Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   "wssetup.exe Perion Network Ltd." bei PC start (https://www.trojaner-board.de/136589-wssetup-exe-perion-network-ltd-pc-start.html)

Ruhrpottler 14.06.2013 15:11
"wssetup.exe Perion Network Ltd." bei PC start
 
Guten Tag!

Mein Problem sieht wie folgt aus: immer wenn ich meinen PC starte, bekomme ich die Meldung "wssetup.exe installieren"

Was mein PC wissen angeht, sieht es eher mager aus. Ich habe auch schon mal auf "Ja" geklickt, weil ich dachte, es gehört zu Windows.

Nun taucht die Meldung aber immer wieder nach einem Start auf, woraus ich mal schließen
möchte, dass es nicht zu Windows gehört.

Der PC ist langsamer geworden und Antivira startet keinen Scan mehr.

Im Zip Ordner sind die Logfiles von OTL und Gmer

markusg 14.06.2013 15:12
Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Ruhrpottler 14.06.2013 16:56
Ok, die letzten Fenster waren nicht wie in der Anleitung :)

Ich hoffe das ich trotzdem alles richtig gemacht habe.

Danke für die schnelle Antwort, die Logfiles hab ich wieder in den Anhang gepackt.
Bin erst mal ein paar stunden nicht da, trotzdem schon mal vielen dank für die schnelle Bearbeitung!

markusg 14.06.2013 17:53
Passt.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Ruhrpottler 15.06.2013 12:42
Ganz großer Mist.......Panik/Hilfe

Der Internetexplorer geht nicht mehr, hab mehrmals einen Neustart gemacht, nichts ging.
Hab jetzt Google als Startseite angelegt und konnte so wieder ins Forum gelangen.
Wenn ich eine Seite in der Adressleiste anwählen will, bleibt alles weiß und nichts passiert.

Das ist jetzt alles passiert, nachdem ich Combofix laufen lassen habe.

