Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Fremder hat sich in Account eingeloggt - Trojaner?

Fremder hat sich in Account eingeloggt - Trojaner?


Log-Analyse und Auswertung: Fremder hat sich in Account eingeloggt - Trojaner?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 20.06.2013, 18:09   #1
Steven16
 
Fremder hat sich in Account eingeloggt - Trojaner? - Standard

Fremder hat sich in Account eingeloggt - Trojaner?


Ich bin eigentlich immer sehr vorsichtig mit meinen Daten, heute hat sich aber irgendwie Jemand in einen meiner Accounts eingeloggt. Da ich doch etwas Angst bekommen habe, bitte ich euch einen Blick auf die Logs zu werfen.

MfG
Steven

Alt 20.06.2013, 18:12   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Fremder hat sich in Account eingeloggt - Trojaner? - Standard

Fremder hat sich in Account eingeloggt - Trojaner?


Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 20.06.2013, 18:33   #3
Steven16
 
Fremder hat sich in Account eingeloggt - Trojaner? - Standard

Fremder hat sich in Account eingeloggt - Trojaner?


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-06-2013 01
Ran by Steven (administrator) on 20-06-2013 19:26:16
Running from C:\Users\Steven\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\spd.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Hi-Rez Studios) D:\Spiele\Hi-Rez Studios\HiPatchService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHVE.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Auzentech\X-Fi Forte 7.1\Volume Panel\VolPanlu.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionAppHook.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Cerulean Studios) C:\Program Files (x86)\Trillian\trillian.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized [6900024 2012-07-24] (Logitech Inc.)
HKLM\...\Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe" [613536 2010-10-27] (Atheros Communications)
HKLM\...\Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe" [379040 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe [2000224 2013-02-14] (cFos Software GmbH)
HKCU\...\Run: [EPLTarget\P0000000000000000] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHVE.EXE /EPT "EPLTarget\P0000000000000000" /M "Epson Stylus Office BX635FWD" [241280 2012-07-12] (SEIKO EPSON CORPORATION)
HKCU\...\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [719672 2012-01-20] (Microsoft Corporation)
HKCU\...\Run: [Spotify Web Helper] "C:\Users\Steven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [x]
HKCU\...\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup [196608 2004-04-17] (InstallShield Software Corporation)
HKCU\...\Run: [DisplayFusion] "C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe" [7283072 2013-04-26] (Binary Fortress Software)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: I - I:\autorun.exe
MountPoints2: {30034467-0e57-11e2-8f62-f46d04964acb} - H:\setup_stronghold_hd_2.0.0.3.exe
MountPoints2: {91c8aa6f-42ef-11e2-a4ed-f46d04964acb} - I:\SETUP.EXE
HKLM-x32\...\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VolPanel] "C:\Program Files (x86)\Auzentech\X-Fi Forte 7.1\Volume Panel\VolPanlu.exe" /r [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start [69632 2004-04-13] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CTxfiHlp] CTXFIHLP.EXE [25088 2011-08-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [ZoneAlarm Installer] "C:\Program Files (x86)\CheckPoint\Install\Launcher.exe" "C:\Program Files (x86)\CheckPoint\Install\Install.exe" /r  /c "C:\Program Files (x86)\CheckPoint\Install\Install.xml" [x]
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345312 2013-06-20] (Avira Operations GmbH & Co. KG)
HKU\Lernmodus!!\...\Policies\system: [LogonHoursAction] 2
HKU\Lernmodus!!\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Start Menu\Programs\Startup\LOLRecorder.lnk
ShortcutTarget: LOLRecorder.lnk -> C:\Program Files (x86)\LOLReplay\LOLRecorder.exe (LOL Replay)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?3830519827932
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{688E8A36-8398-41ED-8D3F-9324101BF278}: [NameServer]172.16.254.253,172.16.254.252

