Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TubeSaver Virus entfernen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.07.2013, 10:06   #1
schizo
 
TubeSaver Virus entfernen - Icon21

TubeSaver Virus entfernen



Guten Morgen allerseits!

Ich habe seit gestern folgendes Problem: In sämtlichen Browsern öffnete sich plötzlich Werbung (auch z.B auf der eigenen Website und der Google Startseite, wo ich Werbung sicher ausschließen kann). Der Ursprung dieser Werbung musste also in meinem PC liegen, also habe ich meine Browser Plug-Ins gecheckt und siehe da: Ein Plug-In namens "Tube Saver" war mir unbekannt und wurde sofort deaktiviert. Komisch nur, dass weder Avira noch Antimalware/Malware Terminator etwas fanden. Nun habe ich mal gegoogelt und fand auch jede Menge (ausschließlich Englische) Seiten zum Thema... leider war keine vertrauenswürdige Seite dabei. zudem boten mir alle ein Entfernungsprogramm an, was mich dann doch misstrauisch stimmte.
Hat vielleicht jemand eine geeignete, sichere Anleitung zum kompletten entfernen des Virus?
Diesen Websites zu Folge soll das nämlich gar nicht so einfach sein.
Ich bedanke mich schon mal fürs Lesen und hoffe auf hilfreiche Beiträge,
Valentin

Alt 28.07.2013, 11:40   #2
schrauber
/// the machine
/// TB-Ausbilder
 

TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 28.07.2013, 13:42   #3
schizo
 
TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Vielen Dank erstmal
Ich habe vorhin mal ein anderes Tool durchlaufen lassen (adw cleaner), welches den tubeSaver tatsächlich identifizierte und (hoffentlich) entfernte.
Im Bericht hier taucht er allerdings anscheinend noch auf :


