Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internet/Rechner Probleme (https://www.trojaner-board.de/140356-internet-rechner-probleme.html)

Luffe1231 24.08.2013 00:37
Internet/Rechner Probleme
 
Hallo,

erst mal: ich bin ein blutiger Anfänger in Sachen Trojaner und benutze meinen PC ausschließlich um PC-Spiele zu spielen.

Vorgestern (22.08) habe ich ein paar runden BF3 gespielt. Es gab keine Auffälligkeiten.

Gestern (23.08) bis jetzt sind mir einige komische Probleme aufgefallen:

- Origin lässt sich Teilweise nur noch im Offline Modus starten. Wenn es sich "mal" normal starten lässt, steht bei meiner Spielesammlung "Internet zu langsam", was wieder rum nicht sein kann, da ich schon paar mal hinter einander Speedchecks bei Computerbild gemacht habe und diese als "perfekt" eingestuft wurden.

- Minecraft lässt sich auch nur noch Offline starten.

- League of Legends hängt beim starten bei der Authentifizierung fest und es erscheint "Keine Antwort vom Server erhalten, versuche es erneut ...". Danach steht "Der Einlogserver hat nicht reagiert. Womöglich hast du ein Verbindungsproblem, das nicht mit den Server nvon League of Legends zusammenhängt. Unseren aktuellen Dienststatus findest du hier: [Link wird nicht angezeigt]" da.

- hingegen lassen sich Spiele via Steam ganz normal starten und Spielen.

- Teamspeak 3 und Skype funktionieren ebenfalls Problemlos

- Manche Internetseiten brauchen lange bis die Seite geladen ist

__________________________________________________________________

Was ich schon unternommen habe:

- Origin neu installiert (auf chip. Ging sehr langsam zur Downloadseite zu gelangen, was sehr ungewöhnlich ist...)
- Antivir update durchgeführt und schnellen System Scan durchgeführt
- Fritzbox vom Netz genommen und Netzteil nach 3 Minuten wieder eingesteckt
- Ccleaner gestartet und eine Reinigung vorgenommen

__________________________________________________________________

Wie oben schon geschrieben bin ich in Sachen Trojaner entfernen ein blutiger Anfänger und benötige deshalb Hilfe. Ich bin mir nicht einmal sicher ob es an einem Trojaner liegt oder nicht. Das Problem kam auch sehr plötzlich.

Ich würde mich sehr über Hilfe freuen.

Vielen Dank im Voraus.

Grüße

schrauber 24.08.2013 08:35
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Luffe1231 24.08.2013 11:02
Hi,

das mit der Anleitung hat nicht funktioniert so wie ich das haben wollte. Ich habe irgendwie vom Bootmenü aus meine Festplatte gestartet. (mein Windows wurde hochgefahren)

Danach hab ich direkt den Scan gemacht (Internet hab ich derweil aus gehabt).

Ich hoffe das beeinträchtigt die Logs nicht.

Hier die Logs:


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-08-2013 01
Ran by Lordofweed (administrator) on 24-08-2013 11:53:59
Running from E:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\ASGT.exe
(LogMeIn Inc.) F:\hamachi\hamachi-2.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Akamai Technologies, Inc.) C:\Users\Lordofweed\AppData\Local\Akamai\netsession_win.exe
(Electronic Arts) F:\origin\Origin.exe
(Akamai Technologies, Inc.) C:\Users\Lordofweed\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) F:\hamachi\hamachi-2-ui.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [AdobeBridge] -  [x]
HKCU\...\Run: [Google Update] - C:\Users\Lordofweed\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-04] (Google Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Lordofweed\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [EADM] - F:\origin\Origin.exe [3549528 2013-08-24] (Electronic Arts)
MountPoints2: {c3a243d4-cc74-11e2-bba1-10bf48baf168} - E:\Startme.exe
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - F:\hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)

==================== Internet (Whitelisted) ====================

BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\java\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Lordofweed\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Docs) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Logitech SetPoint) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0
CHR Extension: (AdBlock) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.4_0
CHR Extension: (Google Wallet Service) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.9_0
CHR Extension: (Battlefield Play4Free) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0
CHR Extension: (Gmail) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-09] ()
R2 Hamachi2Svc; F:\hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-22] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
S3 wolf; \??\F:\wolfteam\WolfTeam-DE\avital\wolf64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-24 11:32 - 2013-08-24 11:32 - 00003688 _____ C:\Windows\PFRO.log
2013-08-24 01:04 - 2013-08-24 01:04 - 00000531 _____ C:\Users\Public\Desktop\Origin.lnk
2013-08-24 01:04 - 2013-08-24 01:04 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Origin
2013-08-24 00:34 - 2013-08-24 11:53 - 00001469 _____ C:\Windows\setupact.log
2013-08-24 00:34 - 2013-08-24 00:34 - 00000000 _____ C:\Windows\setuperr.log
2013-08-23 21:55 - 2013-08-24 11:51 - 00040591 _____ C:\Windows\WindowsUpdate.log
2013-08-23 00:17 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-23 00:17 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-23 00:17 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-23 00:17 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-23 00:17 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-23 00:17 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-23 00:17 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-23 00:17 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-23 00:17 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-23 00:17 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-23 00:17 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-23 00:17 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-23 00:15 - 2013-08-23 00:16 - 00000000 ____D C:\Windows\system32\MRT
2013-08-22 23:32 - 2013-08-22 23:32 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Criterion Games
2013-08-22 23:31 - 2013-08-22 23:31 - 00000000 __RHD C:\Users\Lordofweed\AppData\Roaming\SecuROM
2013-08-22 23:28 - 2013-08-22 23:31 - 00000000 ____D C:\Users\Lordofweed\Documents\EA Games
2013-08-22 21:42 - 2013-08-22 21:42 - 00000671 _____ C:\Users\Public\Desktop\Dead Space 3.lnk
2013-08-22 19:44 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-22 19:44 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-22 19:44 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-22 19:44 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-22 19:44 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-22 19:44 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-22 19:44 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-22 19:44 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-22 19:44 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-22 19:44 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-22 19:44 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-22 19:44 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-22 19:44 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-22 19:44 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-22 19:44 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-22 19:44 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 18:08 - 2013-08-13 18:09 - 00000000 ____D C:\Users\Lordofweed\Desktop\Neuer Ordner
2013-08-12 17:43 - 2013-08-12 17:43 - 20612068 _____ C:\Users\Lordofweed\Downloads\world-HOFFENTLICH KEIN SCHNEE.rar
2013-08-12 17:31 - 2013-08-12 17:31 - 03395840 _____ (Piriform Ltd) C:\Users\Lordofweed\Downloads\ccsetup404_slim.exe
2013-08-12 17:23 - 2013-08-12 17:23 - 00001490 _____ C:\Users\Lordofweed\Downloads\server.log
2013-08-12 17:23 - 2013-08-12 17:23 - 00000514 _____ C:\Users\Lordofweed\Downloads\server.properties
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-players.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-ips.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 ____D C:\Users\Lordofweed\Downloads\world
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\white-list.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\ops.txt
2013-08-12 17:21 - 2013-08-12 17:21 - 06134331 _____ C:\Users\Lordofweed\Downloads\minecraft_server.1.6.2.jar
2013-08-12 17:19 - 2013-08-13 18:08 - 00000000 ____D C:\Users\Lordofweed\Desktop\minecraft server
2013-08-11 17:34 - 2013-08-23 23:45 - 00001045 _____ C:\Users\Lordofweed\Desktop\Minecraft (1) - Verknüpfung.lnk
2013-08-11 17:31 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2013-08-11 17:30 - 2013-08-24 11:53 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\LogMeIn Hamachi
2013-08-11 17:30 - 2013-08-11 17:31 - 00000534 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-08-11 17:29 - 2013-08-11 17:29 - 04292608 _____ C:\Users\Lordofweed\Downloads\hamachi_2.1.0.362.msi
2013-08-11 17:28 - 2013-08-11 17:28 - 00675988 _____ C:\Users\Lordofweed\Downloads\Minecraft (1).exe
2013-08-09 20:18 - 2013-08-24 01:07 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\.minecraft
2013-08-09 20:18 - 2013-08-09 20:18 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\ProgramData\Sun
2013-08-09 20:17 - 2013-08-09 20:17 - 00903080 _____ (Oracle Corporation) C:\Users\Lordofweed\Downloads\chromeinstall-7u25.exe
2013-08-07 12:35 - 2013-08-07 12:35 - 00000000 ____D C:\Users\Lordofweed\old
2013-07-31 17:58 - 2013-07-31 17:58 - 00502874 _____ C:\Users\Lordofweed\usb.ids
2013-07-31 17:54 - 2013-08-07 12:35 - 00000000 _____ C:\Users\Lordofweed\update.ini
2013-07-29 22:27 - 2013-07-29 22:31 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\TeamViewer
2013-07-29 21:27 - 2013-07-29 21:27 - 00000272 _____ C:\Users\Lordofweed\Documents\Snake.ini
2013-07-25 19:42 - 2013-07-26 23:58 - 00811880 _____ C:\Users\Lordofweed\acre.log
2013-07-25 19:39 - 2013-07-25 19:41 - 00001354 _____ C:\Users\Lordofweed\Desktop\arma3 - Verknüpfung.lnk
2013-07-25 19:30 - 2013-07-13 16:13 - 00000000 ____D C:\Users\Lordofweed\Desktop\Arma3_CLF_install
2013-07-25 19:29 - 2013-07-25 19:30 - 36672902 _____ C:\Users\Lordofweed\Downloads\Arma3_CLF_install.rar
2013-07-25 17:54 - 2013-07-26 22:32 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Arma 3
2013-07-25 17:54 - 2013-07-25 19:18 - 00000000 ____D C:\Users\Lordofweed\Documents\Arma 3

