Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Internet Problem, 1 Pc zieht volle Internet Leistung!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.11.2013, 15:31   #1
Bozzahx3
 
Internet Problem, 1 Pc zieht volle Internet Leistung! - Icon23

Internet Problem, 1 Pc zieht volle Internet Leistung!



Hallo,

Und zwar hab ich ein Problem,das Problem is sobald der Laptop meinem mutter (win8) ins Internet kommt haben die anderen Geräte z.b. mein pc (win7) kein internet mehr also der latop meiner mutter bekommt die volle InternetLeistung ich hab auch schon mit einem Lan-Kabel probiert aber hat auch nicht gebracht. Und das nervt ein bissl weil wir dann nicht gleichzeitig
ins Internet können. Ich hab auch schon bei ihr einen Virenscan gemacht (norton) auch ohne erfolg ich hoffe natürlich das hier jemand mir helfen kann, achso ich hab die easybox 903 von Vodafone und die volle Leitung kommt auch an.

MFG Bozzahx3

P.S. Danke im voraus,und es passiert nur bei dem Pc meiner Mutter!

Alt 02.11.2013, 16:12   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.11.2013, 21:14   #3
Bozzahx3
 
Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



FRST.txt
Addition.txt

danke für die schnelle antwort!

MFG Bozzahx3
__________________

Alt 03.11.2013, 08:09   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.11.2013, 16:05   #5
Bozzahx3
 
Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



Code:
ATTFilter
FRST.txt
         


Alt 03.11.2013, 16:06   #6
Bozzahx3
 
Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



Code:
ATTFilter
Addition.txt
         

Alt 04.11.2013, 09:06   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



Du sollst nicht den Link on Codetags posten, sondern das Logfile an sich, den Text
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.11.2013, 16:36   #8
Bozzahx3
 
Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by Lucas at 2013-11-02 21:10:46
Running from C:\Users\Lucas\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe After Effects CS6 (x32 Version: 11)
Adobe AIR (x32 Version: 3.7.0.1860)
Adobe Download Assistant (x32 Version: 1.2.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Photoshop CS6 (x32 Version: 13.0)
Adobe Premiere Pro CS6 (x32 Version: 6.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Advanced SystemCare 6 (x32 Version: 6.3)
Akamai NetSession Interface (HKCU)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
ASUS VGA Driver (x32 Version: 3.0.0.1)
ATI AVIVO64 Codecs (Version: 11.6.0.10524)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
AVM FRITZ!WLAN (x32)
Bing-Desktop (x32 Version: 1.3.322.0)
bl (x32 Version: 1.0.0)
Bonjour (Version: 3.0.0.10)
BRINK (x32)
Camtasia Studio 7 (x32 Version: 7.1.0)
Canon MP640 series MP Drivers
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)
CCC Help Czech (x32 Version: 2012.1219.1520.27485)
CCC Help Danish (x32 Version: 2012.1219.1520.27485)
CCC Help Dutch (x32 Version: 2012.1219.1520.27485)
CCC Help English (x32 Version: 2012.1219.1520.27485)
CCC Help Finnish (x32 Version: 2012.1219.1520.27485)
CCC Help French (x32 Version: 2012.1219.1520.27485)
CCC Help German (x32 Version: 2012.1219.1520.27485)
CCC Help Greek (x32 Version: 2012.1219.1520.27485)
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)
CCC Help Italian (x32 Version: 2012.1219.1520.27485)
CCC Help Japanese (x32 Version: 2012.1219.1520.27485)
CCC Help Korean (x32 Version: 2012.1219.1520.27485)
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)
CCC Help Polish (x32 Version: 2012.1219.1520.27485)
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)
CCC Help Russian (x32 Version: 2012.1219.1520.27485)
CCC Help Spanish (x32 Version: 2012.1219.1520.27485)
CCC Help Swedish (x32 Version: 2012.1219.1520.27485)
CCC Help Thai (x32 Version: 2012.1219.1520.27485)
CCC Help Turkish (x32 Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
CCleaner (Version: 4.03)
CPUID CPU-Z 1.64.0
Craften Terminal 3.4.5 (x32 Version: 3.4.5)
CyberGhost VPN
Dota 2 (x32)
Drakensang Online (x32)
Duel of Champions (x32)
Dxtory 2.0.104 (x32 Version: 2.0.104)
Fraps (remove only) (x32)
Free Driver Scout (Version: 1.0.0.141)
Free Driver Scout (x32 Version: 1.0.0.141)
Free YouTube to MP3 Converter version 3.12.13.925 (x32 Version: 3.12.13.925)
Freemake Video Downloader (x32 Version: 3.5.0)
Game Booster 3 (x32 Version: 3.4)
Google Chrome (x32 Version: 30.0.1599.101)
Google Update Helper (x32 Version: 1.3.21.165)
Grand Theft Auto IV (x32)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0)
HydraVision (x32 Version: 4.2.206.0)
IrfanView (remove only) (x32 Version: 4.35)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Lagarith Lossless Codec (1.3.27) (x32)
League of Legends (x32 Version: 1.3)
LogMeIn Hamachi (x32 Version: 2.1.0.362)
LOLReplay (x32 Version: 0.8.2.1)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft Games for Windows - LIVE (x32 Version: 3.1.186.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Security Client (Version: 4.3.0219.0)
Microsoft Security Essentials (Version: 4.3.219.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
MSI Afterburner 2.3.1 (x32 Version: 2.3.1)
Notepad++ (x32 Version: 6.3.2)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA ForceWare Network Access Manager (x32 Version: 1.00.7325.0)
NVIDIA PhysX (x32 Version: 9.10.0129)
Open Broadcaster Software (x32)
Opera Stable 15.0.1147.141 (x32 Version: 15.0.1147.141)
Pando Media Booster (x32 Version: 2.6.0.8)
PDF Settings CS6 (x32 Version: 11.0)
ph (x32 Version: 1.0.0)
Platform (x32 Version: 1.34)
puush (x32 Version: 1.0.0.0)
Razer Lycosa (x32 Version: 1.00.0000)
ROCCAT Power-Grid Version 0.458 (x32 Version: 0.458)
Skype™ 6.7 (x32 Version: 6.7.102)
Smashmuck Champions (x32)
Smite (x32 Version: 0.1.1594.8)
Steam (x32 Version: 1.0.0.0)
TeamSpeak 3 Client (Version: 3.0.11.1)
TeamViewer 8 (x32 Version: 8.0.20935)
Tunngle beta (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
VIA Plattform-Geräte-Manager (x32 Version: 1.34)
Web Check (x32)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)

