Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Adchoice werbung überall (keine pop ups), Avira und Malewarebytes finden nix (https://www.trojaner-board.de/152539-adchoice-werbung-ueberall-keine-pop-ups-avira-malewarebytes-finden-nix.html)

Low_Milk 15.04.2014 00:05
Adchoice werbung überall (keine pop ups), Avira und Malewarebytes finden nix
 
Seit kurzen bekomme ich auf jeder Seite an den stellen wo normalerweise die üblich Werbung ist adwarechoices anzeigen. Des weiteren bekomme ich auf YouTube dänische(?) anzeigen und Werbe Clips vor den Videos.
http://s7.directupload.net/images/140415/ppq94ttc.png

Bin mir nicht sicher ob das zusammenhängt ist aber zeitgleich aufgetreten. Avira und co finden nichts.

Ich weis ich müsste jetzt hier diese logs posten aber bei allen Downloads sagt mit mein pc "Diese Datei wird nicht häufig heruntergeladen und kann auf diesen Computer schaden anrichten"
Sind eure links wirklich safe ?

schrauber 15.04.2014 09:27
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Low_Milk 15.04.2014 11:02
Hi :D

Vielen dank das sich einer mein Problem annimmt
Hab echt großen Respekt vor dem was ihr hier macht :)
Top


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-04-2014
Ran by Overmind (administrator) on OVERMIND--- on 15-04-2014 12:00:14
Running from C:\Users\Overmind\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2W2GLEM
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [613536 2010-10-27] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2010-10-27] (Atheros Commnucations)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2314120 2009-05-26] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-09-28] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-02-26] (LogMeIn Inc.)
HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3712746776-2378950783-3472739455-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-07-21] (Google Inc.)
HKU\S-1-5-21-3712746776-2378950783-3472739455-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-3712746776-2378950783-3472739455-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_ActiveX.exe [841096 2014-03-12] (Adobe Systems Incorporated)
HKU\S-1-5-21-3712746776-2378950783-3472739455-1000\...\MountPoints2: {004c9637-b2db-11e0-b8c4-806e6f6e6963} - D:\.\Bin\ASSETUP.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://forums.warframe.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBE9DC597E847CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.allmystery.de/
hxxp://www.youtube.com/my_subscriptions?feature=mhee
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Overmind\AppData\Roaming\Mozilla\Firefox\Profiles\nxvr9vg4.default
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.youtube.com/?gl=DE&hl=de
FF NetworkProxy: "http", "www-proxy.t-online.de"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @ei.Retrogamer_4w.com/Plugin - C:\Program Files (x86)\Retrogamer_4wEI\Installr\1.bin\NP4wEISB.dll (Retrogamer)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.118.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 - C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Overmind\AppData\Roaming\Mozilla\Firefox\Profiles\nxvr9vg4.default\Extensions\ich@maltegoetz.de [2013-11-08]
FF Extension: Telekom YouTube Turbo - C:\Users\Overmind\AppData\Roaming\Mozilla\Firefox\Profiles\nxvr9vg4.default\Extensions\info@maltegoetz.de.xpi [2013-04-15]
FF Extension: Greasemonkey - C:\Users\Overmind\AppData\Roaming\Mozilla\Firefox\Profiles\nxvr9vg4.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-24]

Chrome:
=======
CHR HomePage: hxxp://de.yahoo.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll ()
CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll No File
CHR Plugin: (ESN Sonar API) - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Overmind\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-26]
CHR Extension: (Google Drive) - C:\Users\Overmind\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-26]
CHR Extension: (YouTube) - C:\Users\Overmind\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-26]
CHR Extension: (Adblock Plus) - C:\Users\Overmind\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-03]
CHR Extension: (Google-Suche) - C:\Users\Overmind\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-26]
CHR Extension: (Web Assistant) - C:\Users\Overmind\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2013-03-26]
CHR Extension: (Google Wallet) - C:\Users\Overmind\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Google Mail) - C:\Users\Overmind\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-26]

