\tmd_34012365.exe
C:\Users\Felix\AppData\Local\Temp\tmd_34014686.exe
C:\Users\Felix\AppData\Local\Temp\tmd_34016589.exe
C:\Users\Mama\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Mama\AppData\Local\Temp\tmd_34014881.exe
C:\Users\Mama\AppData\Local\Temp\tmd_34015620.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 22:11

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 26.04.2015 06:49

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Help1 26.04.2015 14:36
Hallo leider hab ich nachden Scans immer noch Probleme mit dem Spiel obwohl es schon um einiges länger läuft bevor es abstürzt. :) Lieder hab ich beim ersten durchlauf von ESET vergessen die Firewall auszuschalten ich hab dann noch einen zweiten durchlauf ohne Firewall gemacht aber es wurde nichts gefunden hab hab nur noch das este Log mit Firewall...
Hier die Logs:
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=0e3c4b30afb903468ed8a89c46073f99
# engine=23567
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-26 10:58:23
# local_time=2015-04-26 12:58:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 57401 181677094 0 0
# scanned=211255
# found=8
# cleaned=8
# scan_time=3644
sh=0E5EB81F4DE5F4553B6B34044CDC553F7049FFA0 ft=1 fh=997cf7d675c77420 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Felix\Downloads\7 Zip 32 Bit - CHIP-Downloader.exe"
sh=45D97A726D4C679AF35BEE3914509254EADBE71B ft=1 fh=0eb2d1f30b10c571 vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Felix\Downloads\advanced-72systemcare-setup.exe"
sh=7715F410658C9DA05227C171368CB9E74842CEE4 ft=1 fh=7825bb364684bf45 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Felix\Downloads\Recuva - CHIP-Downloader.exe"
sh=E1CE258B3DBCFE47F8BF3C53E4BC5C60402643CE ft=1 fh=2f16c27d69984792 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Felix\Downloads\Skype - CHIP-Installer.exe"
sh=5B321A14B212AC18A27FEC761D5357EDADDB9A3B ft=1 fh=04515aba271de2b8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Felix\Downloads\TeamSpeak 3 32 Bit - CHIP-Downloader.exe"
sh=28B3712F69DDB9E78897E37220010CEC0BEC3B78 ft=1 fh=44a671e26ccbdf31 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Felix\Downloads\Thunderbird - CHIP-Installer.exe"
sh=939C1CE384D8F90D49C43601C63E51463ADDDC69 ft=1 fh=22b1a41278cf353d vn="Variante von Win32/FusionCore.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Mama\AppData\Local\Temp\tmd_34014881.exe"
sh=939C1CE384D8F90D49C43601C63E51463ADDDC69 ft=1 fh=22b1a41278cf353d vn="Variante von Win32/FusionCore.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Mama\AppData\Local\Temp\tmd_34015620.exe"
Code:
Results of screen317's Security Check version 1.00 
 Windows 7 Service Pack 1 x86 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner   
 Java 7 Update 67 
 Java version 32-bit out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player        17.0.0.169 
 Adobe Reader 9 
 Adobe Reader XI 
 Mozilla Firefox (37.0.2)
 Mozilla Thunderbird (31.4.0)
 Google Chrome (41.0.2272.118)
 Google Chrome (42.0.2311.90)
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-04-2015
Ran by Felix (administrator) on FELIX-PC on 26-04-2015 14:25:07
Running from C:\Users\Felix\Desktop\Sonstiges
Loaded Profiles: Felix (Available profiles: Felix & Mama)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PSIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(X10) C:\Program Files\Common Files\X10\Common\X10nets.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.26.9\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Mister Group) C:\Program Files\System Explorer\SystemExplorer.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Mister Group) C:\Program Files\System Explorer\service\SystemExplorerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\System32\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-07-16] (Realtek Semiconductor)
HKLM\...\Run: [SystemExplorerAutoStart] => C:\Program Files\System Explorer\SystemExplorer.exe [3385192 2014-09-15] (Mister Group)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\MountPoints2: {9213f2ca-c2ef-11e3-9c7a-806e6f6e6963} - E:\autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/
HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/
HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://medion.msn.com/
HKU\S-1-5-21-568113160-3411366880-767183668-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-568113160-3411366880-767183668-1000 -> {B4971287-645C-483C-AEAB-F12DDD011522} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
BHO: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-09-27] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-09-27] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-568113160-3411366880-767183668-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0067-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_67-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default
FF Homepage: https://www.google.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2009-07-21] (Adobe Systems, Inc.)
FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-03-26] (CANON INC.)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-09-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.4 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2009-06-09] (Microsoft Corp.)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-10-23] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\englische-ergebnisse.xml [2014-04-13]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\gmx-suche-sterreich.xml [2014-04-13]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\gmx-suche.xml [2014-04-13]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\google-images.xml [2014-09-20]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\google-maps.xml [2014-09-20]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\lastminute.xml [2014-04-13]
FF SearchPlugin: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\searchplugins\webde-suche.xml [2014-04-13]
FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-13]
FF HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF HKU\S-1-5-21-568113160-3411366880-767183668-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\bclv7j5u.default\extensions\cliqz@cliqz.com