==================== Restore Points  =========================

31-10-2013 19:21:37 Removed Advanced Archive Password Recovery
31-10-2013 19:25:22 Free System Utilities
31-10-2013 19:26:30 Removed iTunes
31-10-2013 19:33:10 Removed XSplit Broadcaster
31-10-2013 20:14:27 Removed Java 7 Update 45
01-11-2013 07:32:36 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05B94D66-6235-415D-8365-42EBEA531A25} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe [2013-08-16] ()
Task: {077D7BC1-9666-4B0D-863E-DE2BDAA27706} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {2098A493-DC29-4CD8-88F0-5452DFA7DD56} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-13] (Google Inc.)
Task: {222C0788-6980-40DA-8E50-54CF7F101EE5} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\Autoupdate.exe [2013-08-30] ()
Task: {388EFF20-5961-4C7C-B957-78CBBD0A756B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {38DCC069-FB8B-4927-86CA-C7F8116A96B7} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe
Task: {42A1D3C7-FFBC-40AE-AD19-0FCE48074D1E} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-10-30] ()
Task: {54C4EE6E-5D7E-472B-877F-E079F70DA9D7} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\Windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {5EA4A368-DDA9-40C8-9909-8D97EC2F0B26} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {633F2FC4-69EB-430C-A964-3D76F5BB5A02} - System32\Tasks\AdobeAAMUpdater-1.0-Lucas-PC-Lucas => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {7B233410-E99A-43B0-9471-E5DE1088C291} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {7FA10476-547F-4985-9259-7CEE8A5BD074} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {86070EE6-0E3A-4386-B795-38DB60B3DC87} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2013.4.0.10\SymErr.exe
Task: {86E6F42D-B28F-4324-869A-9AC1CFC6BF45} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
Task: {A9C3463D-07FD-488D-A91C-0A92BFA2E731} - System32\Tasks\Freemium1ClickMaint => C:\Users\Lucas\Downloads\1Click.exe
Task: {ADBAEE70-9522-4359-800E-936884D945B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-13] (Google Inc.)
Task: {BF2AEB89-8B8A-4953-B633-74735DC15793} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {E7CBDD6D-4D27-4710-B909-CCE3A160585C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-12] (Adobe Systems Incorporated)
Task: {EC2FDDDA-205B-488C-8896-7BE5F976FE9F} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {EC70BA78-963C-4993-B5F3-2410304F5A76} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-10-30] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-02-13 18:35 - 2009-05-07 09:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-02-13 18:35 - 2009-05-07 09:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2013-02-13 18:35 - 2008-01-18 07:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2013-02-13 18:35 - 2009-09-02 02:26 - 47601664 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2013-04-04 09:38 - 2013-08-23 16:45 - 00302056 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-04-04 09:38 - 2013-08-23 16:45 - 00320488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2013-04-04 09:38 - 2013-08-23 16:45 - 00186344 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2013-04-04 09:38 - 2013-08-23 16:45 - 00565224 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-08-08 20:32 - 2013-01-15 17:47 - 00517440 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 6\sqlite3.dll
2013-09-22 03:22 - 2013-09-22 03:20 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-17 05:55 - 2013-10-09 01:01 - 00698832 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-17 05:55 - 2013-10-09 01:01 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\libegl.dll
2013-10-17 05:55 - 2013-10-09 01:02 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-17 05:55 - 2013-10-09 01:02 - 00415184 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-17 05:55 - 2013-10-09 01:01 - 01604560 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2013-10-17 05:55 - 2013-10-09 01:02 - 13584336 _____ () C:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Lucas\AppData\Local\Temporary Internet Files:WrnLWD11DrjPliMzRDnS2NR

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Faulty Device Manager Devices =============

Name: TAP-Win32 Adapter V9
Description: TAP-Win32 Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Win32 Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/02/2013 03:38:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 30.0.1599.101, Zeitstempel: 0x52547456
Name des fehlerhaften Moduls: chrome.dll, Version: 30.0.1599.101, Zeitstempel: 0x525473d5
Ausnahmecode: 0x80000003
Fehleroffset: 0x01185238
ID des fehlerhaften Prozesses: 0xfd8
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3

Error: (11/02/2013 11:30:31 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2013 07:45:45 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 3.13.0.399, Zeitstempel: 0x526ed0a3
Name des fehlerhaften Moduls: cgD3D9.dll, Version: 3.0.0.16, Zeitstempel: 0x4d55a06f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000b6539
ID des fehlerhaften Prozesses: 0x1204
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

Error: (11/01/2013 01:09:08 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2013 08:39:09 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 3.13.0.399, Zeitstempel: 0x526ed0a3
Name des fehlerhaften Moduls: Recorder.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x51a2dcca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x702de2bd
ID des fehlerhaften Prozesses: 0x9ec
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

Error: (11/01/2013 08:37:31 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 3.13.0.399, Zeitstempel: 0x526ed0a3
Name des fehlerhaften Moduls: Recorder.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x51a2dcca
Ausnahmecode: 0xc0000005
Fehleroffset: 0x7016e2bd
ID des fehlerhaften Prozesses: 0x478
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3

Error: (11/01/2013 08:23:13 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2013 09:16:59 PM) (Source: MsiInstaller) (User: Lucas-PC)
Description: Produkt: Java 7 Update 45 -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie mit dieser Installation fortfahren können.

Error: (10/31/2013 09:16:54 PM) (Source: MsiInstaller) (User: Lucas-PC)
Description: Produkt: Java 7 Update 45 -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie mit dieser Installation fortfahren können.

Error: (10/31/2013 00:31:42 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/02/2013 06:43:35 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PAPS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2C1DD069-25EC-462D-8D41-0100D06BF653}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/02/2013 03:11:04 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PAPS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2C1DD069-25EC-462D-8D41-0100D06BF653}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/02/2013 11:31:23 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (11/02/2013 01:23:50 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (11/01/2013 09:21:33 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (11/01/2013 09:21:33 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (11/01/2013 06:20:41 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PAPS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2C1DD069-25EC-462D-8D41-0100D06BF653}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/01/2013 01:22:51 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PAPS-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{2C1DD069-25EC-462D-8D41-0100D06BF653}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/01/2013 01:10:21 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (11/01/2013 01:09:45 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office Sessions:
=========================
Error: (11/02/2013 03:38:36 PM) (Source: Application Error)(User: )
Description: chrome.exe30.0.1599.10152547456chrome.dll30.0.1599.101525473d58000000301185238fd801ced7d93420834cC:\Program Files (x86)\Google\Chrome\Application\chrome.exeC:\Program Files (x86)\Google\Chrome\Application\30.0.1599.101\chrome.dll745e334c-43cc-11e3-b408-002522e433e7

Error: (11/02/2013 11:30:31 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2013 07:45:45 PM) (Source: Application Error)(User: )
Description: League of Legends.exe3.13.0.399526ed0a3cgD3D9.dll3.0.0.164d55a06fc0000005000b6539120401ced7327c8a1d31C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.250\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.250\deploy\cgD3D9.dlld0d7a2c1-4325-11e3-ae2b-002522e433e7

Error: (11/01/2013 01:09:08 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/01/2013 08:39:09 AM) (Source: Application Error)(User: )
Description: League of Legends.exe3.13.0.399526ed0a3Recorder.dll_unloaded0.0.0.051a2dccac0000005702de2bd9ec01ced6d57379efc9C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.250\deploy\League of Legends.exeRecorder.dllb13abfa0-42c8-11e3-9cb1-002522e433e7

Error: (11/01/2013 08:37:31 AM) (Source: Application Error)(User: )
Description: League of Legends.exe3.13.0.399526ed0a3Recorder.dll_unloaded0.0.0.051a2dccac00000057016e2bd47801ced6d53747c076C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.250\deploy\League of Legends.exeRecorder.dll7694ef40-42c8-11e3-9cb1-002522e433e7