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [896592 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-02-26] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2012-02-14] ()
R2 WSWNDA3100v2; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [303360 2011-12-14] ()

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
S3 LADF_BakerCOnly; C:\Windows\System32\DRIVERS\ladfBakerCamd64.sys [410184 2011-03-18] (Logitech)
S3 LADF_BakerROnly; C:\Windows\System32\DRIVERS\ladfBakerRamd64.sys [335688 2011-03-18] (Logitech)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-15 12:00 - 2014-04-15 12:00 - 00000000 ____D () C:\FRST
2014-04-12 12:10 - 2014-04-12 12:10 - 00000000 ___RD () C:\Users\Overmind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-04-12 12:06 - 2014-04-12 12:07 - 00000000 ____D () C:\AdwCleaner
2014-04-12 09:18 - 2014-04-15 11:55 - 00000887 _____ () C:\Windows\setupact.log
2014-04-12 09:18 - 2014-04-12 09:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-11 14:41 - 2014-04-11 14:42 - 11627487 _____ () C:\Users\Overmind\Downloads\204_SR3-nm.rar
2014-04-10 01:28 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 01:28 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 01:28 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 01:28 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 01:28 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 01:28 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 01:28 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 01:28 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 01:28 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 01:28 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 01:28 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 01:28 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 01:28 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 01:28 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 01:28 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 01:28 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 01:28 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 01:28 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 01:28 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 01:28 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 01:28 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 16:05 - 2014-04-09 16:05 - 00000221 _____ () C:\Users\Overmind\Desktop\Saints Row The Third.url
2014-04-08 15:10 - 2014-04-14 15:53 - 00000000 ____D () C:\Users\Overmind\AppData\Local\LogMeIn Hamachi
2014-04-08 15:10 - 2014-04-08 15:10 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-08 14:43 - 2014-04-09 10:29 - 00000000 ____D () C:\Users\Overmind\Documents\SpellForce
2014-04-08 12:24 - 2014-04-08 12:24 - 00000221 _____ () C:\Users\Overmind\Desktop\Spellforce Platinum Edition.url
2014-04-02 23:50 - 2014-04-02 23:50 - 00001425 _____ () C:\Users\Overmind\Desktop\Top 3,5 Zimmer EG Wohnung mit großer Terrasse in Laupheim.url
2014-04-02 23:49 - 2014-04-02 23:49 - 00000290 _____ () C:\Users\Overmind\Desktop\Zentrale 3,5 Zimmerwohnung in Laupheim im Erdgeschoss mit Terrasse Wohnung Laupheim (2ZYDS3A).url
2014-04-02 23:44 - 2014-04-02 23:44 - 00001903 _____ () C:\Users\Overmind\Desktop\3,5 Zimmer Erdgeschosswohnung in Laupheim mit 75 qm (ScoutId 55453423).url
2014-03-24 00:13 - 2014-03-24 00:13 - 00001050 _____ () C:\Users\Overmind\Downloads\telekom-hotspot450587.txt