Chrome:
=======
CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-25]
CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-19]
CHR Extension: (Google Wallet) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-11]
CHR Extension: (Gmail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-25]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [1843896 2015-02-10] (Microsoft Corporation)
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [17536800 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-04-14] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [283032 2015-04-26] ()
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567144 2014-08-13] (Mister Group)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
U2 x10nets; C:\Program Files\Common Files\X10\Common\X10nets.exe [20480 2001-11-12] (X10) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19232 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2014-03-31] (NVIDIA Corporation)
R3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1488096 2009-07-30] (NXP Semiconductors Germany GmbH)
R3 PnkBstrK; C:\Windows\system32\drivers\PnkBstrK.sys [140360 2015-04-26] ()
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [13720 2009-05-13] (X10 Wireless Technology, Inc.)
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27160 2009-05-13] (X10 Wireless Technology, Inc.)
S3 WinRing0_1_2_0; \??\C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 13:10 - 2015-04-26 13:10 - 00000000 ____D () C:\Program Files\ESET
2015-04-26 13:07 - 2015-04-26 13:07 - 00000977 _____ () C:\Users\Felix\Desktop\checkup.txt
2015-04-26 12:44 - 2015-04-26 12:45 - 00852616 _____ () C:\Users\Felix\Desktop\SecurityCheck.exe
2015-04-26 11:45 - 2015-04-26 11:45 - 02347384 _____ (ESET) C:\Users\Felix\Downloads\esetsmartinstaller_deu.exe
2015-04-26 11:39 - 2015-04-26 11:40 - 00266504 _____ () C:\Windows\Minidump\042615-16317-01.dmp
2015-04-25 21:41 - 2015-04-25 21:41 - 00325576 _____ () C:\Windows\Minidump\042515-16598-01.dmp
2015-04-25 20:54 - 2015-04-25 20:54 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FELIX-PC-Windows-7-Home-Premium-(32-bit).dat
2015-04-25 20:54 - 2015-04-25 20:54 - 00000000 ____D () C:\RegBackup
2015-04-25 20:45 - 2015-04-25 20:46 - 00000000 ____D () C:\AdwCleaner
2015-04-25 20:45 - 2015-04-25 20:45 - 02224640 _____ () C:\Users\Felix\Downloads\AdwCleaner_4.202.exe
2015-04-25 20:41 - 2015-04-25 20:41 - 00368512 _____ () C:\Windows\Minidump\042515-16848-01.dmp
2015-04-25 20:11 - 2015-04-25 20:11 - 00251760 _____ () C:\Windows\Minidump\042515-16239-01.dmp
2015-04-25 19:27 - 2015-04-25 19:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Felix\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-24 18:08 - 2015-04-26 10:55 - 00000000 ____D () C:\Users\Mama\Desktop\Musik
2015-04-23 20:48 - 2015-04-24 18:36 - 00008817 _____ () C:\Users\Mama\FreeYouTubeToMP3Converter.xml
2015-04-23 20:48 - 2015-04-23 20:48 - 00000008 _____ () C:\Users\Mama\FreeYouTubeToMP3Converter.xml.lck
2015-04-23 20:32 - 2015-04-24 18:26 - 00000243 _____ () C:\Users\Mama\updhelper.xml
2015-04-23 20:32 - 2015-04-23 20:32 - 00000210 _____ () C:\Users\Mama\FreeYTVDownloader.xml
2015-04-23 20:32 - 2015-04-23 20:32 - 00000008 _____ () C:\Users\Mama\updhelper.xml.lck
2015-04-23 20:32 - 2015-04-23 20:32 - 00000008 _____ () C:\Users\Mama\FreeYTVDownloader.xml.lck
2015-04-23 20:29 - 2015-04-23 20:30 - 00000000 ____D () C:\Users\Mama\AppData\Local\NVIDIA Corporation
2015-04-23 20:29 - 2015-04-23 20:29 - 00000000 ____D () C:\Users\Mama\AppData\Local\NVIDIA
2015-04-23 14:18 - 2015-04-26 14:25 - 00000000 ____D () C:\FRST
2015-04-22 21:51 - 2015-04-22 21:51 - 00007597 _____ () C:\Users\Felix\AppData\Local\Resmon.ResmonCfg
