attention required/Cloudflare Problem

Illunias · 19.07.2014, 18:14

Tag
Ich habe seit einigen Tagen das Problem,dass manche Seiten durch cloudflare geblockt werden(dessen Seite ich vorher niemals aufgerufen habe) und ein Captcha von mir verlangt wird welches mich voranschreiten lässt. Dieses Problem betrifft das Aufrufen der Seiten über die lan Verbindung des Computer Sowie W-lan Verbindungen von Handy und iPad. Ich habe schon Gdata über den Rechner laufen lassen, jedoch ohne erfolg. bitte um Rat
mfg Marco

schrauber · 19.07.2014, 19:53

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Illunias · 20.07.2014, 10:29

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-07-2014
Ran by Marco (administrator) on MARCO-PC on 20-07-2014 11:25:19
Running from C:\Users\Marco\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(G Data Software AG) C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
(Razer USA Ltd.) C:\Program Files (x86)\Razer\Lycosa\razerhid.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Razer\Lycosa\razertra.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart 
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [Razer Nostromo Driver] => C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe [978840 2011-07-19] (Razer USA Ltd)
HKLM-x32\...\Run: [Lycosa] => C:\Program Files (x86)\Razer\Lycosa\razerhid.exe [232960 2009-10-08] (Razer USA Ltd.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-07-15] (LogMeIn Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\program files (x86)\g data\totalprotection\avkkid\avkcks.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-2313652921-403149721-723519905-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1753280 2014-07-16] (Valve Corporation)
HKU\S-1-5-21-2313652921-403149721-723519905-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2313652921-403149721-723519905-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-06-26] (Electronic Arts)
HKU\S-1-5-21-2313652921-403149721-723519905-1000\...\MountPoints2: {3c160620-ba79-11e3-a8e0-806e6f6e6963} - D:\SETUP.EXE

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUL0w0E29hio0-6zxYmNun7t5oTXS7bmNKJISs1sgZyXJwye4pvPQTT0ScpzsLM1LPKfkA2Ci8mo_LLw-E-oQZGXAodm9GrJ1_SYWPqb4wS4rcQZUtbu4rfdH3EwaOyWg,&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {F62E9312-6CBF-44E3-A6BC-6CF3EAE93B0B} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUL0w0E29hio0-6zxYmNun7t5oTXS7bmNKJISs1sgZyXJwye4pvPQTT0ScpzsLM1LPKfkA2Ci8mo_LLw-E-oQZGXAodm9GrJ1_SYWPqb4wS4rcQZUtbu4rfdH3EwaOyWg,&q={searchTerms}
SearchScopes: HKCU - {F62E9312-6CBF-44E3-A6BC-6CF3EAE93B0B} URL = https://www.google.com/search?q={searchTerms}
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\xfeiajz4.default
FF NewTab: about:blank
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\xfeiajz4.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Pso2 Firefox Addon - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\xfeiajz4.default\Extensions\jid1-j3SSvbOi8ib38w@jetpack.xpi [2014-07-13]
FF Extension: Adblock Plus - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\xfeiajz4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-03]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-11]

==================== Services (Whitelisted) =================

R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-05-27] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlx64.exe [2683760 2014-05-20] (G Data Software AG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 GDBackupSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe [3832440 2014-05-28] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe [3203392 2014-05-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
S3 GDTunerSvc; C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe [1637496 2014-05-28] (G Data Software AG)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-14] (LogMeIn, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5268336 2014-03-25] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-08] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-09] ()
S3 TSNxGService; C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe [255608 2014-05-16] (G Data Software)