Error: (11/01/2013 08:23:13 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/31/2013 09:16:59 PM) (Source: MsiInstaller)(User: Lucas-PC)
Description: Produkt: Java 7 Update 45 -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie mit dieser Installation fortfahren können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/31/2013 09:16:54 PM) (Source: MsiInstaller)(User: Lucas-PC)
Description: Produkt: Java 7 Update 45 -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie mit dieser Installation fortfahren können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (10/31/2013 00:31:42 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 4095.3 MB
Available physical RAM: 2455.73 MB
Total Pagefile: 8188.79 MB
Available Pagefile: 5559.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:74.43 GB) (Free:16.7 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Sata Datenträger) (Fixed) (Total:931.51 GB) (Free:877.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: 0A370A36)
Partition 1: (Active) - (Size=74 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: E6B821E8)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-10-2013
Ran by Lucas (administrator) on LUCAS-PC on 02-11-2013 21:08:37
Running from C:\Users\Lucas\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
() C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Akamai Technologies, Inc.) C:\Users\Lucas\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Lucas\AppData\Local\Akamai\netsession_win.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\system32\LogonUI.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\puush\puush.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1356240 2013-08-12] (Microsoft Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-05-24] (AMD)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Lucas\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Service] - C:\Windows\system32\SystemFiles\jodxy1MX8LzR\Service.exe
MountPoints2: G - G:\pushinst.exe
MountPoints2: {87beabea-7846-11e2-8ba9-002522e433e7} - G:\pushinst.exe
MountPoints2: {a7e8ac84-0e21-11e3-b9d6-002522e433e7} - F:\setup_vmc_lite.exe /checkApplicationPresence
HKLM-x32\...\Run: [AVMWlanClient] - C:\Program Files (x86)\avmwlanstick\WLanGUI.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2583040 2009-09-21] (VIA)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BingDesktop] - C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2258056 2013-09-22] (Microsoft Corp.)
AppInit_DLLs-x32:   [ ] ()
Startup: C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~Disabled ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=FC2800FF133620A9
SearchScopes: HKCU - DefaultScope {386681DB-AB76-461B-98FB-A97EA89F3AD9} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119293&tt=gc_&babsrc=SP_ss&mntrId=FC2800FF133620A9
SearchScopes: HKCU - {386681DB-AB76-461B-98FB-A97EA89F3AD9} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Web Check - {E155F23C-9931-47c6-A619-20E6FCA86D75} - C:\Program Files (x86)\Web Check\WebCheck.dll (Web Check)
BHO-x32: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0F92EAC4-CE6B-4957-806D-B05E43179E0C}: [NameServer]192.168.2.1,192.168.2.103

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions
FF Extension: gophoto - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\profiles\extensions\gophoto@gophoto.it.xpi
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\profiles\extensions\prefs.js
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\profiles\extensions\search.sqlite
FF Extension: No Name - C:\Users\Lucas\AppData\Roaming\Mozilla\Firefox\profiles\extensions\user.js
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\

==================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-22] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [815160 2013-09-22] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-09-22] (Microsoft Corp.)
S3 CGVPNCliSrvc; C:\Program Files\CyberGhost VPN\CGVPNCliService.exe [2438696 2012-04-26] (mobile concepts GmbH)
R2 ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe [496232 2010-01-21] ()
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-02-25] (Ellora Assets Corp.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-08-12] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366600 2013-08-12] (Microsoft Corporation)
R2 nSvcIp; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe [209000 2010-01-21] ()
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-06-18] ()
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-07-01] ()
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)