==================== One Month Modified Files and Folders =======

2014-04-15 12:00 - 2014-04-15 12:00 - 00000000 ____D () C:\FRST
2014-04-15 11:56 - 2011-07-21 23:19 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-15 11:56 - 2011-07-21 00:52 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-04-15 11:56 - 2011-07-20 16:27 - 01713641 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 11:55 - 2014-04-12 09:18 - 00000887 _____ () C:\Windows\setupact.log
2014-04-15 11:55 - 2013-11-08 13:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-15 03:32 - 2013-12-05 22:47 - 00001108 _____ () C:\Users\Overmind\Desktop\2zp-p5p-nrp.txt
2014-04-15 01:02 - 2014-02-28 20:47 - 00204288 ___SH () C:\Users\Overmind\Desktop\Thumbs.db
2014-04-15 00:39 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-15 00:39 - 2009-07-14 06:45 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-15 00:07 - 2011-07-21 23:40 - 00000000 ____D () C:\Users\Overmind\AppData\Local\CrashDumps
2014-04-14 22:40 - 2011-07-21 23:19 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-14 15:53 - 2014-04-08 15:10 - 00000000 ____D () C:\Users\Overmind\AppData\Local\LogMeIn Hamachi
2014-04-14 12:32 - 2014-03-05 00:45 - 00000000 ____D () C:\Users\Overmind\AppData\Local\Battle.net
2014-04-13 00:50 - 2011-08-27 20:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-12 12:15 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-04-12 12:15 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-04-12 12:15 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-12 12:10 - 2014-04-12 12:10 - 00000000 ___RD () C:\Users\Overmind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-04-12 12:09 - 2011-07-21 00:56 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-12 12:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-12 12:07 - 2014-04-12 12:06 - 00000000 ____D () C:\AdwCleaner
2014-04-12 11:46 - 2013-03-26 21:30 - 00000000 ____D () C:\Users\Overmind\AppData\Roaming\Skype
2014-04-12 09:18 - 2014-04-12 09:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-12 01:23 - 2012-02-19 04:00 - 00000000 ___RD () C:\Users\Overmind\Desktop\Nützlicher Müll
2014-04-12 01:17 - 2011-07-21 00:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-11 14:42 - 2014-04-11 14:41 - 11627487 _____ () C:\Users\Overmind\Downloads\204_SR3-nm.rar
2014-04-10 23:37 - 2014-03-05 14:18 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-04-10 23:36 - 2014-03-05 00:45 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-04-10 03:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-10 03:02 - 2013-08-30 03:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 03:01 - 2012-07-15 13:57 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 16:05 - 2014-04-09 16:05 - 00000221 _____ () C:\Users\Overmind\Desktop\Saints Row The Third.url
2014-04-09 10:29 - 2014-04-08 14:43 - 00000000 ____D () C:\Users\Overmind\Documents\SpellForce
2014-04-08 15:10 - 2014-04-08 15:10 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-08 15:10 - 2013-03-13 23:30 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-04-08 14:43 - 2011-07-21 01:00 - 00000000 ____D () C:\Users\Overmind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-08 12:24 - 2014-04-08 12:24 - 00000221 _____ () C:\Users\Overmind\Desktop\Spellforce Platinum Edition.url
2014-04-05 13:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-02 23:50 - 2014-04-02 23:50 - 00001425 _____ () C:\Users\Overmind\Desktop\Top 3,5 Zimmer EG Wohnung mit großer Terrasse in Laupheim.url
2014-04-02 23:49 - 2014-04-02 23:49 - 00000290 _____ () C:\Users\Overmind\Desktop\Zentrale 3,5 Zimmerwohnung in Laupheim im Erdgeschoss mit Terrasse Wohnung Laupheim (2ZYDS3A).url
2014-04-02 23:44 - 2014-04-02 23:44 - 00001903 _____ () C:\Users\Overmind\Desktop\3,5 Zimmer Erdgeschosswohnung in Laupheim mit 75 qm (ScoutId 55453423).url
2014-04-02 02:28 - 2013-05-04 15:46 - 00000000 ____D () C:\Users\Overmind\AppData\Local\Warframe
2014-03-31 23:05 - 2011-07-21 23:18 - 00000000 ____D () C:\Users\Overmind\AppData\Local\Google
2014-03-31 03:16 - 2014-04-10 01:28 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-10 01:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-10 01:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-10 01:28 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-27 23:35 - 2011-07-21 23:19 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 23:35 - 2011-07-21 23:19 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-24 00:13 - 2014-03-24 00:13 - 00001050 _____ () C:\Users\Overmind\Downloads\telekom-hotspot450587.txt
2014-03-23 21:05 - 2012-06-15 17:24 - 00000000 ___RD () C:\Users\Overmind\Desktop\Musik
2014-03-16 00:12 - 2013-03-26 21:47 - 00002210 _____ () C:\Users\Overmind\Desktop\Google Chrome.lnk