Der Log von Combofix
Code:
ComboFix 13-06-13.01 - *** 15.06.2013  12:50:54.1.6 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.8188.6574 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.dat
c:\windows\SysWow64\tmp4C89.tmp
c:\windows\SysWow64\tmp4C8A.tmp
.
.
(((((((((((((((((((((((  Dateien erstellt von 2013-05-15 bis 2013-06-15  ))))))))))))))))))))))))))))))
.
.
2013-06-15 10:54 . 2013-06-15 10:54        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2013-06-15 10:54 . 2013-06-15 10:54        --------        d-----w-        c:\users\Default\AppData\Local\temp
2013-06-14 12:03 . 2013-06-14 12:03        --------        d-----w-        c:\programdata\Solidshield
2013-06-14 11:41 . 2013-05-13 06:37        9460464        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{38D67761-B52B-455A-A2CD-E1B295648B0F}\mpengine.dll
2013-06-13 09:25 . 2013-05-08 06:39        1910632        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2013-06-13 09:25 . 2013-04-26 05:51        751104        ----a-w-        c:\windows\system32\win32spl.dll
2013-06-13 09:25 . 2013-04-26 04:55        492544        ----a-w-        c:\windows\SysWow64\win32spl.dll
2013-06-13 09:25 . 2013-05-13 05:51        184320        ----a-w-        c:\windows\system32\cryptsvc.dll
2013-06-13 09:25 . 2013-05-13 05:51        1464320        ----a-w-        c:\windows\system32\crypt32.dll
2013-06-13 09:25 . 2013-05-13 05:51        139776        ----a-w-        c:\windows\system32\cryptnet.dll
2013-06-13 09:25 . 2013-05-13 05:50        52224        ----a-w-        c:\windows\system32\certenc.dll
2013-06-13 09:25 . 2013-05-13 04:45        140288        ----a-w-        c:\windows\SysWow64\cryptsvc.dll
2013-06-13 09:25 . 2013-05-13 04:45        1160192        ----a-w-        c:\windows\SysWow64\crypt32.dll
2013-06-13 09:25 . 2013-05-13 04:45        103936        ----a-w-        c:\windows\SysWow64\cryptnet.dll
2013-06-13 09:25 . 2013-05-13 03:43        1192448        ----a-w-        c:\windows\system32\certutil.exe
2013-06-13 09:25 . 2013-05-13 03:08        903168        ----a-w-        c:\windows\SysWow64\certutil.exe
2013-06-13 09:25 . 2013-05-13 03:08        43008        ----a-w-        c:\windows\SysWow64\certenc.dll
2013-06-08 13:30 . 2013-06-13 13:04        75825640        ----a-w-        c:\windows\system32\MRT.exe
2013-06-05 13:31 . 2013-06-05 13:31        --------        d-----w-        c:\users\***\AppData\Local\EA Games
2013-06-05 13:05 . 2013-06-05 13:07        --------        d-----w-        c:\users\***\AppData\Roaming\DAEMON Tools Lite
2013-06-05 13:03 . 2013-06-05 13:07        --------        d-----w-        c:\programdata\DAEMON Tools Lite
2013-06-05 06:26 . 2013-06-14 12:08        --------        d-----w-        c:\windows\SysWow64\WNLT
2013-06-05 06:26 . 2013-06-05 06:26        --------        d-----w-        c:\windows\SysWow64\jmdp
2013-06-05 06:26 . 2013-06-05 06:26        --------        d-----w-        c:\windows\SysWow64\ARFC
2013-06-05 06:26 . 2013-05-21 13:31        1447728        ----a-w-        c:\windows\system32\dmwu.exe
2013-06-05 06:26 . 2013-05-21 13:30        33792        ----a-w-        c:\windows\system32\ImHttpComm.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-13 21:01 . 2012-04-01 19:12        692104        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-13 21:01 . 2012-03-25 09:44        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-27 22:13 . 2012-03-31 00:09        291088        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2013-05-27 22:13 . 2012-03-27 16:03        291088        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2013-05-27 22:13 . 2012-03-27 16:03        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2013-05-02 00:06 . 2010-11-21 03:27        278800        ------w-        c:\windows\system32\MpSigStub.exe
2013-04-12 14:45 . 2013-04-23 17:16        1656680        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 17:47        265064        ----a-w-        c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 17:47        983400        ----a-w-        c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 17:47        3153920        ----a-w-        c:\windows\system32\win32k.sys
2013-04-04 03:35 . 2013-04-26 10:35        95648        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-23 01:58 . 2013-03-23 01:58        719360        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll
2013-03-23 01:58 . 2013-03-23 01:58        226304        ----a-w-        c:\windows\system32\elshyph.dll
2013-03-23 01:58 . 2013-03-23 01:58        185344        ----a-w-        c:\windows\SysWow64\elshyph.dll
2013-03-23 01:58 . 2013-03-23 01:58        158720        ----a-w-        c:\windows\SysWow64\msls31.dll
2013-03-23 01:58 . 2013-03-23 01:58        150528        ----a-w-        c:\windows\SysWow64\iexpress.exe
2013-03-23 01:58 . 2013-03-23 01:58        138752        ----a-w-        c:\windows\SysWow64\wextract.exe
2013-03-23 01:58 . 2013-03-23 01:58        1054720        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe
2013-03-23 01:57 . 2013-03-23 01:57        97280        ----a-w-        c:\windows\system32\mshtmled.dll
2013-03-23 01:57 . 2013-03-23 01:57        92160        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe
2013-03-23 01:57 . 2013-03-23 01:57        905728        ----a-w-        c:\windows\system32\mshtmlmedia.dll
2013-03-23 01:57 . 2013-03-23 01:57        81408        ----a-w-        c:\windows\system32\icardie.dll
2013-03-23 01:57 . 2013-03-23 01:57        77312        ----a-w-        c:\windows\system32\tdc.ocx
2013-03-23 01:57 . 2013-03-23 01:57        762368        ----a-w-        c:\windows\system32\ieapfltr.dll
2013-03-23 01:57 . 2013-03-23 01:57        73728        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe
2013-03-23 01:57 . 2013-03-23 01:57        62976        ----a-w-        c:\windows\system32\pngfilt.dll
2013-03-23 01:57 . 2013-03-23 01:57        61952        ----a-w-        c:\windows\SysWow64\tdc.ocx
2013-03-23 01:57 . 2013-03-23 01:57        599552        ----a-w-        c:\windows\system32\vbscript.dll
2013-03-23 01:57 . 2013-03-23 01:57        523264        ----a-w-        c:\windows\SysWow64\vbscript.dll
2013-03-23 01:57 . 2013-03-23 01:57        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll
2013-03-23 01:57 . 2013-03-23 01:57        51200        ----a-w-        c:\windows\system32\imgutil.dll
2013-03-23 01:57 . 2013-03-23 01:57        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll
2013-03-23 01:57 . 2013-03-23 01:57        48640        ----a-w-        c:\windows\system32\mshtmler.dll
2013-03-23 01:57 . 2013-03-23 01:57        452096        ----a-w-        c:\windows\system32\dxtmsft.dll
2013-03-23 01:57 . 2013-03-23 01:57        441856        ----a-w-        c:\windows\system32\html.iec
2013-03-23 01:57 . 2013-03-23 01:57        38400        ----a-w-        c:\windows\SysWow64\imgutil.dll
2013-03-23 01:57 . 2013-03-23 01:57        361984        ----a-w-        c:\windows\SysWow64\html.iec
2013-03-23 01:57 . 2013-03-23 01:57        281600        ----a-w-        c:\windows\system32\dxtrans.dll
2013-03-23 01:57 . 2013-03-23 01:57        27648        ----a-w-        c:\windows\system32\licmgr10.dll
2013-03-23 01:57 . 2013-03-23 01:57        270848        ----a-w-        c:\windows\system32\iedkcs32.dll
2013-03-23 01:57 . 2013-03-23 01:57        247296        ----a-w-        c:\windows\system32\webcheck.dll
2013-03-23 01:57 . 2013-03-23 01:57        235008        ----a-w-        c:\windows\system32\url.dll
2013-03-23 01:57 . 2013-03-23 01:57        23040        ----a-w-        c:\windows\SysWow64\licmgr10.dll
2013-03-23 01:57 . 2013-03-23 01:57        216064        ----a-w-        c:\windows\system32\msls31.dll
2013-03-23 01:57 . 2013-03-23 01:57        197120        ----a-w-        c:\windows\system32\msrating.dll
2013-03-23 01:57 . 2013-03-23 01:57        173568        ----a-w-        c:\windows\system32\ieUnatt.exe
2013-03-23 01:57 . 2013-03-23 01:57        167424        ----a-w-        c:\windows\system32\iexpress.exe
2013-03-23 01:57 . 2013-03-23 01:57        1509376        ----a-w-        c:\windows\system32\inetcpl.cpl
2013-03-23 01:57 . 2013-03-23 01:57        149504        ----a-w-        c:\windows\system32\occache.dll
2013-03-23 01:57 . 2013-03-23 01:57        144896        ----a-w-        c:\windows\system32\wextract.exe
2013-03-23 01:57 . 2013-03-23 01:57        1441280        ----a-w-        c:\windows\SysWow64\inetcpl.cpl
2013-03-23 01:57 . 2013-03-23 01:57        1400416        ----a-w-        c:\windows\system32\ieapfltr.dat
2013-03-23 01:57 . 2013-03-23 01:57        13824        ----a-w-        c:\windows\system32\mshta.exe
2013-03-23 01:57 . 2013-03-23 01:57        137216        ----a-w-        c:\windows\SysWow64\ieUnatt.exe
2013-03-23 01:57 . 2013-03-23 01:57        136192        ----a-w-        c:\windows\system32\iepeers.dll
2013-03-23 01:57 . 2013-03-23 01:57        135680        ----a-w-        c:\windows\system32\IEAdvpack.dll
2013-03-23 01:57 . 2013-03-23 01:57        12800        ----a-w-        c:\windows\SysWow64\mshta.exe
2013-03-23 01:57 . 2013-03-23 01:57        12800        ----a-w-        c:\windows\system32\msfeedssync.exe
2013-03-23 01:57 . 2013-03-23 01:57        110592        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll
2013-03-23 01:57 . 2013-03-23 01:57        102912        ----a-w-        c:\windows\system32\inseng.dll
2013-03-23 01:56 . 2013-03-23 01:56        9728        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        9728        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        648192        ----a-w-        c:\windows\system32\d3d10level9.dll
2013-03-23 01:56 . 2013-03-23 01:56        604160        ----a-w-        c:\windows\SysWow64\d3d10level9.dll
2013-03-23 01:56 . 2013-03-23 01:56        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        522752        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2013-03-23 01:56 . 2013-03-23 01:56        465920        ----a-w-        c:\windows\system32\WMPhoto.dll