==================== Drivers (Whitelisted) ====================

R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-07-16] (G Data Software AG)
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2014-05-01] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2014-05-01] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2014-07-16] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-07-16] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-07-16] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [64000 2014-07-16] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-05-21] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-07-16] (G Data Software AG)
S3 hxsyol; C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [86352 2013-11-27] ()
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [20352 2009-09-30] (Razer USA Ltd.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 rzjoystk; C:\Windows\System32\DRIVERS\rzjoystk.sys [19968 2011-03-24] (Razer USA Ltd)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [157184 2011-07-14] (Razer USA Ltd)
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [98760 2014-07-16] (G Data Software)
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 11:22 - 2014-07-20 11:23 - 00022501 _____ () C:\Users\Marco\Desktop\Addition.txt
2014-07-20 11:21 - 2014-07-20 11:25 - 00014917 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-07-20 11:20 - 2014-07-20 11:25 - 00000000 ____D () C:\FRST
2014-07-20 11:18 - 2014-07-20 11:18 - 02089984 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe
2014-07-19 18:56 - 2014-07-19 18:56 - 00000000 ____D () C:\Users\Marco\AppData\Local\G DATA
2014-07-19 18:53 - 2014-07-19 18:53 - 00003092 _____ () C:\Windows\System32\Tasks\{F51FD48A-D698-49AD-AA0C-2B73BC05D25D}
2014-07-16 19:22 - 2014-07-16 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection
2014-07-16 19:18 - 2014-07-16 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-16 19:18 - 2014-07-16 19:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-14 22:21 - 2014-07-14 22:21 - 00332984 _____ () C:\Windows\Minidump\071414-18938-01.dmp
2014-07-13 15:52 - 2014-07-13 16:30 - 00000000 ____D () C:\Users\Marco\Desktop\tweaker
2014-07-13 15:39 - 2014-07-13 15:39 - 03045163 _____ () C:\Users\Marco\Downloads\PSO2es Tweaker.apk
2014-07-13 15:38 - 2014-07-13 15:38 - 00000000 ____D () C:\Windows\system32\TEMPPATCHAIDAFOOL
2014-07-13 15:28 - 2014-07-13 15:28 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-13 15:28 - 2014-07-13 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-13 15:27 - 2014-07-13 15:28 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-13 15:27 - 2014-07-13 15:27 - 02029048 _____ () C:\Users\Marco\Downloads\winrar-x64-510d.exe
2014-07-13 12:09 - 2014-07-13 12:09 - 00889416 _____ (Microsoft Corporation) C:\Users\Marco\Downloads\dotNetFx40_Full_setup.exe
2014-07-13 12:07 - 2014-07-13 15:38 - 07731839 _____ () C:\Windows\system32\ENPatch.rar
2014-07-13 12:07 - 2014-07-13 12:08 - 83978706 _____ () C:\Windows\system32\LargeFiles.rar
2014-07-13 11:59 - 2014-07-13 11:59 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\WinRAR
2014-07-13 09:43 - 2014-07-13 09:43 - 00130186 _____ () C:\Windows\system32\SOMEOFTHEPREPATCHES.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00128722 _____ () C:\Windows\system32\ALLOFTHEPREPATCHES.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00128720 _____ () C:\Windows\system32\patchlist0.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00000002 _____ () C:\Windows\system32\precede_apply.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00000000 _____ () C:\Windows\system32\patchlist3.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00000000 _____ () C:\Windows\system32\patchlist2.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00000000 _____ () C:\Windows\system32\patchlist1.txt
2014-07-13 09:42 - 2014-07-13 09:42 - 03115008 _____ (Arks-Layer) C:\Windows\system32\PSO2 Tweaker.exe
2014-07-13 09:42 - 2014-07-13 09:42 - 00587776 _____ (Igor Pavlov) C:\Windows\system32\7za.exe
2014-07-13 09:42 - 2014-07-13 09:42 - 00297984 _____ (Alexander Roshal) C:\Windows\system32\UnRAR.exe
2014-07-13 09:42 - 2014-07-13 09:42 - 00000013 _____ () C:\Windows\system32\precede.txt
2014-07-13 04:07 - 2014-07-13 04:07 - 00000000 ____D () C:\Users\Marco\Documents\SEGA
2014-07-13 04:07 - 2005-01-02 14:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2014-07-13 04:07 - 2003-07-18 23:17 - 00005174 _____ () C:\Windows\SysWOW64\nppt9x.vxd
2014-07-13 04:04 - 2014-07-13 04:04 - 00587776 _____ (Igor Pavlov) C:\Users\Marco\Downloads\7za.exe
2014-07-13 04:04 - 2014-07-13 04:04 - 00297984 _____ (Alexander Roshal) C:\Users\Marco\Downloads\UnRAR.exe
2014-07-12 11:16 - 2014-07-12 11:16 - 00292184 _____ (Microsoft Corporation) C:\Users\Marco\Downloads\dxwebsetup.exe
2014-07-12 11:16 - 2014-07-12 11:16 - 00000000 ____D () C:\PHANTASYSTARONLINE2
2014-07-12 00:48 - 2014-07-14 22:21 - 537038138 _____ () C:\Windows\MEMORY.DMP
2014-07-12 00:48 - 2014-07-14 22:21 - 00000000 ____D () C:\Windows\Minidump
2014-07-12 00:48 - 2014-07-12 00:48 - 00332952 _____ () C:\Windows\Minidump\071214-21902-01.dmp
2014-07-10 18:47 - 2014-07-10 18:47 - 07886712 _____ (Microsoft Corporation) C:\Users\Marco\Downloads\Xbox360_64Deu.exe
2014-07-10 18:47 - 2014-07-10 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-07-10 18:47 - 2014-07-10 18:47 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-07-10 18:10 - 2014-07-10 18:10 - 00000755 _____ () C:\Users\Public\Desktop\online.exe.lnk
2014-07-10 18:10 - 2014-07-10 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phantasy Star Online Blue Burst