==================== Drivers (Whitelisted) ====================

R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
S3 AVerAF15; C:\Windows\System32\Drivers\AVerAF15.sys [311424 2009-05-22] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-22] (Avira Operations GmbH & Co. KG)
S3 fwlanusb4; C:\Windows\System32\DRIVERS\fwlanusb4.sys [1293824 2010-10-22] (AVM GmbH)
R3 Lycosa; C:\Windows\System32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [247216 2013-06-18] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [139616 2013-06-18] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2010-11-26] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-02-22] (Anchorfree Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 easytether; system32\DRIVERS\easytthr.sys [x]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 wolf; \??\C:\AeriaGames\WolfTeam-DE\avital\wolf64.sys [x]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-02 21:08 - 2013-11-02 21:08 - 00000000 ____D C:\FRST
2013-11-02 21:07 - 2013-11-02 21:08 - 01957098 _____ (Farbar) C:\Users\Lucas\Downloads\FRST64.exe
2013-11-02 18:23 - 2013-11-02 18:24 - 00000000 ____D C:\Users\Lucas\Downloads\ElophantClient
2013-11-02 18:23 - 2013-11-02 18:23 - 00985720 _____ C:\Users\Lucas\Downloads\ElophantClient.zip
2013-11-02 17:31 - 2013-11-02 17:31 - 104684788 _____ C:\Windows\SysWOW64\�羂ᵌ›
2013-11-02 14:21 - 2013-11-02 14:45 - 00006482 _____ C:\Users\Lucas\Desktop\server.log
2013-11-01 19:50 - 2013-11-01 19:52 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\.technic
2013-10-31 21:12 - 2013-10-31 21:12 - 00915368 _____ (Oracle Corporation) C:\Users\Lucas\Downloads\chromeinstall-7u45.exe
2013-10-31 20:05 - 2013-10-31 20:24 - 00000000 ____D C:\Program Files\Ekahau
2013-10-31 20:05 - 2013-10-31 20:05 - 00000000 ____D C:\Users\Lucas\Downloads\[Skrill]Impact Intro Template
2013-10-31 20:04 - 2013-10-31 20:04 - 01069555 _____ C:\Users\Lucas\Downloads\[Skrill]Impact Intro Template.rar
2013-10-31 19:49 - 2013-10-31 19:52 - 100885752 _____ (Ekahau) C:\Users\Lucas\Downloads\Ekahau114_Heatmapper-Setup.exe
2013-10-30 21:27 - 2013-10-30 21:27 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\OBS
2013-10-30 21:27 - 2013-10-30 21:27 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2013-10-30 21:27 - 2013-10-30 21:27 - 00000000 ____D C:\Program Files\OBS
2013-10-30 21:27 - 2013-10-30 21:27 - 00000000 ____D C:\Program Files (x86)\OBS
2013-10-30 21:25 - 2013-10-30 21:26 - 07630870 _____ C:\Users\Lucas\Downloads\OBS_0_583b_Installer.exe
2013-10-29 20:52 - 2013-10-29 20:52 - 00000022 _____ C:\Users\Lucas\Documents\PBE.txt
2013-10-28 14:17 - 2013-11-01 08:20 - 00000918 _____ C:\Windows\PFRO.log
2013-10-27 17:37 - 2013-10-27 17:37 - 09954829 _____ C:\Users\Lucas\Downloads\League of Legends v0.26-Version-0.26.rpgp
2013-10-27 17:22 - 2013-10-27 17:22 - 00000000 ____D C:\Users\Lucas\Documents\ROCCAT
2013-10-26 21:55 - 2013-10-31 21:04 - 02295500 _____ () C:\Users\Lucas\Desktop\TechnicLauncher.exe
2013-10-26 21:17 - 2013-10-26 21:17 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2013-10-26 21:09 - 2013-10-26 21:12 - 39653489 _____ (ROCCAT GmbH                                                 ) C:\Users\Lucas\Downloads\ROCCAT_Power_Grid_v0458.exe
2013-10-26 19:02 - 2013-10-26 19:02 - 00000000 _____ C:\Windows\SysWOW64\Access.dat
2013-10-26 18:37 - 2013-11-01 23:56 - 00000000 ____D C:\ProgramData\Tunngle
2013-10-26 18:37 - 2013-11-01 23:55 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Tunngle
2013-10-26 18:37 - 2013-10-26 18:38 - 00000000 ____D C:\Program Files (x86)\Tunngle
2013-10-26 18:37 - 2013-10-26 18:37 - 00000000 ____D C:\Users\Public\Documents\Tunngle
2013-10-26 18:37 - 2013-10-26 18:37 - 00000000 ____D C:\Users\Lucas\Documents\Tunngle
2013-10-26 18:37 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2013-10-26 18:31 - 2013-10-26 18:32 - 04068392 _____ (Tunngle.net GmbH                                            ) C:\Users\Lucas\Downloads\Tunngle_Setup_v4.5.1.3.exe
2013-10-26 16:19 - 2013-10-26 16:19 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\puush
2013-10-26 16:19 - 2013-10-26 16:19 - 00000000 ____D C:\Program Files (x86)\puush
2013-10-26 16:18 - 2013-10-26 16:18 - 01085440 _____ C:\Users\Lucas\Downloads\puush.msi
2013-10-26 12:45 - 2013-10-26 12:45 - 00367332 _____ (hxxp://magiclauncher.com) C:\Users\Lucas\Desktop\MagicLauncher_1.1.7.exe
2013-10-26 12:40 - 2013-10-26 12:40 - 00396219 _____ C:\Users\Lucas\Downloads\OptiFine_1.6.4_HD_C6.jar
2013-10-25 22:38 - 2013-10-25 22:51 - 00000000 ____D C:\Users\Lucas\Downloads\Hexxit_Server_v1.0.7
2013-10-25 22:36 - 2013-10-25 22:37 - 47574761 _____ C:\Users\Lucas\Downloads\Hexxit_Server_v1.0.7.zip
2013-10-24 21:28 - 2013-10-24 21:29 - 00352775 _____ C:\Users\Lucas\Downloads\OptiFine_1.5.2_HD_D5.zip
2013-10-24 19:17 - 2013-10-24 19:17 - 03880235 _____ (Craften.de                                                  ) C:\Users\Lucas\Downloads\craftenterminal (1).exe
2013-10-24 14:29 - 2013-10-26 18:44 - 00065224 _____ C:\Users\Lucas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-24 14:28 - 2013-11-02 18:05 - 00021168 _____ C:\Windows\setupact.log
2013-10-24 14:28 - 2013-10-24 14:28 - 00000000 _____ C:\Windows\setuperr.log
2013-10-24 14:27 - 2013-10-26 19:05 - 04899552 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-20 22:18 - 2013-10-22 17:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-20 22:18 - 2013-10-22 17:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-20 22:17 - 2013-10-21 20:45 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-20 21:57 - 2013-10-21 20:44 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-20 21:56 - 2013-10-21 20:44 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-20 19:34 - 2013-09-04 13:12 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-10-20 19:34 - 2013-09-04 13:11 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-10-20 19:34 - 2013-09-04 13:11 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-10-20 19:34 - 2013-09-04 13:11 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-10-20 19:34 - 2013-09-04 13:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-10-20 19:34 - 2013-09-04 13:11 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2013-10-20 19:34 - 2013-09-04 13:11 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-10-17 19:49 - 2013-10-28 21:50 - 00000000 __SHD C:\Users\Lucas\wc
2013-10-17 19:49 - 2013-10-17 20:32 - 00000000 ____D C:\Users\Lucas\AppData\Local\Ubisoft
2013-10-17 19:49 - 2013-10-17 19:49 - 00001106 _____ C:\Users\Public\Desktop\Duel of Champions Launcher.lnk
2013-10-17 19:49 - 2013-10-17 19:49 - 00000000 __SHD C:\Users\Lucas\AppData\Roaming\wyUpdate AU
2013-10-17 19:49 - 2013-10-17 19:49 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Ubisoft
2013-10-17 19:46 - 2013-10-17 19:47 - 07335928 _____ (Ubisoft) C:\Users\Lucas\Downloads\duelofchampions.exe
2013-10-17 13:37 - 2013-10-17 13:38 - 08435712 _____ C:\Users\Lucas\Downloads\archpr454_setup_en.msi
2013-10-17 13:35 - 2013-10-17 13:36 - 03243956 _____ C:\Users\Lucas\Downloads\HearthStone Beta Key Generator.rar
2013-10-17 11:00 - 2013-10-17 11:00 - 00342510 _____ C:\Users\Lucas\Downloads\OptiFine_1.4.6_HD_D5 (1).zip
2013-10-16 07:18 - 2013-10-16 07:19 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-14 22:13 - 2013-10-14 22:13 - 00000000 ____D C:\Users\Lucas\AppData\Local\CrashRpt
2013-10-14 20:46 - 2013-10-14 20:47 - 17608925 _____ C:\Users\Lucas\Downloads\103.zip
2013-10-14 20:46 - 2013-10-14 20:46 - 25013681 _____ C:\Users\Lucas\Downloads\1.5.2 faithful 2.9.8.zip
2013-10-14 19:28 - 2013-10-16 07:19 - 00000000 ____D C:\ProgramData\Oracle
2013-10-13 12:08 - 2013-09-23 00:28 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-13 12:08 - 2013-09-23 00:28 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 14335488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 02048512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-13 12:08 - 2013-09-23 00:27 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-13 12:08 - 2013-09-22 23:55 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-13 12:08 - 2013-09-22 23:55 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-13 12:08 - 2013-09-22 23:55 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-13 12:08 - 2013-09-22 23:54 - 19252224 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 02647552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-13 12:08 - 2013-09-22 23:54 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-13 12:08 - 2013-09-21 04:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-13 12:08 - 2013-09-21 04:30 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-13 12:08 - 2013-09-21 03:48 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-13 12:08 - 2013-09-21 03:39 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-13 11:29 - 2013-10-13 11:30 - 03876411 _____ (Craften.de                                                  ) C:\Users\Lucas\Downloads\craftenterminal.exe
2013-10-13 09:36 - 2013-07-04 13:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-13 09:36 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-13 09:35 - 2013-07-12 11:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-10-13 09:35 - 2013-07-12 11:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2013-10-13 09:35 - 2013-07-03 05:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-10-13 09:35 - 2013-07-03 05:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-10-13 09:35 - 2013-06-06 06:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2013-10-13 09:35 - 2013-06-06 06:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2013-10-13 09:35 - 2013-06-06 06:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2013-10-13 09:35 - 2013-06-06 06:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-13 09:35 - 2013-06-06 05:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2013-10-13 09:35 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2013-10-13 09:35 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2013-10-13 09:35 - 2013-06-06 04:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-13 09:35 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-13 09:35 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-13 09:34 - 2013-09-14 02:10 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-13 09:34 - 2013-09-08 03:30 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-13 09:34 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2013-10-13 09:34 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2013-10-13 09:34 - 2013-08-29 03:17 - 05549504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-13 09:34 - 2013-08-29 03:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-13 09:34 - 2013-08-29 03:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2013-10-13 09:34 - 2013-08-29 03:16 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-13 09:34 - 2013-08-29 03:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2013-10-13 09:34 - 2013-08-29 02:51 - 03969472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-13 09:34 - 2013-08-29 02:51 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-13 09:34 - 2013-08-29 02:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-13 09:34 - 2013-08-29 02:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2013-10-13 09:34 - 2013-08-29 02:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-13 09:34 - 2013-08-29 02:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2013-10-13 09:34 - 2013-08-29 01:49 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-13 09:34 - 2013-08-29 01:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-13 09:34 - 2013-08-29 01:49 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-13 09:34 - 2013-08-29 01:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-13 09:34 - 2013-08-28 02:21 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-13 09:34 - 2013-08-01 13:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-13 09:34 - 2013-07-20 11:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 09:34 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-13 09:34 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-13 09:34 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-13 09:34 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-13 09:34 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-13 09:34 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2013-10-13 09:34 - 2013-06-25 23:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-13 09:33 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2013-10-07 02:14 - 2013-10-28 21:45 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\.minecraft
2013-10-06 21:39 - 2013-10-06 21:39 - 00342510 _____ C:\Users\Lucas\Downloads\OptiFine_1.4.6_HD_D5.zip
2013-10-05 20:42 - 2013-10-05 20:43 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-05 20:42 - 2013-10-05 20:43 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\DVDVideoSoft
2013-10-05 20:42 - 2013-10-05 20:43 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-05 15:58 - 2013-10-24 19:20 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Craften Terminal
2013-10-05 15:58 - 2013-10-05 15:58 - 00000000 ____D C:\Users\Lucas\AppData\Local\Craften.de
2013-10-05 15:57 - 2013-10-24 19:17 - 00000000 ____D C:\Program Files (x86)\Craften Terminal
2013-10-03 22:29 - 2013-10-03 22:29 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\.mono