2015-04-22 21:47 - 2015-04-22 21:47 - 00666344 _____ () C:\Windows\Minidump\042215-11778-01.dmp
2015-04-22 21:33 - 2015-04-22 21:33 - 00375712 _____ () C:\Windows\Minidump\042215-16972-01.dmp
2015-04-22 19:59 - 2015-04-22 20:00 - 00407272 _____ () C:\Windows\Minidump\042215-17565-01.dmp
2015-04-22 19:46 - 2015-04-23 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-22 19:46 - 2015-04-22 19:46 - 00000000 ____D () C:\Users\Felix\AppData\Local\NVIDIA Corporation
2015-04-22 19:46 - 2015-04-22 19:46 - 00000000 ____D () C:\Users\Felix\AppData\Local\NVIDIA
2015-04-22 19:46 - 2015-04-22 19:46 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2015-04-22 19:46 - 2014-07-25 16:01 - 01291280 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge.dll
2015-04-22 19:46 - 2014-07-25 16:01 - 01126480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap.dll
2015-04-22 19:45 - 2014-07-02 07:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-22 19:43 - 2014-08-11 22:19 - 00162592 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda32v.sys
2015-04-22 19:43 - 2014-08-11 22:19 - 00028448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap32.dll
2015-04-22 19:43 - 2014-07-02 22:54 - 01054552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3234052.dll
2015-04-22 19:43 - 2014-07-02 22:54 - 00907552 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3234052.dll
2015-04-22 19:43 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap32v.dll
2015-04-22 19:43 - 2014-03-31 18:42 - 00034080 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad32v.sys
2015-04-22 19:42 - 2015-04-22 19:42 - 00000000 ____D () C:\NVIDIA
2015-04-22 19:17 - 2015-04-22 19:42 - 218685256 _____ (NVIDIA Corporation) C:\Users\Felix\Downloads\340.52-desktop-win8-win7-winvista-32bit-international-whql.exe
2015-04-22 19:08 - 2015-04-22 19:08 - 00411576 _____ () C:\Windows\Minidump\042215-18626-01.dmp
2015-04-22 18:41 - 2015-04-22 18:41 - 00003288 ____N () C:\bootsqm.dat
2015-04-22 18:35 - 2015-04-22 18:35 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2015-04-21 20:52 - 2015-04-21 20:53 - 00477385 ____H () C:\Users\Mama\Desktop\Cache.mxc3
2015-04-20 15:49 - 2015-04-20 16:01 - 34736426 _____ () C:\Users\Felix\Downloads\torbrowser-install-4.0.8_de.exe
2015-04-17 16:33 - 2015-04-17 16:33 - 00000000 ____D () C:\Users\Felix\Tracing
2015-04-16 21:11 - 2015-04-21 20:52 - 00000000 ____D () C:\Users\Mama\Desktop\Jagd
2015-04-08 20:18 - 2015-04-08 20:19 - 00004030 _____ () C:\Users\Felix\Desktop\Neues Textdokument (3).txt
2015-04-01 17:11 - 2015-04-01 17:22 - 00000000 ____D () C:\Users\Felix\Desktop\Fotos London
2015-03-29 17:37 - 2015-03-29 17:37 - 00000000 ____D () C:\Users\Felix\AppData\Local\CrashDumps
2015-03-27 19:15 - 2015-03-28 13:30 - 00000751 _____ () C:\Users\Felix\Desktop\Neues Textdokument (2).txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 14:25 - 2014-04-29 15:22 - 00000000 ____D () C:\Users\Felix\Desktop\Sonstiges
2015-04-26 14:09 - 2014-08-07 20:30 - 00000000 ____D () C:\Users\Felix\AppData\Roaming\Skype
2015-04-26 13:47 - 2014-06-25 21:21 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-26 13:29 - 2014-06-21 14:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-26 13:09 - 2014-04-13 11:50 - 01339001 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 12:46 - 2014-04-14 12:45 - 00283032 _____ () C:\Windows\system32\PnkBstrB.xtr
2015-04-26 12:46 - 2014-04-14 08:45 - 00283032 _____ () C:\Windows\system32\PnkBstrB.exe
2015-04-26 12:46 - 2014-04-14 08:45 - 00140360 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2015-04-26 11:51 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-26 11:51 - 2009-07-14 06:34 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-26 11:48 - 2009-09-24 16:43 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-26 11:41 - 2014-06-25 21:21 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-26 11:40 - 2015-03-01 13:10 - 00011939 _____ () C:\Windows\setupact.log