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by valentin (administrator) on 28-07-2013 14:27:10
Running from E:\Programme\Neuer Ordner
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) E:\PROGRAMME\AVIRA2\AVIRA\ANTIVIR DESKTOP\AVGUARD.EXE
(Avira Operations GmbH & Co. KG) E:\PROGRAMME\AVIRA2\AVIRA\ANTIVIR DESKTOP\AVSHADOW.EXE
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMME\AVIRA2\AVIRA\ANTIVIR DESKTOP\SCHED.EXE
(Microsoft Corporation) C:\WINDOWS\SYSWOW64\SVCHOST.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(DATA BECKER GmbH & Co KG) C:\PROGRAM FILES (X86)\COMMON FILES\DATA BECKER SHARED\DBSERVICE.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(MAGIX AG) E:\PROGRAMME\MBAT\MXSAS.EXE
(Malwarebytes Corporation) E:\Programme\kaspersky\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) E:\PROGRAMME\KASPERSKY\MALWAREBYTES' ANTI-MALWARE\MBAMSERVICE.EXE
(Yuna Software) E:\PROGRAMME\SKYPE\MESSENGER PLUS!\MSGPLUSFORSKYPESERVICE.EXE
(Microsoft) E:\PROGRAMME\NETBALANCER\NETBALANCER\SERIOUSBIT.NETBALANCER.SERVICE.EXE
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Samsung Software Center, Moscow) C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\USERS\VALENTIN\APPDATA\LOCALLOW\WOT\IE\WOTUPDATER.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) E:\Programme\kaspersky\Malwarebytes' Anti-Malware\mbamgui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(
ASUSTeK Computer Inc.) C:\PROGRAM FILES (X86)\ASUS\GPU BOOST DRIVER\GPUBOOSTSERVER.EXE
(ASUSTeK Computer Inc.) C:\PROGRAM FILES (X86)\ASUS\TURBOV EVO\TURBOVHELP.EXE
() C:\Windows\DAODx.exe
(Realtek Semiconductor) C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORSHIELD.EXE
(Akamai Technologies, Inc.) C:\Users\valentin\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
(hxxp://www.tinydm.com/) C:\USERS\VALENTIN\APPDATA\LOCAL\DM\TINYDM.EXE
(Freecom) C:\Program Files (x86)\Freecom\GREEN BUTTON\GREEN BUTTON.exe
(Akamai Technologies, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\AKAMAI\NETSESSION_WIN.EXE
(Avira Operations GmbH & Co. KG) E:\PROGRAMME\AVIRA2\AVIRA\ANTIVIR DESKTOP\AVGNT.EXE
(Advanced Micro Devices Inc.) C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
(Google Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
(Google Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
(Crawler.com) C:\PROGRAM FILES (X86)\SPYWARE TERMINATOR\SPYWARETERMINATORUPDATE.EXE
(ATI Technologies Inc.) C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(Avira Operations GmbH & Co. KG) E:\PROGRAMME\AVIRA2\AVIRA\ANTIVIR DESKTOP\AVCENTER.EXE
(Avira Operations GmbH & Co. KG) E:\PROGRAMME\AVIRA2\AVIRA\ANTIVIR DESKTOP\AVSCAN.EXE
(Tencent Inc.) D:\PROGRAMME\FOXMAIL\FOXMAIL\FOXMAIL.EXE
(Microsoft Corporation) C:\PROGRAM FILES (X86)\INTERNET EXPLORER\IELOWUTIL.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(Skype Technologies S.A.) C:\PROGRAM FILES (X86)\SKYPE\PHONE\SKYPE.EXE
(Yuna Software) E:\PROGRAMME\SKYPE\MESSENGER PLUS!\MESSENGER PLUS! FOR SKYPE.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(RockMelt, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\ROCKMELT\APPLICATION\ROCKMELT.EXE
(Microsoft Corporation) C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11465832 2010-09-14] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\valentin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [GoogleChromeAutoLaunch_2239D68823CEE3A8A12F033F821D7A1E] - C:\Users\valentin\AppData\Local\Google\Chrome\Application\chrome.exe [846288 2013-07-12] (Google Inc.)
HKCU\...\Run: [Tiny download manager] - C:\Users\valentin\AppData\Local\DM\TinyDM.exe [282624 2013-07-17] (hxxp://www.tinydm.com/)
HKLM-x32\...\Run: [TurboV EVO] - C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [9900672 2010-01-19] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TrayServer] - E:\Programme\VDL\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [avgnt] - E:\Programme\AVIRA2\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Freecom GREEN BUTTON.lnk
ShortcutTarget: Freecom GREEN BUTTON.lnk -> C:\Program Files (x86)\Freecom\GREEN BUTTON\GREEN BUTTON.exe (Freecom)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {F8626EE2-2B6E-4059-A550-4773EDD8FDBB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKCU - {F8626EE2-2B6E-4059-A550-4773EDD8FDBB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\Programme\Alive\FGlashget\jccatch.dll (www.flashget.com)
BHO-x32: TubeSaver - {57F2FC14-BE99-4DFB-B9F1-2458A4F496AB} - C:\Program Files (x86)\TubeSaver\125.dll No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\valentin\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -  No File
BHO-x32: billiger.de Sparberater - {C5A83FB3-EA76-49C5-BA8D-11AEB924738B} - C:\Program Files (x86)\billigerde\Internet Explorer\billigerde.dll ()
BHO-x32: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:\Programme\Alive\FGlashget\getflash.dll (www.flashget.com)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: HKLM {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\srr41pe0.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\valentin\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\valentin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\valentin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\valentin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @us-w1.rockmelt.com/RockMelt Update;version=8 - C:\Users\valentin\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\valentin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Extension: No Name - C:\Users\valentin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\valentin\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\valentin\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\valentin\AppData\Local\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (         "name": "",) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Google Update) - C:\Users\valentin\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (RockMelt Update) - C:\Users\valentin\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR Extension: (WOT) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphjeokkkbngjpiofnfpnafjeofjomfb\2.11.7_0
CHR Extension: (Battlefield Play4Free) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0
CHR Extension: (Google Publisher Toolbar) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc\4.0.6_0
CHR Extension: (Gmail) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\valentin\AppData\LocalLow\WOT\CHROME\WOT.crx

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; E:\Programme\AVIRA2\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\Programme\AVIRA2\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
R2 MAGIX StartUp Analyze Service; E:\Programme\mbat\MXSAS.exe [186368 2010-11-04] (MAGIX AG)
R2 MBAMScheduler; E:\Programme\kaspersky\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; E:\Programme\kaspersky\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsgPlusService; E:\Programme\skype\Messenger Plus!\MsgPlusForSkypeService.exe [124832 2012-01-22] (Yuna Software)
R2 NetBalancer Windows Service; E:\Programme\netbalancer\NetBalancer\SeriousBit.NetBalancer.Service.exe [10752 2010-06-01] (Microsoft)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [3885424 2011-01-19] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-05-13] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [216576 2009-12-02] (Samsung Software Center, Moscow)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 WOTUpdater; C:\Users\valentin\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] ()