==================== One Month Modified Files and Folders =======

2013-11-02 21:09 - 2013-05-12 15:22 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\TS3Client
2013-11-02 21:08 - 2013-11-02 21:08 - 00000000 ____D C:\FRST
2013-11-02 21:08 - 2013-11-02 21:07 - 01957098 _____ (Farbar) C:\Users\Lucas\Downloads\FRST64.exe
2013-11-02 21:08 - 2013-02-13 17:51 - 00000000 ____D C:\Users\Lucas\AppData\Local\PMB Files
2013-11-02 21:07 - 2013-02-13 17:51 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-02 21:04 - 2013-05-24 15:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-02 20:55 - 2013-02-13 18:20 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-02 19:12 - 2013-02-13 17:06 - 01127053 _____ C:\Windows\WindowsUpdate.log
2013-11-02 18:24 - 2013-11-02 18:23 - 00000000 ____D C:\Users\Lucas\Downloads\ElophantClient
2013-11-02 18:23 - 2013-11-02 18:23 - 00985720 _____ C:\Users\Lucas\Downloads\ElophantClient.zip
2013-11-02 18:05 - 2013-10-24 14:28 - 00021168 _____ C:\Windows\setupact.log
2013-11-02 17:31 - 2013-11-02 17:31 - 104684788 _____ C:\Windows\SysWOW64\�羂ᵌ›
2013-11-02 16:55 - 2013-02-13 18:20 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-02 16:31 - 2013-07-01 02:07 - 00004160 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-11-02 16:31 - 2013-07-01 02:06 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2013-11-02 15:40 - 2013-02-14 08:31 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Skype
2013-11-02 15:38 - 2013-03-03 15:45 - 00000000 ____D C:\Users\Lucas\AppData\Local\CrashDumps
2013-11-02 14:45 - 2013-11-02 14:21 - 00006482 _____ C:\Users\Lucas\Desktop\server.log
2013-11-02 11:40 - 2013-02-26 16:33 - 00000000 ____D C:\Users\Lucas\AppData\Local\Adobe
2013-11-02 11:38 - 2009-07-14 05:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-02 11:38 - 2009-07-14 05:45 - 00025680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-02 11:29 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-01 23:56 - 2013-10-26 18:37 - 00000000 ____D C:\ProgramData\Tunngle
2013-11-01 23:55 - 2013-10-26 18:37 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Tunngle
2013-11-01 21:29 - 2013-07-06 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2013-11-01 19:52 - 2013-11-01 19:50 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\.technic
2013-11-01 08:23 - 2013-02-25 16:42 - 00000000 ____D C:\Users\Lucas\AppData\Local\LogMeIn Hamachi
2013-11-01 08:20 - 2013-10-28 14:17 - 00000918 _____ C:\Windows\PFRO.log
2013-10-31 21:12 - 2013-10-31 21:12 - 00915368 _____ (Oracle Corporation) C:\Users\Lucas\Downloads\chromeinstall-7u45.exe
2013-10-31 21:04 - 2013-10-26 21:55 - 02295500 _____ () C:\Users\Lucas\Desktop\TechnicLauncher.exe
2013-10-31 20:35 - 2013-05-10 12:38 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2013-10-31 20:30 - 2013-08-10 15:02 - 00000000 ____D C:\ProgramData\Apple Computer
2013-10-31 20:30 - 2013-08-10 15:02 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-31 20:26 - 2013-02-26 16:22 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-31 20:24 - 2013-10-31 20:05 - 00000000 ____D C:\Program Files\Ekahau
2013-10-31 20:08 - 2013-04-11 12:10 - 00000000 ____D C:\Users\Lucas\Ekahau Site Survey
2013-10-31 20:05 - 2013-10-31 20:05 - 00000000 ____D C:\Users\Lucas\Downloads\[Skrill]Impact Intro Template
2013-10-31 20:04 - 2013-10-31 20:04 - 01069555 _____ C:\Users\Lucas\Downloads\[Skrill]Impact Intro Template.rar
2013-10-31 19:52 - 2013-10-31 19:49 - 100885752 _____ (Ekahau) C:\Users\Lucas\Downloads\Ekahau114_Heatmapper-Setup.exe
2013-10-30 21:27 - 2013-10-30 21:27 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\OBS
2013-10-30 21:27 - 2013-10-30 21:27 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2013-10-30 21:27 - 2013-10-30 21:27 - 00000000 ____D C:\Program Files\OBS
2013-10-30 21:27 - 2013-10-30 21:27 - 00000000 ____D C:\Program Files (x86)\OBS
2013-10-30 21:26 - 2013-10-30 21:25 - 07630870 _____ C:\Users\Lucas\Downloads\OBS_0_583b_Installer.exe
2013-10-29 20:52 - 2013-10-29 20:52 - 00000022 _____ C:\Users\Lucas\Documents\PBE.txt
2013-10-28 21:53 - 2013-09-22 03:21 - 00003580 _____ C:\Windows\System32\Tasks\FreeDriverScout
2013-10-28 21:50 - 2013-10-17 19:49 - 00000000 __SHD C:\Users\Lucas\wc
2013-10-28 21:45 - 2013-10-07 02:14 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\.minecraft
2013-10-27 17:37 - 2013-10-27 17:37 - 09954829 _____ C:\Users\Lucas\Downloads\League of Legends v0.26-Version-0.26.rpgp
2013-10-27 17:22 - 2013-10-27 17:22 - 00000000 ____D C:\Users\Lucas\Documents\ROCCAT
2013-10-27 13:34 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-10-27 13:28 - 2013-02-14 02:01 - 00699092 _____ C:\Windows\system32\perfh007.dat
2013-10-27 13:28 - 2013-02-14 02:01 - 00149232 _____ C:\Windows\system32\perfc007.dat
2013-10-27 13:28 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-26 21:17 - 2013-10-26 21:17 - 00000000 ____D C:\Program Files (x86)\ROCCAT
2013-10-26 21:12 - 2013-10-26 21:09 - 39653489 _____ (ROCCAT GmbH                                                 ) C:\Users\Lucas\Downloads\ROCCAT_Power_Grid_v0458.exe
2013-10-26 19:05 - 2013-10-24 14:27 - 04899552 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-26 19:02 - 2013-10-26 19:02 - 00000000 _____ C:\Windows\SysWOW64\Access.dat
2013-10-26 18:44 - 2013-10-24 14:29 - 00065224 _____ C:\Users\Lucas\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-26 18:38 - 2013-10-26 18:37 - 00000000 ____D C:\Program Files (x86)\Tunngle
2013-10-26 18:37 - 2013-10-26 18:37 - 00000000 ____D C:\Users\Public\Documents\Tunngle
2013-10-26 18:37 - 2013-10-26 18:37 - 00000000 ____D C:\Users\Lucas\Documents\Tunngle
2013-10-26 18:32 - 2013-10-26 18:31 - 04068392 _____ (Tunngle.net GmbH                                            ) C:\Users\Lucas\Downloads\Tunngle_Setup_v4.5.1.3.exe
2013-10-26 16:19 - 2013-10-26 16:19 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\puush
2013-10-26 16:19 - 2013-10-26 16:19 - 00000000 ____D C:\Program Files (x86)\puush
2013-10-26 16:18 - 2013-10-26 16:18 - 01085440 _____ C:\Users\Lucas\Downloads\puush.msi
2013-10-26 12:45 - 2013-10-26 12:45 - 00367332 _____ (hxxp://magiclauncher.com) C:\Users\Lucas\Desktop\MagicLauncher_1.1.7.exe
2013-10-26 12:40 - 2013-10-26 12:40 - 00396219 _____ C:\Users\Lucas\Downloads\OptiFine_1.6.4_HD_C6.jar
2013-10-25 22:51 - 2013-10-25 22:38 - 00000000 ____D C:\Users\Lucas\Downloads\Hexxit_Server_v1.0.7
2013-10-25 22:37 - 2013-10-25 22:36 - 47574761 _____ C:\Users\Lucas\Downloads\Hexxit_Server_v1.0.7.zip
2013-10-24 21:29 - 2013-10-24 21:28 - 00352775 _____ C:\Users\Lucas\Downloads\OptiFine_1.5.2_HD_D5.zip
2013-10-24 19:20 - 2013-10-05 15:58 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Craften Terminal
2013-10-24 19:17 - 2013-10-24 19:17 - 03880235 _____ (Craften.de                                                  ) C:\Users\Lucas\Downloads\craftenterminal (1).exe
2013-10-24 19:17 - 2013-10-05 15:57 - 00000000 ____D C:\Program Files (x86)\Craften Terminal
2013-10-24 14:28 - 2013-10-24 14:28 - 00000000 _____ C:\Windows\setuperr.log
2013-10-23 19:57 - 2013-02-14 02:02 - 00000000 ____D C:\Windows\Panther
2013-10-22 21:38 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-10-22 17:38 - 2013-10-20 22:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-22 17:38 - 2013-10-20 22:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-21 20:45 - 2013-10-20 22:17 - 00001912 _____ C:\Windows\epplauncher.mif
2013-10-21 20:44 - 2013-10-20 21:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-10-21 20:44 - 2013-10-20 21:56 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-10-17 20:32 - 2013-10-17 19:49 - 00000000 ____D C:\Users\Lucas\AppData\Local\Ubisoft
2013-10-17 19:49 - 2013-10-17 19:49 - 00001106 _____ C:\Users\Public\Desktop\Duel of Champions Launcher.lnk
2013-10-17 19:49 - 2013-10-17 19:49 - 00000000 __SHD C:\Users\Lucas\AppData\Roaming\wyUpdate AU
2013-10-17 19:49 - 2013-10-17 19:49 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\Ubisoft
2013-10-17 19:49 - 2013-02-13 17:11 - 00000000 ____D C:\Users\Lucas
2013-10-17 19:47 - 2013-10-17 19:46 - 07335928 _____ (Ubisoft) C:\Users\Lucas\Downloads\duelofchampions.exe
2013-10-17 15:50 - 2013-02-13 18:20 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-17 15:50 - 2013-02-13 18:20 - 00003852 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-17 13:38 - 2013-10-17 13:37 - 08435712 _____ C:\Users\Lucas\Downloads\archpr454_setup_en.msi
2013-10-17 13:36 - 2013-10-17 13:35 - 03243956 _____ C:\Users\Lucas\Downloads\HearthStone Beta Key Generator.rar
2013-10-17 11:00 - 2013-10-17 11:00 - 00342510 _____ C:\Users\Lucas\Downloads\OptiFine_1.4.6_HD_D5 (1).zip
2013-10-16 09:07 - 2013-06-19 19:22 - 00000000 ____D C:\Users\Lucas\AppData\Local\IW4M
2013-10-16 07:19 - 2013-10-16 07:18 - 00004278 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log
2013-10-16 07:19 - 2013-10-14 19:28 - 00000000 ____D C:\ProgramData\Oracle
2013-10-14 22:13 - 2013-10-14 22:13 - 00000000 ____D C:\Users\Lucas\AppData\Local\CrashRpt
2013-10-14 20:47 - 2013-10-14 20:46 - 17608925 _____ C:\Users\Lucas\Downloads\103.zip
2013-10-14 20:46 - 2013-10-14 20:46 - 25013681 _____ C:\Users\Lucas\Downloads\1.5.2 faithful 2.9.8.zip
2013-10-13 12:11 - 2013-02-13 18:12 - 01592496 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-10-13 12:07 - 2013-08-11 18:06 - 00000000 ____D C:\Windows\system32\MRT
2013-10-13 12:05 - 2013-02-22 13:16 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-13 11:30 - 2013-10-13 11:29 - 03876411 _____ (Craften.de                                                  ) C:\Users\Lucas\Downloads\craftenterminal.exe
2013-10-12 20:04 - 2013-05-24 15:09 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-12 20:04 - 2013-05-24 15:09 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-12 20:04 - 2013-03-15 17:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-06 21:39 - 2013-10-06 21:39 - 00342510 _____ C:\Users\Lucas\Downloads\OptiFine_1.4.6_HD_D5.zip
2013-10-06 18:40 - 2013-02-13 17:11 - 00000000 ____D C:\Users\Lucas\AppData\Local\VirtualStore
2013-10-05 20:43 - 2013-10-05 20:42 - 00000000 ___RD C:\Users\Public\Desktop\DVDVideoSoft
2013-10-05 20:43 - 2013-10-05 20:42 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\DVDVideoSoft
2013-10-05 20:43 - 2013-10-05 20:42 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-10-05 15:58 - 2013-10-05 15:58 - 00000000 ____D C:\Users\Lucas\AppData\Local\Craften.de
2013-10-03 22:29 - 2013-10-03 22:29 - 00000000 ____D C:\Users\Lucas\AppData\Roaming\.mono
2013-10-03 11:37 - 2013-02-13 17:11 - 00000000 ___RD C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-03 11:37 - 2013-02-13 17:11 - 00000000 ___RD C:\Users\Lucas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

