Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Standbild beim spielen von League of Legends (https://www.trojaner-board.de/162812-standbild-beim-spielen-league-of-legends.html)

Backwurm 15.01.2015 16:35

Standbild beim spielen von League of Legends
 
Hallo alle miteinander, ich spiele League of Legends schon seit über 1 Jahr ohne irgendwelche Probleme zu haben, doch in den letzten Tagen bekomme ich im Spiel auf einmal einen freeze wo ich weder meine Maus bewegen kann noch irgendetwas an der Tastatur drücken kann. Beim ersten mal kam der ,,Bluescreen'' doch jetzt kommt dieser nichtmehr, es bleibt ganz einfach beim Standbild bis ich meinen PC ausschalte. Nichts ist bewegbar und es bleibt so ein komischer Rausch-Ton. Es passiert nicht extrem oft jedoch ist es ziemlich nervig denn ich hatte sowas früher nur bei Counter Strike: Global Offensive aber nicht bei League of Legends.


Danke im voraus.

schrauber 15.01.2015 16:50

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Backwurm 15.01.2015 16:56

Liste der Anhänge anzeigen (Anzahl: 1)
Danke für deine Antwort.

schrauber 15.01.2015 17:17

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Backwurm 15.01.2015 17:25

FRST Logfile:

FRST Logfile:
Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2015
Ran by Anwender (administrator) on ANWENDER-PC on 15-01-2015 16:52:56
Running from C:\Users\Anwender\Downloads
Loaded Profiles: Anwender (Available profiles: Anwender)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Anwender\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) D:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() D:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() D:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.232\deploy\LoLLauncher.exe
() D:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.16\deploy\LoLPatcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.125\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11821160 2011-05-09] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5199984 2011-06-20] (VIA)
HKLM-x32\...\Run: [avgnt] => D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-12-11] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\Run: [LightShot] => C:\Users\Anwender\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\Run: [GoogleChromeAutoLaunch_47D155314F5B54EE303AD48B878C7FC3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\Run: [Spotify Web Helper] => C:\Users\Anwender\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-10] (Spotify Ltd)
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\MountPoints2: {0ae44916-2b80-11e3-b58a-bc5ff46f36f7} - J:\pushinst.exe
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\MountPoints2: {63419e01-77e8-11e4-adbf-bc5ff46f36f7} - J:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\MountPoints2: {6f8f5c10-2b7c-11e3-8ae4-bc5ff46f36f7} - K:\pushinst.exe
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\MountPoints2: {da0b5227-12cb-11e2-9d0c-806e6f6e6963} - E:\Run.exe
Startup: C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine.lnk
ShortcutTarget: SteelSeries Engine.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe (SteelSeries ApS)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-208068105-3603133501-2151705488-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-208068105-3603133501-2151705488-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/
BHO: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
BHO-x32: Avira SearchFree Toolbar -> {41564952-412D-5637-00A7-7A786E7484D7} -> C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\i0pslo8i.default
FF Homepage: about:home|hxxp://www.giga.de/androidnews/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\i0pslo8i.default\Extensions\abs@avira.com [2014-12-11]
FF Extension: Amazon-Icon - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\i0pslo8i.default\Extensions\amazon-icon@giga.de [2014-12-19]
FF Extension: Adblock Plus - C:\Users\Anwender\AppData\Roaming\Mozilla\Firefox\Profiles\i0pslo8i.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-11]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-04]
CHR Extension: (Google Drive) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-04]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-14]
CHR Extension: (YouTube) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-04]
CHR Extension: (Adblock Plus) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-06]
CHR Extension: (Google-Suche) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-04]
CHR Extension: (Avira Browserschutz) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-09-14]
CHR Extension: (Google Wallet) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-04]
CHR Extension: (YouTube Unblocker) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-05-24]