Chrome: 
=======
CHR HomePage: hxxp://www.google.de/
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll No File
CHR Plugin: (Unity Player) - C:\Users\Steven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Pando Web Plugin) - C:\Users\Steven\Downloads\null\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Extension: (ProxTube) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.1_0
CHR Extension: (Media Hint) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja\0.1.12_0
CHR Extension: (Google Docs) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (QR-Code Tag Extension) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcfddoencoiedfjgepnlhcpfikgaogdg\0.7.9_0
CHR Extension: (James White) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm\3_0
CHR Extension: (YouTube) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Adblock Plus) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4_0
CHR Extension: (Google Search) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (TeX equation editor) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\eggdddnmjoomglnkjhcpcnjbieiojini\1.0.0.4_0
CHR Extension: (Gmail) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-17] ()
R2 cFosSpeedS; C:\Program Files\cFosSpeed\spd.exe [647520 2013-02-14] (cFos Software GmbH)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1498000 2013-04-26] (Binary Fortress Software)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [678416 2012-11-14] ()
R2 HiPatchService; D:\Spiele\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-09] (Hi-Rez Studios)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-16] ()
S2 CLHNServiceForPowerDVD12; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [x]
S2 CyberLink PowerDVD 12 Media Server Monitor Service; "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe" [x]
S2 CyberLink PowerDVD 12 Media Server Service; "C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe" [x]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-10] (DT Soft Ltd)
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-11-14] (<Turtle Entertainment>)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66328 2012-02-07] (Logitech Inc.)
R3 MTSBDA; C:\Windows\System32\DRIVERS\TerraTecPCI.sys [360568 2010-11-19] (TerraTec Provide)
R3 MtsHID; C:\Windows\System32\DRIVERS\TerraTecPciHid.sys [24696 2010-11-19] (TerraTec Electronic GmbH.)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-10-04] (Duplex Secure Ltd.)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S2 ntk_PowerDVD12; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S2 {73526619-C24F-470B-9BED-53D455FBB5C6}; \??\C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2091-05-20 19:40 - 2091-05-20 19:40 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Malwarebytes
2091-05-20 19:40 - 2091-05-20 19:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2091-05-20 19:40 - 2091-05-20 19:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2091-05-20 19:40 - 2013-04-04 14:50 - 00025928 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2091-05-20 19:08 - 2091-05-20 19:12 - 00000000 ____D C:\Users\Steven\AppData\Local\VirtualStore
2091-05-20 19:08 - 2091-05-20 19:08 - 00000000 ____D C:\MediaServer
2013-06-20 19:25 - 2013-06-20 19:25 - 01929538 ____A (Farbar) C:\Users\Steven\Downloads\FRST64.exe
2013-06-20 19:25 - 2013-06-20 19:25 - 01929538 ____A (Farbar) C:\Users\Steven\Desktop\FRST64.exe
2013-06-20 19:25 - 2013-06-20 19:25 - 00000000 ____D C:\FRST
2013-06-20 19:09 - 2013-06-20 19:09 - 00000118 ____A C:\Users\Steven\Desktop\Fremder hat sich in Account eingeloggt - Trojaner- - Trojaner-Board.url
2013-06-20 19:07 - 2013-06-20 19:07 - 00022878 ____A C:\Users\Steven\Desktop\Extras.rar
2013-06-20 19:07 - 2013-06-20 19:07 - 00014490 ____A C:\Users\Steven\Desktop\OTL.rar
2013-06-20 18:53 - 2013-06-20 18:53 - 00005954 ____A C:\Users\Steven\Desktop\gmer.log
2013-06-20 18:40 - 2013-06-20 18:40 - 00061804 ____A C:\Users\Steven\Downloads\OTL.txt
2013-06-20 18:34 - 2013-06-20 18:41 - 00123944 ____A C:\Users\Steven\Desktop\OTL.Txt
2013-06-20 18:34 - 2013-06-20 18:34 - 00147634 ____A C:\Users\Steven\Desktop\Extras.Txt
2013-06-20 18:27 - 2013-06-20 18:27 - 00000654 ____A C:\Users\Steven\Desktop\defogger_disable.log
2013-06-20 18:27 - 2013-06-20 18:27 - 00000188 ____A C:\Users\Steven\defogger_reenable
2013-06-20 18:26 - 2013-06-20 18:26 - 00602112 ____A (OldTimer Tools) C:\Users\Steven\Desktop\OTL.exe
2013-06-20 18:26 - 2013-06-20 18:26 - 00377856 ____A C:\Users\Steven\Downloads\gmer_2.1.19163.exe
2013-06-20 18:26 - 2013-06-20 18:26 - 00377856 ____A C:\Users\Steven\Desktop\gmer_2.1.19163.exe
2013-06-20 18:25 - 2013-06-20 18:25 - 00050477 ____A C:\Users\Steven\Desktop\Defogger.exe
2013-06-20 18:06 - 2013-06-20 18:06 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Avira
2013-06-20 18:01 - 2013-06-20 18:01 - 00000000 ____D C:\ProgramData\Avira
2013-06-20 18:01 - 2013-06-20 18:01 - 00000000 ____D C:\Program Files (x86)\Avira
2013-06-20 18:01 - 2013-06-20 18:00 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-20 18:01 - 2013-06-20 18:00 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-20 18:01 - 2013-06-20 18:00 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-06-20 17:42 - 2013-06-20 17:42 - 02092792 ____A C:\Users\Steven\Downloads\avira_free_antivirus.exe
2013-06-19 23:36 - 2013-06-19 23:36 - 02005792 ____A C:\Users\Steven\Downloads\[HDs]-FuckedHard18.HD.SiTERIP.COMPLETE.XXX.torrent
2013-06-19 14:17 - 2013-06-19 17:36 - 00000000 ____D C:\Users\Steven\AppData\Local\ArmA 2 OA
2013-06-19 14:16 - 2013-06-19 17:56 - 00000000 ____D C:\Users\Steven\Documents\ArmA 2
2013-06-19 14:16 - 2013-06-19 14:16 - 00000000 ____D C:\Users\Steven\AppData\Local\ArmA 2
2013-06-19 14:15 - 2013-06-19 14:15 - 00472944 ____A (SIX Networks) C:\Users\Lernmodus!!\Downloads\Play Origins withSIX.exe
2013-06-19 00:04 - 2013-06-19 00:04 - 05339596 ____A C:\Users\Steven\Downloads\de_contra.zip
2013-06-18 22:52 - 2013-06-19 17:36 - 00000000 ____D C:\Users\Steven\AppData\Local\Play withSIX
2013-06-18 22:52 - 2013-06-18 22:52 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Play withSIX
2013-06-18 21:09 - 2013-06-18 21:09 - 12140744 ____A (SIX Networks) C:\Users\Steven\Downloads\Play withSIX setup (2).exe
2013-06-18 21:09 - 2013-06-18 21:09 - 12140744 ____A (SIX Networks) C:\Users\Steven\Downloads\Play withSIX setup (1).exe
2013-06-18 13:20 - 2013-06-18 13:20 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Roaming\KRKsoft
2013-06-17 22:01 - 2013-06-17 22:01 - 00000000 ____D C:\Users\Steven\AppData\Local\SIX Updater
2013-06-17 21:59 - 2013-06-17 21:59 - 00000000 ____D C:\Program Files (x86)\Bohemia Interactive
2013-06-17 21:46 - 2013-06-17 21:46 - 00000000 ____D C:\Users\Steven\AppData\Local\Downloaded Installations
2013-06-17 21:46 - 2013-06-17 21:46 - 00000000 ____D C:\Program Files (x86)\SIX Networks
2013-06-17 21:27 - 2013-06-17 21:28 - 11183938 ____A C:\Users\Steven\Downloads\ARMA2_OA_Build_103718.zip
2013-06-17 21:18 - 2009-02-17 17:33 - 00113152 ____A (Creative Technology Ltd) C:\Windows\System32\cttele64.dll
2013-06-17 21:18 - 2009-02-17 17:33 - 00106496 ____A (Creative Technology Ltd) C:\Windows\SysWOW64\cttele32.dll
2013-06-17 21:17 - 2011-08-04 19:19 - 00002560 ____A () C:\Windows\SysWOW64\CTXFIRES.DLL
2013-06-17 17:27 - 2013-06-17 17:27 - 00034065 ____A C:\Users\Steven\Downloads\ARMA2_OA_Build_106400.log
2013-06-17 17:19 - 2013-06-17 17:19 - 00000000 ____D C:\Users\Steven\AppData\Local\DayZCommander
2013-06-17 17:19 - 2013-06-17 17:19 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-06-17 17:14 - 2013-06-17 17:15 - 11181543 ____A C:\Users\Steven\Downloads\ARMA2_OA_Build_103419.zip
2013-06-17 15:10 - 2013-06-17 15:10 - 00110112 ____A C:\Users\Lernmodus!!\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-17 10:03 - 2013-06-17 10:03 - 00000000 ____D C:\Users\Steven\AppData\Roaming\unepic
2013-06-17 00:50 - 2013-06-17 00:53 - 11180873 ____A C:\Users\Steven\Downloads\ARMA2_OA_Build_106400.zip
2013-06-17 00:50 - 2013-06-17 00:51 - 02936832 ____A C:\Users\Steven\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-06-17 00:40 - 2013-06-17 00:40 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-06-16 21:59 - 2013-06-16 22:03 - 12140744 ____A (SIX Networks) C:\Users\Steven\Downloads\Play withSIX setup.exe
2013-06-16 20:03 - 2013-06-16 20:03 - 00000000 ____D C:\Users\Steven\Documents\Arktos
2013-06-16 20:03 - 2013-06-16 20:03 - 00000000 ____D C:\Users\Steven\AppData\Local\CrashRpt
2013-06-16 20:03 - 2013-06-16 20:03 - 00000000 ____D C:\Users\Steven\AppData\Local\Arktos
2013-06-16 20:02 - 2013-06-16 20:03 - 00291128 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-16 20:02 - 2013-06-16 20:02 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-15 19:15 - 2013-06-15 19:15 - 03650208 ____A (Cryptic Studios) C:\Users\Steven\Downloads\neverwinter_setup.exe
2013-06-15 03:00 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 03:00 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 03:00 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 03:00 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 03:00 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 03:00 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 03:00 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 03:00 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 03:00 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 03:00 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 03:00 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 03:00 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-15 02:33 - 2013-06-15 02:33 - 00129707 ____A C:\Users\Steven\Downloads\OKTraders1_2_3.zip