Files to move or delete:
====================
C:\ProgramData\nud0repor.pad


Some content of TEMP:
====================
C:\Users\Overmind\AppData\Local\Temp\avgnt.exe
C:\Users\Overmind\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-09 01:02

==================== End Of Log ============================
--- --- ---

--- --- ---



Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-04-2014
Ran by Overmind at 2014-04-15 12:00:32
Running from C:\Users\Overmind\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X2W2GLEM
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
ANNO 1602 Königs-Edition (HKLM-x32\...\{077A7810-A937-4465-AD08-ACED9807995F}) (Version: 1.00 - )
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Avira Antivirus Premium (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.40 - Atheros Communications)
Borderlands (HKLM-x32\...\{52B65911-1559-4ED5-9461-46957FDD48CD}) (Version: 1.0.295 - 2K Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
CCleaner (HKLM\...\CCleaner) (Version: 3.08 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0001.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0002.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Darksiders (HKLM-x32\...\Steam App 50620) (Version:  - Vigil Games)
Darksiders II (HKLM-x32\...\Steam App 50650) (Version:  - Vigil Games)
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - Ihr Firmenname)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.04 - Electronic Arts, Inc.)
Druckerdeinstallation für EPSON SX130 Series (HKLM\...\EPSON SX130 Series) (Version:  - SEIKO EPSON Corporation)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version:  - )
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.173 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.173 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1051 - Marvell)
Mass Effect (HKLM-x32\...\Steam App 17460) (Version:  - BioWare)
Mass Effect 2 (HKLM-x32\...\Steam App 24980) (Version:  - BioWare)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 7.0 (HKLM\...\{C74A84EC-7C5F-4C36-A4A6-381E516D643B}) (Version: 7.0.260.0 - Microsoft)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 20.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 20.0.1 (x86 de)) (Version: 20.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 20.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (HKLM-x32\...\{3C7839E7-21F4-49E0-B4D5-AC8ED818CCB0}) (Version: 1.03.000 - NETGEAR)
NVIDIA 3D Vision Controller Driver (x32 Version: 267.67 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.10.0.22397 - Grinding Gear Games)
Patrician IV Gold (HKLM-x32\...\{CDD92071-5688-493D-9980-540D006B375C}) (Version: 1.0.0.0 - Gaming Minds Studios GmbH)
Pokemon Online 2.1.0 (HKLM-x32\...\{2C08D7E7-9EE1-4A08-AFE0-745F02DCD6A4}_is1) (Version:  - Dreambelievers)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Screenshot Captor 4.01.00 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spellforce: Platinum Edition (HKLM-x32\...\Steam App 39540) (Version:  - Phenomic)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.05.0001 - Electronic Arts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\GFWL_{43430FA0-49F0-4B13-B4C5-611000008100}) (Version: 1.0.0000.129 - CAPCOM U.S.A., INC)
Super Street Fighter IV: Arcade Edition (x32 Version: 1.0.0000.129 - CAPCOM U.S.A., INC) Hidden
SUPER STREET FIGHTER IV: ARCADE EDITION (x32 Version: 1.0.0002.129 - CAPCOM U.S.A., INC) Hidden
SUPER STREET FIGHTER IV: ARCADE EDITION (x32 Version: 1.0.0003.129 - CAPCOM U.S.A., INC) Hidden
SUPER STREET FIGHTER IV: ARCADE EDITION (x32 Version: 1.0.0005.129 - CAPCOM U.S.A., INC) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version:  - Nadeo)
Trine 1.08 (HKLM-x32\...\Trine_is1) (Version:  - Frozenbyte, Inc.)
Unreal Anthology (HKLM-x32\...\{14AA72DA-DB40-4A34-93A6-401A81D7AF9E}) (Version: 1.00.0000 - Epic Games, Inc.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Phone app for desktop (HKLM-x32\...\{9C4D79B6-238E-49D8-AEBC-26384EBDE6B3}) (Version: 1.0.1720.1 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Restore Points  =========================