Some content of TEMP:
====================
C:\Users\Lucas\AppData\Local\Temp\skype_amd648976761013546806747.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-02 17:42

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

[/CODE]

Hoffe das ich es jetzt richtig gemacht hab,mache sowas das erstemal

MFG Bozzahx3

Alt 05.11.2013, 12:21   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



hi,.

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.11.2013, 22:07   #10
Bozzahx3
 
Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



Code:
ATTFilter
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-11-11.01 - Lucas 13.11.2013  13:52:21.1.2 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.4095.2767 [GMT 1:00]
ausgeführt von:: c:\users\Lucas\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lucas\AppData\Roaming\dclogs
c:\users\Lucas\AppData\Roaming\dclogs\2013-05-12-1.dc
c:\users\Lucas\AppData\Roaming\dclogs\2013-05-13-2.dc
c:\users\Lucas\AppData\Roaming\dclogs\2013-05-19-1.dc
c:\users\Lucas\AppData\Roaming\dclogs\2013-05-20-2.dc
c:\users\Lucas\AppData\Roaming\dclogs\2013-06-20-5.dc
c:\users\Lucas\AppData\Roaming\dclogs\2013-06-21-6.dc
c:\users\Lucas\AppData\Roaming\dclogs\2013-06-22-7.dc
c:\users\Lucas\AppData\Roaming\dclogs\2013-06-29-7.dc
c:\users\Lucas\AppData\Roaming\dclogs\2013-06-30-1.dc
c:\users\Lucas\AppData\Roaming\dclogs\2013-10-06-1.dc
c:\windows\SysWow64\FlashPlayerApp.exe
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-10-13 bis 2013-11-13  ))))))))))))))))))))))))))))))
.
.
2013-11-13 13:00 . 2013-11-13 13:00	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-10 20:15 . 2013-11-10 20:15	--------	d-----w-	c:\users\Lucas\AppData\Local\Software_Updater
2013-11-03 10:33 . 2013-11-03 10:33	--------	d-----w-	c:\users\Lucas\AppData\Local\LogMeIn
2013-11-03 10:33 . 2013-11-03 10:33	--------	d-----w-	c:\programdata\LogMeIn
2013-11-03 01:32 . 2013-11-03 01:32	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-11-02 20:08 . 2013-11-02 20:08	--------	d-----w-	C:\FRST
2013-11-01 18:50 . 2013-11-12 14:47	--------	d-----w-	c:\users\Lucas\AppData\Roaming\.technic
2013-10-31 19:05 . 2013-10-31 19:24	--------	d-----w-	c:\program files\Ekahau
2013-10-30 20:27 . 2013-10-30 20:27	--------	d-----w-	c:\users\Lucas\AppData\Roaming\OBS
2013-10-30 20:27 . 2013-10-30 20:27	--------	d-----w-	c:\program files\OBS
2013-10-30 20:27 . 2013-10-30 20:27	--------	d-----w-	c:\program files (x86)\OBS
2013-10-26 20:17 . 2013-10-26 20:17	--------	d-----w-	c:\program files (x86)\ROCCAT
2013-10-26 17:37 . 2013-11-13 09:11	--------	d-----w-	c:\users\Lucas\AppData\Roaming\Tunngle
2013-10-26 17:37 . 2013-11-13 09:11	--------	d-----w-	c:\programdata\Tunngle
2013-10-26 17:37 . 2009-09-16 06:02	31232	----a-w-	c:\windows\system32\drivers\tap0901t.sys
2013-10-26 17:37 . 2013-10-26 17:38	--------	d-----w-	c:\program files (x86)\Tunngle
2013-10-26 15:19 . 2013-10-26 15:19	--------	d-----w-	c:\users\Lucas\AppData\Roaming\puush
2013-10-26 15:19 . 2013-10-26 15:19	--------	d-----w-	c:\program files (x86)\puush
2013-10-20 21:19 . 2013-10-20 21:19	--------	d-----w-	C:\history
2013-10-20 21:18 . 2013-10-22 16:38	--------	d-----w-	c:\program files\Microsoft Silverlight
2013-10-20 21:18 . 2013-10-22 16:38	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2013-10-20 18:34 . 2013-09-04 12:12	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-10-20 18:34 . 2013-09-04 12:11	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-10-20 18:34 . 2013-09-04 12:11	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-10-20 18:34 . 2013-09-04 12:11	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-10-20 18:34 . 2013-09-04 12:11	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-10-20 18:34 . 2013-09-04 12:11	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-10-20 18:34 . 2013-09-04 12:11	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2013-10-18 12:34 . 2013-10-14 07:12	10280728	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{58C92740-681F-48B0-A337-2B6DBB654201}\mpengine.dll
2013-10-17 18:49 . 2013-10-17 19:32	--------	d-----w-	c:\users\Lucas\AppData\Local\Ubisoft
2013-10-17 18:49 . 2013-11-02 23:17	--------	d-sh--w-	c:\users\Lucas\wc
2013-10-17 18:49 . 2013-10-17 18:49	--------	d-sh--w-	c:\users\Lucas\AppData\Roaming\wyUpdate AU
2013-10-17 18:49 . 2013-11-06 15:19	--------	d-----w-	c:\users\Lucas\AppData\Roaming\Ubisoft
2013-10-14 21:13 . 2013-10-14 21:13	--------	d-----w-	c:\users\Lucas\AppData\Local\CrashRpt
2013-10-14 18:28 . 2013-10-16 06:19	--------	d-----w-	c:\programdata\Oracle
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-10-13 11:05 . 2013-02-22 12:16	80541720	----a-w-	c:\windows\system32\MRT.exe
2013-10-12 19:04 . 2013-03-15 16:42	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-22 23:28 . 2013-10-13 11:08	1767936	----a-w-	c:\windows\SysWow64\wininet.dll
2013-09-22 23:27 . 2013-10-13 11:08	2876928	----a-w-	c:\windows\SysWow64\jscript9.dll
2013-09-22 23:27 . 2013-10-13 11:08	61440	----a-w-	c:\windows\SysWow64\iesetup.dll
2013-09-22 23:27 . 2013-10-13 11:08	109056	----a-w-	c:\windows\SysWow64\iesysprep.dll
2013-09-22 22:55 . 2013-10-13 11:08	51712	----a-w-	c:\windows\system32\ie4uinit.exe
2013-09-22 22:55 . 2013-10-13 11:08	2241024	----a-w-	c:\windows\system32\wininet.dll
2013-09-22 22:55 . 2013-10-13 11:08	1365504	----a-w-	c:\windows\system32\urlmon.dll
2013-09-22 22:54 . 2013-10-13 11:08	603136	----a-w-	c:\windows\system32\msfeeds.dll
2013-09-22 22:54 . 2013-10-13 11:08	19252224	----a-w-	c:\windows\system32\mshtml.dll
2013-09-22 22:54 . 2013-10-13 11:08	855552	----a-w-	c:\windows\system32\jscript.dll
2013-09-22 22:54 . 2013-10-13 11:08	3959296	----a-w-	c:\windows\system32\jscript9.dll
2013-09-22 22:54 . 2013-10-13 11:08	53248	----a-w-	c:\windows\system32\jsproxy.dll
2013-09-22 22:54 . 2013-10-13 11:08	526336	----a-w-	c:\windows\system32\ieui.dll
2013-09-22 22:54 . 2013-10-13 11:08	67072	----a-w-	c:\windows\system32\iesetup.dll
2013-09-22 22:54 . 2013-10-13 11:08	39936	----a-w-	c:\windows\system32\iernonce.dll
2013-09-22 22:54 . 2013-10-13 11:08	136704	----a-w-	c:\windows\system32\iesysprep.dll
2013-09-22 22:54 . 2013-10-13 11:08	2647552	----a-w-	c:\windows\system32\iertutil.dll