==================== One Month Modified Files and Folders =======

2013-08-24 11:53 - 2013-08-24 11:53 - 00000000 ____D C:\FRST
2013-08-24 11:53 - 2013-08-24 00:34 - 00001469 _____ C:\Windows\setupact.log
2013-08-24 11:53 - 2013-08-11 17:30 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\LogMeIn Hamachi
2013-08-24 11:52 - 2013-05-04 14:46 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-24 11:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-24 11:51 - 2013-08-23 21:55 - 00040591 _____ C:\Windows\WindowsUpdate.log
2013-08-24 11:51 - 2009-07-14 06:45 - 00014272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-24 11:51 - 2009-07-14 06:45 - 00014272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-24 11:36 - 2013-05-04 15:16 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000UA.job
2013-08-24 11:36 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-08-24 11:36 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-08-24 11:36 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-24 11:32 - 2013-08-24 11:32 - 00003688 _____ C:\Windows\PFRO.log
2013-08-24 11:32 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\TS3Client
2013-08-24 01:38 - 2013-05-06 17:03 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Skype
2013-08-24 01:30 - 2013-05-04 20:45 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\PMB Files
2013-08-24 01:30 - 2013-05-04 20:45 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-24 01:08 - 2013-07-24 17:03 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-08-24 01:08 - 2013-05-07 19:14 - 00000000 ____D C:\Fraps
2013-08-24 01:07 - 2013-08-09 20:18 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\.minecraft
2013-08-24 01:04 - 2013-08-24 01:04 - 00000531 _____ C:\Users\Public\Desktop\Origin.lnk
2013-08-24 01:04 - 2013-08-24 01:04 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Origin
2013-08-24 01:04 - 2013-05-04 16:30 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Origin
2013-08-24 01:04 - 2013-05-04 16:24 - 00000000 ____D C:\ProgramData\Origin
2013-08-24 00:34 - 2013-08-24 00:34 - 00000000 _____ C:\Windows\setuperr.log
2013-08-23 23:58 - 2013-05-04 16:05 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-23 23:45 - 2013-08-11 17:34 - 00001045 _____ C:\Users\Lordofweed\Desktop\Minecraft (1) - Verknüpfung.lnk
2013-08-23 23:45 - 2013-05-04 21:59 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-23 23:38 - 2013-05-05 22:15 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-23 23:38 - 2013-05-05 20:30 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-23 23:37 - 2013-05-05 20:30 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-23 21:55 - 2013-05-04 15:12 - 00000000 ____D C:\Windows\Panther
2013-08-23 21:54 - 2013-07-17 22:50 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Spotify
2013-08-23 00:16 - 2013-08-23 00:15 - 00000000 ____D C:\Windows\system32\MRT
2013-08-23 00:15 - 2013-05-08 13:28 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-22 23:32 - 2013-08-22 23:32 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Criterion Games
2013-08-22 23:31 - 2013-08-22 23:31 - 00000000 __RHD C:\Users\Lordofweed\AppData\Roaming\SecuROM
2013-08-22 23:31 - 2013-08-22 23:28 - 00000000 ____D C:\Users\Lordofweed\Documents\EA Games
2013-08-22 23:31 - 2013-05-04 16:24 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-22 21:42 - 2013-08-22 21:42 - 00000671 _____ C:\Users\Public\Desktop\Dead Space 3.lnk
2013-08-22 20:45 - 2013-05-04 15:17 - 00002398 _____ C:\Users\Lordofweed\Desktop\Google Chrome.lnk
2013-08-22 19:50 - 2013-07-17 22:50 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Spotify
2013-08-13 18:09 - 2013-08-13 18:08 - 00000000 ____D C:\Users\Lordofweed\Desktop\Neuer Ordner
2013-08-13 18:08 - 2013-08-12 17:19 - 00000000 ____D C:\Users\Lordofweed\Desktop\minecraft server
2013-08-13 15:29 - 2013-06-09 01:30 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\ArmA 2 OA
2013-08-12 17:43 - 2013-08-12 17:43 - 20612068 _____ C:\Users\Lordofweed\Downloads\world-HOFFENTLICH KEIN SCHNEE.rar
2013-08-12 17:31 - 2013-08-12 17:31 - 03395840 _____ (Piriform Ltd) C:\Users\Lordofweed\Downloads\ccsetup404_slim.exe
2013-08-12 17:31 - 2013-05-06 18:24 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Sony
2013-08-12 17:31 - 2013-05-04 21:59 - 00000000 ____D C:\Program Files\CCleaner
2013-08-12 17:23 - 2013-08-12 17:23 - 00001490 _____ C:\Users\Lordofweed\Downloads\server.log
2013-08-12 17:23 - 2013-08-12 17:23 - 00000514 _____ C:\Users\Lordofweed\Downloads\server.properties
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-players.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-ips.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 ____D C:\Users\Lordofweed\Downloads\world
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\white-list.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\ops.txt
2013-08-12 17:21 - 2013-08-12 17:21 - 06134331 _____ C:\Users\Lordofweed\Downloads\minecraft_server.1.6.2.jar
2013-08-11 18:17 - 2013-06-09 01:26 - 00000000 ____D C:\Users\Lordofweed\Documents\ArmA 2
2013-08-11 17:31 - 2013-08-11 17:30 - 00000534 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-08-11 17:29 - 2013-08-11 17:29 - 04292608 _____ C:\Users\Lordofweed\Downloads\hamachi_2.1.0.362.msi
2013-08-11 17:28 - 2013-08-11 17:28 - 00675988 _____ C:\Users\Lordofweed\Downloads\Minecraft (1).exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\ProgramData\Sun
2013-08-09 20:17 - 2013-08-09 20:17 - 00903080 _____ (Oracle Corporation) C:\Users\Lordofweed\Downloads\chromeinstall-7u25.exe
2013-08-07 12:35 - 2013-08-07 12:35 - 00000000 ____D C:\Users\Lordofweed\old
2013-08-07 12:35 - 2013-07-31 17:54 - 00000000 _____ C:\Users\Lordofweed\update.ini
2013-08-07 12:35 - 2013-05-04 14:23 - 00000000 ____D C:\Users\Lordofweed
2013-08-07 12:35 - 2013-04-04 10:38 - 13771752 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\ts3client_win64.exe
2013-07-31 17:58 - 2013-07-31 17:58 - 00502874 _____ C:\Users\Lordofweed\usb.ids
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\translations
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\styles
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\soundbackends
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\plugins
2013-07-31 17:58 - 2013-04-04 10:38 - 00499176 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\update.exe
2013-07-31 17:58 - 2013-04-04 10:38 - 00230376 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\package_inst.exe
2013-07-29 22:31 - 2013-07-29 22:27 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\TeamViewer
2013-07-29 21:27 - 2013-07-29 21:27 - 00000272 _____ C:\Users\Lordofweed\Documents\Snake.ini
2013-07-26 23:58 - 2013-07-25 19:42 - 00811880 _____ C:\Users\Lordofweed\acre.log
2013-07-26 22:32 - 2013-07-25 17:54 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Arma 3
2013-07-26 07:13 - 2013-08-23 00:17 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-23 00:17 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-23 00:17 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-23 00:17 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-23 00:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-23 00:17 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-23 00:17 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-23 00:17 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-23 00:17 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-23 00:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-23 00:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-23 00:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-25 19:41 - 2013-07-25 19:39 - 00001354 _____ C:\Users\Lordofweed\Desktop\arma3 - Verknüpfung.lnk
2013-07-25 19:30 - 2013-07-25 19:29 - 36672902 _____ C:\Users\Lordofweed\Downloads\Arma3_CLF_install.rar
2013-07-25 19:18 - 2013-07-25 17:54 - 00000000 ____D C:\Users\Lordofweed\Documents\Arma 3
2013-07-25 17:54 - 2013-05-04 21:14 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2013-07-25 11:25 - 2013-08-22 19:44 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-25 10:57 - 2013-08-22 19:44 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL

Files to move or delete:
====================
C:\Users\Lordofweed\createfileassoc.exe
C:\Users\Lordofweed\error_report.exe
C:\Users\Lordofweed\package_inst.exe
C:\Users\Lordofweed\ts3client_win64.exe
C:\Users\Lordofweed\Uninstall.exe
C:\Users\Lordofweed\update.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 20:22

==================== End Of Log ============================
--- --- ---

--- --- ---


und hier Addition.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-08-2013 01
Ran by Lordofweed at 2013-08-24 11:54:18
Running from E:\
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
Adobe AIR (x32 Version: 3.1.0.4880)
Adobe Reader 9 (x32 Version: 9.0.0)
Aeria Ignite (x32 Version: 1.13.3296)
Akamai NetSession Interface (HKCU)
Alan Wake (x32)
Alan Wake's American Nightmare (x32)
Arma 2 (x32)
Arma 2: Operation Arrowhead (x32)
Arma 2: Operation Arrowhead Beta (x32)
Arma 3 Alpha (x32)
Asmedia ASM104x USB 3.0 Host Controller Driver (x32 Version: 1.14.3.0)
ASUS GPU Tweak (x32 Version: 2.1.7.1)
Avira Free Antivirus (x32 Version: 13.0.0.3885)
Battlefield 3™ (x32 Version: 1.6.0.0)
Battlefield Play4Free (Lordofweed) (HKCU)
BattlEye for OA Uninstall (x32)
Burnout(TM) Paradise The Ultimate Box (x32 Version: 1.1.0.0)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Black Ops II - Zombies (x32)
Call of Duty: Black Ops II (x32)
Call of Duty: Modern Warfare 2 - Multiplayer (x32)
Counter-Strike: Global Offensive (x32)
Counter-Strike: Source (x32)
DayZ Commander (x32 Version: 0.92.79)
Dead Space™ 3 (x32 Version: 1.0.0.0)
Dota 2 (x32)
eaner (Version: 4.04)
eReg (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.4)
Fallout: New Vegas (x32)
Garry's Mod (x32)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (HKCU Version: 29.0.1547.57)
Hector: Ep 1 (x32)
Hector: Ep 2 (x32)
Hector: Ep 3 (x32)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Killing Floor (x32)
League of Legends (x32 Version: 1.3)
Logitech Gaming Software (Version: 8.45.88)
Logitech Gaming Software 8.45 (Version: 8.45.88)
Logitech SetPoint 6.52 (Version: 6.52.74)
LogMeIn Hamachi (x32 Version: 2.1.0.374)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
MSVCRT Redists (Version: 1.0)
NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22)
NVIDIA 3D Vision Treiber 314.22 (Version: 314.22)
NVIDIA Grafiktreiber 314.22 (Version: 314.22)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.115.743)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422)
NVIDIA Systemsteuerung 314.22 (Version: 314.22)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
Origin (x32 Version: 9.2.1.4399)
Pando Media Booster (x32 Version: 2.6.0.9)
PlanetSide 2 (HKCU Version: 1.0.3.183)
Poker Night at the Inventory (x32)
PunkBuster Services (x32 Version: 0.990)
Realtek Ethernet Controller Driver (x32 Version: 7.52.203.2012)
Sid Meier's Civilization V (x32)
Skype™ 6.3 (x32 Version: 6.3.105)
Sony Ericsson Update Engine (x32 Version: 2.13.6.201305161305)
Sony PC Companion 2.10.165 (x32 Version: 2.10.165)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Steam (x32 Version: 1.0.0.0)
Team Fortress 2 (x32)
TeamSpeak 3 Client (HKCU Version: 3.0.11.1)
TeamViewer 8 (x32 Version: 8.0.18051)
The Walking Dead (x32)
The War Z (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Vegas Pro 12.0 (64-bit) (Version: 12.0.563)
VLC media player 2.0.6 (Version: 2.0.6)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

31-07-2013 17:45:49 Geplanter Prüfpunkt
08-08-2013 14:45:53 Geplanter Prüfpunkt
09-08-2013 18:18:04 Installed Java 7 Update 25
11-08-2013 15:30:46 Installed LogMeIn Hamachi
22-08-2013 18:29:07 Geplanter Prüfpunkt
22-08-2013 18:45:25 DirectX wurde installiert
22-08-2013 19:26:45 DirectX wurde installiert
22-08-2013 19:42:11 DirectX wurde installiert
22-08-2013 21:31:25 Removed Medal of Honor (TM)
22-08-2013 22:15:44 Windows Update

==================== Hosts content: ==========================

2013-05-07 18:59 - 2013-05-07 18:59 - 00000904 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1E257E6C-9954-4B40-BC37-05B0AC5719E5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {338886CB-C4EC-4335-9D72-D875D54C2F8C} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {5AA8F3A8-34F9-433E-B4EC-BD65AA3C2F16} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {5C8B5F99-1A6F-493F-8C9A-7E87BA9DC9B8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000Core => C:\Users\Lordofweed\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: {8DFF96CF-6B10-470F-A77A-89B7B7E5C5B8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => c:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {AC74482E-F7AD-4BD5-A314-09A4FC53012F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000UA => C:\Users\Lordofweed\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-04] (Google Inc.)
Task: {BE41E996-6665-4858-B40D-D1A13231DDC1} - System32\Tasks\{241DDE3F-B5D3-440A-8C84-5529FE87C66C} => c:\users\lordofweed\appdata\local\google\chrome\application\chrome.exe [2013-08-16] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000Core.job => C:\Users\Lordofweed\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000UA.job => C:\Users\Lordofweed\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Hamachi Network Interface
Description: Hamachi Network Interface
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/24/2013 00:35:09 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: DUI70.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdf25
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000002978
ID des fehlerhaften Prozesses: 0x1210
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (08/24/2013 00:35:00 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel: 0x4ec4aa8e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c40f2
ID des fehlerhaften Prozesses: 0xbc8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/13/2013 03:31:54 PM) (Source: Application Hang) (User: )
Description: Programm ArmA2OA.exe, Version 1.62.105.785 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 33c

Startzeit: 01ce98292f7c18c1

Endzeit: 31

Anwendungspfad: F:\Games\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe

Berichts-ID:

Error: (08/13/2013 03:27:17 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: nvtray.exe, Version: 7.17.13.1422, Zeitstempel: 0x51428f51
Name des fehlerhaften Moduls: nvtray.exe, Version: 7.17.13.1422, Zeitstempel: 0x51428f51
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000154f89
ID des fehlerhaften Prozesses: 0x644
Startzeit der fehlerhaften Anwendung: 0xnvtray.exe0
Pfad der fehlerhaften Anwendung: nvtray.exe1
Pfad des fehlerhaften Moduls: nvtray.exe2
Berichtskennung: nvtray.exe3

Error: (08/04/2013 08:06:53 PM) (Source: Application Hang) (User: )
Description: Programm t6mp.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1288

Startzeit: 01ce913c2da23885

Endzeit: 293

Anwendungspfad: F:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exe

Berichts-ID:

Error: (08/04/2013 08:05:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: t6mp.exe, Version: 1.0.0.1, Zeitstempel: 0x51f04bfb
Name des fehlerhaften Moduls: t6mp.exe, Version: 1.0.0.1, Zeitstempel: 0x51f04bfb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008bfea
ID des fehlerhaften Prozesses: 0x1288
Startzeit der fehlerhaften Anwendung: 0xt6mp.exe0
Pfad der fehlerhaften Anwendung: t6mp.exe1
Pfad des fehlerhaften Moduls: t6mp.exe2
Berichtskennung: t6mp.exe3

Error: (08/04/2013 07:53:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: t6mp.exe, Version: 1.0.0.1, Zeitstempel: 0x51f04bfb
Name des fehlerhaften Moduls: t6mp.exe, Version: 1.0.0.1, Zeitstempel: 0x51f04bfb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0008bfea
ID des fehlerhaften Prozesses: 0xda8
Startzeit der fehlerhaften Anwendung: 0xt6mp.exe0
Pfad der fehlerhaften Anwendung: t6mp.exe1
Pfad des fehlerhaften Moduls: t6mp.exe2
Berichtskennung: t6mp.exe3

Error: (08/03/2013 11:03:08 PM) (Source: Application Hang) (User: )
Description: Programm t6mp.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 284

Startzeit: 01ce908365b587f1

Endzeit: 577

Anwendungspfad: F:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exe

Berichts-ID:

Error: (08/02/2013 06:12:24 PM) (Source: Application Hang) (User: )
Description: Programm t6mp.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c08

Startzeit: 01ce8f899f3f134d

Endzeit: 471

Anwendungspfad: F:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exe

Berichts-ID:

Error: (07/29/2013 09:29:43 PM) (Source: Application Hang) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b2c

Startzeit: 01ce8c8caae272b0

Endzeit: 12639

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID:


System errors:
=============
Error: (08/24/2013 11:53:38 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/24/2013 11:53:38 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/24/2013 11:53:31 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/24/2013 11:53:28 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/24/2013 11:53:28 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/24/2013 11:53:07 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/24/2013 11:53:06 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/24/2013 11:53:01 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/24/2013 11:52:58 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (08/24/2013 11:34:13 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.