2013-03-23 01:56 . 2013-03-23 01:56        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll
2013-03-23 01:56 . 2013-03-23 01:56        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        4096        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        3928064        ----a-w-        c:\windows\system32\d2d1.dll
2013-03-23 01:56 . 2013-03-23 01:56        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2013-03-23 01:56 . 2013-03-23 01:56        363008        ----a-w-        c:\windows\system32\dxgi.dll
2013-03-23 01:56 . 2013-03-23 01:56        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        3584        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        3419136        ----a-w-        c:\windows\SysWow64\d2d1.dll
2013-03-23 01:56 . 2013-03-23 01:56        333312        ----a-w-        c:\windows\system32\d3d10_1core.dll
2013-03-23 01:56 . 2013-03-23 01:56        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        296960        ----a-w-        c:\windows\system32\d3d10core.dll
2013-03-23 01:56 . 2013-03-23 01:56        293376        ----a-w-        c:\windows\SysWow64\dxgi.dll
2013-03-23 01:56 . 2013-03-23 01:56        2776576        ----a-w-        c:\windows\system32\msmpeg2vdec.dll
2013-03-23 01:56 . 2013-03-23 01:56        2565120        ----a-w-        c:\windows\system32\d3d10warp.dll
2013-03-23 01:56 . 2013-03-23 01:56        2560        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        2560        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-03-23 01:56 . 2013-03-23 01:56        249856        ----a-w-        c:\windows\SysWow64\d3d10_1core.dll
2013-03-23 01:56 . 2013-03-23 01:56        245248        ----a-w-        c:\windows\system32\WindowsCodecsExt.dll
2013-03-23 01:56 . 2013-03-23 01:56        2284544        ----a-w-        c:\windows\SysWow64\msmpeg2vdec.dll
2013-03-23 01:56 . 2013-03-23 01:56        221184        ----a-w-        c:\windows\system32\UIAnimation.dll
2013-03-23 01:56 . 2013-03-23 01:56        220160        ----a-w-        c:\windows\SysWow64\d3d10core.dll
2013-03-23 01:56 . 2013-03-23 01:56        207872        ----a-w-        c:\windows\SysWow64\WindowsCodecsExt.dll
2013-03-23 01:56 . 2013-03-23 01:56        1988096        ----a-w-        c:\windows\SysWow64\d3d10warp.dll
2013-03-23 01:56 . 2013-03-23 01:56        194560        ----a-w-        c:\windows\system32\d3d10_1.dll
2013-03-23 01:56 . 2013-03-23 01:56        1887232        ----a-w-        c:\windows\system32\d3d11.dll
2013-03-23 01:56 . 2013-03-23 01:56        187392        ----a-w-        c:\windows\SysWow64\UIAnimation.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]
2012-07-04 14:03        1310040        ----a-r-        c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2012-07-04 1310040]
.
[HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar.1]
[HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}]
[HKEY_CLASSES_ROOT\SWEETIE.IEToolbar]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GAINWARD"="c:\program files (x86)\EXPERTool\TBPanel.exe" [2011-08-02 2273608]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"XFastUsb"="c:\program files (x86)\XFastUsb\XFastUsb.exe" [2012-03-25 4942336]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"CTSyncService"="c:\program files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe" [2009-07-08 1233195]
"VolPanel"="c:\program files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-05-04 241789]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-10 90112]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-07-28 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-10-04 115032]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"WinampAgent"="d:\programme\Winamp\winampa.exe" [2012-06-28 74752]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;d:\programme\Skype\Updater\Updater.exe;d:\programme\Skype\Updater\Updater.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [x]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
R3 Sound Blaster X-Fi MB Licensing Service;Sound Blaster X-Fi MB Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [x]
R3 SynasUSB;SynasUSB;c:\windows\system32\drivers\SynUSB64.sys;c:\windows\SYSNATIVE\drivers\SynUSB64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 21:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-10-05 11474024]
"RunDLLEntry"="c:\windows\system32\AmbRunE.dll" [2009-02-26 17920]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.facebook.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube to MP3 Converter - c:\users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ASRockXTU - (no file)
Wow6432Node-HKCU-Run-zASRockInstantBoot - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-15  12:55:36
ComboFix-quarantined-files.txt  2013-06-15 10:55
.
Vor Suchlauf: 7 Verzeichnis(se), 10.434.842.624 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 11.092.008.960 Bytes frei
.
- - End Of File - - 327A23DE3BE577F0352B4EE41E4A77C4
A36C5E4F47E84449FF07ED3517B43A31