2014-07-10 18:09 - 2014-07-19 18:52 - 00000000 ____D () C:\Phantasy Star Online Blue Burst
2014-07-10 17:53 - 2014-07-10 18:05 - 502971354 _____ () C:\Users\Marco\Downloads\UltimaPsOBB_3.0.exe
2014-07-09 14:36 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 14:36 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 14:36 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 14:36 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 14:36 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 14:36 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 14:36 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 14:36 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 14:36 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 14:36 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 14:36 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 14:36 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 14:36 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 14:36 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 14:36 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 14:36 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 14:36 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 14:36 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 14:36 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 14:36 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 14:36 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 14:36 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 14:36 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 14:36 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 14:36 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 14:36 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 14:36 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 14:36 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 14:36 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 14:36 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 14:36 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 14:36 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 14:36 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 14:36 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 14:36 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 14:36 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 14:36 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 14:36 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 14:36 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 14:36 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 14:36 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 14:36 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 14:36 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 14:36 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 14:36 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 14:36 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 14:36 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 14:36 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 14:36 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 14:36 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 14:36 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 14:36 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 14:36 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 14:36 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 14:36 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 14:36 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 14:36 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 14:36 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 14:36 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 14:36 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 14:36 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 14:36 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 14:36 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 14:36 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 14:36 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 14:36 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 14:36 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 14:36 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 14:36 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 14:36 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 14:36 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 14:36 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 14:36 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 14:36 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 14:36 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 14:36 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 14:36 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 14:36 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 14:36 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 14:36 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 14:36 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-08 23:49 - 2014-07-08 23:49 - 00262144 _____ () C:\Windows\SysWOW64\5-18
2014-07-08 12:41 - 2014-07-08 12:41 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-07-06 13:49 - 2014-07-06 13:49 - 04951552 _____ (www.BitComet.com) C:\Users\Marco\Downloads\PSO2_Full_Client_2.0221.4_T.exe
2014-07-06 13:49 - 2014-07-06 13:49 - 00000000 ____D () C:\Users\Marco\Downloads\save
2014-07-06 13:49 - 2014-07-06 13:49 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\BitCometLite
2014-06-25 17:03 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-06-21 17:32 - 2014-06-21 17:32 - 00000000 ____D () C:\Users\Marco\Desktop\yu-gi-oh elementarhelden