Microsoft Office Sessions:
=========================
Error: (08/24/2013 00:35:09 AM) (Source: Application Error)(User: )
Description: explorer.exe6.1.7601.175674d672ee4DUI70.dll6.1.7600.163854a5bdf25c00000050000000000002978121001cea051033499a6C:\Windows\explorer.exeC:\Windows\system32\DUI70.dll43fbb32c-0c44-11e3-a6f9-10bf48baf168

Error: (08/24/2013 00:35:00 AM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.177254ec4aa8ec000037400000000000c40f2bc801cea050e9ec5bfaC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll3e8bab22-0c44-11e3-a6f9-10bf48baf168

Error: (08/13/2013 03:31:54 PM) (Source: Application Hang)(User: )
Description: ArmA2OA.exe1.62.105.78533c01ce98292f7c18c131F:\Games\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe

Error: (08/13/2013 03:27:17 PM) (Source: Application Error)(User: )
Description: nvtray.exe7.17.13.142251428f51nvtray.exe7.17.13.142251428f51400000150000000000154f8964401ce9803d45e2c4dC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exe122e07f2-041c-11e3-955a-10bf48baf168

Error: (08/04/2013 08:06:53 PM) (Source: Application Hang)(User: )
Description: t6mp.exe1.0.0.1128801ce913c2da23885293F:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exe

Error: (08/04/2013 08:05:49 PM) (Source: Application Error)(User: )
Description: t6mp.exe1.0.0.151f04bfbt6mp.exe1.0.0.151f04bfbc00000050008bfea128801ce913c2da23885F:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exeF:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exe7dd13aca-fd30-11e2-98f5-10bf48baf168

Error: (08/04/2013 07:53:29 PM) (Source: Application Error)(User: )
Description: t6mp.exe1.0.0.151f04bfbt6mp.exe1.0.0.151f04bfbc00000050008bfeada801ce91109675d6e3F:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exeF:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exec4c242d2-fd2e-11e2-98f5-10bf48baf168

Error: (08/03/2013 11:03:08 PM) (Source: Application Hang)(User: )
Description: t6mp.exe1.0.0.128401ce908365b587f1577F:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exe

Error: (08/02/2013 06:12:24 PM) (Source: Application Hang)(User: )
Description: t6mp.exe1.0.0.1c0801ce8f899f3f134d471F:\Games\steamapps\common\Call of Duty Black Ops II\t6mp.exe

Error: (07/29/2013 09:29:43 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.1.7601.17567b2c01ce8c8caae272b012639C:\Windows\Explorer.EXE


==================== Memory info ===========================

Percentage of memory in use: 10%
Total physical RAM: 16337.3 MB
Available physical RAM: 14543.74 MB
Total Pagefile: 32672.79 MB
Available Pagefile: 30737.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:146.88 GB) NTFS
Drive e: (Lexar) (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32
Drive f: (1Tb HDD) (Fixed) (Total:931.51 GB) (Free:704.42 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 186E502A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A73AD54A)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7 GB) - (Type=0C)

==================== End Of Log ============================
So, hoffe das ist so richtig.

Vielen Dank im Voraus.

Grüße

EDIT: Mittlerweile glaube ich, dass das Problem von der Fritzbox ausgehen könnte. Denn beim Rechner von meinem Vater funktioniert Origin auch nicht, ausserdem kommt er nicht mehr auf die Seite meinungsort.de, genau das selbe auch auf dem Tablet...

EDIT2: Battlefield 3 laggt unheimlich auf der PS3 und das auch erst seit dem Problem! (z.B. manche Jets & Helis bleiben einfach mal in der Luft stehen und rühren sich keinen millimeter von der Stelle)...

EDIT3: Ich habe eine Phishing Mail erhalten (gestern um 22 Uhr...) von einer Anwaltskanzlei die es nicht gib, da stand drin, dass ich etwas bestellt hätte im Wert von 150€ und die Zahlung nicht beglichen hätte. Ich soll den Anhang öffnen... (hab ich nicht getan)

schrauber 24.08.2013 12:46
Erstmal:

Router vom Strom trennen, 30 min warten, anschliessen, testen.

Luffe1231 24.08.2013 14:06
Hi,

habe es grade versucht, leider ohne Erfolg.

Grüße

schrauber 24.08.2013 18:05
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Luffe1231 25.08.2013 10:29
Hi,

ich dachte ich kann bei der Installation von Combofix aussuchen wo es hingespeichert wird... Das war nicht der Fall und deswegen habe ich 2 logs, einmal vom Downloadordner
aus und einmal vom Desktop aus.

Hier die Logs:

Downloadordner


Code:
ComboFix 13-08-25.01 - Lordofweed 25.08.2013  11:10:58.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.16337.14608 [GMT 2:00]
ausgeführt von:: c:\users\Lordofweed\Downloads\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lordofweed\createfileassoc.exe
c:\users\Lordofweed\package_inst.exe
c:\users\Lordofweed\ts3client_win64.exe
c:\users\Lordofweed\Uninstall.exe
c:\users\Lordofweed\update.exe
c:\windows\SysWow64\frapsvid.dll
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-07-25 bis 2013-08-25  ))))))))))))))))))))))))))))))
.
.
2013-08-25 09:12 . 2013-08-25 09:12        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2013-08-25 09:12 . 2013-08-25 09:12        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-08-24 09:53 . 2013-08-24 09:53        --------        d-----w-        C:\FRST
2013-08-23 23:04 . 2013-08-24 13:07        --------        d-----w-        c:\users\Lordofweed\AppData\Local\Origin
2013-08-23 20:06 . 2013-08-19 22:46        9515512        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{96FB252D-99A5-4DC6-B2E5-88EEACFEEEFE}\mpengine.dll
2013-08-22 22:15 . 2013-08-22 22:16        --------        d-----w-        c:\windows\system32\MRT
2013-08-22 21:32 . 2013-08-22 21:32        --------        d-----w-        c:\users\Lordofweed\AppData\Local\Criterion Games
2013-08-22 21:31 . 2013-08-22 21:31        --------        d--h--r-        c:\users\Lordofweed\AppData\Roaming\SecuROM
2013-08-11 15:31 . 2009-03-18 16:35        33856        ---ha-w-        c:\windows\system32\hamachi.sys
2013-08-11 15:30 . 2013-08-25 09:12        --------        d-----w-        c:\users\Lordofweed\AppData\Local\LogMeIn Hamachi
2013-08-09 18:18 . 2013-08-24 13:04        --------        d-----w-        c:\users\Lordofweed\AppData\Roaming\.minecraft
2013-08-09 18:18 . 2013-08-09 18:18        --------        d-----w-        c:\program files (x86)\Common Files\Java
2013-08-09 18:18 . 2013-08-09 18:18        867240        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll
2013-08-09 18:18 . 2013-08-09 18:18        789416        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2013-08-09 18:18 . 2013-08-09 18:18        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-07 10:35 . 2013-08-07 10:35        --------        d-----w-        c:\users\Lordofweed\old
2013-07-29 20:27 . 2013-07-29 20:31        --------        d-----w-        c:\users\Lordofweed\AppData\Roaming\TeamViewer
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-24 16:12 . 2013-05-05 20:15        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2013-08-24 16:12 . 2013-05-05 18:30        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2013-08-24 16:01 . 2013-05-05 18:30        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2013-08-22 22:15 . 2013-05-08 11:28        78161360        ----a-w-        c:\windows\system32\MRT.exe
2013-07-22 18:19 . 2013-05-05 18:30        76888        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2013-07-02 15:18 . 2013-07-02 15:18        97280        ----a-w-        c:\windows\system32\mshtmled.dll
2013-07-02 15:18 . 2013-07-02 15:18        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-07-02 15:18 . 2013-07-02 15:18        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-07-02 15:18 . 2013-07-02 15:18        81408        ----a-w-        c:\windows\system32\icardie.dll
2013-07-02 15:18 . 2013-07-02 15:18        77312        ----a-w-        c:\windows\system32\tdc.ocx
2013-07-02 15:18 . 2013-07-02 15:18        762368        ----a-w-        c:\windows\system32\ieapfltr.dll
2013-07-02 15:18 . 2013-07-02 15:18        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2013-07-02 15:18 . 2013-07-02 15:18        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2013-07-02 15:18 . 2013-07-02 15:18        62976        ----a-w-        c:\windows\system32\pngfilt.dll
2013-07-02 15:18 . 2013-07-02 15:18        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx
2013-07-02 15:18 . 2013-07-02 15:18        599552        ----a-w-        c:\windows\system32\vbscript.dll
2013-07-02 15:18 . 2013-07-02 15:18        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll
2013-07-02 15:18 . 2013-07-02 15:18        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll
2013-07-02 15:18 . 2013-07-02 15:18        51200        ----a-w-        c:\windows\system32\imgutil.dll
2013-07-02 15:18 . 2013-07-02 15:18        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2013-07-02 15:18 . 2013-07-02 15:18        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-07-02 15:18 . 2013-07-02 15:18        452096        ----a-w-        c:\windows\system32\dxtmsft.dll
2013-07-02 15:18 . 2013-07-02 15:18        441856        ----a-w-        c:\windows\system32\html.iec
2013-07-02 15:18 . 2013-07-02 15:18        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll
2013-07-02 15:18 . 2013-07-02 15:18        361984        ----a-w-        c:\windows\SysWow64\html.iec
2013-07-02 15:18 . 2013-07-02 15:18        281600        ----a-w-        c:\windows\system32\dxtrans.dll
2013-07-02 15:18 . 2013-07-02 15:18        27648        ----a-w-        c:\windows\system32\licmgr10.dll
2013-07-02 15:18 . 2013-07-02 15:18        270848        ----a-w-        c:\windows\system32\iedkcs32.dll
2013-07-02 15:18 . 2013-07-02 15:18        247296        ----a-w-        c:\windows\system32\webcheck.dll
2013-07-02 15:18 . 2013-07-02 15:18        235008        ----a-w-        c:\windows\system32\url.dll
2013-07-02 15:18 . 2013-07-02 15:18        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2013-07-02 15:18 . 2013-07-02 15:18        226304        ----a-w-        c:\windows\system32\elshyph.dll
2013-07-02 15:18 . 2013-07-02 15:18        216064        ----a-w-        c:\windows\system32\msls31.dll
2013-07-02 15:18 . 2013-07-02 15:18        197120        ----a-w-        c:\windows\system32\msrating.dll
2013-07-02 15:18 . 2013-07-02 15:18        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll
2013-07-02 15:18 . 2013-07-02 15:18        173568        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-07-02 15:18 . 2013-07-02 15:18        167424        ----a-w-        c:\windows\system32\iexpress.exe
2013-07-02 15:18 . 2013-07-02 15:18        158720        ----a-w-        c:\windows\SysWow64\msls31.dll
2013-07-02 15:18 . 2013-07-02 15:18        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-07-02 15:18 . 2013-07-02 15:18        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe
2013-07-02 15:18 . 2013-07-02 15:18        149504        ----a-w-        c:\windows\system32\occache.dll
2013-07-02 15:18 . 2013-07-02 15:18        144896        ----a-w-        c:\windows\system32\wextract.exe
2013-07-02 15:18 . 2013-07-02 15:18        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2013-07-02 15:18 . 2013-07-02 15:18        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat
2013-07-02 15:18 . 2013-07-02 15:18        138752        ----a-w-        c:\windows\SysWow64\wextract.exe
2013-07-02 15:18 . 2013-07-02 15:18        13824        ----a-w-        c:\windows\system32\mshta.exe
2013-07-02 15:18 . 2013-07-02 15:18        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2013-07-02 15:18 . 2013-07-02 15:18        136192        ----a-w-        c:\windows\system32\iepeers.dll
2013-07-02 15:18 . 2013-07-02 15:18        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-07-02 15:18 . 2013-07-02 15:18        12800        ----a-w-        c:\windows\SysWow64\mshta.exe
2013-07-02 15:18 . 2013-07-02 15:18        12800        ----a-w-        c:\windows\system32\msfeedssync.exe
2013-07-02 15:18 . 2013-07-02 15:18        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2013-07-02 15:18 . 2013-07-02 15:18        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 15:18 . 2013-07-02 15:18        102912        ----a-w-        c:\windows\system32\inseng.dll
2013-07-02 15:17 . 2013-07-02 15:17        9728        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        9728        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        648192        ----a-w-        c:\windows\system32\d3d10level9.dll
2013-07-02 15:17 . 2013-07-02 15:17        604160        ----a-w-        c:\windows\SysWow64\d3d10level9.dll
2013-07-02 15:17 . 2013-07-02 15:17        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        522752        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2013-07-02 15:17 . 2013-07-02 15:17        465920        ----a-w-        c:\windows\system32\WMPhoto.dll
2013-07-02 15:17 . 2013-07-02 15:17        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll
2013-07-02 15:17 . 2013-07-02 15:17        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        4096        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3928064        ----a-w-        c:\windows\system32\d2d1.dll
2013-07-02 15:17 . 2013-07-02 15:17        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-02 15:17 . 2013-07-02 15:17        363008        ----a-w-        c:\windows\system32\dxgi.dll
2013-07-02 15:17 . 2013-07-02 15:17        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3584        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3419136        ----a-w-        c:\windows\SysWow64\d2d1.dll
2013-07-02 15:17 . 2013-07-02 15:17        333312        ----a-w-        c:\windows\system32\d3d10_1core.dll
2013-07-02 15:17 . 2013-07-02 15:17        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        296960        ----a-w-        c:\windows\system32\d3d10core.dll
2013-07-02 15:17 . 2013-07-02 15:17        293376        ----a-w-        c:\windows\SysWow64\dxgi.dll
2013-07-02 15:17 . 2013-07-02 15:17        2776576        ----a-w-        c:\windows\system32\msmpeg2vdec.dll
2013-07-02 15:17 . 2013-07-02 15:17        2565120        ----a-w-        c:\windows\system32\d3d10warp.dll
2013-07-02 15:17 . 2013-07-02 15:17        2560        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        2560        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        249856        ----a-w-        c:\windows\SysWow64\d3d10_1core.dll
2013-07-02 15:17 . 2013-07-02 15:17        245248        ----a-w-        c:\windows\system32\WindowsCodecsExt.dll
2013-07-02 15:17 . 2013-07-02 15:17        2284544        ----a-w-        c:\windows\SysWow64\msmpeg2vdec.dll
2013-07-02 15:17 . 2013-07-02 15:17        221184        ----a-w-        c:\windows\system32\UIAnimation.dll
2013-07-02 15:17 . 2013-07-02 15:17        220160        ----a-w-        c:\windows\SysWow64\d3d10core.dll
2013-07-02 15:17 . 2013-07-02 15:17        207872        ----a-w-        c:\windows\SysWow64\WindowsCodecsExt.dll
2013-07-02 15:17 . 2013-07-02 15:17        1988096        ----a-w-        c:\windows\SysWow64\d3d10warp.dll
2013-07-02 15:17 . 2013-07-02 15:17        194560        ----a-w-        c:\windows\system32\d3d10_1.dll
2013-07-02 15:17 . 2013-07-02 15:17        1887232        ----a-w-        c:\windows\system32\d3d11.dll
2013-07-02 15:17 . 2013-07-02 15:17        187392        ----a-w-        c:\windows\SysWow64\UIAnimation.dll
2013-07-02 15:17 . 2013-07-02 15:17        1682432        ----a-w-        c:\windows\system32\XpsPrint.dll
2013-07-02 15:17 . 2013-07-02 15:17        161792        ----a-w-        c:\windows\SysWow64\d3d10_1.dll
2013-07-02 15:17 . 2013-07-02 15:17        1504768        ----a-w-        c:\windows\SysWow64\d3d11.dll
2013-07-02 15:17 . 2013-07-02 15:17        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll
2013-07-02 15:17 . 2013-07-02 15:17        1238528        ----a-w-        c:\windows\system32\d3d10.dll
2013-07-02 15:17 . 2013-07-02 15:17        1230336        ----a-w-        c:\windows\SysWow64\WindowsCodecs.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Lordofweed\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-02 345144]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"LogMeIn Hamachi Ui"="f:\hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 wolf;wolf;f:\wolfteam\WolfTeam-DE\avital\wolf64.sys;f:\wolfteam\WolfTeam-DE\avital\wolf64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;f:\hamachi\hamachi-2.exe;f:\hamachi\hamachi-2.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000Core.job
- c:\users\Lordofweed\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-04 13:16]
.
2013-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000UA.job
- c:\users\Lordofweed\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-04 13:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-02-28 7468784]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
AddRemove-TeamSpeak 3 Client - c:\users\Lordofweed\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2598136450-1614280718-3552877610-1000\Software\SecuROM\License information*]
"datasecu"=hex:40,d5,71,22,87,34,9e,6e,b4,44,30,d8,18,72,3f,e7,54,a3,12,ce,4b,
  55,33,1e,ab,a5,59,66,cc,b2,7e,04,71,8a,3b,7b,d0,57,07,b6,df,db,10,a4,75,94,\
"rkeysecu"=hex:eb,3c,e1,5c,1c,f6,06,29,37,58,09,ee,c7,50,67,3a
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-25  11:13:23
ComboFix-quarantined-files.txt  2013-08-25 09:13
.
Vor Suchlauf: 12 Verzeichnis(se), 157.686.247.424 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 157.820.235.776 Bytes frei
.
- - End Of File - - D4B72B6967C55FDB7253646BEEB4CA1C
A36C5E4F47E84449FF07ED3517B43A31