Anderes Thema
Warum sind im OTL und den anderen logs, ordner/spiele/Explorer drin, die ich garnicht auf dem rechner habe?
Firefox z.B., habe ich nie gehabt, den Ordner GAME gibt's auch nicht mehr
Das war jetzt nur so am rande :/

ACHTUNG, EDITIERE VIA HANDY
Nachdem ich die Antwort verfasst hatte,und ANTWORTEN geklickt hab, hat der Internetexprer nicht mehr reagiert. Wie ich aber über Handy sehe, hat er trotzdem gepostet

markusg 15.06.2013 13:10
keine Aufregung, ist doch wochenendeund das Problem bekommen wir gelöst.
Zurücksetzen der Internet Explorer 7-Einstellungen
Internet explorer auf standard, dann gehts.
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Ruhrpottler 15.06.2013 14:44
Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.15.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Mark :: ***-PC [Administrator]

15.06.2013 14:59:34
mbam-log-2013-06-15 (14-59-34).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 325994
Laufzeit: 31 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

markusg 15.06.2013 15:08
Hi,

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Ruhrpottler 15.06.2013 15:28
Ich hoffe das ich alles richtig habe, weil ich auch nicht immer weiß ob es Treiber sind oder nicht :D

Code:
Acrobat.com        Adobe Systems Incorporated        25.03.2012                1.1.377 notwendig

Adobe AIR        Adobe Systems Inc.        25.03.2012                1.0.4990 notwendig

Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        13.06.2013        6,00MB        11.7.700.224 notwendig

Adobe Reader 9        Adobe Systems Incorporated        25.03.2012        202MB        9.0.0 notwendig

Apple Application Support        Apple Inc.        04.01.2013        65,0MB        2.3.2 unnötig

Apple Mobile Device Support        Apple Inc.        04.01.2013        25,1MB        6.0.1.3 unnötig

Apple Software Update        Apple Inc.        27.03.2012        2,38MB        2.1.3.127 unnötig

ASRock App Charger v1.0.4        ASRock Inc.        25.03.2012        1,34MB notwendig       

ASRock eXtreme Tuner v0.1.66                25.03.2012        15,3MB notwendig       

ASRock InstantBoot v1.26                25.03.2012 notwendig               

Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver        Atheros Communications Inc.        25.03.2012                1.0.0.35 notwendig

ATI Catalyst Install Manager        ATI Technologies, Inc.        25.03.2012        22,1MB        3.0.765.0 notwendig

Avira Free Antivirus        Avira        15.11.2012        109MB        12.1.9.1236 notwendig

Battlefield 3™        Electronic Arts        06.09.2012                1.4.0.0 notwendig

Battlelog Web Plugins        EA Digital Illusions CE AB        27.05.2013                2.1.4 notwendig

Bonjour        Apple Inc.        27.03.2012        2,00MB        3.0.0.10 unnötig

CCleaner        Piriform        24.05.2013                4.02

ESN Sonar        ESN Social Software AB        27.05.2013                0.70.4 notwendig

Etron USB3.0 Host Controller        Etron Technology        25.03.2012        5,12MB        0.96 notwendig

EXPERTool 7.21        Gainward Co., Ltd        25.03.2012        11,2MB notwendig

Futuremark SystemInfo        Futuremark Corporation        04.10.2012                3.54.1.1 unbekannt

Guild Wars 2        NCsoft Corporation, Ltd.        07.10.2012 notwendig               

IB Updater Service                05.06.2013                3.0.5.4 unbekannt

Internet Explorer Toolbar 4.6 by SweetPacks        SweetIM Technologies Ltd.        08.11.2012        4,27MB        4.6.0004 unnötig?