CHR Extension: (Google Mail) - C:\Users\Anwender\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-12-11] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; D:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [992560 2014-12-11] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166296 2014-10-30] (APN LLC.)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-04-06] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-04-06] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2014-12-19] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2014-12-19] (Advanced Micro Devices Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-19] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-19] (REALiX(tm))
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-05-31] (SteelSeries Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
R3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [33456 2014-12-19] (Creative Technology Ltd.)
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X]
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\D:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
S3 wolfkr; \??\D:\AeriaGames\WolfTeam-DE\avital\wolfk64.sys [X]
S3 X6va019; \??\C:\Windows\SysWOW64\Drivers\X6va019 [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 16:52 - 2015-01-15 16:53 - 00015293 _____ () C:\Users\Anwender\Downloads\FRST.txt
2015-01-15 16:52 - 2015-01-15 16:52 - 02125312 _____ (Farbar) C:\Users\Anwender\Downloads\FRST64.exe
2015-01-15 16:52 - 2015-01-15 16:52 - 00000000 ____D () C:\FRST
2015-01-14 22:25 - 2015-01-15 14:38 - 00000000 ____D () C:\Users\Anwender\AppData\Local\osu!
2015-01-14 22:25 - 2015-01-14 22:25 - 00000917 _____ () C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-01-14 22:25 - 2015-01-14 22:25 - 00000909 _____ () C:\Users\Anwender\Desktop\osu!.lnk
2015-01-14 22:24 - 2015-01-14 22:25 - 00000000 ____D () C:\Users\Anwender\Downloads\Localisation
2015-01-14 22:24 - 2015-01-14 22:24 - 03200584 _____ (ppy) C:\Users\Anwender\Downloads\osu!install.exe
2015-01-14 00:17 - 2015-01-14 00:17 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige
2015-01-13 23:01 - 2015-01-13 23:01 - 00026097 _____ () C:\Users\Anwender\Downloads\DxDiag.txt
2015-01-13 22:59 - 2015-01-13 22:59 - 00026097 _____ () C:\Users\Anwender\Desktop\DxDiag.txt
2015-01-13 22:14 - 2015-01-15 16:36 - 00000280 _____ () C:\Users\Anwender\Desktop\Neues Textdokument.txt
2015-01-11 22:52 - 2015-01-11 22:52 - 00007597 _____ () C:\Users\Anwender\AppData\Local\Resmon.ResmonCfg
2015-01-10 15:23 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-01-10 15:21 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 24764232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-01-10 15:21 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434709.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434709.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-01-10 15:21 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-01-10 15:21 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-01-10 15:21 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-01-10 15:21 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco64.dll
2015-01-10 14:18 - 2015-01-10 14:18 - 517699767 _____ () C:\Windows\MEMORY.DMP
2015-01-10 14:18 - 2015-01-10 14:18 - 00290808 _____ () C:\Windows\Minidump\011015-19812-01.dmp
2015-01-09 16:42 - 2015-01-09 16:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-09 16:42 - 2015-01-09 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-19 21:33 - 2014-12-19 21:33 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-12-19 21:15 - 2014-12-19 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster 3
2014-12-19 21:15 - 2014-12-19 21:15 - 00003166 _____ () C:\Windows\System32\Tasks\Game_Booster_AutoUpdate
2014-12-19 21:14 - 2014-12-19 21:14 - 00000000 ____D () C:\Users\Anwender\AppData\Roaming\NVIDIA
2014-12-19 21:14 - 2014-12-19 21:14 - 00000000 ____D () C:\Users\Anwender\AppData\Local\Temp34e177ab04cae288840c394ced2ac588
2014-12-19 19:13 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-12-19 19:13 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-12-19 19:13 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-12-19 19:13 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-12-19 19:13 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-12-19 19:13 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-12-19 19:13 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-12-19 19:13 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-12-19 19:13 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-12-19 19:13 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-12-19 19:13 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-12-19 19:13 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-12-19 19:13 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-12-19 19:13 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-19 19:13 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-12-19 19:13 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-12-19 19:13 - 2013-10-01 21:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-19 19:13 - 2013-10-01 21:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-19 19:13 - 2012-08-23 15:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-12-19 19:13 - 2012-08-23 15:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-12-19 19:13 - 2012-08-23 15:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-12-19 19:13 - 2012-08-23 14:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-12-19 19:13 - 2012-08-23 12:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-12-19 19:13 - 2012-08-23 11:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-12-19 19:13 - 2012-08-23 10:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-19 18:39 - 2014-12-19 18:39 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-19 18:39 - 2014-12-19 18:39 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-12-19 18:39 - 2014-12-19 18:39 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-12-19 18:39 - 2014-12-19 18:39 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-19 18:39 - 2014-12-19 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-19 18:39 - 2014-12-19 18:39 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-19 18:38 - 2014-12-19 18:38 - 00941784 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-12-19 18:38 - 2014-12-19 18:38 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 27646720 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64H.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 07163744 _____ (Dolby Laboratories) C:\Windows\system32\EEP64A.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 03322368 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 01985024 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2014-12-19 18:37 - 2014-12-19 18:37 - 01845424 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 01713664 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2014-12-19 18:37 - 2014-12-19 18:37 - 01161336 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 01013504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00884400 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00879616 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2014-12-19 18:37 - 2014-12-19 18:37 - 00739328 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2014-12-19 18:37 - 2014-12-19 18:37 - 00689840 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2014-12-19 18:37 - 2014-12-19 18:37 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00619520 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2014-12-19 18:37 - 2014-12-19 18:37 - 00554496 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2014-12-19 18:37 - 2014-12-19 18:37 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64H.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00433504 _____ (Dolby Laboratories) C:\Windows\system32\EED64A.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00388096 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2014-12-19 18:37 - 2014-12-19 18:37 - 00248952 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\Dts2APO.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00227648 _____ (Advanced Micro Devices, INC.) C:\Windows\system32\Drivers\amdxhc.sys
2014-12-19 18:37 - 2014-12-19 18:37 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64H.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00137056 _____ (Dolby Laboratories) C:\Windows\system32\EEL64A.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00123512 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64H.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00120160 _____ (Dolby Laboratories) C:\Windows\system32\EEA64A.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00106816 _____ (Advanced Micro Devices, INC.) C:\Windows\system32\Drivers\amdhub30.sys
2014-12-19 18:37 - 2014-12-19 18:37 - 00095352 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00092280 _____ (VIA Technologies, Inc.) C:\Windows\system32\Dts2PropPageExt.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00086016 _____ (QSound Labs, Inc.) C:\Windows\system32\nQPropPageExt.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00083968 _____ (QSound Labs, Inc.) C:\Windows\system32\nQAPO.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00083176 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2014-12-19 18:37 - 2014-12-19 18:37 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64H.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00075104 _____ (Dolby Laboratories) C:\Windows\system32\EEG64A.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00070776 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2014-12-19 18:37 - 2014-12-19 18:37 - 00055416 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2014-12-19 18:37 - 2014-12-19 18:37 - 00043240 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2014-12-19 18:37 - 2014-12-19 18:37 - 00033456 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2014-12-19 18:37 - 2014-12-19 18:37 - 00027768 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2014-12-19 18:37 - 2014-12-19 18:37 - 00000000 ____D () C:\Windows\system32\SRSLabs