Desktop

Code:
ComboFix 13-08-25.01 - Lordofweed 25.08.2013  11:23:13.2.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.16337.14349 [GMT 2:00]
ausgeführt von:: c:\users\Lordofweed\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-07-25 bis 2013-08-25  ))))))))))))))))))))))))))))))
.
.
2013-08-25 09:24 . 2013-08-25 09:24        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2013-08-25 09:24 . 2013-08-25 09:24        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-08-24 09:53 . 2013-08-24 09:53        --------        d-----w-        C:\FRST
2013-08-23 23:04 . 2013-08-24 13:07        --------        d-----w-        c:\users\Lordofweed\AppData\Local\Origin
2013-08-23 20:06 . 2013-08-19 22:46        9515512        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{96FB252D-99A5-4DC6-B2E5-88EEACFEEEFE}\mpengine.dll
2013-08-22 22:15 . 2013-08-22 22:16        --------        d-----w-        c:\windows\system32\MRT
2013-08-22 21:32 . 2013-08-22 21:32        --------        d-----w-        c:\users\Lordofweed\AppData\Local\Criterion Games
2013-08-22 21:31 . 2013-08-22 21:31        --------        d--h--r-        c:\users\Lordofweed\AppData\Roaming\SecuROM
2013-08-11 15:31 . 2009-03-18 16:35        33856        ---ha-w-        c:\windows\system32\hamachi.sys
2013-08-11 15:30 . 2013-08-25 09:24        --------        d-----w-        c:\users\Lordofweed\AppData\Local\LogMeIn Hamachi
2013-08-09 18:18 . 2013-08-24 13:04        --------        d-----w-        c:\users\Lordofweed\AppData\Roaming\.minecraft
2013-08-09 18:18 . 2013-08-09 18:18        --------        d-----w-        c:\program files (x86)\Common Files\Java
2013-08-09 18:18 . 2013-08-09 18:18        867240        ----a-w-        c:\windows\SysWow64\npDeployJava1.dll
2013-08-09 18:18 . 2013-08-09 18:18        789416        ----a-w-        c:\windows\SysWow64\deployJava1.dll
2013-08-09 18:18 . 2013-08-09 18:18        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-08-07 10:35 . 2013-08-07 10:35        --------        d-----w-        c:\users\Lordofweed\old
2013-07-29 20:27 . 2013-07-29 20:31        --------        d-----w-        c:\users\Lordofweed\AppData\Roaming\TeamViewer
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-24 16:12 . 2013-05-05 20:15        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2013-08-24 16:12 . 2013-05-05 18:30        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2013-08-24 16:01 . 2013-05-05 18:30        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2013-08-22 22:15 . 2013-05-08 11:28        78161360        ----a-w-        c:\windows\system32\MRT.exe
2013-07-22 18:19 . 2013-05-05 18:30        76888        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2013-07-02 15:18 . 2013-07-02 15:18        97280        ----a-w-        c:\windows\system32\mshtmled.dll
2013-07-02 15:18 . 2013-07-02 15:18        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-07-02 15:18 . 2013-07-02 15:18        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-07-02 15:18 . 2013-07-02 15:18        81408        ----a-w-        c:\windows\system32\icardie.dll
2013-07-02 15:18 . 2013-07-02 15:18        77312        ----a-w-        c:\windows\system32\tdc.ocx
2013-07-02 15:18 . 2013-07-02 15:18        762368        ----a-w-        c:\windows\system32\ieapfltr.dll
2013-07-02 15:18 . 2013-07-02 15:18        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2013-07-02 15:18 . 2013-07-02 15:18        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2013-07-02 15:18 . 2013-07-02 15:18        62976        ----a-w-        c:\windows\system32\pngfilt.dll
2013-07-02 15:18 . 2013-07-02 15:18        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx
2013-07-02 15:18 . 2013-07-02 15:18        599552        ----a-w-        c:\windows\system32\vbscript.dll
2013-07-02 15:18 . 2013-07-02 15:18        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll
2013-07-02 15:18 . 2013-07-02 15:18        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll
2013-07-02 15:18 . 2013-07-02 15:18        51200        ----a-w-        c:\windows\system32\imgutil.dll
2013-07-02 15:18 . 2013-07-02 15:18        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2013-07-02 15:18 . 2013-07-02 15:18        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-07-02 15:18 . 2013-07-02 15:18        452096        ----a-w-        c:\windows\system32\dxtmsft.dll
2013-07-02 15:18 . 2013-07-02 15:18        441856        ----a-w-        c:\windows\system32\html.iec
2013-07-02 15:18 . 2013-07-02 15:18        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll
2013-07-02 15:18 . 2013-07-02 15:18        361984        ----a-w-        c:\windows\SysWow64\html.iec
2013-07-02 15:18 . 2013-07-02 15:18        281600        ----a-w-        c:\windows\system32\dxtrans.dll
2013-07-02 15:18 . 2013-07-02 15:18        27648        ----a-w-        c:\windows\system32\licmgr10.dll
2013-07-02 15:18 . 2013-07-02 15:18        270848        ----a-w-        c:\windows\system32\iedkcs32.dll
2013-07-02 15:18 . 2013-07-02 15:18        247296        ----a-w-        c:\windows\system32\webcheck.dll
2013-07-02 15:18 . 2013-07-02 15:18        235008        ----a-w-        c:\windows\system32\url.dll
2013-07-02 15:18 . 2013-07-02 15:18        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2013-07-02 15:18 . 2013-07-02 15:18        226304        ----a-w-        c:\windows\system32\elshyph.dll
2013-07-02 15:18 . 2013-07-02 15:18        216064        ----a-w-        c:\windows\system32\msls31.dll
2013-07-02 15:18 . 2013-07-02 15:18        197120        ----a-w-        c:\windows\system32\msrating.dll
2013-07-02 15:18 . 2013-07-02 15:18        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll
2013-07-02 15:18 . 2013-07-02 15:18        173568        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-07-02 15:18 . 2013-07-02 15:18        167424        ----a-w-        c:\windows\system32\iexpress.exe
2013-07-02 15:18 . 2013-07-02 15:18        158720        ----a-w-        c:\windows\SysWow64\msls31.dll
2013-07-02 15:18 . 2013-07-02 15:18        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-07-02 15:18 . 2013-07-02 15:18        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe
2013-07-02 15:18 . 2013-07-02 15:18        149504        ----a-w-        c:\windows\system32\occache.dll
2013-07-02 15:18 . 2013-07-02 15:18        144896        ----a-w-        c:\windows\system32\wextract.exe
2013-07-02 15:18 . 2013-07-02 15:18        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2013-07-02 15:18 . 2013-07-02 15:18        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat
2013-07-02 15:18 . 2013-07-02 15:18        138752        ----a-w-        c:\windows\SysWow64\wextract.exe
2013-07-02 15:18 . 2013-07-02 15:18        13824        ----a-w-        c:\windows\system32\mshta.exe
2013-07-02 15:18 . 2013-07-02 15:18        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2013-07-02 15:18 . 2013-07-02 15:18        136192        ----a-w-        c:\windows\system32\iepeers.dll
2013-07-02 15:18 . 2013-07-02 15:18        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-07-02 15:18 . 2013-07-02 15:18        12800        ----a-w-        c:\windows\SysWow64\mshta.exe
2013-07-02 15:18 . 2013-07-02 15:18        12800        ----a-w-        c:\windows\system32\msfeedssync.exe
2013-07-02 15:18 . 2013-07-02 15:18        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2013-07-02 15:18 . 2013-07-02 15:18        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-07-02 15:18 . 2013-07-02 15:18        102912        ----a-w-        c:\windows\system32\inseng.dll
2013-07-02 15:17 . 2013-07-02 15:17        9728        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        9728        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        648192        ----a-w-        c:\windows\system32\d3d10level9.dll
2013-07-02 15:17 . 2013-07-02 15:17        604160        ----a-w-        c:\windows\SysWow64\d3d10level9.dll
2013-07-02 15:17 . 2013-07-02 15:17        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        522752        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2013-07-02 15:17 . 2013-07-02 15:17        465920        ----a-w-        c:\windows\system32\WMPhoto.dll
2013-07-02 15:17 . 2013-07-02 15:17        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll
2013-07-02 15:17 . 2013-07-02 15:17        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        4096        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3928064        ----a-w-        c:\windows\system32\d2d1.dll
2013-07-02 15:17 . 2013-07-02 15:17        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2013-07-02 15:17 . 2013-07-02 15:17        363008        ----a-w-        c:\windows\system32\dxgi.dll
2013-07-02 15:17 . 2013-07-02 15:17        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3584        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3419136        ----a-w-        c:\windows\SysWow64\d2d1.dll
2013-07-02 15:17 . 2013-07-02 15:17        333312        ----a-w-        c:\windows\system32\d3d10_1core.dll
2013-07-02 15:17 . 2013-07-02 15:17        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        296960        ----a-w-        c:\windows\system32\d3d10core.dll
2013-07-02 15:17 . 2013-07-02 15:17        293376        ----a-w-        c:\windows\SysWow64\dxgi.dll
2013-07-02 15:17 . 2013-07-02 15:17        2776576        ----a-w-        c:\windows\system32\msmpeg2vdec.dll
2013-07-02 15:17 . 2013-07-02 15:17        2565120        ----a-w-        c:\windows\system32\d3d10warp.dll
2013-07-02 15:17 . 2013-07-02 15:17        2560        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        2560        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-02 15:17 . 2013-07-02 15:17        249856        ----a-w-        c:\windows\SysWow64\d3d10_1core.dll
2013-07-02 15:17 . 2013-07-02 15:17        245248        ----a-w-        c:\windows\system32\WindowsCodecsExt.dll
2013-07-02 15:17 . 2013-07-02 15:17        2284544        ----a-w-        c:\windows\SysWow64\msmpeg2vdec.dll
2013-07-02 15:17 . 2013-07-02 15:17        221184        ----a-w-        c:\windows\system32\UIAnimation.dll
2013-07-02 15:17 . 2013-07-02 15:17        220160        ----a-w-        c:\windows\SysWow64\d3d10core.dll
2013-07-02 15:17 . 2013-07-02 15:17        207872        ----a-w-        c:\windows\SysWow64\WindowsCodecsExt.dll
2013-07-02 15:17 . 2013-07-02 15:17        1988096        ----a-w-        c:\windows\SysWow64\d3d10warp.dll
2013-07-02 15:17 . 2013-07-02 15:17        194560        ----a-w-        c:\windows\system32\d3d10_1.dll
2013-07-02 15:17 . 2013-07-02 15:17        1887232        ----a-w-        c:\windows\system32\d3d11.dll
2013-07-02 15:17 . 2013-07-02 15:17        187392        ----a-w-        c:\windows\SysWow64\UIAnimation.dll
2013-07-02 15:17 . 2013-07-02 15:17        1682432        ----a-w-        c:\windows\system32\XpsPrint.dll
2013-07-02 15:17 . 2013-07-02 15:17        161792        ----a-w-        c:\windows\SysWow64\d3d10_1.dll
2013-07-02 15:17 . 2013-07-02 15:17        1504768        ----a-w-        c:\windows\SysWow64\d3d11.dll
2013-07-02 15:17 . 2013-07-02 15:17        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll
2013-07-02 15:17 . 2013-07-02 15:17        1238528        ----a-w-        c:\windows\system32\d3d10.dll
2013-07-02 15:17 . 2013-07-02 15:17        1230336        ----a-w-        c:\windows\SysWow64\WindowsCodecs.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\Lordofweed\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-07-02 345144]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"LogMeIn Hamachi Ui"="f:\hamachi\hamachi-2-ui.exe" [2013-06-28 2255184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
R2 ASGT;ASGT;c:\windows\SysWOW64\ASGT.exe;c:\windows\SysWOW64\ASGT.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 wolf;wolf;f:\wolfteam\WolfTeam-DE\avital\wolf64.sys;f:\wolfteam\WolfTeam-DE\avital\wolf64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;f:\hamachi\hamachi-2.exe;f:\hamachi\hamachi-2.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S4 IOMap;IOMap;c:\windows\system32\drivers\IOMap64.sys;c:\windows\SYSNATIVE\drivers\IOMap64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-16 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000Core.job
- c:\users\Lordofweed\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-04 13:16]
.
2013-08-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000UA.job
- c:\users\Lordofweed\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-04 13:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-02-21 2991856]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2013-02-28 7468784]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2598136450-1614280718-3552877610-1000\Software\SecuROM\License information*]
"datasecu"=hex:40,d5,71,22,87,34,9e,6e,b4,44,30,d8,18,72,3f,e7,54,a3,12,ce,4b,
  55,33,1e,ab,a5,59,66,cc,b2,7e,04,71,8a,3b,7b,d0,57,07,b6,df,db,10,a4,75,94,\
"rkeysecu"=hex:eb,3c,e1,5c,1c,f6,06,29,37,58,09,ee,c7,50,67,3a
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-08-25  11:25:29
ComboFix-quarantined-files.txt  2013-08-25 09:25
ComboFix2.txt  2013-08-25 09:13
.
Vor Suchlauf: 14 Verzeichnis(se), 157.866.831.872 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 157.812.293.632 Bytes frei
.
- - End Of File - - 5E70C2220D2B0DF321446B687954AA91
A36C5E4F47E84449FF07ED3517B43A31
So, hoffe, dass mein Fehler nicht schlimm ist. Vielen Dank für deine Mühe!