Java 7 Update 21        Oracle        05.03.2013        129MB        7.0.210 notwendig

Malwarebytes Anti-Malware Version 1.75.0.1300        Malwarebytes Corporation        15.06.2013        19,2MB        1.75.0.1300 unnötig

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        04.10.2012        38,8MB        4.0.30319 (Denk mal die Microsoft und Nvidia sachen brauch ich ?)

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        08.11.2012        348KB        8.0.59193

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148        Microsoft Corporation        25.03.2012        788KB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        27.03.2012        240KB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        25.03.2012        596KB        9.0.30729.4148

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219        Microsoft Corporation        27.03.2012        13,8MB        10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        25.03.2012        11,1MB        10.0.40219

NVIDIA 3D Vision Controller-Treiber 296.10        NVIDIA Corporation        31.03.2012                296.10

NVIDIA 3D Vision Treiber 311.06        NVIDIA Corporation        16.04.2013                311.06

NVIDIA Grafiktreiber 311.06        NVIDIA Corporation        16.04.2013                311.06

NVIDIA HD-Audiotreiber 1.3.12.0        NVIDIA Corporation        31.03.2012                1.3.12.0

NVIDIA PhysX-Systemsoftware 9.12.0213        NVIDIA Corporation        31.03.2012                9.12.0213

NVIDIA Update 1.11.3        NVIDIA Corporation        16.04.2013                1.11.3

Origin        Electronic Arts, Inc.        27.03.2012                8.5.0.4554 notwendig

PunkBuster Services        Even Balance, Inc.        27.03.2012                0.991 notwendig

Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        25.03.2012                6.0.1.6215 notwendig

Skype™ 6.3        Skype Technologies S.A.        29.03.2013        21,0MB        6.3.105 unnötig

Sound Blaster X-Fi MB        Creative Technology Limited        25.03.2012                1.0 unnötig

Steinberg Cubase LE 4        Steinberg Media Technologies GmbH        19.11.2012        87,1MB        4.1.2.851 unnötig

Steinberg HALionOne        Steinberg Media Technologies GmbH        19.11.2012        117MB        1.1.0.457 unnötig

Steinberg HALionOne Essential Set        Steinberg Media Technologies GmbH        19.11.2012        101MB        1.0.1.457 unnötig

SweetIM for Messenger 3.7        SweetIM Technologies Ltd.        08.11.2012        5,12MB        3.7.0007 unbekannt

SweetPacks bundle uninstaller        SweetIM Technologies Ltd.        08.11.2012        2,46MB        1.0.0000 unbekannt

Syncrosoft Lizenz Kontrolle        SIA Syncrosoft        19.11.2012 unbekannt               

Update Manager for SweetPacks 1.1        SweetIM Technologies Ltd.        08.11.2012        2,76MB        1.1.0008 unbekannt

Winamp        Nullsoft, Inc        26.01.2013                5.63 nötig

Winamp Erkennungs-Plug-in        Nullsoft, Inc        26.01.2013        63,0KB        1.0.0.1 unnötig

WinRAR 4.20 (64-Bit)        win.rar GmbH        08.11.2012                4.20.0 notwendig

XFastUsb                25.03.2012 unnötig

markusg 15.06.2013 15:31
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Futuremark
IB Updater
Internet Explorer Toolbar
Steinberg : alle
SweetIM
SweetPacks
Update Manager
XFastUsb
Öffne CCleaner, analysieren, starten, PC neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Ruhrpottler 16.06.2013 18:18
Code:
# AdwCleaner v2.303 - Datei am 16/06/2013 um 19:04:30 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : *** - ***-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files (x86)\SweetIM
Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\Users\***\AppData\Roaming\DeviceVM

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [2149 octets] - [16/06/2013 19:04:30]