2014-12-19 18:37 - 2014-12-19 18:37 - 00000000 ____D () C:\Program Files\VIA
2014-12-19 18:36 - 2014-12-19 18:36 - 00011944 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\amdide64.sys
2014-12-19 18:34 - 2014-12-19 21:32 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (Anwender)
2014-12-19 18:34 - 2014-12-19 21:15 - 00000000 ____D () C:\ProgramData\IObit
2014-12-19 18:34 - 2014-12-19 18:34 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2014-12-19 18:34 - 2014-12-19 18:34 - 00000000 ____D () C:\Users\Anwender\AppData\Roaming\IObit
2014-12-19 18:34 - 2014-12-19 18:34 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-19 18:29 - 2014-12-19 18:40 - 00000412 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2014-12-19 18:29 - 2014-12-19 18:29 - 00003824 _____ () C:\Windows\System32\Tasks\DriverEasy Scheduled Scan
2014-12-19 18:29 - 2014-12-19 18:29 - 00000000 ____D () C:\Users\Anwender\AppData\Roaming\Easeware
2014-12-19 16:14 - 2014-12-19 21:22 - 00000000 ____D () C:\Users\Anwender\AppData\Roaming\OBS
2014-12-19 16:14 - 2014-12-19 16:14 - 00000000 ____D () C:\Users\Anwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-12-19 16:14 - 2014-12-19 16:14 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-12-18 14:15 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 14:15 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 19:44 - 2014-12-17 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-15 16:33 - 2013-10-19 10:18 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-15 16:21 - 2014-03-04 15:47 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-15 16:11 - 2014-09-24 18:33 - 00000394 _____ () C:\Windows\Tasks\update-sys.job
2015-01-15 16:07 - 2009-07-14 05:45 - 00036592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-15 16:07 - 2009-07-14 05:45 - 00036592 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-15 16:05 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-01-15 16:05 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-01-15 16:05 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-15 16:03 - 2012-10-10 12:18 - 01051128 _____ () C:\Windows\WindowsUpdate.log
2015-01-15 15:59 - 2014-12-06 22:31 - 00009325 _____ () C:\Windows\setupact.log
2015-01-15 15:59 - 2014-12-06 15:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-15 15:59 - 2014-03-04 15:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-15 15:59 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-15 15:31 - 2014-09-24 18:33 - 00000394 _____ () C:\Windows\Tasks\update-S-1-5-21-208068105-3603133501-2151705488-1000.job
2015-01-15 15:16 - 2013-11-07 21:26 - 00000000 ____D () C:\Users\Anwender\AppData\Roaming\TS3Client
2015-01-15 14:41 - 2014-07-28 19:21 - 00000000 ____D () C:\Users\Anwender\AppData\Roaming\Spotify
2015-01-14 22:19 - 2013-10-04 20:38 - 00000000 ____D () C:\Users\Anwender\AppData\Roaming\Skype
2015-01-14 20:40 - 2013-10-19 10:18 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-14 20:40 - 2013-10-02 19:26 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-14 20:40 - 2013-10-02 19:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-13 21:44 - 2014-12-06 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-01-13 21:44 - 2013-09-17 13:33 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-01-13 21:44 - 2013-09-17 13:33 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-13 21:44 - 2013-09-17 13:31 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-01-13 21:43 - 2014-12-06 15:20 - 00000000 ____D () C:\Users\Anwender\AppData\Local\NVIDIA Corporation
2015-01-13 21:43 - 2014-07-28 19:21 - 00000000 ____D () C:\Users\Anwender\AppData\Local\Spotify
2015-01-13 00:23 - 2014-11-05 16:21 - 00000000 ____D () C:\Users\Anwender\Desktop\Unnötig
2015-01-10 14:24 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-01-10 14:18 - 2014-10-06 19:11 - 00000000 ____D () C:\Windows\Minidump
2015-01-09 16:42 - 2014-03-30 17:16 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-01-09 16:41 - 2013-10-04 20:38 - 00000000 ____D () C:\ProgramData\Skype
2015-01-08 20:36 - 2014-11-16 16:07 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-12-20 11:04 - 2010-11-21 04:47 - 00184720 _____ () C:\Windows\PFRO.log
2014-12-19 21:33 - 2014-04-06 15:33 - 00000000 ____D () C:\ProgramData\Origin
2014-12-19 19:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-19 19:19 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-19 19:18 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-19 18:38 - 2012-10-10 11:38 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-12-17 19:44 - 2014-09-24 18:33 - 00003274 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-208068105-3603133501-2151705488-1000
2014-12-17 19:44 - 2014-07-09 11:23 - 00000425 _____ () C:\Users\Anwender\AppData\Local\UserProducts.xml