Grüße

EDIT: Meine Spiele funktionieren alle wieder und die Verbindungen zu den Internetseiten sind wieder Stabil! Vielen Dank für deine Hilfe!
Combofix hat anscheinend das Problem beseitigt. Aber... [" c:\users\Lordofweed\ts3client_win64.exe "] Teamspeak 3 ???

Ich werde zur Sicherheit wieder im Thread vorbeigucken falls wir noch etwas machen müssen.

Grüße

schrauber 25.08.2013 13:36
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Luffe1231 25.08.2013 17:39
Hi,

hier die Logs:


Malwarebytes:

Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.08.25.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16660
Lordofweed :: LORDOFWEED-PC [Administrator]

Schutz: Aktiviert

25.08.2013 16:54:41
mbam-log-2013-08-25 (16-54-41).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 413741
Laufzeit: 17 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\Lordofweed\Downloads\Adobe+After+Effects+Keygen.zip (PUP.RiskwareTool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Lordofweed\Downloads\VEGAS PRO 12 PATCH MoorkyLP.rar (PUP.RiskwareTool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Lordofweed\update.exe (Trojan.Dropper) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

adwcleaner:

Code:
# AdwCleaner v3.001 - Report created 25/08/2013 at 17:56:51
# Updated 24/08/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Lordofweed - LORDOFWEED-PC
# Running from : C:\Users\Lordofweed\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\Lordofweed\Uninstall.exe

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Google Chrome v

[ File : C:\Users\Lordofweed\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [940 octets] - [25/08/2013 17:53:47]
AdwCleaner[S0].txt - [868 octets] - [25/08/2013 17:56:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [927 octets] ##########

JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.4 (08.22.2013:1)
OS: Windows 7 Home Premium x64
Ran by Lordofweed on 25.08.2013 at 18:01:53,07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.08.2013 at 18:04:09,33
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2013 02
Ran by Lordofweed (administrator) on 25-08-2013 18:33:55
Running from C:\Users\Lordofweed\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\ASGT.exe
(LogMeIn Inc.) F:\hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Akamai Technologies, Inc.) C:\Users\Lordofweed\AppData\Local\Akamai\netsession_win.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe
(Akamai Technologies, Inc.) C:\Users\Lordofweed\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) F:\hamachi\hamachi-2-ui.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Lordofweed\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - F:\hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\java\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Lordofweed\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Drive) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Logitech SetPoint) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Battlefield Play4Free) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0
CHR Extension: (Gmail) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-09] ()
R2 Hamachi2Svc; F:\hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-22] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 wolf; \??\F:\wolfteam\WolfTeam-DE\avital\wolf64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-25 18:04 - 2013-08-25 18:04 - 00000700 _____ C:\Users\Lordofweed\Desktop\JRTscan.txt
2013-08-25 18:04 - 2013-08-25 18:04 - 00000700 _____ C:\Users\Lordofweed\Desktop\JRT.txt
2013-08-25 18:01 - 2013-08-25 18:01 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 18:00 - 2013-08-25 18:00 - 01021434 _____ (Thisisu) C:\Users\Lordofweed\Downloads\JRT.exe
2013-08-25 18:00 - 2013-08-25 18:00 - 01021434 _____ (Thisisu) C:\Users\Lordofweed\Desktop\JRT.exe
2013-08-25 17:58 - 2013-08-25 17:58 - 00001006 _____ C:\Users\Lordofweed\Desktop\AdwCleaner[S0].txt
2013-08-25 17:53 - 2013-08-25 17:56 - 00000000 ____D C:\AdwCleaner
2013-08-25 17:53 - 2013-08-25 17:52 - 00994642 _____ C:\Users\Lordofweed\Desktop\adwcleaner.exe
2013-08-25 17:52 - 2013-08-25 17:52 - 00994642 _____ C:\Users\Lordofweed\Downloads\adwcleaner.exe
2013-08-25 16:52 - 2013-08-25 16:52 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Malwarebytes
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-25 16:52 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-25 16:51 - 2013-08-25 16:52 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lordofweed\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-25 14:40 - 2013-08-25 14:40 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\EA Games
2013-08-25 11:32 - 2013-08-25 11:32 - 36175128 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\Downloads\TeamSpeak3-Client-win64-3.0.11.1.exe
2013-08-25 11:32 - 2013-08-25 11:32 - 00000802 _____ C:\Users\Lordofweed\Desktop\TeamSpeak 3 Client.lnk
2013-08-25 11:25 - 2013-08-25 11:25 - 00017422 _____ C:\ComboFix.txt
2013-08-25 11:19 - 2013-08-25 11:19 - 00018141 _____ C:\Users\Lordofweed\Desktop\txt.txt
2013-08-25 11:15 - 2013-08-25 11:15 - 05113393 ____R (Swearware) C:\Users\Lordofweed\Desktop\ComboFix.exe
2013-08-25 11:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-25 11:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-25 11:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-25 11:09 - 2013-08-25 11:25 - 00000000 ____D C:\Qoobox
2013-08-25 11:09 - 2013-08-25 11:12 - 00000000 ____D C:\Windows\erdnt
2013-08-24 18:21 - 2013-08-24 18:21 - 00029054 _____ C:\Users\Lordofweed\Desktop\DxDiag.txt
2013-08-24 11:53 - 2013-08-24 11:53 - 00000000 ____D C:\FRST
2013-08-24 11:32 - 2013-08-25 17:49 - 00005510 _____ C:\Windows\PFRO.log
2013-08-24 01:04 - 2013-08-24 15:07 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Origin
2013-08-24 01:04 - 2013-08-24 01:04 - 00000531 _____ C:\Users\Public\Desktop\Origin.lnk
2013-08-24 00:34 - 2013-08-25 18:32 - 00004381 _____ C:\Windows\setupact.log
2013-08-24 00:34 - 2013-08-24 00:34 - 00000000 _____ C:\Windows\setuperr.log
2013-08-23 21:55 - 2013-08-25 18:11 - 00138436 _____ C:\Windows\WindowsUpdate.log
2013-08-23 00:17 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-23 00:17 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-23 00:17 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-23 00:17 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-23 00:17 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-23 00:17 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-23 00:17 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-23 00:17 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-23 00:17 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-23 00:17 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-23 00:17 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-23 00:17 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-23 00:15 - 2013-08-23 00:16 - 00000000 ____D C:\Windows\system32\MRT
2013-08-22 23:32 - 2013-08-22 23:32 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Criterion Games
2013-08-22 23:31 - 2013-08-22 23:31 - 00000000 __RHD C:\Users\Lordofweed\AppData\Roaming\SecuROM
2013-08-22 23:28 - 2013-08-25 14:40 - 00000000 ____D C:\Users\Lordofweed\Documents\EA Games
2013-08-22 21:42 - 2013-08-22 21:42 - 00000671 _____ C:\Users\Public\Desktop\Dead Space 3.lnk
2013-08-22 19:44 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-22 19:44 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-22 19:44 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-22 19:44 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-22 19:44 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-22 19:44 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-22 19:44 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-22 19:44 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-22 19:44 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-22 19:44 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-22 19:44 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-22 19:44 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-22 19:44 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-22 19:44 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-22 19:44 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-22 19:44 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 18:08 - 2013-08-13 18:09 - 00000000 ____D C:\Users\Lordofweed\Desktop\Neuer Ordner
2013-08-12 17:43 - 2013-08-12 17:43 - 20612068 _____ C:\Users\Lordofweed\Downloads\world-HOFFENTLICH KEIN SCHNEE.rar
2013-08-12 17:31 - 2013-08-12 17:31 - 03395840 _____ (Piriform Ltd) C:\Users\Lordofweed\Downloads\ccsetup404_slim.exe
2013-08-12 17:23 - 2013-08-12 17:23 - 00001490 _____ C:\Users\Lordofweed\Downloads\server.log
2013-08-12 17:23 - 2013-08-12 17:23 - 00000514 _____ C:\Users\Lordofweed\Downloads\server.properties
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-players.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-ips.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 ____D C:\Users\Lordofweed\Downloads\world
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\white-list.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\ops.txt
2013-08-12 17:21 - 2013-08-12 17:21 - 06134331 _____ C:\Users\Lordofweed\Downloads\minecraft_server.1.6.2.jar
2013-08-12 17:19 - 2013-08-13 18:08 - 00000000 ____D C:\Users\Lordofweed\Desktop\minecraft server
2013-08-11 17:34 - 2013-08-23 23:45 - 00001045 _____ C:\Users\Lordofweed\Desktop\Minecraft (1) - Verknüpfung.lnk
2013-08-11 17:31 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2013-08-11 17:30 - 2013-08-25 18:32 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\LogMeIn Hamachi
2013-08-11 17:30 - 2013-08-11 17:31 - 00000534 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-08-11 17:29 - 2013-08-11 17:29 - 04292608 _____ C:\Users\Lordofweed\Downloads\hamachi_2.1.0.362.msi
2013-08-11 17:28 - 2013-08-11 17:28 - 00675988 _____ C:\Users\Lordofweed\Downloads\Minecraft (1).exe
2013-08-09 20:18 - 2013-08-25 11:37 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\.minecraft
2013-08-09 20:18 - 2013-08-09 20:18 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\ProgramData\Sun
2013-08-09 20:17 - 2013-08-09 20:17 - 00903080 _____ (Oracle Corporation) C:\Users\Lordofweed\Downloads\chromeinstall-7u25.exe
2013-08-07 12:35 - 2013-08-07 12:35 - 00000000 ____D C:\Users\Lordofweed\old
2013-08-06 09:19 - 2013-08-06 09:19 - 13771752 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\ts3client_win64.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 10554880 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtGui4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 03130880 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtCore4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 01167360 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtNetwork4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 00502874 _____ C:\Users\Lordofweed\usb.ids
2013-08-06 09:19 - 2013-08-06 09:19 - 00248320 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtSql4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 00230376 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\package_inst.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00188904 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\error_report.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00110106 _____ C:\Users\Lordofweed\createfileassoc.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00024009 _____ C:\Users\Lordofweed\license.txt
2013-08-06 09:19 - 2013-08-06 09:19 - 00001755 _____ C:\Users\Lordofweed\mirrors.ini
2013-07-31 17:54 - 2013-08-07 12:35 - 00000000 _____ C:\Users\Lordofweed\update.ini
2013-07-29 22:27 - 2013-07-29 22:31 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\TeamViewer
2013-07-29 21:27 - 2013-07-29 21:27 - 00000272 _____ C:\Users\Lordofweed\Documents\Snake.ini