2013-09-22 22:54 . 2013-10-13 11:08	15404544	----a-w-	c:\windows\system32\ieframe.dll
2013-09-21 03:38 . 2013-10-13 11:08	2706432	----a-w-	c:\windows\system32\mshtml.tlb
2013-09-21 03:30 . 2013-10-13 11:08	2706432	----a-w-	c:\windows\SysWow64\mshtml.tlb
2013-09-21 02:48 . 2013-10-13 11:08	89600	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2013-09-21 02:39 . 2013-10-13 11:08	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-09-14 01:10 . 2013-10-13 08:34	497152	----a-w-	c:\windows\system32\drivers\afd.sys
2013-09-08 02:30 . 2013-10-13 08:34	1903552	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-13 08:34	327168	----a-w-	c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-13 08:34	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2013-08-29 02:17 . 2013-10-13 08:34	5549504	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-13 08:34	1732032	----a-w-	c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-13 08:34	243712	----a-w-	c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-13 08:34	859648	----a-w-	c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-13 08:34	878080	----a-w-	c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-13 08:34	3969472	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-13 08:34	3914176	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-13 08:34	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-13 08:34	1292192	----a-w-	c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-13 08:34	619520	----a-w-	c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-13 08:34	640512	----a-w-	c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-13 08:34	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-13 08:34	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-13 08:34	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-13 08:34	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-13 08:34	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-13 08:34	3155968	----a-w-	c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-13 08:33	461312	----a-w-	c:\windows\system32\scavengeui.dll
2013-08-22 12:40 . 2013-08-22 12:40	40664	----a-w-	c:\windows\system32\drivers\tap0901.sys
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E155F23C-9931-47c6-A619-20E6FCA86D75}]
2013-08-12 17:52	196096	----a-w-	c:\program files (x86)\Web Check\WebCheck.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2}]
2010-11-21 03:24	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2011-05-24 393216]
"Akamai NetSession Interface"="c:\users\Lucas\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2009-09-21 2583040]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-10-01 2345296]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 SystemStoreService;System Store;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService;c:\program files (x86)\SoftwareUpdater\SystemStore.exe  -displayname System Store -servicename SystemStoreService [x]
R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
R3 AVerAF15;AVerMedia A815;c:\windows\system32\Drivers\AVerAF15.sys;c:\windows\SYSNATIVE\Drivers\AVerAF15.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 easytether;easytether;c:\windows\system32\DRIVERS\easytthr.sys;c:\windows\SYSNATIVE\DRIVERS\easytthr.sys [x]
R3 fwlanusb4;FRITZ!WLAN N/G;c:\windows\system32\DRIVERS\fwlanusb4.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb4.sys [x]
R3 lvpepf64;Volume Adapter;c:\windows\system32\DRIVERS\lv302a64.sys;c:\windows\SYSNATIVE\DRIVERS\lv302a64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 wolf;wolf;c:\aeriagames\WolfTeam-DE\avital\wolf64.sys;c:\aeriagames\WolfTeam-DE\avital\wolf64.sys [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\drivers\WSDScan.sys;c:\windows\SYSNATIVE\drivers\WSDScan.sys [x]
R3 X6va011;X6va011;c:\windows\SysWOW64\Drivers\X6va011;c:\windows\SysWOW64\Drivers\X6va011 [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys;c:\windows\SYSNATIVE\Drivers\SmartDefragDriver.sys [x]
S2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe;c:\program files (x86)\IObit\Advanced SystemCare 6\ASCService.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys;c:\windows\SYSNATIVE\drivers\Lycosa.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-17 04:48	1185744	----a-w-	c:\program files (x86)\Google\Chrome\Application\30.0.1599.101\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-05-24 19:04]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-13 17:20]
.
2013-11-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-13 17:20]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www1.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=FC2800FF133620A9
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
Trusted Zone: aeriagames.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: Interfaces\{0F92EAC4-CE6B-4957-806D-B05E43179E0C}: NameServer = 192.168.2.1,192.168.2.103
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va011]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va011"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}"=hex:51,66,7a,6c,4c,1d,38,12,8d,ec,f8,
   7b,2b,25,27,06,e7,c4,bc,f0,98,15,0d,de
"{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}"=hex:51,66,7a,6c,4c,1d,38,12,60,d8,39,
   64,cd,04,79,07,f5,b7,d6,9a,c1,81,e0,1c
"{6D53EC84-6AAE-4787-AEEE-F4628F01010C}"=hex:51,66,7a,6c,4c,1d,38,12,ea,ef,40,
   69,9c,24,e9,02,d1,f8,b7,22,8a,5f,45,18
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:ac,60,dd,aa,65,2a,ce,01
.
[HKEY_USERS\S-1-5-21-3699982286-3768328374-2219179841-1000\Software\SecuROM\License information*]
"datasecu"=hex:c4,b6,f8,18,de,3e,86,48,7f,2b,38,83,ca,ea,2f,8b,64,94,87,cf,81,
   08,06,8c,90,25,14,39,46,6b,85,69,43,9b,5b,8d,55,62,50,b6,f5,5c,51,19,bd,b1,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{722b3793-5367-4446-b6bb-db89b05c1f24}\LocalServer32]
@DACL=(02 0000)
@=expand:"%SystemRoot%\\System32\\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {722b3793-5367-4446-b6bb-db89b05c1f24}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-11-13  14:07:11 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-11-13 13:07
.
Vor Suchlauf: 12 Verzeichnis(se), 22.262.800.384 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 21.673.992.192 Bytes frei
.
- - End Of File - - 3FD8673FB47D5E79F5B8B6CE18786EEF
         