Some content of TEMP:
====================
C:\Users\Anwender\AppData\Local\Temp\avgnt.exe
C:\Users\Anwender\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-06 13:12

==================== End Of Log ============================

--- --- ---

--- --- ---


Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2015
Ran by Anwender at 2015-01-15 16:53:42
Running from C:\Users\Anwender\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.257 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
ATI Catalyst Install Manager (HKLM\...\{5297EEC1-417D-6F06-C208-39D18788A585}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C1500}) (Version: 12.21.0.3945 - APN, LLC)
BurnAware Free 6.2 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Infestation Survivor Stories version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - OP Productions LLC)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lightshot-5.2.0.17 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.17 - Skillbrains)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.5.2 - www.leaguereplays.com)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
osu! (HKLM-x32\...\{d13fc6d9-a4e3-40ad-a73d-221f9383d8dc}) (Version: latest - ppy Pty Ltd)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Platform (x32 Version: 1.36 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6358 - Realtek Semiconductor Corp.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-208068105-3603133501-2151705488-1000\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.171.34768 - SteelSeries)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version:  - FireFly Studios)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

19-12-2014 18:34:53 Removed BlueStacks Notification Center
19-12-2014 18:36:15 Driver Booster : AMD SATA Controller
19-12-2014 19:12:38 Windows Update
05-01-2015 21:52:16 Removed BlueStacks Notification Center
10-01-2015 14:21:17 Removed BlueStacks Notification Center

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00520A5D-CF56-4F7E-9DE7-2CED589EB622} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {029C2F20-1302-4D0E-8F47-B18D42190622} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {0AA925AF-BEE1-4EB8-83E9-2E6F73121CB1} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {0C1AF671-6160-4D75-A072-1C475574A4EA} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {1292DE2E-7C74-447B-80FF-754A17A8E930} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-04] (Google Inc.)
Task: {1A59C5F8-0EA2-4C50-89E3-9B39C4AABBDD} - System32\Tasks\{62679536-56B8-4325-A501-E0A44F1A5921} => pcalua.exe -a J:\avm_fritz!wlan_usb_stick_n_v2_x64_build_120821.exe -d J:\
Task: {3231C243-681E-4EF0-9E92-B83D36BC8556} - System32\Tasks\Driver Booster SkipUAC (Anwender) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {3317BEE4-6568-45AA-94C2-4A5D9A2D39C1} - System32\Tasks\{52396568-C1F7-4F49-8A96-88E165A152A4} => pcalua.exe -a J:\avm_fritz!wlan_usb_stick_x64_build_100906.exe -d J:\
Task: {5BE68AEF-1064-48C5-A707-60DB00E035F7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-04] (Google Inc.)
Task: {79C7C41F-3585-45BE-8160-61F0AF34D9D4} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {94C18785-D769-4F49-92EF-EBD84A418D44} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-14] (Adobe Systems Incorporated)
Task: {D8A4FBDF-8737-435A-BEF7-E23C5ACC6BB5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {DEAC1488-FE64-47A1-9E13-BA9B52648580} - System32\Tasks\Game_Booster_AutoUpdate => D:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {EC45BD85-CC86-4983-A8B2-DBBBD3AC00E3} - System32\Tasks\{43AE4B56-0D78-4999-8325-B127168FAC4A} => pcalua.exe -a E:\setup.exe -d E:\
Task: {F065E460-B6F0-4CD1-AB62-3BDDA178EE3A} - System32\Tasks\DriverEasy Scheduled Scan => D:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: {F442072F-B52E-4D39-9669-C70307BA9B22} - System32\Tasks\update-S-1-5-21-208068105-3603133501-2151705488-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => D:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-208068105-3603133501-2151705488-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2014-12-06 15:29 - 2014-12-13 09:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-06 16:11 - 2014-04-06 16:11 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-06 16:11 - 2014-04-06 16:12 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-11-05 18:19 - 2013-11-05 18:19 - 00708096 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00175104 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-01-11 17:57 - 2014-01-11 17:57 - 00089915 ____N () C:\Users\Anwender\AppData\Local\Temp\10d2ca4a-28d7-4d81-8c1e-dc42bb6c83fc\CliSecureRT64.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00280064 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00139776 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00148480 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00145408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2013-01-10 06:46 - 2013-01-10 06:46 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 09562112 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2013-01-10 06:46 - 2013-01-10 06:46 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00209408 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CustomWPFColorPicker.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00349696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00173056 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00171008 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00307200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00154624 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00169472 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00157184 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00170496 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2013-11-05 18:19 - 2013-11-05 18:19 - 00169984 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2013-06-12 18:11 - 2014-03-04 15:53 - 01294336 _____ () D:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-03-04 15:54 - 2015-01-15 14:20 - 02436600 _____ () D:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.232\deploy\LoLLauncher.exe
2015-01-15 14:20 - 2015-01-15 14:20 - 04113400 _____ () D:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.16\deploy\LoLPatcher.exe
2014-03-04 16:16 - 2014-03-04 16:16 - 00074752 _____ () D:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.125\deploy\LolClient.exe
2014-12-13 11:22 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-13 11:22 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-13 11:22 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 11:22 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-13 11:22 - 2014-12-06 02:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Anwender\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_47D155314F5B54EE303AD48B878C7FC3 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: Spotify => "C:\Users\Anwender\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Anwender\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-208068105-3603133501-2151705488-500 - Administrator - Disabled)
Anwender (S-1-5-21-208068105-3603133501-2151705488-1000 - Administrator - Enabled) => C:\Users\Anwender
Gast (S-1-5-21-208068105-3603133501-2151705488-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/15/2015 04:01:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2015 01:54:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2015 05:05:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2015 00:06:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/13/2015 09:44:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]