==================== One Month Modified Files and Folders =======

2013-08-25 18:33 - 2013-08-25 18:33 - 01576630 _____ (Farbar) C:\Users\Lordofweed\Desktop\FRST64.exe
2013-08-25 18:32 - 2013-08-24 00:34 - 00004381 _____ C:\Windows\setupact.log
2013-08-25 18:32 - 2013-08-11 17:30 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\LogMeIn Hamachi
2013-08-25 18:31 - 2013-05-04 14:46 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-25 18:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-25 18:20 - 2009-07-14 06:45 - 00014272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-25 18:20 - 2009-07-14 06:45 - 00014272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-25 18:11 - 2013-08-23 21:55 - 00138436 _____ C:\Windows\WindowsUpdate.log
2013-08-25 18:04 - 2013-08-25 18:04 - 00000700 _____ C:\Users\Lordofweed\Desktop\JRTscan.txt
2013-08-25 18:04 - 2013-08-25 18:04 - 00000700 _____ C:\Users\Lordofweed\Desktop\JRT.txt
2013-08-25 18:01 - 2013-08-25 18:01 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 18:01 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-08-25 18:01 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-08-25 18:01 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-25 18:00 - 2013-08-25 18:00 - 01021434 _____ (Thisisu) C:\Users\Lordofweed\Downloads\JRT.exe
2013-08-25 18:00 - 2013-08-25 18:00 - 01021434 _____ (Thisisu) C:\Users\Lordofweed\Desktop\JRT.exe
2013-08-25 17:58 - 2013-08-25 17:58 - 00001006 _____ C:\Users\Lordofweed\Desktop\AdwCleaner[S0].txt
2013-08-25 17:56 - 2013-08-25 17:53 - 00000000 ____D C:\AdwCleaner
2013-08-25 17:56 - 2013-05-04 14:23 - 00000000 ____D C:\Users\Lordofweed
2013-08-25 17:52 - 2013-08-25 17:53 - 00994642 _____ C:\Users\Lordofweed\Desktop\adwcleaner.exe
2013-08-25 17:52 - 2013-08-25 17:52 - 00994642 _____ C:\Users\Lordofweed\Downloads\adwcleaner.exe
2013-08-25 17:49 - 2013-08-24 11:32 - 00005510 _____ C:\Windows\PFRO.log
2013-08-25 17:49 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\TS3Client
2013-08-25 17:36 - 2013-05-04 15:16 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000UA.job
2013-08-25 16:52 - 2013-08-25 16:52 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Malwarebytes
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-25 16:52 - 2013-08-25 16:51 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lordofweed\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-25 14:40 - 2013-08-25 14:40 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\EA Games
2013-08-25 14:40 - 2013-08-22 23:28 - 00000000 ____D C:\Users\Lordofweed\Documents\EA Games
2013-08-25 14:39 - 2013-05-04 16:24 - 00000000 ____D C:\ProgramData\Origin
2013-08-25 14:06 - 2013-05-05 22:15 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-25 14:06 - 2013-05-05 20:30 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-25 14:06 - 2013-05-05 20:30 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-25 11:37 - 2013-08-09 20:18 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\.minecraft
2013-08-25 11:37 - 2013-05-04 20:45 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\PMB Files
2013-08-25 11:37 - 2013-05-04 20:45 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-25 11:32 - 2013-08-25 11:32 - 36175128 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\Downloads\TeamSpeak3-Client-win64-3.0.11.1.exe
2013-08-25 11:32 - 2013-08-25 11:32 - 00000802 _____ C:\Users\Lordofweed\Desktop\TeamSpeak 3 Client.lnk
2013-08-25 11:25 - 2013-08-25 11:25 - 00017422 _____ C:\ComboFix.txt
2013-08-25 11:25 - 2013-08-25 11:09 - 00000000 ____D C:\Qoobox
2013-08-25 11:24 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-25 11:19 - 2013-08-25 11:19 - 00018141 _____ C:\Users\Lordofweed\Desktop\txt.txt
2013-08-25 11:15 - 2013-08-25 11:15 - 05113393 ____R (Swearware) C:\Users\Lordofweed\Desktop\ComboFix.exe
2013-08-25 11:13 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-25 11:12 - 2013-08-25 11:09 - 00000000 ____D C:\Windows\erdnt
2013-08-24 18:21 - 2013-08-24 18:21 - 00029054 _____ C:\Users\Lordofweed\Desktop\DxDiag.txt
2013-08-24 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-24 15:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-24 15:07 - 2013-08-24 01:04 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Origin
2013-08-24 11:53 - 2013-08-24 11:53 - 00000000 ____D C:\FRST
2013-08-24 01:38 - 2013-05-06 17:03 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Skype
2013-08-24 01:08 - 2013-07-24 17:03 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-08-24 01:08 - 2013-05-07 19:14 - 00000000 ____D C:\Fraps
2013-08-24 01:04 - 2013-08-24 01:04 - 00000531 _____ C:\Users\Public\Desktop\Origin.lnk
2013-08-24 01:04 - 2013-05-04 16:30 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Origin
2013-08-24 00:34 - 2013-08-24 00:34 - 00000000 _____ C:\Windows\setuperr.log
2013-08-23 23:58 - 2013-05-04 16:05 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-23 23:45 - 2013-08-11 17:34 - 00001045 _____ C:\Users\Lordofweed\Desktop\Minecraft (1) - Verknüpfung.lnk
2013-08-23 23:45 - 2013-05-04 21:59 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-23 21:55 - 2013-05-04 15:12 - 00000000 ____D C:\Windows\Panther
2013-08-23 21:54 - 2013-07-17 22:50 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Spotify
2013-08-23 00:16 - 2013-08-23 00:15 - 00000000 ____D C:\Windows\system32\MRT
2013-08-23 00:15 - 2013-05-08 13:28 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-22 23:32 - 2013-08-22 23:32 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Criterion Games
2013-08-22 23:31 - 2013-08-22 23:31 - 00000000 __RHD C:\Users\Lordofweed\AppData\Roaming\SecuROM
2013-08-22 23:31 - 2013-05-04 16:24 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-22 21:42 - 2013-08-22 21:42 - 00000671 _____ C:\Users\Public\Desktop\Dead Space 3.lnk
2013-08-22 20:45 - 2013-05-04 15:17 - 00002398 _____ C:\Users\Lordofweed\Desktop\Google Chrome.lnk
2013-08-22 19:50 - 2013-07-17 22:50 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Spotify
2013-08-13 18:09 - 2013-08-13 18:08 - 00000000 ____D C:\Users\Lordofweed\Desktop\Neuer Ordner
2013-08-13 18:08 - 2013-08-12 17:19 - 00000000 ____D C:\Users\Lordofweed\Desktop\minecraft server
2013-08-13 15:29 - 2013-06-09 01:30 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\ArmA 2 OA
2013-08-12 17:43 - 2013-08-12 17:43 - 20612068 _____ C:\Users\Lordofweed\Downloads\world-HOFFENTLICH KEIN SCHNEE.rar
2013-08-12 17:31 - 2013-08-12 17:31 - 03395840 _____ (Piriform Ltd) C:\Users\Lordofweed\Downloads\ccsetup404_slim.exe
2013-08-12 17:31 - 2013-05-06 18:24 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Sony
2013-08-12 17:31 - 2013-05-04 21:59 - 00000000 ____D C:\Program Files\CCleaner
2013-08-12 17:23 - 2013-08-12 17:23 - 00001490 _____ C:\Users\Lordofweed\Downloads\server.log
2013-08-12 17:23 - 2013-08-12 17:23 - 00000514 _____ C:\Users\Lordofweed\Downloads\server.properties
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-players.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-ips.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 ____D C:\Users\Lordofweed\Downloads\world
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\white-list.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\ops.txt
2013-08-12 17:21 - 2013-08-12 17:21 - 06134331 _____ C:\Users\Lordofweed\Downloads\minecraft_server.1.6.2.jar
2013-08-11 18:17 - 2013-06-09 01:26 - 00000000 ____D C:\Users\Lordofweed\Documents\ArmA 2
2013-08-11 17:31 - 2013-08-11 17:30 - 00000534 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-08-11 17:29 - 2013-08-11 17:29 - 04292608 _____ C:\Users\Lordofweed\Downloads\hamachi_2.1.0.362.msi
2013-08-11 17:28 - 2013-08-11 17:28 - 00675988 _____ C:\Users\Lordofweed\Downloads\Minecraft (1).exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\ProgramData\Sun
2013-08-09 20:17 - 2013-08-09 20:17 - 00903080 _____ (Oracle Corporation) C:\Users\Lordofweed\Downloads\chromeinstall-7u25.exe
2013-08-07 12:35 - 2013-08-07 12:35 - 00000000 ____D C:\Users\Lordofweed\old
2013-08-07 12:35 - 2013-07-31 17:54 - 00000000 _____ C:\Users\Lordofweed\update.ini
2013-08-06 09:19 - 2013-08-06 09:19 - 13771752 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\ts3client_win64.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 10554880 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtGui4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 03130880 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtCore4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 01167360 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtNetwork4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 00502874 _____ C:\Users\Lordofweed\usb.ids
2013-08-06 09:19 - 2013-08-06 09:19 - 00248320 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtSql4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 00230376 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\package_inst.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00188904 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\error_report.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00110106 _____ C:\Users\Lordofweed\createfileassoc.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00024009 _____ C:\Users\Lordofweed\license.txt
2013-08-06 09:19 - 2013-08-06 09:19 - 00001755 _____ C:\Users\Lordofweed\mirrors.ini
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\translations
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\styles
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\soundbackends
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\plugins
2013-07-29 22:31 - 2013-07-29 22:27 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\TeamViewer
2013-07-29 21:27 - 2013-07-29 21:27 - 00000272 _____ C:\Users\Lordofweed\Documents\Snake.ini
2013-07-26 23:58 - 2013-07-25 19:42 - 00811880 _____ C:\Users\Lordofweed\acre.log
2013-07-26 22:32 - 2013-07-25 17:54 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Arma 3
2013-07-26 07:13 - 2013-08-23 00:17 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-26 07:13 - 2013-08-23 00:17 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-26 07:13 - 2013-08-23 00:17 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-26 07:12 - 2013-08-23 00:17 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-26 07:12 - 2013-08-23 00:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-26 05:35 - 2013-08-23 00:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-26 05:13 - 2013-08-23 00:17 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-26 05:13 - 2013-08-23 00:17 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-26 05:12 - 2013-08-23 00:17 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-26 05:11 - 2013-08-23 00:17 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-26 05:11 - 2013-08-23 00:17 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-26 04:49 - 2013-08-23 00:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-26 04:39 - 2013-08-23 00:17 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-26 03:59 - 2013-08-23 00:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe

Files to move or delete:
====================
C:\Users\Lordofweed\createfileassoc.exe
C:\Users\Lordofweed\error_report.exe
C:\Users\Lordofweed\package_inst.exe
C:\Users\Lordofweed\ts3client_win64.exe
C:\Users\LORDOF~1\AppData\Local\Temp\Quarantine.exe
C:\Users\LORDOF~1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
C:\Users\LORDOF~1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 20:22

==================== End Of Log ============================
--- --- ---

--- --- ---




So, das wären erstmal alle.