2015-04-26 11:39 - 2015-03-02 19:11 - 334856455 _____ () C:\Windows\MEMORY.DMP
2015-04-26 11:39 - 2014-05-12 17:57 - 00000000 ____D () C:\Windows\Minidump
2015-04-26 11:39 - 2009-10-22 15:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-26 11:39 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-26 10:56 - 2014-04-14 08:45 - 00283032 _____ () C:\Windows\system32\PnkBstrB.ex0
2015-04-25 20:53 - 2014-06-08 22:33 - 00000601 _____ () C:\Users\Felix\Documents\grstyles.stl
2015-04-25 20:50 - 2014-07-03 13:30 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-25 20:11 - 2015-03-19 14:24 - 00009468 _____ () C:\Windows\PFRO.log
2015-04-25 19:56 - 2014-04-13 13:00 - 00000000 ___RD () C:\Users\Felix\Desktop\Musik
2015-04-25 19:48 - 2014-04-13 12:01 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-04-25 19:48 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Cursors
2015-04-25 19:30 - 2014-07-03 13:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-25 19:30 - 2014-07-03 13:29 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-24 18:06 - 2014-06-05 19:57 - 00000000 ____D () C:\Users\Mama\Documents\DVDVideoSoft
2015-04-24 16:21 - 2014-04-13 12:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-04-23 20:48 - 2014-04-16 21:34 - 00000000 ____D () C:\Users\Mama
2015-04-23 20:30 - 2014-09-27 09:42 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-22 21:58 - 2014-04-13 18:00 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-22 19:46 - 2009-10-22 14:23 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2015-04-21 20:53 - 2014-09-27 15:33 - 00000000 ____D () C:\Users\Mama\Desktop\Minecraft backup 2
2015-04-21 20:53 - 2014-09-27 13:22 - 00000000 ____D () C:\Users\Mama\Desktop\versions
2015-04-21 20:53 - 2014-05-26 17:02 - 00000000 ____D () C:\Users\Mama\Desktop\ordner1
2015-04-21 20:52 - 2014-10-02 17:10 - 00000000 ____D () C:\Users\Mama\Desktop\LB Photo Realism x256 10.0.0-converted-1374012707213
2015-04-21 20:52 - 2014-09-27 15:59 - 00000000 ____D () C:\Users\Mama\Desktop\DIM-1 360 Mining
2015-04-21 20:52 - 2014-09-27 13:15 - 00000000 ____D () C:\Users\Mama\Desktop\Minecraft backup
2015-04-21 20:43 - 2014-06-05 19:57 - 00000000 ____D () C:\Users\Mama\AppData\Roaming\DVDVideoSoft
2015-04-21 18:10 - 2014-06-08 19:52 - 00000007 _____ () C:\Users\Felix\Documents\LastLab.sk
2015-04-21 17:32 - 2014-04-14 16:43 - 00000000 ___RD () C:\Users\Felix\Desktop\ordner2
2015-04-21 14:25 - 2014-06-08 19:40 - 00000644 _____ () C:\Users\Felix\Documents\UserStl.sk
2015-04-20 16:05 - 2014-10-20 12:46 - 00000000 ____D () C:\Users\Felix\Desktop\Tor Browser
2015-04-17 16:33 - 2014-09-21 12:57 - 00000000 ___RD () C:\Program Files\Skype
2015-04-17 16:33 - 2014-08-07 20:30 - 00000000 ____D () C:\ProgramData\Skype
2015-04-17 16:33 - 2014-04-13 11:51 - 00000000 ____D () C:\Users\Felix
2015-04-16 21:13 - 2014-08-05 20:04 - 00000000 ____D () C:\Users\Mama\Desktop\ordner3
2015-04-15 16:31 - 2014-06-21 14:14 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-04-15 16:31 - 2014-06-21 14:14 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-04-14 14:40 - 2015-03-18 16:36 - 00000000 ____D () C:\Users\Felix\Desktop\ordner
2015-04-14 09:37 - 2014-07-03 13:29 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-14 09:37 - 2014-07-03 13:29 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-14 09:37 - 2014-07-03 13:29 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-13 21:01 - 2014-09-08 13:00 - 00000000 ____D () C:\Users\Felix\Desktop\ordner4
2015-04-08 18:59 - 2015-03-14 15:55 - 00000000 ____D () C:\Users\Felix\Desktop\ordner5