07-04-2014 15:00:44 Installed Microsoft Games for Windows - LIVE Redistributable
08-04-2014 13:06:41 Removed LogMeIn Hamachi
08-04-2014 13:09:54 Installed LogMeIn Hamachi
09-04-2014 13:46:12 DirectX wurde installiert
10-04-2014 01:00:13 Windows Update
11-04-2014 23:16:57 Entfernt FEAR

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {058EDDDE-62B9-4590-BA8E-8A71C06B225F} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-10-13] (ASUSTeK Computer Inc.)
Task: {551CB02D-C57B-475A-879F-0F64A2F6A548} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-21] (Google Inc.)
Task: {7F495889-F85D-4D02-8FDE-FCBB74A0B9B1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {9EC5116D-7BA5-4D02-83D4-011E3EBE7DB7} - System32\Tasks\{A7D08620-EFC5-4B5C-8056-5B6222EF3E72} => C:\Program Files (x86)\Steam\Steam.exe [2014-02-25] (Valve Corporation)
Task: {DCAF7323-10CC-4D2F-8E7E-FFB04C14FF95} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-01-28 02:42 - 2014-02-08 19:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-11-03 11:30 - 2010-11-03 11:30 - 00918144 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2011-10-05 11:46 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-12-02 04:15 - 2010-12-02 04:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
2011-07-21 22:47 - 2010-10-21 11:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2013-08-29 03:33 - 2011-12-14 17:53 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe
2013-08-29 03:33 - 2011-12-14 17:55 - 08453376 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe
2013-08-04 22:40 - 2013-08-04 22:35 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-07-21 22:46 - 2014-04-12 12:09 - 00023040 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-07-21 22:46 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2011-07-21 22:48 - 2010-11-16 10:37 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
2011-07-21 22:48 - 2010-07-30 11:28 - 00670208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\asacpiEx.dll
2011-07-21 22:48 - 2010-07-15 20:04 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
2011-07-21 22:48 - 2010-07-15 20:04 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
2011-07-21 22:48 - 2010-07-15 20:04 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
2011-07-21 22:48 - 2007-10-31 11:51 - 00061440 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
2011-07-21 22:48 - 2010-02-24 10:56 - 00661504 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
2011-07-21 22:48 - 2010-11-11 03:09 - 00703488 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
2011-07-21 22:48 - 2010-06-23 05:54 - 00114688 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
2013-08-29 03:33 - 2011-12-14 10:22 - 00368640 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiLib.dll
2014-01-08 19:38 - 2013-12-13 00:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-08 19:38 - 2013-11-05 03:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-12 18:10 - 2014-02-11 04:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2011-08-27 20:35 - 2014-02-25 23:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2011-08-27 20:35 - 2014-01-11 01:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-15 14:34 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-15 14:34 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-15 14:34 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-08-29 03:33 - 2011-12-14 10:43 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvcLib.dll
2014-02-13 04:31 - 2014-02-13 04:31 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-07-21 00:42 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/15/2014 00:07:55 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.16521, Zeitstempel: 0x53114399
Name des fehlerhaften Moduls: MSHTML.dll, Version: 11.0.9600.16659, Zeitstempel: 0x5338aef8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001e57c9
ID des fehlerhaften Prozesses: 0x4aa08
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (04/12/2014 00:10:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2014 00:10:50 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/10/2014 10:11:17 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/10/2014 10:05:13 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/10/2014 10:04:45 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (04/10/2014 03:20:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2014 00:30:18 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Spellforce.exe, Version: 0.0.0.0, Zeitstempel: 0x42403817
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x3d04c
Startzeit der fehlerhaften Anwendung: 0xSpellforce.exe0
Pfad der fehlerhaften Anwendung: Spellforce.exe1
Pfad des fehlerhaften Moduls: Spellforce.exe2
Berichtskennung: Spellforce.exe3