2013-06-14 22:32 - 2013-06-14 22:32 - 00000000 ____D C:\Users\Steven\AppData\Roaming\.mono
2013-06-13 03:00 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-13 03:00 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-13 03:00 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-13 03:00 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-13 03:00 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-13 03:00 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-13 03:00 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-13 03:00 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-13 03:00 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-13 03:00 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-13 03:00 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-13 03:00 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-13 03:00 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-13 03:00 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-13 03:00 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-13 03:00 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-13 03:00 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-13 03:00 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-13 03:00 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-13 00:28 - 2013-06-13 00:28 - 00003957 ____A C:\Users\Steven\Downloads\Weightless EE-264-1-0.rar
2013-06-12 23:48 - 2013-05-11 07:18 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 23:48 - 2013-05-11 07:18 - 00186880 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 23:48 - 2013-05-11 07:18 - 00141824 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 23:48 - 2013-05-11 07:18 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 23:48 - 2013-05-11 06:59 - 01160704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 23:48 - 2013-05-11 06:59 - 00142848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 23:48 - 2013-05-11 06:59 - 00106496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 23:48 - 2013-05-11 05:33 - 01192960 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 23:48 - 2013-05-11 05:30 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 23:48 - 2013-05-11 05:29 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 23:48 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 23:48 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 23:48 - 2013-05-08 08:14 - 01900392 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 23:48 - 2013-05-08 08:14 - 00376680 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys
2013-06-12 23:48 - 2013-05-08 08:14 - 00288104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS
2013-06-12 23:48 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 23:48 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 23:48 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 23:48 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 23:48 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 23:48 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-12 20:07 - 2013-06-12 20:07 - 00003491 ____A C:\Users\Steven\Downloads\XML Source-14.7z
2013-06-12 18:02 - 2013-06-12 18:02 - 00000000 ____D C:\Users\Steven\AppData\Local\The Witcher 2
2013-06-10 13:10 - 2013-06-10 13:10 - 00002247 ____A C:\Users\Lernmodus!!\Desktop\Google Chrome.lnk
2013-06-10 13:10 - 2013-06-10 13:10 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Local\Google
2013-06-10 13:09 - 2013-06-20 17:47 - 00000000 ____D C:\Users\Lernmodus!!\Documents\Bluetooth Folder
2013-06-10 13:09 - 2013-06-11 12:18 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Local\Microsoft Help
2013-06-10 13:09 - 2013-06-10 13:09 - 00085328 _RASH C:\Users\Lernmodus!!\ntuser.pol
2013-06-10 13:09 - 2013-06-10 13:09 - 00000020 ___SH C:\Users\Lernmodus!!\ntuser.ini
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Vorlagen
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Startmenü
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Netzwerkumgebung
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Lokale Einstellungen
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Eigene Dateien
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Druckumgebung
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Documents\Eigene Musik
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Documents\Eigene Bilder
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\AppData\Local\Verlauf
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\AppData\Local\Anwendungsdaten
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Anwendungsdaten
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Roaming\Adobe
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Local\BMExplorer
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Local\Adobe
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 ____D C:\users\Lernmodus!!
2013-06-10 13:09 - 2012-10-02 02:17 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Roaming\Macromedia
2013-06-09 22:38 - 2013-06-09 22:38 - 02273404 ____A C:\Users\Steven\Downloads\Collected UI Adjustments DDS Version-396-1-1.rar
2013-06-09 22:04 - 2013-06-09 22:04 - 00021300 ____A C:\Users\Steven\Downloads\[HDs]-FTV.Alice.and.Faye.08.06.13.wmv.1080p.torrent
2013-06-09 15:36 - 2013-06-09 15:36 - 00105792 ____A C:\Users\Steven\Downloads\SRXTCM_v1_4.pdf.zip
2013-06-09 14:49 - 2013-06-09 14:49 - 00204556 ____A C:\Users\Steven\Downloads\XTC_v2_0_Combined_Stats0.zip
2013-06-09 12:35 - 2013-06-09 12:35 - 10159103 ____A (EGOSOFT                                                     ) C:\Users\Steven\Downloads\X3TCUpdate3.1.1_to_3.2.exe
2013-06-09 12:32 - 2013-06-09 12:32 - 01018363 ____A C:\Users\Steven\Downloads\X3AP_3.0_nonsteam.zip
2013-06-09 12:22 - 2013-06-09 12:35 - 00000000 ____D C:\Program Files (x86)\Egosoft
2013-06-09 12:22 - 2012-07-25 19:31 - 01414144 ____A C:\Windows\SysWOW64\spk.dll
2013-06-09 12:21 - 2013-06-09 12:21 - 08379915 ____A (Cycrow                                                      ) C:\Users\Steven\Downloads\XPluginManager_Installer.exe
2013-06-09 11:58 - 2013-06-09 11:58 - 00120368 ____A C:\Users\Steven\Downloads\CheatCollectionPackage-V1.60-15.10.2009.spk
2013-06-07 21:12 - 2013-06-07 21:12 - 00013504 ____A C:\Users\Steven\Downloads\XTC_Xenon_Hub.zip
2013-06-07 21:11 - 2013-06-07 21:32 - 00004943 ____A C:\Users\Steven\Downloads\7048-L044-XTC2.0(v4).xml.zip
2013-06-07 21:11 - 2013-06-07 21:11 - 00807610 ____A C:\Users\Steven\Downloads\mars-tc.zip
2013-06-07 21:11 - 2013-06-07 21:11 - 00004578 ____A C:\Users\Steven\Downloads\buildMILshields.zip
2013-06-07 20:37 - 2013-06-07 20:42 - 00000680 _RASH C:\Users\Steven\ntuser.pol
2013-06-07 20:04 - 2013-06-07 20:04 - 00000403 ____A C:\Users\Steven\Downloads\[HDs]-tvp-enterprise-s01e15-br-720p-int.r14.torrent
2013-06-07 20:03 - 2013-06-07 20:03 - 00168339 ____A C:\Users\Steven\Downloads\[HDs]-Star.Trek.Raumschiff.Enterprise.TOS.S01.COMPLETE.GERMAN.DL.720p.BluRay.x264.iNTERNAL-TVP.torrent
2013-06-07 15:48 - 2013-06-07 15:48 - 18807532 ____A C:\Users\Steven\Downloads\screenshots.zip
2013-06-06 23:14 - 2013-06-06 23:14 - 00781792 ____A C:\Users\Steven\Downloads\CAG_V3402_CLS_V3402_XTC_PACK.zip
2013-06-06 23:05 - 2013-06-06 23:05 - 00475130 ____A C:\Users\Steven\Downloads\Luckies Comodity logistics [repack XTended 2.0].rar
2013-06-06 23:05 - 2013-06-06 23:05 - 00287153 ____A C:\Users\Steven\Downloads\Handelsvertretung_X3TC_V3402.zip
2013-06-06 23:04 - 2013-06-06 23:04 - 00167192 ____A C:\Users\Steven\Downloads\Befehlsbibliothek_X3TC_V3706 (1).zip
2013-06-05 21:19 - 2013-06-05 21:23 - 00000000 ____D C:\Users\Steven\AppData\Roaming\FreeCAD
2013-06-05 21:19 - 2013-06-05 21:19 - 00000000 ____D C:\Program Files (x86)\FreeCAD0.13
2013-06-04 18:32 - 2013-06-05 18:16 - 00000000 ____D C:\Users\Steven\Documents\Arma 3 Alpha Lite
2013-06-04 18:32 - 2013-06-05 17:56 - 00000000 ____D C:\Users\Steven\AppData\Local\Arma 3 Alpha Lite
2013-06-04 18:32 - 2013-06-04 18:32 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-02 13:38 - 2013-06-02 13:38 - 00159343 ____A C:\Users\Steven\Downloads\proxtube (4).crx
2013-06-02 13:38 - 2013-06-02 13:38 - 00159343 ____A C:\Users\Steven\Downloads\proxtube (3).crx
2013-05-31 00:21 - 2013-05-31 00:21 - 00026181 ____A C:\Users\Steven\Downloads\ff73.rar
2013-05-30 15:01 - 2013-05-30 15:01 - 01582608 ____A C:\Users\Steven\Downloads\LOLReplay-0.8.2.1 (1).exe
2013-05-30 14:31 - 2013-05-30 14:31 - 01582608 ____A C:\Users\Steven\Downloads\LOLReplay-0.8.2.1.exe
2013-05-30 14:31 - 2013-05-30 14:31 - 00000000 ____D C:\Program Files (x86)\LOLReplay
2013-05-30 01:49 - 2013-05-30 01:49 - 00365854 ____A C:\Users\Steven\Downloads\[HDs]-Star.Trek.Collection.I.-.XI.German.AC3.DL.1080p.BluRay.AVC.Remux-HDS.torrent
2013-05-29 13:56 - 2013-05-29 13:56 - 00010550 ____A C:\Users\Steven\Downloads\[HDs]-The.Last.Stand.2013.German.DTS.1080p.BluRay.x264-ThreeT.mkv.torrent
2013-05-27 21:01 - 2013-05-27 21:01 - 00491823 ____A C:\Users\Steven\Downloads\[HDs]-The.Last.Stand.German.DL.1080p.BluRay.x264-CONFiDENT.torrent
2013-05-26 21:07 - 2013-05-26 21:07 - 21398150 ____A C:\Users\Steven\Downloads\demo488193_rac_1.rar
2013-05-26 20:02 - 2013-05-26 20:03 - 00000000 ____A C:\Windows\SysWOW64\symsrv.yes
2013-05-25 13:35 - 2013-05-25 13:35 - 00000000 ____D C:\Users\Steven\Documents\Stronghold Kingdoms
2013-05-25 13:35 - 2013-05-25 13:35 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Firefly Studios
2013-05-25 13:35 - 2013-05-25 13:35 - 00000000 ____D C:\Users\Steven\AppData\Local\Geckofx
2013-05-25 13:31 - 2013-05-25 13:31 - 00000000 ____D C:\ProgramData\Firefly Studios
2013-05-23 14:40 - 2013-05-23 14:40 - 00446258 ____A C:\Windows\AutoKMS.exe
2013-05-21 18:37 - 2013-05-21 18:37 - 03039030 ____A C:\Users\Steven\Downloads\MIRC v7.29 Incl Crack [TorDigger].rar