==================== Files in the root of some directories =======

2014-04-14 08:45 - 2014-04-14 08:45 - 0138056 _____ () C:\Users\Felix\AppData\Roaming\PnkBstrK.sys
2015-04-22 21:51 - 2015-04-22 21:51 - 0007597 _____ () C:\Users\Felix\AppData\Local\Resmon.ResmonCfg
2014-04-13 18:02 - 2014-04-13 18:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Felix\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Felix\AppData\Local\Temp\nvStInst.exe
C:\Users\Felix\AppData\Local\Temp\Quarantine.exe
C:\Users\Felix\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Felix\AppData\Local\Temp\sqlite3.dll
C:\Users\Felix\AppData\Local\Temp\tmd_34012365.exe
C:\Users\Felix\AppData\Local\Temp\tmd_34014686.exe
C:\Users\Felix\AppData\Local\Temp\tmd_34016589.exe
C:\Users\Mama\AppData\Local\Temp\MSETUP4.EXE


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-13 22:11

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 27.04.2015 06:35
Java und Flash updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Felix\Downloads\7 Zip 32 Bit - CHIP-Downloader.exe

C:\Users\Felix\Downloads\advanced-72systemcare-setup.exe

C:\Users\Felix\Downloads\Recuva - CHIP-Downloader.exe

C:\Users\Felix\Downloads\Skype - CHIP-Installer.exe

C:\Users\Felix\Downloads\TeamSpeak 3 32 Bit - CHIP-Downloader.exe

C:\Users\Felix\Downloads\Thunderbird - CHIP-Installer.exe

C:\Users\Mama\AppData\Local\Temp\tmd_34014881.exe

C:\Users\Mama\AppData\Local\Temp\tmd_34015620.exe
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.





Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen



Das Spiel bitte mal neu installieren.

Help1 27.04.2015 13:26
Hallo ist es wirklich notwendig das Spiel neu zu installieren. Das zu Downloaden dauert nähmlich mit der Internetverbindung ein paar Tage. Es ist doch vorher auch gegangen.

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 26-04-2015
Ran by Felix at 2015-04-27 10:11:53 Run:1
Running from C:\Users\Felix\Desktop\Sonstiges
Loaded Profiles: Felix (Available profiles: Felix & Mama)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
C:\Users\Felix\Downloads\7 Zip 32 Bit - CHIP-Downloader.exe

C:\Users\Felix\Downloads\advanced-72systemcare-setup.exe

C:\Users\Felix\Downloads\Recuva - CHIP-Downloader.exe

C:\Users\Felix\Downloads\Skype - CHIP-Installer.exe

C:\Users\Felix\Downloads\TeamSpeak 3 32 Bit - CHIP-Downloader.exe

C:\Users\Felix\Downloads\Thunderbird - CHIP-Installer.exe

C:\Users\Mama\AppData\Local\Temp\tmd_34014881.exe

C:\Users\Mama\AppData\Local\Temp\tmd_34015620.exe
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
Emptytemp:
       