Grüße

schrauber 25.08.2013 19:55

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Luffe1231 26.08.2013 15:05
Hi,

hier das ESET-Logfile:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e63eace40f934c4997916433f300b636
# engine=14905
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-26 11:49:36
# local_time=2013-08-26 01:49:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 74399 242944666 45599 0
# compatibility_mode=5893 16776573 100 94 46148 129147626 0 0
# scanned=8487
# found=0
# cleaned=0
# scan_time=223
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e63eace40f934c4997916433f300b636
# engine=14905
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-08-26 12:10:04
# local_time=2013-08-26 02:10:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 1433 242945894 0 0
# compatibility_mode=5893 16776573 100 94 47376 129148854 0 0
# scanned=181761
# found=0
# cleaned=0
# scan_time=1172
Security Check Logfile:

Code:
Results of screen317's Security Check version 0.99.72 
 Windows 7 Service Pack 1 x64 (UAC is disabled!) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java 7 Update 25 
 Adobe Reader 9 Adobe Reader out of Date!
 Google Chrome 28.0.1500.95 
 Google Chrome 29.0.1547.57 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-08-2013
Ran by Lordofweed (administrator) on 26-08-2013 16:11:37
Running from C:\Users\Lordofweed\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Windows\SysWOW64\ASGT.exe
(LogMeIn Inc.) F:\hamachi\hamachi-2.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Akamai Technologies, Inc.) C:\Users\Lordofweed\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Lordofweed\AppData\Local\Akamai\netsession_win.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Google Inc.) C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2991856 2013-02-21] (Logitech, Inc.)
HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7468784 2013-02-28] (Logitech Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Lordofweed\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [34672 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - F:\hamachi\hamachi-2-ui.exe [2255184 2013-06-28] (LogMeIn Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\java\bin\ssv.dll (Oracle Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\java\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome:
=======
CHR RestoreOnStartup: "hxxp://www.google.de/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\29.0.1547.57\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\29.0.1547.57\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Lordofweed\AppData\Local\Google\Chrome\Application\29.0.1547.57\pdf.dll ()
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Google Update) - C:\Users\Lordofweed\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Drive) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Logitech SetPoint) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.52.74_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0
CHR Extension: (Battlefield Play4Free) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0
CHR Extension: (Gmail) - C:\Users\LORDOF~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-09] ()
R2 Hamachi2Svc; F:\hamachi\hamachi-2.exe [2470736 2013-06-28] (LogMeIn Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-07-22] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [23680 2010-02-23] (ASUSTeK Computer Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 wolf; \??\F:\wolfteam\WolfTeam-DE\avital\wolf64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-26 16:06 - 2013-08-26 16:06 - 00891115 _____ C:\Users\Lordofweed\Desktop\SecurityCheck.exe
2013-08-26 13:44 - 2013-08-26 13:44 - 02347384 _____ (ESET) C:\Users\Lordofweed\Downloads\esetsmartinstaller_enu.exe
2013-08-26 13:44 - 2013-08-26 13:44 - 02347384 _____ (ESET) C:\Users\Lordofweed\Desktop\esetsmartinstaller_enu.exe
2013-08-26 13:44 - 2013-08-26 13:44 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-25 18:58 - 2013-08-25 20:02 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\ESN Sonar
2013-08-25 18:04 - 2013-08-25 18:04 - 00000700 _____ C:\Users\Lordofweed\Desktop\JRTscan.txt
2013-08-25 18:04 - 2013-08-25 18:04 - 00000700 _____ C:\Users\Lordofweed\Desktop\JRT.txt
2013-08-25 18:01 - 2013-08-25 18:01 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 18:00 - 2013-08-25 18:00 - 01021434 _____ (Thisisu) C:\Users\Lordofweed\Downloads\JRT.exe
2013-08-25 18:00 - 2013-08-25 18:00 - 01021434 _____ (Thisisu) C:\Users\Lordofweed\Desktop\JRT.exe
2013-08-25 17:58 - 2013-08-25 17:58 - 00001006 _____ C:\Users\Lordofweed\Desktop\AdwCleaner[S0].txt
2013-08-25 17:53 - 2013-08-25 17:56 - 00000000 ____D C:\AdwCleaner
2013-08-25 17:53 - 2013-08-25 17:52 - 00994642 _____ C:\Users\Lordofweed\Desktop\adwcleaner.exe
2013-08-25 17:52 - 2013-08-25 17:52 - 00994642 _____ C:\Users\Lordofweed\Downloads\adwcleaner.exe
2013-08-25 16:52 - 2013-08-25 16:52 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Malwarebytes
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-25 16:52 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-25 16:51 - 2013-08-25 16:52 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lordofweed\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-25 14:40 - 2013-08-25 14:40 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\EA Games
2013-08-25 11:32 - 2013-08-25 11:32 - 36175128 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\Downloads\TeamSpeak3-Client-win64-3.0.11.1.exe
2013-08-25 11:32 - 2013-08-25 11:32 - 00000802 _____ C:\Users\Lordofweed\Desktop\TeamSpeak 3 Client.lnk
2013-08-25 11:25 - 2013-08-25 11:25 - 00017422 _____ C:\ComboFix.txt
2013-08-25 11:19 - 2013-08-25 11:19 - 00018141 _____ C:\Users\Lordofweed\Desktop\txt.txt
2013-08-25 11:15 - 2013-08-25 11:15 - 05113393 ____R (Swearware) C:\Users\Lordofweed\Desktop\ComboFix.exe
2013-08-25 11:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-08-25 11:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-08-25 11:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-08-25 11:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-08-25 11:09 - 2013-08-25 11:25 - 00000000 ____D C:\Qoobox
2013-08-25 11:09 - 2013-08-25 11:12 - 00000000 ____D C:\Windows\erdnt
2013-08-24 18:21 - 2013-08-24 18:21 - 00029054 _____ C:\Users\Lordofweed\Desktop\DxDiag.txt
2013-08-24 11:53 - 2013-08-24 11:53 - 00000000 ____D C:\FRST
2013-08-24 11:32 - 2013-08-25 17:49 - 00005510 _____ C:\Windows\PFRO.log
2013-08-24 01:04 - 2013-08-24 15:07 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Origin
2013-08-24 01:04 - 2013-08-24 01:04 - 00000531 _____ C:\Users\Public\Desktop\Origin.lnk
2013-08-24 00:34 - 2013-08-26 13:42 - 00004605 _____ C:\Windows\setupact.log
2013-08-24 00:34 - 2013-08-24 00:34 - 00000000 _____ C:\Windows\setuperr.log
2013-08-23 21:55 - 2013-08-26 16:02 - 00176044 _____ C:\Windows\WindowsUpdate.log
2013-08-23 00:17 - 2013-07-26 07:13 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-23 00:17 - 2013-07-26 07:13 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-23 00:17 - 2013-07-26 07:13 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-08-23 00:17 - 2013-07-26 07:12 - 19239424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 15405056 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-23 00:17 - 2013-07-26 07:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-08-23 00:17 - 2013-07-26 05:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-23 00:17 - 2013-07-26 05:13 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-08-23 00:17 - 2013-07-26 05:13 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 14329344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-08-23 00:17 - 2013-07-26 05:12 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-08-23 00:17 - 2013-07-26 05:11 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-08-23 00:17 - 2013-07-26 05:11 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-08-23 00:17 - 2013-07-26 04:49 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-08-23 00:17 - 2013-07-26 04:39 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-08-23 00:17 - 2013-07-26 03:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-08-23 00:15 - 2013-08-23 00:16 - 00000000 ____D C:\Windows\system32\MRT
2013-08-22 23:32 - 2013-08-22 23:32 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Criterion Games
2013-08-22 23:31 - 2013-08-22 23:31 - 00000000 __RHD C:\Users\Lordofweed\AppData\Roaming\SecuROM
2013-08-22 23:28 - 2013-08-25 14:40 - 00000000 ____D C:\Users\Lordofweed\Documents\EA Games
2013-08-22 21:42 - 2013-08-22 21:42 - 00000671 _____ C:\Users\Public\Desktop\Dead Space 3.lnk
2013-08-22 19:44 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-22 19:44 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-08-22 19:44 - 2013-07-19 03:58 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-22 19:44 - 2013-07-19 03:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-08-22 19:44 - 2013-07-09 07:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-22 19:44 - 2013-07-09 07:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-22 19:44 - 2013-07-09 07:46 - 01472512 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-22 19:44 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-22 19:44 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-22 19:44 - 2013-07-09 06:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-08-22 19:44 - 2013-07-09 06:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-08-22 19:44 - 2013-07-09 06:46 - 01166848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-08-22 19:44 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-08-22 19:44 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-08-22 19:44 - 2013-07-06 08:03 - 01910208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-22 19:44 - 2013-06-15 06:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-13 18:08 - 2013-08-13 18:09 - 00000000 ____D C:\Users\Lordofweed\Desktop\Neuer Ordner
2013-08-12 17:43 - 2013-08-12 17:43 - 20612068 _____ C:\Users\Lordofweed\Downloads\world-HOFFENTLICH KEIN SCHNEE.rar
2013-08-12 17:31 - 2013-08-12 17:31 - 03395840 _____ (Piriform Ltd) C:\Users\Lordofweed\Downloads\ccsetup404_slim.exe
2013-08-12 17:23 - 2013-08-12 17:23 - 00001490 _____ C:\Users\Lordofweed\Downloads\server.log
2013-08-12 17:23 - 2013-08-12 17:23 - 00000514 _____ C:\Users\Lordofweed\Downloads\server.properties
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-players.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-ips.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 ____D C:\Users\Lordofweed\Downloads\world
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\white-list.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\ops.txt
2013-08-12 17:21 - 2013-08-12 17:21 - 06134331 _____ C:\Users\Lordofweed\Downloads\minecraft_server.1.6.2.jar
2013-08-12 17:19 - 2013-08-13 18:08 - 00000000 ____D C:\Users\Lordofweed\Desktop\minecraft server
2013-08-11 17:34 - 2013-08-23 23:45 - 00001045 _____ C:\Users\Lordofweed\Desktop\Minecraft (1) - Verknüpfung.lnk
2013-08-11 17:31 - 2009-03-18 18:35 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2013-08-11 17:30 - 2013-08-26 13:42 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\LogMeIn Hamachi
2013-08-11 17:30 - 2013-08-11 17:31 - 00000534 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-08-11 17:29 - 2013-08-11 17:29 - 04292608 _____ C:\Users\Lordofweed\Downloads\hamachi_2.1.0.362.msi
2013-08-11 17:28 - 2013-08-11 17:28 - 00675988 _____ C:\Users\Lordofweed\Downloads\Minecraft (1).exe
2013-08-09 20:18 - 2013-08-25 11:37 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\.minecraft
2013-08-09 20:18 - 2013-08-09 20:18 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\ProgramData\Sun
2013-08-09 20:17 - 2013-08-09 20:17 - 00903080 _____ (Oracle Corporation) C:\Users\Lordofweed\Downloads\chromeinstall-7u25.exe
2013-08-07 12:35 - 2013-08-07 12:35 - 00000000 ____D C:\Users\Lordofweed\old
2013-08-06 09:19 - 2013-08-06 09:19 - 13771752 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\ts3client_win64.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 10554880 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtGui4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 03130880 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtCore4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 01167360 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtNetwork4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 00502874 _____ C:\Users\Lordofweed\usb.ids
2013-08-06 09:19 - 2013-08-06 09:19 - 00248320 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtSql4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 00230376 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\package_inst.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00188904 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\error_report.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00110106 _____ C:\Users\Lordofweed\createfileassoc.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00024009 _____ C:\Users\Lordofweed\license.txt
2013-08-06 09:19 - 2013-08-06 09:19 - 00001755 _____ C:\Users\Lordofweed\mirrors.ini
2013-07-31 17:54 - 2013-08-07 12:35 - 00000000 _____ C:\Users\Lordofweed\update.ini
2013-07-29 22:27 - 2013-07-29 22:31 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\TeamViewer
2013-07-29 21:27 - 2013-07-29 21:27 - 00000272 _____ C:\Users\Lordofweed\Documents\Snake.ini