--- --- --- A36C5E4F47E84449FF07ED3517B43A31

Alt 14.11.2013, 10:32   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Internet Problem, 1 Pc zieht volle Internet Leistung! - Standard

Internet Problem, 1 Pc zieht volle Internet Leistung!



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Internet Problem, 1 Pc zieht volle Internet Leistung!
andere, anderen, bissl, easybox, erfolg, geräte, hoffe, inter, interne, internet, internet problem, kein internet, lan-kabel, laptop, leistung, leitung, mutter, natürlich, nervt, norton, probiert, problem, scan, sobald, virenscan, win, win7



Ähnliche Themen: Internet Problem, 1 Pc zieht volle Internet Leistung!


  1. Windows XP: Internet-Leistung extrem verlangsamt nach Trojaner-Befall?
    Log-Analyse und Auswertung - 18.11.2015 (10)
  2. 2 Pc´s / einer von denen zieht komplettes Internet
    Netzwerk und Hardware - 01.04.2015 (4)
  3. Internet Explorer öffnet sich im Hintergrund, zieht Internet und Chrome öffnet nicht mehr
    Alles rund um Windows - 12.03.2015 (38)
  4. Mein lan port am pc ruft nicht volle leistung ab
    Netzwerk und Hardware - 21.08.2014 (1)
  5. Internet läuft langsam .. DNS Problem ? Manchmal friert alles ein Neustart behebt Problem
    Log-Analyse und Auswertung - 25.04.2012 (1)
  6. Internet Browser langsam und Spiele Laggen obwohl der Router volle Bandbreite Zeigt?
    Alles rund um Windows - 05.11.2011 (1)
  7. Internet Browser langsam und Spiele Laggen obwohl der Router volle Bandbreite Zeigt?
    Log-Analyse und Auswertung - 04.11.2011 (0)
  8. Lüfter läuft die ganze Zeit/ Schwankende CPU Leistung/Internet spinnt
    Plagegeister aller Art und deren Bekämpfung - 09.08.2011 (36)
  9. rundll32.exe zieht exakt 50% CPU-Leistung beim Starten vom Microsoft Flight Simulator
    Log-Analyse und Auswertung - 10.04.2010 (0)
  10. Problem mit Internet
    Alles rund um Windows - 13.03.2010 (1)
  11. Problem mit dem Internet
    Log-Analyse und Auswertung - 27.04.2009 (2)
  12. Internet lahmt mit 25% Leistung
    Mülltonne - 13.12.2008 (2)
  13. Internet Leistung bricht zusammen
    Alles rund um Windows - 06.10.2008 (1)
  14. Internet Zu langsam geworden und cpu leistung beim zoggn deutlich mehr ausgelastet
    Log-Analyse und Auswertung - 08.04.2008 (8)
  15. Internet wird immer langsamer- Volle CPU Auslastung
    Log-Analyse und Auswertung - 15.03.2008 (5)
  16. Problem: Volle CPU-Auslastung mit MSKSRVR.exe
    Log-Analyse und Auswertung - 23.01.2007 (3)
  17. Problem mit Internet
    Alles rund um Windows - 24.12.2004 (7)

Zum Thema Internet Problem, 1 Pc zieht volle Internet Leistung! - Hallo, Und zwar hab ich ein Problem,das Problem is sobald der Laptop meinem mutter (win8) ins Internet kommt haben die anderen Geräte z.b. mein pc (win7) kein internet mehr also - Internet Problem, 1 Pc zieht volle Internet Leistung!...
Archiv
Du betrachtest: Internet Problem, 1 Pc zieht volle Internet Leistung! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.