*****************

"C:\Users\Felix\Downloads\7 Zip 32 Bit - CHIP-Downloader.exe" => File/Directory not found.
"C:\Users\Felix\Downloads\advanced-72systemcare-setup.exe" => File/Directory not found.
"C:\Users\Felix\Downloads\Recuva - CHIP-Downloader.exe" => File/Directory not found.
"C:\Users\Felix\Downloads\Skype - CHIP-Installer.exe" => File/Directory not found.
"C:\Users\Felix\Downloads\TeamSpeak 3 32 Bit - CHIP-Downloader.exe" => File/Directory not found.
"C:\Users\Felix\Downloads\Thunderbird - CHIP-Installer.exe" => File/Directory not found.
"C:\Users\Mama\AppData\Local\Temp\tmd_34014881.exe" => File/Directory not found.
"C:\Users\Mama\AppData\Local\Temp\tmd_34015620.exe" => File/Directory not found.
rpcapd => Service deleted successfully.
EmptyTemp: => Removed 980.7 MB temporary data.


The system needed a reboot.

==== End of Fixlog 10:12:48 ====

schrauber 28.04.2015 12:16
Der Rechner schmiert nur bei dem Spiel ab, im Eventviewer steht auch klar drin dass die Exe vom Spiel abschmiert.

Man kann schauen ob es die Treiber der Graka sind, oder sonstige Treiber, wenn die aber mal sauber neu installiert wurden und das Problem immer noch da ist, bleibt nur das Spiel selbst.

Schau doch mal ob es nicht ein Update/Patch für das Spiel gibt.

Help1 28.04.2015 14:53
Das Spiel ist auf der neusten Version. Aber als ich gestern unabsichtlich den Grafikkarten Treiber deinstalliert habe hab ich den PC zu einem früheren Zeitpunkt zurückgesetzt. Und da ist mir aufgefallen das genau an dem Tag an dem die Probleme das erste Mal auftraten ein Backup erstellt wurde da DirectX deinstalliert wurde was ich selber aber sicher nicht gemacht habe. Ich installiere DirectX jetzt mal Neu und schaue obs dann immer noch abstürzt.

Hab jetzt sicher 2h ohne Probleme gespielt aber dann ist es wieder plötzlich abergestürtzt. Schon komisch.

schrauber 29.04.2015 07:51
Dann installiere zum Test mal ne ältere DirektX Version. Ansonsten bleibt nur der Support des Spieleherstellers.

Help1 01.05.2015 09:50
Ich belasse es vorerst mal so solange es in so langen Zeitabständen abstürzt macht es mir eigentlich eh weniger aus da ich eigentlich sowieso nie so lange Spiele. Großes :dankeschoen: an Schrauber. :)

schrauber 01.05.2015 22:36
ok :)

Help1 05.05.2015 18:37
So jetzt hat sich das ganze wie verschlechtert so wie am Anfang... Nach dem Absturz bekomme ich folgendes angezeigt. Wenn ich auf die Option "Nach Lösunge suchen" gehe lädt es nur kurz aber weiter passiert nichts...
Code:
Problemsignatur:
  Problemereignisname:        BlueScreen
  Betriebsystemversion:        6.1.7601.2.1.0.768.3
  Gebietsschema-ID:        3079

Zusatzinformationen zum Problem:
  BCCode:        116
  BCP1:        C2D17008
  BCP2:        CB20F720
  BCP3:        C000000D
  BCP4:        00000003
  OS Version:        6_1_7601
  Service Pack:        1_0
  Product:        768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
  C:\Windows\Minidump\050515-18314-01.dmp
  C:\Users\Felix\AppData\Local\Temp\WER-436537-0.sysdata.xml

schrauber 06.05.2015 08:13
Lade Dir bitte Bluescreenview und installiere es:
BlueScreenView - Download - Filepony

Öffnen und den aktuellsten Dump analysieren lassen (macht das Tool automatisch).
Output hier posten.

Help1 06.05.2015 14:12
Also dem kann ich jetzt nicht ganz folgen wo finde ich den den Output?

schrauber 06.05.2015 14:47
Hier mal ne Anleitung :) :
Windows Bluescreen Absturz analysieren und beheben - so geht's - Anleitungen