==================== One Month Modified Files and Folders =======

2091-05-20 19:40 - 2091-05-20 19:40 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Malwarebytes
2091-05-20 19:40 - 2091-05-20 19:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2091-05-20 19:40 - 2091-05-20 19:40 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2091-05-20 19:12 - 2091-05-20 19:08 - 00000000 ____D C:\Users\Steven\AppData\Local\VirtualStore
2091-05-20 19:08 - 2091-05-20 19:08 - 00000000 ____D C:\MediaServer
2013-06-20 19:26 - 2012-10-02 02:07 - 00000000 ____D C:\Program Files (x86)\Trillian
2013-06-20 19:26 - 2012-10-02 02:00 - 00000000 ____D C:\Users\Steven\AppData\Roaming\xfire
2013-06-20 19:25 - 2013-06-20 19:25 - 01929538 ____A (Farbar) C:\Users\Steven\Downloads\FRST64.exe
2013-06-20 19:25 - 2013-06-20 19:25 - 01929538 ____A (Farbar) C:\Users\Steven\Desktop\FRST64.exe
2013-06-20 19:25 - 2013-06-20 19:25 - 00000000 ____D C:\FRST
2013-06-20 19:10 - 2012-10-02 02:40 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-20 19:09 - 2013-06-20 19:09 - 00000118 ____A C:\Users\Steven\Desktop\Fremder hat sich in Account eingeloggt - Trojaner- - Trojaner-Board.url
2013-06-20 19:07 - 2013-06-20 19:07 - 00022878 ____A C:\Users\Steven\Desktop\Extras.rar
2013-06-20 19:07 - 2013-06-20 19:07 - 00014490 ____A C:\Users\Steven\Desktop\OTL.rar
2013-06-20 19:01 - 2009-07-14 06:45 - 00023680 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-20 19:01 - 2009-07-14 06:45 - 00023680 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-20 19:00 - 2011-04-12 09:43 - 00700168 ____A C:\Windows\System32\perfh007.dat
2013-06-20 19:00 - 2011-04-12 09:43 - 00148964 ____A C:\Windows\System32\perfc007.dat
2013-06-20 19:00 - 2009-07-14 07:13 - 01621244 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-20 18:54 - 2012-10-03 11:22 - 00000035 ____A C:\Users\Public\Documents\AtherosServiceConfig.ini
2013-06-20 18:54 - 2012-10-02 00:53 - 00000000 ____A C:\Windows\System32\Drivers\lvuvc.hs
2013-06-20 18:54 - 2012-10-02 00:52 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-20 18:54 - 2012-10-02 00:52 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-20 18:54 - 2012-10-02 00:43 - 01170295 ____A C:\Windows\WindowsUpdate.log
2013-06-20 18:54 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-20 18:54 - 2009-07-14 06:51 - 00109681 ____A C:\Windows\setupact.log
2013-06-20 18:53 - 2013-06-20 18:53 - 00005954 ____A C:\Users\Steven\Desktop\gmer.log
2013-06-20 18:46 - 2012-10-02 02:17 - 00000000 ____D C:\ProgramData\Adobe
2013-06-20 18:46 - 2012-10-02 02:16 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Adobe
2013-06-20 18:45 - 2012-12-10 12:59 - 00000000 ____D C:\Program Files\Adobe
2013-06-20 18:45 - 2012-10-02 02:17 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-06-20 18:41 - 2013-06-20 18:34 - 00123944 ____A C:\Users\Steven\Desktop\OTL.Txt
2013-06-20 18:40 - 2013-06-20 18:40 - 00061804 ____A C:\Users\Steven\Downloads\OTL.txt
2013-06-20 18:34 - 2013-06-20 18:34 - 00147634 ____A C:\Users\Steven\Desktop\Extras.Txt
2013-06-20 18:28 - 2010-11-21 05:47 - 00313952 ____A C:\Windows\PFRO.log
2013-06-20 18:27 - 2013-06-20 18:27 - 00000654 ____A C:\Users\Steven\Desktop\defogger_disable.log
2013-06-20 18:27 - 2013-06-20 18:27 - 00000188 ____A C:\Users\Steven\defogger_reenable
2013-06-20 18:27 - 2012-10-02 00:44 - 00000000 ____D C:\users\Steven
2013-06-20 18:26 - 2013-06-20 18:26 - 00602112 ____A (OldTimer Tools) C:\Users\Steven\Desktop\OTL.exe
2013-06-20 18:26 - 2013-06-20 18:26 - 00377856 ____A C:\Users\Steven\Downloads\gmer_2.1.19163.exe
2013-06-20 18:26 - 2013-06-20 18:26 - 00377856 ____A C:\Users\Steven\Desktop\gmer_2.1.19163.exe
2013-06-20 18:25 - 2013-06-20 18:25 - 00050477 ____A C:\Users\Steven\Desktop\Defogger.exe
2013-06-20 18:06 - 2013-06-20 18:06 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Avira
2013-06-20 18:01 - 2013-06-20 18:01 - 00000000 ____D C:\ProgramData\Avira
2013-06-20 18:01 - 2013-06-20 18:01 - 00000000 ____D C:\Program Files (x86)\Avira
2013-06-20 18:00 - 2013-06-20 18:01 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-20 18:00 - 2013-06-20 18:01 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-20 18:00 - 2013-06-20 18:01 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-06-20 17:55 - 2012-10-21 10:50 - 00000000 ____D C:\Users\Steven\AppData\Roaming\uTorrent
2013-06-20 17:47 - 2013-06-10 13:09 - 00000000 ____D C:\Users\Lernmodus!!\Documents\Bluetooth Folder
2013-06-20 17:47 - 2012-10-02 19:51 - 00000000 ____D C:\Users\Steven\Documents\Bluetooth Folder
2013-06-20 17:42 - 2013-06-20 17:42 - 02092792 ____A C:\Users\Steven\Downloads\avira_free_antivirus.exe
2013-06-20 14:41 - 2012-11-18 12:48 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-20 10:18 - 2012-10-03 19:53 - 00000000 ____D C:\Users\Steven\AppData\Roaming\vlc
2013-06-19 23:36 - 2013-06-19 23:36 - 02005792 ____A C:\Users\Steven\Downloads\[HDs]-FuckedHard18.HD.SiTERIP.COMPLETE.XXX.torrent
2013-06-19 23:16 - 2012-10-02 14:59 - 00000000 ____D C:\Users\Steven\AppData\Roaming\TS3Client
2013-06-19 17:56 - 2013-06-19 14:16 - 00000000 ____D C:\Users\Steven\Documents\ArmA 2
2013-06-19 17:36 - 2013-06-19 14:17 - 00000000 ____D C:\Users\Steven\AppData\Local\ArmA 2 OA
2013-06-19 17:36 - 2013-06-18 22:52 - 00000000 ____D C:\Users\Steven\AppData\Local\Play withSIX
2013-06-19 14:16 - 2013-06-19 14:16 - 00000000 ____D C:\Users\Steven\AppData\Local\ArmA 2
2013-06-19 14:15 - 2013-06-19 14:15 - 00472944 ____A (SIX Networks) C:\Users\Lernmodus!!\Downloads\Play Origins withSIX.exe
2013-06-19 00:04 - 2013-06-19 00:04 - 05339596 ____A C:\Users\Steven\Downloads\de_contra.zip
2013-06-19 00:02 - 2013-05-18 01:21 - 00000000 ____D C:\Users\Steven\AppData\Local\JDownloader v2.0
2013-06-18 22:52 - 2013-06-18 22:52 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Play withSIX
2013-06-18 21:28 - 2012-10-02 02:10 - 00000000 ____D C:\ProgramData\Xfire
2013-06-18 21:09 - 2013-06-18 21:09 - 12140744 ____A (SIX Networks) C:\Users\Steven\Downloads\Play withSIX setup (2).exe
2013-06-18 21:09 - 2013-06-18 21:09 - 12140744 ____A (SIX Networks) C:\Users\Steven\Downloads\Play withSIX setup (1).exe
2013-06-18 13:20 - 2013-06-18 13:20 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Roaming\KRKsoft
2013-06-17 22:01 - 2013-06-17 22:01 - 00000000 ____D C:\Users\Steven\AppData\Local\SIX Updater
2013-06-17 21:59 - 2013-06-17 21:59 - 00000000 ____D C:\Program Files (x86)\Bohemia Interactive
2013-06-17 21:46 - 2013-06-17 21:46 - 00000000 ____D C:\Users\Steven\AppData\Local\Downloaded Installations
2013-06-17 21:46 - 2013-06-17 21:46 - 00000000 ____D C:\Program Files (x86)\SIX Networks
2013-06-17 21:28 - 2013-06-17 21:27 - 11183938 ____A C:\Users\Steven\Downloads\ARMA2_OA_Build_103718.zip
2013-06-17 21:19 - 2012-10-02 01:30 - 00000000 ____D C:\ProgramData\Creative
2013-06-17 21:18 - 2013-03-23 13:06 - 00000159 __RAH C:\Windows\ctfile.rfc
2013-06-17 21:18 - 2012-10-02 01:30 - 00419840 ____A (Creative Labs) C:\Windows\System32\wrap_oal.dll
2013-06-17 21:18 - 2012-10-02 01:30 - 00413696 ____A (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2013-06-17 21:18 - 2012-10-02 01:30 - 00133632 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\System32\OpenAL32.dll
2013-06-17 21:18 - 2012-10-02 01:30 - 00110592 ____A (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2013-06-17 21:18 - 2012-10-02 01:29 - 00000000 ____D C:\Windows\SysWOW64\Data
2013-06-17 21:18 - 2012-10-02 01:29 - 00000000 ____D C:\Windows\System32\Data
2013-06-17 17:59 - 2012-10-02 19:55 - 00000000 ____D C:\Users\Steven\AppData\Local\CrashDumps
2013-06-17 17:27 - 2013-06-17 17:27 - 00034065 ____A C:\Users\Steven\Downloads\ARMA2_OA_Build_106400.log
2013-06-17 17:19 - 2013-06-17 17:19 - 00000000 ____D C:\Users\Steven\AppData\Local\DayZCommander
2013-06-17 17:19 - 2013-06-17 17:19 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-06-17 17:15 - 2013-06-17 17:14 - 11181543 ____A C:\Users\Steven\Downloads\ARMA2_OA_Build_103419.zip
2013-06-17 15:10 - 2013-06-17 15:10 - 00110112 ____A C:\Users\Lernmodus!!\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-17 10:03 - 2013-06-17 10:03 - 00000000 ____D C:\Users\Steven\AppData\Roaming\unepic
2013-06-17 09:33 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-17 01:59 - 2012-10-02 02:16 - 00683015 ____A C:\Windows\DirectX.log
2013-06-17 00:53 - 2013-06-17 00:50 - 11180873 ____A C:\Users\Steven\Downloads\ARMA2_OA_Build_106400.zip
2013-06-17 00:51 - 2013-06-17 00:50 - 02936832 ____A C:\Users\Steven\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-06-17 00:40 - 2013-06-17 00:40 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-06-16 22:03 - 2013-06-16 21:59 - 12140744 ____A (SIX Networks) C:\Users\Steven\Downloads\Play withSIX setup.exe
2013-06-16 20:03 - 2013-06-16 20:03 - 00000000 ____D C:\Users\Steven\Documents\Arktos
2013-06-16 20:03 - 2013-06-16 20:03 - 00000000 ____D C:\Users\Steven\AppData\Local\CrashRpt
2013-06-16 20:03 - 2013-06-16 20:03 - 00000000 ____D C:\Users\Steven\AppData\Local\Arktos
2013-06-16 20:03 - 2013-06-16 20:02 - 00291128 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-16 20:03 - 2012-10-06 17:59 - 00291128 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-16 20:03 - 2012-10-06 17:59 - 00000000 ____D C:\Users\Steven\AppData\Local\PunkBuster