==================== One Month Modified Files and Folders =======

2014-07-20 11:25 - 2014-07-20 11:21 - 00014917 _____ () C:\Users\Marco\Desktop\FRST.txt
2014-07-20 11:25 - 2014-07-20 11:20 - 00000000 ____D () C:\FRST
2014-07-20 11:25 - 2014-04-03 13:24 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Skype
2014-07-20 11:24 - 2014-04-03 23:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 11:23 - 2014-07-20 11:22 - 00022501 _____ () C:\Users\Marco\Desktop\Addition.txt
2014-07-20 11:20 - 2014-04-02 17:15 - 01523431 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 11:18 - 2014-07-20 11:18 - 02089984 _____ (Farbar) C:\Users\Marco\Desktop\FRST64.exe
2014-07-20 11:16 - 2014-04-08 20:37 - 00000000 ____D () C:\ProgramData\Origin
2014-07-20 11:14 - 2014-05-24 22:51 - 00000000 ____D () C:\Users\Marco\AppData\Local\LogMeIn Hamachi
2014-07-20 11:14 - 2014-04-08 20:37 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-07-20 11:14 - 2014-04-02 22:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-20 11:14 - 2014-04-02 20:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-20 11:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 11:14 - 2009-07-14 06:51 - 00052502 _____ () C:\Windows\setupact.log
2014-07-19 20:40 - 2009-07-14 06:45 - 00020368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-19 20:40 - 2009-07-14 06:45 - 00020368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-19 18:56 - 2014-07-19 18:56 - 00000000 ____D () C:\Users\Marco\AppData\Local\G DATA
2014-07-19 18:53 - 2014-07-19 18:53 - 00003092 _____ () C:\Windows\System32\Tasks\{F51FD48A-D698-49AD-AA0C-2B73BC05D25D}
2014-07-19 18:52 - 2014-07-10 18:09 - 00000000 ____D () C:\Phantasy Star Online Blue Burst
2014-07-16 19:23 - 2010-11-21 05:47 - 00023480 _____ () C:\Windows\PFRO.log
2014-07-16 19:22 - 2014-07-16 19:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection
2014-07-16 19:22 - 2014-05-01 10:22 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2014-07-16 19:22 - 2014-05-01 10:22 - 00001971 _____ () C:\Users\Public\Desktop\G Data TotalProtection.lnk
2014-07-16 19:22 - 2014-04-02 17:34 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2014-07-16 19:22 - 2014-04-02 17:33 - 00098760 _____ (G Data Software) C:\Windows\system32\Drivers\TS4nt.sys
2014-07-16 19:22 - 2014-04-02 17:33 - 00064000 _____ (G Data Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2014-07-16 19:22 - 2014-04-02 17:33 - 00061440 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2014-07-16 19:21 - 2014-04-02 21:28 - 00017104 _____ () C:\Windows\DPINST.LOG
2014-07-16 19:21 - 2014-04-02 17:33 - 00142336 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2014-07-16 19:21 - 2014-04-02 17:33 - 00055808 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2014-07-16 19:18 - 2014-07-16 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-07-16 19:18 - 2014-07-16 19:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-07-14 22:21 - 2014-07-14 22:21 - 00332984 _____ () C:\Windows\Minidump\071414-18938-01.dmp
2014-07-14 22:21 - 2014-07-12 00:48 - 537038138 _____ () C:\Windows\MEMORY.DMP
2014-07-14 22:21 - 2014-07-12 00:48 - 00000000 ____D () C:\Windows\Minidump
2014-07-14 18:33 - 2014-04-19 09:53 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\TS3Client
2014-07-14 00:07 - 2014-04-02 22:59 - 00000000 ____D () C:\Users\Marco\AppData\Local\Battle.net
2014-07-13 16:41 - 2014-04-09 00:08 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-07-13 16:32 - 2014-04-02 22:59 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-07-13 16:30 - 2014-07-13 15:52 - 00000000 ____D () C:\Users\Marco\Desktop\tweaker
2014-07-13 15:39 - 2014-07-13 15:39 - 03045163 _____ () C:\Users\Marco\Downloads\PSO2es Tweaker.apk
2014-07-13 15:38 - 2014-07-13 15:38 - 00000000 ____D () C:\Windows\system32\TEMPPATCHAIDAFOOL
2014-07-13 15:38 - 2014-07-13 12:07 - 07731839 _____ () C:\Windows\system32\ENPatch.rar
2014-07-13 15:28 - 2014-07-13 15:28 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-13 15:28 - 2014-07-13 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-07-13 15:28 - 2014-07-13 15:27 - 00000000 ____D () C:\Program Files\WinRAR
2014-07-13 15:27 - 2014-07-13 15:27 - 02029048 _____ () C:\Users\Marco\Downloads\winrar-x64-510d.exe
2014-07-13 12:09 - 2014-07-13 12:09 - 00889416 _____ (Microsoft Corporation) C:\Users\Marco\Downloads\dotNetFx40_Full_setup.exe
2014-07-13 12:08 - 2014-07-13 12:07 - 83978706 _____ () C:\Windows\system32\LargeFiles.rar
2014-07-13 11:59 - 2014-07-13 11:59 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\WinRAR