Error: (01/13/2015 09:42:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/13/2015 05:53:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2015 04:48:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Name des fehlerhaften Moduls: rads_user_kernel.exe, Version: 0.0.0.0, Zeitstempel: 0x4e65c1ac
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b8554
ID des fehlerhaften Prozesses: 0x13d4
Startzeit der fehlerhaften Anwendung: 0xrads_user_kernel.exe0
Pfad der fehlerhaften Anwendung: rads_user_kernel.exe1
Pfad des fehlerhaften Moduls: rads_user_kernel.exe2
Berichtskennung: rads_user_kernel.exe3

Error: (01/12/2015 04:22:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2015 08:09:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (01/15/2015 03:59:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎01.‎2015 um 15:54:59 unerwartet heruntergefahren.

Error: (01/14/2015 10:52:05 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/14/2015 00:18:01 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/13/2015 11:06:02 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/13/2015 09:40:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎13.‎01.‎2015 um 21:37:19 unerwartet heruntergefahren.

Error: (01/13/2015 00:30:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/12/2015 00:31:42 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (01/11/2015 08:08:20 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ANWENDER-PC    :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.12 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (01/11/2015 08:08:20 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{AE7CE01A-26AB-42B5-946F-041AB68EF06F} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (01/11/2015 08:08:04 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "ANWENDER-PC    :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.0.13
registriert werden. Der Computer mit IP-Adresse 192.168.0.12 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.


Microsoft Office Sessions:
=========================
Error: (01/15/2015 04:01:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/15/2015 01:54:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2015 05:05:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/14/2015 00:06:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/13/2015 09:44:00 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]

Error: (01/13/2015 09:42:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/13/2015 05:53:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/12/2015 04:48:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rads_user_kernel.exe0.0.0.04e65c1acrads_user_kernel.exe0.0.0.04e65c1acc0000005000b855413d401d02e7f2863b05cD:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exeD:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe68c032b8-9a72-11e4-9bfc-bc5ff46f36f7

Error: (01/12/2015 04:22:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/11/2015 08:09:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-01-15 16:38:04.752
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:37:20.495
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:34:53.412
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:33:38.271
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:33:01.510
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:31:59.244
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:28:28.379
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:25:53.064
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:23:53.657
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-01-15 16:02:16.519
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\FMAPO64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: AMD A8-3850 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 31%
Total physical RAM: 8169.62 MB
Available physical RAM: 5576.64 MB
Total Pagefile: 16337.42 MB
Available Pagefile: 13359.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:390.53 GB) (Free:320.76 GB) NTFS
Drive d: (DATEN) (Fixed) (Total:540.89 GB) (Free:512.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7F44EBCF)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)

==================== End Of Log ============================


schrauber 15.01.2015 18:30

Mach bitte mal ein Log mit Bluescreenview wie hier beschrieben:

Windows Bluescreen Absturz analysieren und beheben - so geht's - Anleitungen

Backwurm 15.01.2015 21:22

Habe es gemacht. Das komische ist das der Bluescreen nur beim ersten mal vorkam, jetzt passiert es nurnoch ohne Bluescreen, das Standbild bleibt einfach und es passiert nichts bis mein PC manuell ausgeschaltet wird.