2013-06-16 20:03 - 2012-10-06 17:57 - 00281872 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-06-16 20:02 - 2013-06-16 20:02 - 00076888 ____A C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-16 01:47 - 2012-10-02 02:00 - 00000000 ____D C:\Users\Steven\Documents\Witcher 2
2013-06-16 01:26 - 2013-04-19 21:45 - 00000000 ____D C:\Users\Steven\AppData\Roaming\mIRC
2013-06-15 19:15 - 2013-06-15 19:15 - 03650208 ____A (Cryptic Studios) C:\Users\Steven\Downloads\neverwinter_setup.exe
2013-06-15 16:57 - 2013-04-19 21:45 - 00000000 ____D C:\Program Files (x86)\mIRC
2013-06-15 02:33 - 2013-06-15 02:33 - 00129707 ____A C:\Users\Steven\Downloads\OKTraders1_2_3.zip
2013-06-14 22:32 - 2013-06-14 22:32 - 00000000 ____D C:\Users\Steven\AppData\Roaming\.mono
2013-06-13 03:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-13 03:00 - 2012-10-02 02:12 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-13 00:28 - 2013-06-13 00:28 - 00003957 ____A C:\Users\Steven\Downloads\Weightless EE-264-1-0.rar
2013-06-12 20:07 - 2013-06-12 20:07 - 00003491 ____A C:\Users\Steven\Downloads\XML Source-14.7z
2013-06-12 18:02 - 2013-06-12 18:02 - 00000000 ____D C:\Users\Steven\AppData\Local\The Witcher 2
2013-06-12 15:10 - 2012-10-02 02:40 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 15:10 - 2012-10-02 02:40 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 20:00 - 2012-11-18 12:49 - 00000000 ____D C:\Users\Steven\AppData\Local\Origin
2013-06-11 20:00 - 2012-11-18 12:48 - 00000000 ____D C:\ProgramData\Origin
2013-06-11 20:00 - 2012-10-02 02:00 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Origin
2013-06-11 12:18 - 2013-06-10 13:09 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Local\Microsoft Help
2013-06-10 13:10 - 2013-06-10 13:10 - 00002247 ____A C:\Users\Lernmodus!!\Desktop\Google Chrome.lnk
2013-06-10 13:10 - 2013-06-10 13:10 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Local\Google
2013-06-10 13:09 - 2013-06-10 13:09 - 00085328 _RASH C:\Users\Lernmodus!!\ntuser.pol
2013-06-10 13:09 - 2013-06-10 13:09 - 00000020 ___SH C:\Users\Lernmodus!!\ntuser.ini
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Vorlagen
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Startmenü
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Netzwerkumgebung
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Lokale Einstellungen
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Eigene Dateien
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Druckumgebung
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Documents\Eigene Musik
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Documents\Eigene Bilder
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\AppData\Local\Verlauf
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\AppData\Local\Anwendungsdaten
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 __SHD C:\Users\Lernmodus!!\Anwendungsdaten
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Roaming\Adobe
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Local\BMExplorer
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 ____D C:\Users\Lernmodus!!\AppData\Local\Adobe
2013-06-10 13:09 - 2013-06-10 13:09 - 00000000 ____D C:\users\Lernmodus!!
2013-06-10 13:09 - 2012-10-03 11:22 - 00000000 ____D C:\Users\Public\Documents\Atheros
2013-06-09 22:38 - 2013-06-09 22:38 - 02273404 ____A C:\Users\Steven\Downloads\Collected UI Adjustments DDS Version-396-1-1.rar
2013-06-09 22:04 - 2013-06-09 22:04 - 00021300 ____A C:\Users\Steven\Downloads\[HDs]-FTV.Alice.and.Faye.08.06.13.wmv.1080p.torrent
2013-06-09 15:36 - 2013-06-09 15:36 - 00105792 ____A C:\Users\Steven\Downloads\SRXTCM_v1_4.pdf.zip
2013-06-09 14:49 - 2013-06-09 14:49 - 00204556 ____A C:\Users\Steven\Downloads\XTC_v2_0_Combined_Stats0.zip
2013-06-09 12:35 - 2013-06-09 12:35 - 10159103 ____A (EGOSOFT                                                     ) C:\Users\Steven\Downloads\X3TCUpdate3.1.1_to_3.2.exe
2013-06-09 12:35 - 2013-06-09 12:22 - 00000000 ____D C:\Program Files (x86)\Egosoft
2013-06-09 12:32 - 2013-06-09 12:32 - 01018363 ____A C:\Users\Steven\Downloads\X3AP_3.0_nonsteam.zip
2013-06-09 12:24 - 2012-10-02 02:00 - 00000000 ____D C:\Users\Steven\Documents\Egosoft
2013-06-09 12:21 - 2013-06-09 12:21 - 08379915 ____A (Cycrow                                                      ) C:\Users\Steven\Downloads\XPluginManager_Installer.exe
2013-06-09 11:58 - 2013-06-09 11:58 - 00120368 ____A C:\Users\Steven\Downloads\CheatCollectionPackage-V1.60-15.10.2009.spk
2013-06-08 16:08 - 2013-06-15 03:00 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 03:00 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 03:00 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 03:00 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 03:00 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 03:00 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 03:00 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 03:00 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 03:00 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 03:00 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 03:00 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 21:32 - 2013-06-07 21:11 - 00004943 ____A C:\Users\Steven\Downloads\7048-L044-XTC2.0(v4).xml.zip
2013-06-07 21:12 - 2013-06-07 21:12 - 00013504 ____A C:\Users\Steven\Downloads\XTC_Xenon_Hub.zip
2013-06-07 21:11 - 2013-06-07 21:11 - 00807610 ____A C:\Users\Steven\Downloads\mars-tc.zip
2013-06-07 21:11 - 2013-06-07 21:11 - 00004578 ____A C:\Users\Steven\Downloads\buildMILshields.zip
2013-06-07 20:42 - 2013-06-07 20:37 - 00000680 _RASH C:\Users\Steven\ntuser.pol
2013-06-07 20:37 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\System32\GroupPolicy
2013-06-07 20:04 - 2013-06-07 20:04 - 00000403 ____A C:\Users\Steven\Downloads\[HDs]-tvp-enterprise-s01e15-br-720p-int.r14.torrent
2013-06-07 20:03 - 2013-06-07 20:03 - 00168339 ____A C:\Users\Steven\Downloads\[HDs]-Star.Trek.Raumschiff.Enterprise.TOS.S01.COMPLETE.GERMAN.DL.720p.BluRay.x264.iNTERNAL-TVP.torrent
2013-06-07 15:48 - 2013-06-07 15:48 - 18807532 ____A C:\Users\Steven\Downloads\screenshots.zip
2013-06-06 23:14 - 2013-06-06 23:14 - 00781792 ____A C:\Users\Steven\Downloads\CAG_V3402_CLS_V3402_XTC_PACK.zip
2013-06-06 23:05 - 2013-06-06 23:05 - 00475130 ____A C:\Users\Steven\Downloads\Luckies Comodity logistics [repack XTended 2.0].rar
2013-06-06 23:05 - 2013-06-06 23:05 - 00287153 ____A C:\Users\Steven\Downloads\Handelsvertretung_X3TC_V3402.zip
2013-06-06 23:04 - 2013-06-06 23:04 - 00167192 ____A C:\Users\Steven\Downloads\Befehlsbibliothek_X3TC_V3706 (1).zip
2013-06-05 21:23 - 2013-06-05 21:19 - 00000000 ____D C:\Users\Steven\AppData\Roaming\FreeCAD
2013-06-05 21:19 - 2013-06-05 21:19 - 00000000 ____D C:\Program Files (x86)\FreeCAD0.13
2013-06-05 18:16 - 2013-06-04 18:32 - 00000000 ____D C:\Users\Steven\Documents\Arma 3 Alpha Lite
2013-06-05 17:56 - 2013-06-04 18:32 - 00000000 ____D C:\Users\Steven\AppData\Local\Arma 3 Alpha Lite
2013-06-04 23:36 - 2013-01-23 02:10 - 00000000 ____D C:\Users\Steven\Documents\StarCraft II
2013-06-04 18:32 - 2013-06-04 18:32 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-06-02 13:38 - 2013-06-02 13:38 - 00159343 ____A C:\Users\Steven\Downloads\proxtube (4).crx
2013-06-02 13:38 - 2013-06-02 13:38 - 00159343 ____A C:\Users\Steven\Downloads\proxtube (3).crx
2013-05-31 00:21 - 2013-05-31 00:21 - 00026181 ____A C:\Users\Steven\Downloads\ff73.rar
2013-05-30 15:01 - 2013-05-30 15:01 - 01582608 ____A C:\Users\Steven\Downloads\LOLReplay-0.8.2.1 (1).exe
2013-05-30 14:31 - 2013-05-30 14:31 - 01582608 ____A C:\Users\Steven\Downloads\LOLReplay-0.8.2.1.exe
2013-05-30 14:31 - 2013-05-30 14:31 - 00000000 ____D C:\Program Files (x86)\LOLReplay
2013-05-30 01:49 - 2013-05-30 01:49 - 00365854 ____A C:\Users\Steven\Downloads\[HDs]-Star.Trek.Collection.I.-.XI.German.AC3.DL.1080p.BluRay.AVC.Remux-HDS.torrent
2013-05-29 13:56 - 2013-05-29 13:56 - 00010550 ____A C:\Users\Steven\Downloads\[HDs]-The.Last.Stand.2013.German.DTS.1080p.BluRay.x264-ThreeT.mkv.torrent
2013-05-28 20:32 - 2013-04-29 22:37 - 00000000 ____D C:\Users\Steven\AppData\Roaming\HLSW
2013-05-28 16:05 - 2013-04-01 00:42 - 00000000 ____D C:\Users\Steven\AppData\Roaming\DisplayFusion
2013-05-27 21:01 - 2013-05-27 21:01 - 00491823 ____A C:\Users\Steven\Downloads\[HDs]-The.Last.Stand.German.DL.1080p.BluRay.x264-CONFiDENT.torrent
2013-05-26 21:07 - 2013-05-26 21:07 - 21398150 ____A C:\Users\Steven\Downloads\demo488193_rac_1.rar
2013-05-26 20:03 - 2013-05-26 20:02 - 00000000 ____A C:\Windows\SysWOW64\symsrv.yes
2013-05-26 20:02 - 2013-04-07 17:54 - 00000000 ____D C:\Program Files (x86)\4PL-Insight
2013-05-25 23:58 - 2013-04-25 00:49 - 00000000 ____D C:\Users\Steven\Documents\Mount&Blade Warband Savegames
2013-05-25 13:35 - 2013-05-25 13:35 - 00000000 ____D C:\Users\Steven\Documents\Stronghold Kingdoms
2013-05-25 13:35 - 2013-05-25 13:35 - 00000000 ____D C:\Users\Steven\AppData\Roaming\Firefly Studios
2013-05-25 13:35 - 2013-05-25 13:35 - 00000000 ____D C:\Users\Steven\AppData\Local\Geckofx
2013-05-25 13:31 - 2013-05-25 13:31 - 00000000 ____D C:\ProgramData\Firefly Studios
2013-05-23 14:40 - 2013-05-23 14:40 - 00446258 ____A C:\Windows\AutoKMS.exe
2013-05-21 18:37 - 2013-05-21 18:37 - 03039030 ____A C:\Users\Steven\Downloads\MIRC v7.29 Incl Crack [TorDigger].rar
2013-05-21 14:10 - 2012-10-19 21:22 - 00000000 ____D C:\Program Files (x86)\Diablo III