2014-07-13 10:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-13 09:43 - 2014-07-13 09:43 - 00130186 _____ () C:\Windows\system32\SOMEOFTHEPREPATCHES.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00128722 _____ () C:\Windows\system32\ALLOFTHEPREPATCHES.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00128720 _____ () C:\Windows\system32\patchlist0.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00000002 _____ () C:\Windows\system32\precede_apply.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00000000 _____ () C:\Windows\system32\patchlist3.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00000000 _____ () C:\Windows\system32\patchlist2.txt
2014-07-13 09:43 - 2014-07-13 09:43 - 00000000 _____ () C:\Windows\system32\patchlist1.txt
2014-07-13 09:42 - 2014-07-13 09:42 - 03115008 _____ (Arks-Layer) C:\Windows\system32\PSO2 Tweaker.exe
2014-07-13 09:42 - 2014-07-13 09:42 - 00587776 _____ (Igor Pavlov) C:\Windows\system32\7za.exe
2014-07-13 09:42 - 2014-07-13 09:42 - 00297984 _____ (Alexander Roshal) C:\Windows\system32\UnRAR.exe
2014-07-13 09:42 - 2014-07-13 09:42 - 00000013 _____ () C:\Windows\system32\precede.txt
2014-07-13 04:07 - 2014-07-13 04:07 - 00000000 ____D () C:\Users\Marco\Documents\SEGA
2014-07-13 04:04 - 2014-07-13 04:04 - 00587776 _____ (Igor Pavlov) C:\Users\Marco\Downloads\7za.exe
2014-07-13 04:04 - 2014-07-13 04:04 - 00297984 _____ (Alexander Roshal) C:\Users\Marco\Downloads\UnRAR.exe
2014-07-12 11:16 - 2014-07-12 11:16 - 00292184 _____ (Microsoft Corporation) C:\Users\Marco\Downloads\dxwebsetup.exe
2014-07-12 11:16 - 2014-07-12 11:16 - 00000000 ____D () C:\PHANTASYSTARONLINE2
2014-07-12 11:16 - 2014-05-04 18:50 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-07-12 11:16 - 2014-05-04 18:50 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-07-12 11:15 - 2014-04-02 20:57 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-12 11:11 - 2013-09-20 19:44 - 00000000 __SHD () C:\#GDATA.Trash.Store#
2014-07-12 00:48 - 2014-07-12 00:48 - 00332952 _____ () C:\Windows\Minidump\071214-21902-01.dmp
2014-07-11 22:43 - 2014-04-09 00:08 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-07-10 18:47 - 2014-07-10 18:47 - 07886712 _____ (Microsoft Corporation) C:\Users\Marco\Downloads\Xbox360_64Deu.exe
2014-07-10 18:47 - 2014-07-10 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-07-10 18:47 - 2014-07-10 18:47 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-07-10 18:47 - 2014-04-02 23:02 - 00057094 _____ () C:\Windows\DirectX.log
2014-07-10 18:10 - 2014-07-10 18:10 - 00000755 _____ () C:\Users\Public\Desktop\online.exe.lnk
2014-07-10 18:10 - 2014-07-10 18:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phantasy Star Online Blue Burst
2014-07-10 18:05 - 2014-07-10 17:53 - 502971354 _____ () C:\Users\Marco\Downloads\UltimaPsOBB_3.0.exe
2014-07-10 17:45 - 2009-07-14 06:45 - 00277296 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 17:43 - 2014-04-23 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 17:43 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-10 17:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 17:43 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-09 16:48 - 2014-05-24 22:47 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\.minecraft
2014-07-09 12:24 - 2014-04-03 23:43 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 12:24 - 2014-04-03 23:43 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 12:24 - 2014-04-03 23:43 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-09 12:16 - 2014-04-03 13:28 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-07-08 23:49 - 2014-07-08 23:49 - 00262144 _____ () C:\Windows\SysWOW64\5-18
2014-07-08 12:41 - 2014-07-08 12:41 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-07-06 15:21 - 2014-04-09 20:15 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\Awesomium
2014-07-06 13:49 - 2014-07-06 13:49 - 04951552 _____ (www.BitComet.com) C:\Users\Marco\Downloads\PSO2_Full_Client_2.0221.4_T.exe
2014-07-06 13:49 - 2014-07-06 13:49 - 00000000 ____D () C:\Users\Marco\Downloads\save
2014-07-06 13:49 - 2014-07-06 13:49 - 00000000 ____D () C:\Users\Marco\AppData\Roaming\BitCometLite
2014-07-06 08:09 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-30 04:09 - 2014-07-09 14:36 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 14:36 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-21 17:32 - 2014-06-21 17:32 - 00000000 ____D () C:\Users\Marco\Desktop\yu-gi-oh elementarhelden
2014-06-20 22:14 - 2014-07-09 14:36 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 14:36 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 14:36