Code:

==================================================
Dump File        : 011015-19812-01.dmp
Crash Time        : 10.01.2015 14:17:14
Bug Check String  :
Bug Check Code    : 0x00000101
Parameter 1      : 00000000`00000031
Parameter 2      : 00000000`00000000
Parameter 3      : fffff880`009eb180
Parameter 4      : 00000000`00000001
Caused By Driver  : nvlddmkm.sys
Caused By Address : nvlddmkm.sys+62eb5
File Description  :
Product Name      :
Company          :
File Version      :
Processor        : x64
Crash Address    : ntoskrnl.exe+75bc0
Stack Address 1  :
Stack Address 2  :
Stack Address 3  :
Computer Name    :
Full Path        : C:\Windows\Minidump\011015-19812-01.dmp
Processors Count  : 4
Major Version    : 15
Minor Version    : 7601
Dump File Size    : 290.808
Dump File Time    : 10.01.2015 14:18:33
==================================================


schrauber 16.01.2015 07:37

Auf alle Fälle Grafiktreiber. erneuern, zur Not auch mal nen älteren installieren.

Backwurm 16.01.2015 14:01

Zitat:

Zitat von schrauber (Beitrag 1409925)
Auf alle Fälle Grafiktreiber. erneuern, zur Not auch mal nen älteren installieren.

Vielen Dank für deine Hilfe !

Weißt du villeicht wo ich nachschauen kann welchen ich runterladen soll und wo denn auch einen älteren gibt ?

Edit: habe DriverUpdate durchlaufen lassen und es sagt das meine Treiber alle auf dem Aktuellsten stand sind.
Grafikkarte ist NVIDIA GeForce GT 630

schrauber 16.01.2015 19:05

DriverUpdater nochmal deinstallieren, diese Tools bringen gar nix ausser Adware.

Hersteller der Grafikkarte. Der hat mit Sicherheit ne Internetseite mit Downloads ;)

Backwurm 17.01.2015 16:01

Zitat:

Zitat von schrauber (Beitrag 1410207)
DriverUpdater nochmal deinstallieren, diese Tools bringen gar nix ausser Adware.

Hersteller der Grafikkarte. Der hat mit Sicherheit ne Internetseite mit Downloads ;)

Alles klar ! Ich bin dir echt Dankbar für deine Hilfe.

schrauber 17.01.2015 19:16

jup :)

Backwurm 17.01.2015 23:38

Habe den Driver entfernt und neu installiert und hatte das Gefühl das es jetzt klappt und es klappte auch eine Weile bis es jetzt gerade wieder zum Standbild + Bluescreen kam.

http://fs1.directupload.net/images/1...p/nvcggwcb.jpg

Code:

==================================================
Dump File        : 011715-16380-01.dmp
Crash Time        : 17.01.2015 23:26:09
Bug Check String  :
Bug Check Code    : 0x00000101
Parameter 1      : 00000000`00000031
Parameter 2      : 00000000`00000000
Parameter 3      : fffff880`009eb180
Parameter 4      : 00000000`00000001
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company          : Microsoft Corporation
File Version      : 6.1.7601.18409 (win7sp1_gdr.140303-2144)
Processor        : x64
Crash Address    : ntoskrnl.exe+75bc0
Stack Address 1  :
Stack Address 2  :
Stack Address 3  :
Computer Name    :
Full Path        : C:\Windows\Minidump\011715-16380-01.dmp
Processors Count  : 4
Major Version    : 15
Minor Version    : 7601
Dump File Size    : 379.728
Dump File Time    : 17.01.2015 23:28:50
==================================================


schrauber 17.01.2015 23:46

Gibt es das Bild auch nicht in mini-mini-winzig? :)


Das sieht immer noch nach Treiberproblemen aus. Chipsatztreiber wäre der nächste in der Runde den ich erneuern würde.

Backwurm 17.01.2015 23:48

Liste der Anhänge anzeigen (Anzahl: 1)
Edit: Wo kann ich sehen welchen Chipsatz ich habe und welchen Treiber ich brauche ? Ich kenne mich da leider nicht so aus


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:44 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132