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2012-05-09 19:32] - [2012-05-09 19:32] - 0391168 ____A (Microsoft Corporation) EC5BD25A41E9B633CB39120DBB0939DC

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-05-09 20:12] - [2012-05-09 20:12] - 2872320 ____A (Microsoft Corporation) A27FB0CA2971BEC02595902A9FD35D6D

C:\Windows\SysWOW64\explorer.exe
[2012-05-09 20:12] - [2012-05-09 20:12] - 2616320 ____A (Microsoft Corporation) 82B49E32080BF5C469BF877C473B15EB

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll
[2012-05-09 19:42] - [2012-05-09 19:42] - 1008128 ____A (Microsoft Corporation) 7FB4D54B502C6CF2E35B8188FA4CC08C

C:\Windows\SysWOW64\User32.dll
[2012-05-09 19:42] - [2012-05-09 19:42] - 0833024 ____A (Microsoft Corporation) 9B836EE76E3A99052EF6DEA52B41D1BE

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2012-05-09 19:43] - [2012-05-09 19:43] - 0296816 ____A (Microsoft Corporation) ABFECA99D72CE81E5C3612861F03B0CA



LastRegBack: 2013-06-13 01:25

==================== End Of Log ============================
--- --- ---


--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2013 01
Ran by Steven at 2013-06-20 19:26:49 Run:
Running from C:\Users\Steven\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