==================== One Month Modified Files and Folders =======

2013-08-26 16:06 - 2013-08-26 16:06 - 00891115 _____ C:\Users\Lordofweed\Desktop\SecurityCheck.exe
2013-08-26 16:02 - 2013-08-23 21:55 - 00176044 _____ C:\Windows\WindowsUpdate.log
2013-08-26 15:41 - 2009-07-14 06:45 - 00014272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-26 15:41 - 2009-07-14 06:45 - 00014272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-26 15:36 - 2013-05-04 15:16 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2598136450-1614280718-3552877610-1000UA.job
2013-08-26 13:45 - 2009-07-14 19:58 - 00653928 _____ C:\Windows\system32\perfh007.dat
2013-08-26 13:45 - 2009-07-14 19:58 - 00129800 _____ C:\Windows\system32\perfc007.dat
2013-08-26 13:45 - 2009-07-14 07:13 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-26 13:44 - 2013-08-26 13:44 - 02347384 _____ (ESET) C:\Users\Lordofweed\Downloads\esetsmartinstaller_enu.exe
2013-08-26 13:44 - 2013-08-26 13:44 - 02347384 _____ (ESET) C:\Users\Lordofweed\Desktop\esetsmartinstaller_enu.exe
2013-08-26 13:44 - 2013-08-26 13:44 - 00000000 ____D C:\Program Files (x86)\ESET
2013-08-26 13:42 - 2013-08-24 00:34 - 00004605 _____ C:\Windows\setupact.log
2013-08-26 13:42 - 2013-08-11 17:30 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\LogMeIn Hamachi
2013-08-26 13:41 - 2013-05-04 14:46 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-26 13:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-26 01:00 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\TS3Client
2013-08-26 00:30 - 2013-05-05 22:15 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-08-26 00:30 - 2013-05-05 20:30 - 00290184 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-08-26 00:29 - 2013-05-05 20:30 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2013-08-25 21:04 - 2013-05-04 16:05 - 00000000 ____D C:\Program Files (x86)\Steam
2013-08-25 20:02 - 2013-08-25 18:58 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\ESN Sonar
2013-08-25 18:04 - 2013-08-25 18:04 - 00000700 _____ C:\Users\Lordofweed\Desktop\JRTscan.txt
2013-08-25 18:04 - 2013-08-25 18:04 - 00000700 _____ C:\Users\Lordofweed\Desktop\JRT.txt
2013-08-25 18:01 - 2013-08-25 18:01 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 18:00 - 2013-08-25 18:00 - 01021434 _____ (Thisisu) C:\Users\Lordofweed\Downloads\JRT.exe
2013-08-25 18:00 - 2013-08-25 18:00 - 01021434 _____ (Thisisu) C:\Users\Lordofweed\Desktop\JRT.exe
2013-08-25 17:58 - 2013-08-25 17:58 - 00001006 _____ C:\Users\Lordofweed\Desktop\AdwCleaner[S0].txt
2013-08-25 17:56 - 2013-08-25 17:53 - 00000000 ____D C:\AdwCleaner
2013-08-25 17:56 - 2013-05-04 14:23 - 00000000 ____D C:\Users\Lordofweed
2013-08-25 17:52 - 2013-08-25 17:53 - 00994642 _____ C:\Users\Lordofweed\Desktop\adwcleaner.exe
2013-08-25 17:52 - 2013-08-25 17:52 - 00994642 _____ C:\Users\Lordofweed\Downloads\adwcleaner.exe
2013-08-25 17:49 - 2013-08-24 11:32 - 00005510 _____ C:\Windows\PFRO.log
2013-08-25 16:52 - 2013-08-25 16:52 - 00001113 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Malwarebytes
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-08-25 16:52 - 2013-08-25 16:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-08-25 16:52 - 2013-08-25 16:51 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Lordofweed\Downloads\mbam-setup-1.75.0.1300.exe
2013-08-25 14:40 - 2013-08-25 14:40 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\EA Games
2013-08-25 14:40 - 2013-08-22 23:28 - 00000000 ____D C:\Users\Lordofweed\Documents\EA Games
2013-08-25 14:39 - 2013-05-04 16:24 - 00000000 ____D C:\ProgramData\Origin
2013-08-25 11:37 - 2013-08-09 20:18 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\.minecraft
2013-08-25 11:37 - 2013-05-04 20:45 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\PMB Files
2013-08-25 11:37 - 2013-05-04 20:45 - 00000000 ____D C:\ProgramData\PMB Files
2013-08-25 11:32 - 2013-08-25 11:32 - 36175128 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\Downloads\TeamSpeak3-Client-win64-3.0.11.1.exe
2013-08-25 11:32 - 2013-08-25 11:32 - 00000802 _____ C:\Users\Lordofweed\Desktop\TeamSpeak 3 Client.lnk
2013-08-25 11:25 - 2013-08-25 11:25 - 00017422 _____ C:\ComboFix.txt
2013-08-25 11:25 - 2013-08-25 11:09 - 00000000 ____D C:\Qoobox
2013-08-25 11:24 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-08-25 11:19 - 2013-08-25 11:19 - 00018141 _____ C:\Users\Lordofweed\Desktop\txt.txt
2013-08-25 11:15 - 2013-08-25 11:15 - 05113393 ____R (Swearware) C:\Users\Lordofweed\Desktop\ComboFix.exe
2013-08-25 11:13 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-08-25 11:12 - 2013-08-25 11:09 - 00000000 ____D C:\Windows\erdnt
2013-08-24 18:21 - 2013-08-24 18:21 - 00029054 _____ C:\Users\Lordofweed\Desktop\DxDiag.txt
2013-08-24 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-08-24 15:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-08-24 15:07 - 2013-08-24 01:04 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Origin
2013-08-24 11:53 - 2013-08-24 11:53 - 00000000 ____D C:\FRST
2013-08-24 01:38 - 2013-05-06 17:03 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Skype
2013-08-24 01:08 - 2013-07-24 17:03 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2013-08-24 01:08 - 2013-05-07 19:14 - 00000000 ____D C:\Fraps
2013-08-24 01:04 - 2013-08-24 01:04 - 00000531 _____ C:\Users\Public\Desktop\Origin.lnk
2013-08-24 01:04 - 2013-05-04 16:30 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Origin
2013-08-24 00:34 - 2013-08-24 00:34 - 00000000 _____ C:\Windows\setuperr.log
2013-08-23 23:45 - 2013-08-11 17:34 - 00001045 _____ C:\Users\Lordofweed\Desktop\Minecraft (1) - Verknüpfung.lnk
2013-08-23 23:45 - 2013-05-04 21:59 - 00000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-08-23 21:55 - 2013-05-04 15:12 - 00000000 ____D C:\Windows\Panther
2013-08-23 21:54 - 2013-07-17 22:50 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Spotify
2013-08-23 00:16 - 2013-08-23 00:15 - 00000000 ____D C:\Windows\system32\MRT
2013-08-23 00:15 - 2013-05-08 13:28 - 78161360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-08-22 23:32 - 2013-08-22 23:32 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Criterion Games
2013-08-22 23:31 - 2013-08-22 23:31 - 00000000 __RHD C:\Users\Lordofweed\AppData\Roaming\SecuROM
2013-08-22 23:31 - 2013-05-04 16:24 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-08-22 21:42 - 2013-08-22 21:42 - 00000671 _____ C:\Users\Public\Desktop\Dead Space 3.lnk
2013-08-22 20:45 - 2013-05-04 15:17 - 00002398 _____ C:\Users\Lordofweed\Desktop\Google Chrome.lnk
2013-08-22 19:50 - 2013-07-17 22:50 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\Spotify
2013-08-13 18:09 - 2013-08-13 18:08 - 00000000 ____D C:\Users\Lordofweed\Desktop\Neuer Ordner
2013-08-13 18:08 - 2013-08-12 17:19 - 00000000 ____D C:\Users\Lordofweed\Desktop\minecraft server
2013-08-13 15:29 - 2013-06-09 01:30 - 00000000 ____D C:\Users\LORDOF~1\AppData\Local\ArmA 2 OA
2013-08-12 17:43 - 2013-08-12 17:43 - 20612068 _____ C:\Users\Lordofweed\Downloads\world-HOFFENTLICH KEIN SCHNEE.rar
2013-08-12 17:31 - 2013-08-12 17:31 - 03395840 _____ (Piriform Ltd) C:\Users\Lordofweed\Downloads\ccsetup404_slim.exe
2013-08-12 17:31 - 2013-05-06 18:24 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\Sony
2013-08-12 17:31 - 2013-05-04 21:59 - 00000000 ____D C:\Program Files\CCleaner
2013-08-12 17:23 - 2013-08-12 17:23 - 00001490 _____ C:\Users\Lordofweed\Downloads\server.log
2013-08-12 17:23 - 2013-08-12 17:23 - 00000514 _____ C:\Users\Lordofweed\Downloads\server.properties
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-players.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000109 _____ C:\Users\Lordofweed\Downloads\banned-ips.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 ____D C:\Users\Lordofweed\Downloads\world
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\white-list.txt
2013-08-12 17:23 - 2013-08-12 17:23 - 00000000 _____ C:\Users\Lordofweed\Downloads\ops.txt
2013-08-12 17:21 - 2013-08-12 17:21 - 06134331 _____ C:\Users\Lordofweed\Downloads\minecraft_server.1.6.2.jar
2013-08-11 18:17 - 2013-06-09 01:26 - 00000000 ____D C:\Users\Lordofweed\Documents\ArmA 2
2013-08-11 17:31 - 2013-08-11 17:30 - 00000534 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-08-11 17:29 - 2013-08-11 17:29 - 04292608 _____ C:\Users\Lordofweed\Downloads\hamachi_2.1.0.362.msi
2013-08-11 17:28 - 2013-08-11 17:28 - 00675988 _____ C:\Users\Lordofweed\Downloads\Minecraft (1).exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-08-09 20:18 - 2013-08-09 20:18 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-08-09 20:18 - 2013-08-09 20:18 - 00000000 ____D C:\ProgramData\Sun
2013-08-09 20:17 - 2013-08-09 20:17 - 00903080 _____ (Oracle Corporation) C:\Users\Lordofweed\Downloads\chromeinstall-7u25.exe
2013-08-07 12:35 - 2013-08-07 12:35 - 00000000 ____D C:\Users\Lordofweed\old
2013-08-07 12:35 - 2013-07-31 17:54 - 00000000 _____ C:\Users\Lordofweed\update.ini
2013-08-06 09:19 - 2013-08-06 09:19 - 13771752 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\ts3client_win64.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 10554880 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtGui4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 03130880 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtCore4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 01167360 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtNetwork4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 00502874 _____ C:\Users\Lordofweed\usb.ids
2013-08-06 09:19 - 2013-08-06 09:19 - 00248320 _____ (Nokia Corporation and/or its subsidiary(-ies)) C:\Users\Lordofweed\QtSql4.dll
2013-08-06 09:19 - 2013-08-06 09:19 - 00230376 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\package_inst.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00188904 _____ (TeamSpeak Systems GmbH) C:\Users\Lordofweed\error_report.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00110106 _____ C:\Users\Lordofweed\createfileassoc.exe
2013-08-06 09:19 - 2013-08-06 09:19 - 00024009 _____ C:\Users\Lordofweed\license.txt
2013-08-06 09:19 - 2013-08-06 09:19 - 00001755 _____ C:\Users\Lordofweed\mirrors.ini
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\translations
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\styles
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\soundbackends
2013-07-31 17:58 - 2013-05-04 15:03 - 00000000 ____D C:\Users\Lordofweed\plugins
2013-07-29 22:31 - 2013-07-29 22:27 - 00000000 ____D C:\Users\Lordofweed\AppData\Roaming\TeamViewer
2013-07-29 21:27 - 2013-07-29 21:27 - 00000272 _____ C:\Users\Lordofweed\Documents\Snake.ini

Files to move or delete:
====================
C:\Users\Lordofweed\createfileassoc.exe
C:\Users\Lordofweed\error_report.exe
C:\Users\Lordofweed\package_inst.exe
C:\Users\Lordofweed\ts3client_win64.exe
C:\Users\LORDOF~1\AppData\Local\Temp\Quarantine.exe
C:\Users\LORDOF~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Objlist.exe
C:\Users\LORDOF~1\AppData\Local\Temp\RarSFX0\SecurityCheck\runprocesses.exe
C:\Users\LORDOF~1\AppData\Local\Temp\RarSFX0\SecurityCheck\uninstalllist.exe
C:\Users\LORDOF~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\cmdinfo.exe
C:\Users\LORDOF~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\nircmdc.exe
C:\Users\LORDOF~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\sed.exe
C:\Users\LORDOF~1\AppData\Local\Temp\RarSFX0\SecurityCheck\Other\swreg.exe
C:\Users\LORDOF~1\AppData\Local\Temp\jrt\erunt\ERUNT.EXE

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-22 20:22

==================== End Of Log ============================
--- --- ---

--- --- ---


So, das wärs erstmal.

Habe Dank deiner Hilfe keine Probleme mehr :) Vielen Dank für deine Mühe und Geduld mit mir! :D

Achja, kann man die Programme ohne weiteres in Zukunft verwenden, ohne Angst haben zu müssen, dass irgend eine wichtige Systemdatei beschädigt wird?

Grüße

schrauber 26.08.2013 18:10
Zitat:
Achja, kann man die Programme ohne weiteres in Zukunft verwenden, ohne Angst haben zu müssen, dass irgend eine wichtige Systemdatei beschädigt wird?
Nur das was unten steht.

Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Luffe1231 28.08.2013 17:46
Hi,

Danke für deine Hilfe! Mir fallen derzeit keinerlei Probleme mehr auf.

Ich werde deine Tipps und Ratschläge befolgen, und mir damit in Zukunft hoffentlich viel Ärger ersparen :)

Achja, tut mir leid, dass die Rückmeldung so lange gedauert hat und danke nochmal für alles!

Grüße,
Luffe

schrauber 29.08.2013 04:13
Gern Geschehen :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:34 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131