Error: (04/08/2014 03:30:43 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Spellforce.exe, Version: 0.0.0.0, Zeitstempel: 0x42403817
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x3a6b8
Startzeit der fehlerhaften Anwendung: 0xSpellforce.exe0
Pfad der fehlerhaften Anwendung: Spellforce.exe1
Pfad des fehlerhaften Moduls: Spellforce.exe2
Berichtskennung: Spellforce.exe3

Error: (04/08/2014 03:22:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Spellforce.exe, Version: 0.0.0.0, Zeitstempel: 0x42403817
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00038e19
ID des fehlerhaften Prozesses: 0x39708
Startzeit der fehlerhaften Anwendung: 0xSpellforce.exe0
Pfad der fehlerhaften Anwendung: Spellforce.exe1
Pfad des fehlerhaften Moduls: Spellforce.exe2
Berichtskennung: Spellforce.exe3


System errors:
=============
Error: (04/15/2014 00:06:49 AM) (Source: Service Control Manager) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/13/2014 06:37:40 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/13/2014 11:30:26 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FESTRECHNER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3FBFEBCB-58DC-493F-A909-281AD2B8C65D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/12/2014 02:29:40 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FESTRECHNER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3FBFEBCB-58DC-493F-A909-281AD2B8C65D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/11/2014 07:14:13 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/11/2014 05:59:47 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FESTRECHNER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3FBFEBCB-58DC-493F-A909-281AD2B8C65D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/10/2014 02:46:52 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/10/2014 02:46:52 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/09/2014 10:11:01 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FESTRECHNER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3FBFEBCB-58DC-493F-A909-281AD2B8C65D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/08/2014 10:46:04 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "FESTRECHNER-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{3FBFEBCB-58DC-493F-A909-281AD2B8C65D}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (04/15/2014 00:07:55 AM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE11.0.9600.1652153114399MSHTML.dll11.0.9600.166595338aef8c0000005001e57c94aa0801cf582cb3da6ad9C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\system32\MSHTML.dll3a6e4617-c421-11e3-ae37-00268315f0ad

Error: (04/12/2014 00:10:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/12/2014 00:10:50 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/10/2014 10:11:17 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/10/2014 10:05:13 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/10/2014 10:04:45 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (04/10/2014 03:20:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/09/2014 00:30:18 AM) (Source: Application Error)(User: )
Description: Spellforce.exe0.0.0.042403817ntdll.dll6.1.7601.18247521ea8e7c000000500038e193d04c01cf53732a750e7aC:\Program Files (x86)\Steam\steamapps\common\Spellforce Platinum Edition\Spellforce.exeC:\Windows\SysWOW64\ntdll.dll5cada57c-bf6d-11e3-aef0-f46d049c96d4

Error: (04/08/2014 03:30:43 PM) (Source: Application Error)(User: )
Description: Spellforce.exe0.0.0.042403817ntdll.dll6.1.7601.18247521ea8e7c000000500038e193a6b801cf532dbc96fe0cC:\Program Files (x86)\Steam\steamapps\common\Spellforce Platinum Edition\Spellforce.exeC:\Windows\SysWOW64\ntdll.dllfb976759-bf21-11e3-aef0-f46d049c96d4

Error: (04/08/2014 03:22:13 PM) (Source: Application Error)(User: )
Description: Spellforce.exe0.0.0.042403817ntdll.dll6.1.7601.18247521ea8e7c000000500038e193970801cf532815c1c3edC:\Program Files (x86)\Steam\steamapps\common\Spellforce Platinum Edition\Spellforce.exeC:\Windows\SysWOW64\ntdll.dllcb9ec20e-bf20-11e3-aef0-f46d049c96d4


==================== Memory info ===========================

Percentage of memory in use: 22%
Total physical RAM: 8168.88 MB
Available physical RAM: 6359.1 MB
Total Pagefile: 16335.93 MB
Available Pagefile: 12989.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:587.25 GB) NTFS
Drive d: (OBLIVION) (CDROM) (Total:7.28 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: D747B218)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 16.04.2014 10:01
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:47 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27