Help1 06.05.2015 16:50
Hier vor aktuellsten Bluescreen.
Code:
==================================================
Dump File        : 050615-15834-01.dmp
Crash Time        : 06.05.2015 17:41:38
Bug Check String  :
Bug Check Code    : 0x00000116
Parameter 1      : 0xc4a16510
Parameter 2      : 0xd2435720
Parameter 3      : 0xc000000d
Parameter 4      : 0x00000003
Caused By Driver  : nvlddmkm.sys
Caused By Address : nvlddmkm.sys+801720
File Description  : NVIDIA Windows Kernel Mode Driver, Version 340.52
Product Name      : NVIDIA Windows Kernel Mode Driver, Version 340.52
Company          : NVIDIA Corporation
File Version      : 9.18.13.4052
Processor        : 32-bit
Crash Address    : ntkrnlpa.exe+debfc
Stack Address 1  : dxgkrnl.sys+8d0ff
Stack Address 2  : dxgkrnl.sys+81ede
Stack Address 3  : dxgkrnl.sys+81b7d
Computer Name    :
Full Path        : C:\Windows\Minidump\050615-15834-01.dmp
Processors Count  : 4
Major Version    : 15
Minor Version    : 7601
Dump File Size    : 445.168
Dump File Time    : 06.05.2015 17:43:08
==================================================

schrauber 07.05.2015 07:28
Bitte mal den Treiber der Grafikkarte neu installieren.

Help1 07.05.2015 12:40
Wie mach ich das am besten weil beim letzten mal als ich den Treiber deinstallieren wollte hat der PC dann die Grafikkarte nicht mehr erkannt...

schrauber 08.05.2015 08:53
Geh auf die Herstellerseite, lade den neuen Treiber runter, dann den alten deinstallieren und den neuen nach Reboot direkt installieren.

Help1 09.05.2015 16:25
Hallo Schrauber. Hab das jetzt gemacht geht aber immer noch nicht. :(:heulen:

schrauber 10.05.2015 06:25
Der Treiber wurde komplett deinstalliert und der aktuelle Treiber wurde neu installiert? Wenn ja auch mal einen älteren Treiber beim Hersteller laden und testen.

Der BSOD kommt definitiv von dem Treiber der Graka. Neben Treiber und defekter Graka gibt es noch ca ne Millionen weitere Gründe dafür :)

Help1 10.05.2015 20:10
Hallo ja ich würde schon behaupten das ich den Treiber deinstalliert habe. Über Geräte und Drucker. Ältere Treiber Versionen hab ich auch schon getestet. Mich wundert nur dass es so plötzlich nicht mehr funktioniert hat obwohl ich garnichts verändert habe soweit ich mich erinnern kann.

schrauber 11.05.2015 09:53
As said, es kann ja auch einfach die Karte sein.

Help1 11.05.2015 20:50
Aber warum ist es dann bis jetzt immer gegangen? :)

schrauber 12.05.2015 11:26
Meine Lieblingsfrage, hab ich als Kfz-Mechaniker in der Werkstatt schon immer geliebt:

Ihre Abblendlichtbirne ist kaputt
Warum? Sicher? Gestern ging sie doch noch.......


:D


Ich sag ja nur es ist möglich. Mehr als Treiber neu installieren kann man eben nicht machen :)

Help1 12.05.2015 18:14
Ja das ist ein gutes Argument. :D Ich kanns mir aber trotzdem nicht vorstellen. Es geht ja immerhin kurz. :D
EDIT: Hätte da noch eine Frage. Wenn ich auf Systemeigenschaften gehe steht da "Installierter Arbeitsspeicher (RAM): 4GB (3GB verwendbar)". Wiso kann ich da nur 3GB verwenden?

schrauber 13.05.2015 16:12
Du hast ein 32Bit Betriebssystem, das kann nur 3GB. Du kannst auch 30GB einbauen, solange Du ein 32Bit Betriebssystem nutzt ist bei 3,2GB Schluss ;)

Help1 13.05.2015 21:11
Also jetzt wird das ganze echt komisch. Mein Bruder sagt nähmlich das es bei ihm funktioniert obwohl er auf dem selben Computer spielt. Ich habs jetzt nochmal mit einem anderen Spiel versucht und das stürzt auch ab. Da muss man ja wegen der Graka was machen können.:heulen:

Oder doch nicht... Hab mich selbst davon überzeugt funktioniert bei ihm auch nicht. Ich hab im Internet gelesen das der Fehler auch damit zu tun haben kann wenn zuviel Staub drinnen ist. Kann man das Gehäuse des Computers abnehmen ohne das man gleich was Kaputt macht?

schrauber 14.05.2015 17:09
Klar geht das, und dann den Dreck raus machen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:45 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20