µTorrent (Version: 3.2.0)
4PL-Insight Anti-Cheat (remove only)
Adobe AIR (Version: 2.7.0.19480)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03)
Age of Empire 2 HD Edition GERMAN (c) Microsoft version 1 (Version: 1)
AI Suite II (Version: 1.01.14)
AIDA64 Extreme Edition v2.60 (Version: 2.60)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328)
AMD Catalyst Install Manager (Version: 8.0.911.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Media Foundation Decoders (Version: 1.0.80328.2204)
applicationupdater
Arma 2
Arma 2: Operation Arrowhead
Arma 3 Alpha
Avira Free Antivirus (Version: 13.0.0.3640)
BattlEye for OA Uninstall
BattlEye Uninstall
Bluetooth Win7 Suite (64) (Version: 7.2.0.40)
Brutal Legend version 1 (Version: 1)
Castle Crashers
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center (Version: 2013.0328.2218.38225)
Catalyst Control Center Graphics Previews Common (Version: 2013.0328.2218.38225)
Catalyst Control Center InstallProxy (Version: 2013.0328.2218.38225)
Catalyst Control Center Localization All (Version: 2013.0328.2218.38225)
CCC Help Chinese Standard (Version: 2013.0328.2217.38225)
CCC Help Chinese Traditional (Version: 2013.0328.2217.38225)
CCC Help Czech (Version: 2013.0328.2217.38225)
CCC Help Danish (Version: 2013.0328.2217.38225)
CCC Help Dutch (Version: 2013.0328.2217.38225)
CCC Help English (Version: 2013.0328.2217.38225)
CCC Help Finnish (Version: 2013.0328.2217.38225)
CCC Help French (Version: 2013.0328.2217.38225)
CCC Help German (Version: 2013.0328.2217.38225)
CCC Help Greek (Version: 2013.0328.2217.38225)
CCC Help Hungarian (Version: 2013.0328.2217.38225)
CCC Help Italian (Version: 2013.0328.2217.38225)
CCC Help Japanese (Version: 2013.0328.2217.38225)
CCC Help Korean (Version: 2013.0328.2217.38225)
CCC Help Norwegian (Version: 2013.0328.2217.38225)
CCC Help Polish (Version: 2013.0328.2217.38225)
CCC Help Portuguese (Version: 2013.0328.2217.38225)
CCC Help Russian (Version: 2013.0328.2217.38225)
CCC Help Spanish (Version: 2013.0328.2217.38225)
CCC Help Swedish (Version: 2013.0328.2217.38225)
CCC Help Thai (Version: 2013.0328.2217.38225)
CCC Help Turkish (Version: 2013.0328.2217.38225)
ccc-utility64 (Version: 2013.0328.2218.38225)
cFosSpeed v9.02 (Version: 9.02)
Chemistry Add-in for Word (Version: 1.0.0)
Cinergy S2 PCI HD Driver Installation (64 Bit) (Version: 1.01.02.501)
Cities in Motion 2 (c) Paradox Interactive version 1 (Version: 1)
Counter-Strike: Source
CSE Demoplayer (Version: 4.1)
DAEMON Tools Lite (Version: 4.45.4.0316)
Dark Souls Prepare to Die Edition (Version: 1.0.0001.130)
Darksiders II
DayZ Commander (Version: 0.92.83)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diablo III (Version: 1.0.8.16603)
Directory Lister Pro v1.49 (Version: 1.49)
DisplayFusion 5.0.1 (Version: 5.0.1.0)
Dolby Digital Live Pack (Version: 3.00)
Druckerdeinstallation für EPSON BX635FWD Series
DTS Connect Pack (Version: 1.00)
Dungeon Keeper (Version: 2.0.0.2)
Dungeon Keeper 2 (Version: 2.0.0.32)
DVBViewer TERRATEC Edition
Elemental: Fallen Enchantress (Version: 1.00.072)
EPSON Scan
ESL Wire 1.15.1
Evolution of Combat Evolved
Faster Than Light (Version: 2.0.0.9)
FIFA 13 (Version: 1.6.0.0)
FreeCAD 0.13 (Version: 0.13.1828)
Futuremark SystemInfo (Version: 4.15.0)
Galactic Civilizations II: Ultimate Edition
gamelauncher-code4344-beta
gamelauncher-ps2-live
Geeks3D.com FurMark 1.10.4
GOG.com Downloader version 3.5.2 (Version: 3.5.2)
GOG.com Dungeon Keeper 2
Google Chrome (Version: 27.0.1453.110)
Google Update Helper (Version: 1.3.21.145)
HD Tune 2.55
HD Tune Pro 5.00
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
Hitman: Absolution
HLSW v1.4.0.2
ImgBurn (Version: 2.5.7.0)
Impire
Intel(R) Network Connections 16.5.2.0 (Version: 16.5.2.0)
Intel® Watchdog Timer Driver (Intel® WDT)
Jade Empire: Special Edition
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
JDownloader 0.9 (Version: 0.9)
JDownloader 2 (Version: 2.0)
Kits Configuration Installer (Version: 8.59.25584)
K-Lite Codec Pack 9.3.0 (Full) (Version: 9.3.0)
L.A. Noire
Left 4 Dead 2
Logitech Gaming Software (Version: 8.35.18)
Logitech Gaming Software 8.35 (Version: 8.35.18)
Logitech Webcam-Software (Version: 2.31)
LOLReplay (Version: 0.8.2.1)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Mark of the Ninja
MechWarrior Online (Version: 1.4.1.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Might & Magic Heroes VI (Version: 1.8)
mIRC (Version: 7.22)
Morten242s UI for DSFix (Version: 1.0.0.30)
Mount & Blade: Warband
Mount&Blade
MSI Afterburner 2.3.1 (Version: 2.3.1)
My Game Long Name
Natural Selection 2
Network Addon Mod Version 30 mit Essentials r132 (Version: Version 30 mit Essentials r132)
Neverwinter
Nexus Mod Manager (Version: 0.43.1)
NVIDIA PhysX (Version: 9.12.1031)
OpenAL
Origin (Version: 9.0.15.65)
Paint.NET v3.5.10 (Version: 3.60.0)
Path of Exile (Version: 0.9.13.22054)
PlanetSide 2 Beta
Play withSIX (Version: 1.30.0468)
Project CARS (Version: 0494)
Psychonauts
PunkBuster Services (Version: 0.993)
Realtek Ethernet Controller Driver For Windows 7 (Version: 7.21.531.2010)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.32.0)
Rockstar Games Social Club (Version: 1.1.0.1)
Sang-Froid - Tales of Werewolves (c) Artifice Studio version 1 (Version: 1)
SDK Debuggers (Version: 8.59.29746)
SimCity 4 Rush Hour
Smite (Version: 0.1.1316.6)
Spotify (Version: 0.8.8.459.g4430eae7)
Stacking
Star Wars - Jedi Knight II: Jedi Outcast
Star Wars Jedi Knight: Jedi Academy
StarCraft II (Version: 2.0.8.25604)
Stereoscopic Player (Version: 1.9.5)
Stronghold 3
Stronghold HD (Version: 2.0.0.3)
TeamSpeak 3 Client (Version: 3.0.10.1)
TERA (Version: 19.04.02.03.hf3)
The Last Days 3.23 (Version: 3.23)
The War Z
The Witcher 2: Assassins of Kings Enhanced Edition
Tomb Raider Update v.1.0.718.4 1.0 (Version: 1.0)
TrackMania² Canyon
TrackMania² Stadium Open Beta
Trials Evolution Gold Edition (Version: 1.0.0.2)
Trillian
Unepic (Version: )
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Uplay (Version: 2.0)
VLC media player 2.0.6 (Version: 2.0.6)
War for the Overworld Bedrock Beta
WhoCrashed 4.01
Winamp (Version: 5.63 )
Winamp Erkennungs-Plug-in (Version: 1.0.0.1)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Software Development Kit (Version: 8.59.29750)
Windows Software Development Kit EULA (Version: 8.59.25584)
Windows-Treiberpaket - TERRATEC  Cinergy C/S2 PCI Infrared (05/21/2010 1.00.03.201) (Version: 05/21/2010 1.00.03.201)
Windows-Treiberpaket - TERRATEC  Cinergy S2 PCI (11/18/2010 1.01.02.501) (Version: 11/18/2010 1.01.02.501)
WinRAR 4.11 (64-Bit) (Version: 4.11.0)
Wrye Bash (Version: 0.3.0.3)
X3 Terran Conflict v3.2
X-Fi Forte 7.1 (Version: 1.0)
Xfire (remove only)
XIII
X-Universe Plugin Manager 1.47 (Version: 1.47)
ZoneAlarm LTD Toolbar

==================== Restore Points  =========================

20-06-2013 11:51:26 Geplanter Prüfpunkt

==================== Hosts content: ==========================
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#	#	
127.0.0.1 activate.adobe.com
#	127.0.0.1       localhost
#	127.0.0.1 validation.sls.microsoft.com


==================== Scheduled Tasks (whitelisted) =============

Task: {0D3F3FB1-67C5-4A2C-AA05-8EE02E34E2EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-23] (Google Inc.)
Task: {3274E13C-587A-4E75-9C17-AEA349F913D9} - System32\Tasks\ASUS\i-Setup010543 => C:\Windows\Intel_Chipset_V9301019_XPVistaWin7\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {3E5E38FE-CFF2-41AE-A532-8DB2F9414889} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {441D55C6-BFB5-453B-8881-60DC2E2CFEBE} - System32\Tasks\ASUS\i-Setup011012 => C:\Windows\Intel_Chipset_V9301019_XPVistaWin7\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {45A463AC-D8A2-418A-8435-38AEA2F5155E} - System32\Tasks\{BE4E7AAB-99B4-46AF-9569-C3723FB8A6FC} => C:\Spiele\Silver\silver.exe No File
Task: {598ADDFB-4F4E-4CE7-AB7D-42AD49CC5ED4} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {7EFA335A-C380-4A68-A40F-49A527708004} - System32\Tasks\{839E971F-14F3-4D19-B10E-78CA372ED7B6} => C:\SETUP.EXE No File
Task: {8756A622-56B4-4F05-9F0E-F26EBAF5C4D8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-23] (Google Inc.)
Task: {8863024B-29A9-4E0B-9648-12B5971FBEAC} - System32\Tasks\ASUS\i-Setup010614 => C:\Windows\Intel_Chipset_V9301019_XPVistaWin7\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {A3248B34-C3A1-4104-9B39-7F274D15282B} - System32\Tasks\ASUS\i-Setup010906 => C:\Windows\Intel_Chipset_V9301019_XPVistaWin7\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {A58AA8A4-2658-4B6E-B8B4-5F0A2F4F5BDE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2013-05-23] ()
Task: {B15EB35C-EDD4-49CE-8544-E5BACA5445BE} - System32\Tasks\ASUS\i-Setup010951 => C:\Windows\Intel_Chipset_V9301019_XPVistaWin7\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {B3A29135-F494-4717-8433-51B7ACEEC4BB} - System32\Tasks\{B99A5468-96D8-4741-9131-CE9C1CA1C7A4} => C:\Spiele\Silver\silver.exe No File
Task: {C355D83A-4169-47F4-AD00-FEF555E51397} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {D110C437-0DC4-44FA-AB2A-DAD5B5E5DEC5} - System32\Tasks\{186336EC-F66D-47CD-9A89-5C8B41CE5F31} => C:\SETUP.EXE No File