==================== End Of Log ============================

--- --- ---

und die addition datei

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-07-2014
Ran by Marco at 2014-07-20 11:26:01
Running from C:\Users\Marco\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: G Data TotalProtection (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AS: G Data TotalProtection (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Agarest: Generations of War (HKLM-x32\...\Steam App 237890) (Version:  - Idea Factory)
Archeblade (HKLM-x32\...\Steam App 207230) (Version:  - CodeBrush Games)
Aura Kingdom (HKLM-x32\...\Aura Kingdom) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dishonored (HKLM-x32\...\Steam App 205100) (Version:  - Arkane Studios)
DriverEasy 4.6.6 (HKLM\...\DriverEasy_is1) (Version: 4.6.6.0 - Easeware)
Elsword (HKLM-x32\...\Steam App 237310) (Version:  - KOG)
Fable III (HKLM-x32\...\Steam App 105400) (Version:  - Lionhead Studios)
FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version:  - Square Enix)
Flyff (HKLM-x32\...\{7E210E1C-52A1-40E3-817B-D504E9F64DFA}_is1) (Version: Flyff - Gala Networks Europe Limited)
G Data TotalProtection (HKLM-x32\...\{6715BEB5-01F1-41AC-B44B-0A78CD50C433}) (Version: 25.0.1.4 - G Data Software AG)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.222 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.222 - LogMeIn, Inc.) Hidden
Magic 2014  (HKLM-x32\...\Steam App 213850) (Version:  - Stainless Games)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Razer Lycosa (HKLM-x32\...\{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}) (Version: 1.00.0000 - Razer USA Ltd.)
Razer Nostromo (HKLM-x32\...\{0214578F-4888-43FB-9E34-C14FCFDEDDEB}) (Version: 2.02.08 - Razer USA Ltd.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version:  - Piranha Bytes)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
Ultima PsOBB 3.0 (HKLM-x32\...\Ultima PsOBB 3.0) (Version:  - )
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Restore Points  =========================

19-07-2014 12:12:04 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {B813B331-98D2-4603-8140-570D33B25EF4} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2014-02-25] (Easeware)
Task: {F0C97A9E-8ABB-451D-8B83-5AC2A2023C41} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe

==================== Loaded Modules (whitelisted) =============

2014-04-02 20:43 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-07-08 12:41 - 2014-07-08 12:41 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-05-20 03:38 - 2014-05-20 03:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-04-02 21:32 - 2009-10-09 15:32 - 00143360 _____ () C:\Program Files (x86)\Razer\Lycosa\razertra.exe
2014-05-21 21:59 - 2014-07-12 02:53 - 01116672 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-23 18:35 - 2014-07-12 02:53 - 00438784 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-21 21:59 - 2014-07-12 02:53 - 00399360 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2013-12-12 14:19 - 2014-07-12 02:53 - 00331264 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-02-10 18:34 - 2014-06-27 00:40 - 00764416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 21:59 - 2014-07-16 04:28 - 02139328 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-21 21:59 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-02-25 13:57 - 2014-07-16 04:28 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-01-10 15:33 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-04-08 20:38 - 2014-06-26 17:36 - 00962560 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-04-08 20:38 - 2014-06-26 17:36 - 00024064 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-04-08 20:38 - 2014-06-26 17:36 - 00025088 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-04-08 20:38 - 2014-06-26 17:36 - 00217088 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-04-08 20:38 - 2014-06-26 17:36 - 00261632 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-04-08 20:38 - 2014-06-26 17:36 - 00019968 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-04-08 20:38 - 2014-06-26 17:36 - 00302592 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-04-08 20:38 - 2014-06-26 17:36 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-06-11 20:21 - 2014-06-11 20:21 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/20/2014 11:15:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2014 08:37:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uninstal.exe, Version: 0.0.0.0, Zeitstempel: 0x41c29f19
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000337a2
ID des fehlerhaften Prozesses: 0x1fe8
Startzeit der fehlerhaften Anwendung: 0xUninstal.exe0
Pfad der fehlerhaften Anwendung: Uninstal.exe1
Pfad des fehlerhaften Moduls: Uninstal.exe2
Berichtskennung: Uninstal.exe3