########## EOF - C:\AdwCleaner[S1].txt - [2209 octets] ##########

markusg 16.06.2013 18:20
Hi,
neustarten bitte
HitmanPro - Download - Filepony
lade Hitmanpro, doppelklicken, Scan klicken.
Nichts löschen, auf weiter klicken.
Log speichern und posten, bzw als XML exportieren, packen und anhängenb

Ruhrpottler 16.06.2013 18:23
Doofe frage :) was ist XML? :D

markusg 16.06.2013 18:30
speichere einfach das Log am ende, die schaltflächen solltest du dann sehen

Ruhrpottler 16.06.2013 19:07
So, hat ein bisschen gedauert, musste viel umschreiben :)

Code:
HitmanPro 3.7.6.201
www.hitmanpro.com

  Computer name . . . . : ***-PC
  Windows . . . . . . . : 6.1.1.7601.X64/6
  User name . . . . . . : ***-PC\***
  UAC . . . . . . . . . : Enabled
  License . . . . . . . : Free

  Scan date . . . . . . : 2013-06-16 19:34:38
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 4m 0s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 69

  Objects scanned . . . : 1.042.119
  Files scanned . . . . : 12.092
  Remnants scanned  . . : 217.796 files / 812.231 keys

Suspicious files ____________________________________________________________

  C:\Users\***\AppData\Local\PunkBuster\BF3\pb\dll\wc002288.dll
      Size . . . . . . . : 948.118 bytes
      Age  . . . . . . . : 442.7 days (2012-03-31 02:22:17)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3192353354FE593051B33886088D4C312ACB9A653D874281B2EBF131B80415CB
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\***\AppData\Local\PunkBuster\BF3\pb\dll\wc002291.dll
      Size . . . . . . . : 965.329 bytes
      Age  . . . . . . . : 437.9 days (2012-04-04 21:05:37)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : CAE3128772295AC4F1179B881A00B061DB00505275CB258F9F0C84CC1DF9B2A5
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\***\AppData\Local\PunkBuster\BF3\pb\dll\wc002292.dll
      Size . . . . . . . : 956.681 bytes
      Age  . . . . . . . : 436.2 days (2012-04-06 14:55:35)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 7218A15A9890CE82EB25F7AB5AC7AA60B4E3055C5574B70A6CABA4274D6DE493
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\***\AppData\Local\PunkBuster\BF3\pb\dll\wc002317.dll
      Size . . . . . . . : 949.613 bytes
      Age  . . . . . . . : 266.3 days (2012-09-23 12:03:34)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 15059F09B1D62DEA6B5D22EF9E0D062411C167378D870AE339AAB50B0BDC7FC0
      Fuzzy  . . . . . . : 29.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.

  C:\Users\***\AppData\Local\PunkBuster\BF3\pb\dll\wc002325.dll
      Size . . . . . . . : 959.376 bytes
      Age  . . . . . . . : 115.8 days (2013-02-21 00:44:31)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
      Size . . . . . . . : 959.376 bytes
      Age  . . . . . . . : 19.8 days (2013-05-28 00:13:54)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 23.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Time indicates that the file appeared recently on this computer.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.
      Forensic Cluster
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
          0.0s C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbcl.dll

  C:\Users\***\AppData\Local\PunkBuster\BF3\pb\pbclold.dll
      Size . . . . . . . : 959.376 bytes
      Age  . . . . . . . : 442.7 days (2012-03-31 02:09:36)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        Program is code signed with a valid Authenticode certificate.

  C:\Users\***\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
      Size . . . . . . . : 137.992 bytes
      Age  . . . . . . . : 442.7 days (2012-03-31 02:10:06)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 21A3D2E3A063EA2F986EF1BAFD1A71F7FC9EDB3F69E0265E51A18DBC111084F1
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
        The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
        Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
        Authors name is missing in version info. This is not common to most programs.
        Version control is missing. This file is probably created by an individual. This is not typical for most programs.
        Program contains PE structure anomalies. This is not typical for most programs.
        The file is a device driver. Device drivers run as trusted (highly privileged) code.
        Program is code signed with a valid Authenticode certificate.


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:46 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129