==================== Faulty Device Manager Devices =============

Name: Power Control [2013/03/05 19:02:36]
Description: Power Control [2013/03/05 19:02:36]
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: {73526619-C24F-470B-9BED-53D455FBB5C6}
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Realtek PCI GBE Family Controller
Description: Realtek PCI GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: ntk_PowerDVD12
Description: ntk_PowerDVD12
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ntk_PowerDVD12
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Bluetooth-Gerät (PAN) #2
Description: Bluetooth-Gerät (PAN)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/20/2013 06:56:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 06:41:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 06:30:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 05:59:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 05:56:16 PM) (Source: Microsoft-Windows-RestartManager) (User: Steven-PC)
Description: Die Anwendung oder der Dienst "Windows-Explorer" konnte nicht heruntergefahren werden.

Error: (06/20/2013 05:55:39 PM) (Source: Microsoft-Windows-RestartManager) (User: Steven-PC)
Description: Die Anwendung oder der Dienst "vsdrinst.exe" konnte nicht heruntergefahren werden.

Error: (06/20/2013 05:55:38 PM) (Source: Microsoft-Windows-RestartManager) (User: Steven-PC)
Description: Die Anwendung oder der Dienst "Check Point Install Utility" konnte nicht heruntergefahren werden.

Error: (06/20/2013 09:32:26 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 01:29:08 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2013 08:41:02 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/20/2013 06:56:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "CLHNServiceForPowerDVD12" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/20/2013 06:55:49 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/20/2013 06:54:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Power Control [2013/03/05 19:02:36]" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (06/20/2013 06:54:50 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ntk_PowerDVD12" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3

Error: (06/20/2013 06:54:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "CyberLink PowerDVD 12 Media Server Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/20/2013 06:54:48 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "CyberLink PowerDVD 12 Media Server Monitor Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/20/2013 06:50:26 PM) (Source: Service Control Manager) (User: )
Description: Dienst "CLHNServiceForPowerDVD12" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/20/2013 06:48:05 PM) (Source: Service Control Manager) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/20/2013 06:48:01 PM) (Source: Service Control Manager) (User: )
Description: Dienst "CyberLink PowerDVD 12 Media Server Monitor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/20/2013 06:40:53 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (06/20/2013 06:56:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 06:41:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 06:30:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 05:59:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 05:56:16 PM) (Source: Microsoft-Windows-RestartManager)(User: Steven-PC)
Description: 1C:\Windows\explorer.exeWindows-Explorer0411715240

Error: (06/20/2013 05:55:39 PM) (Source: Microsoft-Windows-RestartManager)(User: Steven-PC)
Description: 1C:\Program Files (x86)\CheckPoint\ZoneAlarm\drivers\win70_64\vsdrinst.exevsdrinst.exe0511720840

Error: (06/20/2013 05:55:38 PM) (Source: Microsoft-Windows-RestartManager)(User: Steven-PC)
Description: 1C:\Program Files (x86)\CheckPoint\Install\Install.exeCheck Point Install Utility0111785320

Error: (06/20/2013 09:32:26 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/20/2013 01:29:08 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2013 08:41:02 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2091-05-20 19:23:52.842
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-20 14:02:09.094
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-20 13:50:21.491
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-18 20:26:16.012
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-18 19:23:38.497
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-18 18:23:40.828
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-18 12:33:23.595
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-17 19:22:18.623
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-17 19:17:05.489
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-05-17 19:10:05.478
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 8159.14 MB
Available physical RAM: 6022.48 MB
Total Pagefile: 16316.47 MB
Available Pagefile: 13611.47 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.79 GB) (Free:28.19 GB) NTFS (Disk=0 Partition=1) ==>[Drive with boot components (obtained from BCD)]
Drive d: (Volume) (Fixed) (Total:2794.39 GB) (Free:40.96 GB) NTFS (Disk=1 Partition=2)
Drive f: (Volume) (Fixed) (Total:1863.01 GB) (Free:1484.53 GB) NTFS (Disk=2 Partition=1)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 8ABEDB69)
Partition 1: (Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2795 GB) (Disk ID: C5944855)

Partition: GPT Partition Type
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: C55D270E)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

==================== End Of Log ============================
Die anderen Logs sind leider zu groß, deswegen habe ich die angehängt.
__________________
Alt 21.06.2013, 07:14   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Fremder hat sich in Account eingeloggt - Trojaner? - Standard

Fremder hat sich in Account eingeloggt - Trojaner?


Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Fremder hat sich in Account eingeloggt - Trojaner?
account, accounts, angst, blick, daten, fremder, heute, troja, trojaner, trojaner?


« Malwarebytes Log Auswertung | wssetup.exe von Perion Network Ltd. - OTL Log File bereits erstellt »


Ähnliche Themen: Fremder hat sich in Account eingeloggt - Trojaner?


  1. Spam Mail von Web.de Account - Nur über Iphone und Mac eingeloggt
    Alles rund um Mac OSX & Linux - 14.10.2015 (9)
  2. Mein Facebook-Account macht sich selbstständig
    Plagegeister aller Art und deren Bekämpfung - 26.02.2015 (17)
  3. fremder Zugriff auf AOL-Mail
    Plagegeister aller Art und deren Bekämpfung - 19.12.2014 (5)
  4. Fremder Computer im Netzwerk angezeigt
    Plagegeister aller Art und deren Bekämpfung - 26.11.2014 (7)
  5. Fremder übernahm die Kontrolle
    Log-Analyse und Auswertung - 23.10.2014 (6)
  6. fremder Ordner auf dem Desktop!
    Log-Analyse und Auswertung - 27.05.2014 (11)
  7. Fremder Prozess Update Whilokki
    Plagegeister aller Art und deren Bekämpfung - 28.09.2013 (1)
  8. Fremder Zugriff auf meinen Kalender
    Alles rund um Windows - 16.09.2013 (0)
  9. PC langsam, viel fremder Donwload, komische Effekte
    Log-Analyse und Auswertung - 17.06.2013 (23)
  10. Spammails von meinem GMX-Account gesendet, Passwort von fremder Hand geändert
    Log-Analyse und Auswertung - 08.08.2012 (15)
  11. gleiche IP-Adresse im Netzwek und fremder facebook-Login
    Plagegeister aller Art und deren Bekämpfung - 06.01.2012 (46)
  12. Fremder Zugriff auf meinen YAHOO MailAccount
    Plagegeister aller Art und deren Bekämpfung - 06.12.2011 (1)
  13. fremder zugriff auf mein MSN
    Plagegeister aller Art und deren Bekämpfung - 30.11.2011 (35)
  14. Schon wieder fremder Server im Highjack this log
    Log-Analyse und Auswertung - 09.11.2008 (4)
  15. Backdoor oder Trojaner? Fremder auf dem PC.
    Log-Analyse und Auswertung - 30.10.2008 (9)
  16. Account meldet sich an und sofort wieder ab
    Plagegeister aller Art und deren Bekämpfung - 27.10.2007 (6)
  17. fremder Zugriff unter Win Me
    Alles rund um Windows - 03.10.2006 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Fremder hat sich in Account eingeloggt - Trojaner? - Ich bin eigentlich immer sehr vorsichtig mit meinen Daten, heute hat sich aber irgendwie Jemand in einen meiner Accounts eingeloggt. Da ich doch etwas Angst bekommen habe, bitte ich euch - Fremder hat sich in Account eingeloggt - Trojaner?...
Archiv
Du betrachtest: Fremder hat sich in Account eingeloggt - Trojaner? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131