Error: (07/19/2014 06:53:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uninstal.exe, Version: 0.0.0.0, Zeitstempel: 0x41c29f19
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0xa98
Startzeit der fehlerhaften Anwendung: 0xUninstal.exe0
Pfad der fehlerhaften Anwendung: Uninstal.exe1
Pfad des fehlerhaften Moduls: Uninstal.exe2
Berichtskennung: Uninstal.exe3

Error: (07/19/2014 06:52:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uninstal.exe, Version: 0.0.0.0, Zeitstempel: 0x41c29f19
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0003332f
ID des fehlerhaften Prozesses: 0x1810
Startzeit der fehlerhaften Anwendung: 0xUninstal.exe0
Pfad der fehlerhaften Anwendung: Uninstal.exe1
Pfad des fehlerhaften Moduls: Uninstal.exe2
Berichtskennung: Uninstal.exe3

Error: (07/19/2014 02:08:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 06:49:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:25:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:18:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 07:16:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 04:55:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/20/2014 11:14:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GDKBFlt

Error: (07/19/2014 02:07:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/19/2014 02:07:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (07/16/2014 07:19:05 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (07/15/2014 07:15:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Virtueller Datenträger" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/15/2014 07:15:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Virtueller Datenträger erreicht.

Error: (07/15/2014 07:15:53 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053vds{7D1933CB-86F6-4A98-8628-01BE94C9A575}

Error: (07/15/2014 07:14:53 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎07.‎2014 um 19:12:48 unerwartet heruntergefahren.

Error: (07/14/2014 10:21:28 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000001e (0x0000000000000000, 0x0000000000000000, 0x0000000000000000, 0x0000000000000000)C:\Windows\MEMORY.DMP071414-18938-01

Error: (07/14/2014 10:21:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎07.‎2014 um 22:19:04 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (07/20/2014 11:15:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/19/2014 08:37:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uninstal.exe0.0.0.041c29f19ntdll.dll6.1.7601.18247521ea8e7c0000005000337a21fe801cfa3807f1f8b9bC:\Phantasy Star Online Blue Burst\Uninstal.exeC:\Windows\SysWOW64\ntdll.dllbd9174d8-0f73-11e4-a277-f46d04509dec

Error: (07/19/2014 06:53:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uninstal.exe0.0.0.041c29f19ntdll.dll6.1.7601.18247521ea8e7c00000050003332fa9801cfa371faf62c48C:\Phantasy Star Online Blue Burst\Uninstal.exeC:\Windows\SysWOW64\ntdll.dll3b1c0d77-0f65-11e4-a277-f46d04509dec

Error: (07/19/2014 06:52:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uninstal.exe0.0.0.041c29f19ntdll.dll6.1.7601.18247521ea8e7c00000050003332f181001cfa371e4b632f1C:\Phantasy Star Online Blue Burst\Uninstal.exeC:\Windows\SysWOW64\ntdll.dll2341bf0d-0f65-11e4-a277-f46d04509dec

Error: (07/19/2014 02:08:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/17/2014 06:49:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:25:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/16/2014 07:18:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 07:16:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 04:55:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 34%
Total physical RAM: 8190.05 MB
Available physical RAM: 5343.34 MB
Total Pagefile: 16378.29 MB
Available Pagefile: 13388.15 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1160.42 GB) NTFS
Drive e: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 33435A76)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-198731366400) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 20.07.2014, 17:28

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Illunias · 20.07.2014, 18:43

Also Gdata meldet schon beim Runterladen einen Phishingversuch und combofix wird dadurch nicht vollständig heruntergeladen. Sicher das der Link korrekt ist?
mfg

schrauber · 21.07.2014, 10:43

Jo. GDATA is doof.

21.07.2014, 10:43	#6
schrauber /// the machine /// TB-Ausbilder	attention required/Cloudflare Problem Jo. GDATA is doof. __________________ --> attention required/Cloudflare Problem

attention required/Cloudflare Problem

Plagegeister aller Art und deren Bekämpfung: attention required/Cloudflare Problem