==================== Drivers (Whitelisted) ====================

R3 AODDriver; C:\Program Files (x86)\ASUS\GPU Boost Driver\amd64\AODDriver.sys [21048 2010-01-06] (Advanced Micro Devices)
R3 AODDriver; C:\Program Files (x86)\ASUS\GPU Boost Driver\amd64\AODDriver.sys [21048 2010-01-06] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-05-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-05-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-05-26] (Avira Operations GmbH & Co. KG)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [187912 2010-12-07] (Avid Technology, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 Nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [34280 2010-05-15] (SeriousBit)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
S3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-21] (Philips Applied Technologies)
S3 SPC530; C:\Windows\System32\drivers\SPC530.sys [583168 2008-05-21] (                                                            )
S3 SPC530m; C:\Windows\System32\drivers\SPC530m.sys [8192 2008-05-21] (                                                            )
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-22] (Windows (R) Win 7 DDK provider)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 cpuz132; \??\C:\Users\valentin\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
S3 dump_wmimmc; \??\E:\Programme\wolfstein\GameGuard\dump_wmimmc.sys [x]
S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
S3 wolf; \??\E:\Programme\video delu\Wolfteam\Wolfteam\avital\wolf64.sys [x]
S3 X6va002; \??\C:\Users\valentin\AppData\Local\Temp\00247D8.tmp [x]
S3 X6va003; \??\C:\Users\valentin\AppData\Local\Temp\00370FC.tmp [x]
S3 X6va005; \??\C:\Users\valentin\AppData\Local\Temp\005261B.tmp [x]
S3 X6va006; \??\C:\Users\valentin\AppData\Local\Temp\006F6FB.tmp [x]
S3 X6va007; \??\C:\Users\valentin\AppData\Local\Temp\007E9B5.tmp [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-28 14:24 - 2013-07-28 14:24 - 00000000 ____D C:\FRST
2013-07-28 14:22 - 2013-07-28 14:24 - 01780547 _____ (Farbar) C:\Users\valentin\Downloads\FRST64.exe
2013-07-28 12:43 - 2013-07-28 12:43 - 00001417 _____ C:\AdwCleaner[R3].txt
2013-07-28 12:40 - 2013-07-28 12:40 - 00010671 _____ C:\AdwCleaner[S2].txt
2013-07-28 12:39 - 2013-07-28 12:39 - 00011055 _____ C:\AdwCleaner[R2].txt
2013-07-28 12:37 - 2013-07-28 12:37 - 00000366 _____ C:\AdwCleaner[S1].txt
2013-07-28 12:36 - 2013-07-28 12:36 - 00010958 _____ C:\AdwCleaner[R1].txt
2013-07-28 10:52 - 2013-07-28 10:52 - 00000859 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-25 17:46 - 2013-07-26 11:18 - 00018096 _____ C:\Users\valentin\Desktop\Vorlage Rapper.odt
2013-07-25 17:46 - 2013-07-25 17:46 - 00007334 _____ C:\Users\valentin\Desktop\Vorlage Rapper - Kopie.odt
2013-07-25 01:54 - 2013-07-25 01:56 - 00000000 ____D C:\Windows\system32\MRT
2013-07-24 21:48 - 2013-07-24 22:09 - 00020013 _____ C:\Users\valentin\Desktop\DieZwai.odt
2013-07-24 11:26 - 2013-07-24 11:26 - 00000000 ____D C:\Users\valentin\Desktop\Alte Firefox-Daten
2013-07-24 10:48 - 2013-07-24 10:48 - 00262144 ____N C:\Windows\Minidump\072413-28813-01.dmp
2013-07-24 10:32 - 2012-12-16 19:11 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-07-24 10:32 - 2012-12-16 16:45 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-07-24 10:32 - 2012-12-16 16:13 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-07-24 10:32 - 2012-12-16 16:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-07-24 10:20 - 2013-07-24 10:20 - 00262144 ____N C:\Windows\Minidump\072413-38345-01.dmp
2013-07-24 10:14 - 2013-07-24 10:14 - 00262144 ____N C:\Windows\Minidump\072413-47034-01.dmp
2013-07-24 09:13 - 2013-07-24 09:13 - 00275688 _____ C:\Windows\Minidump\072413-68312-01.dmp
2013-07-23 21:02 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-23 21:02 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-23 21:02 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-23 21:01 - 2013-05-08 08:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-23 21:01 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-23 21:01 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-23 21:01 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-23 21:01 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-23 21:01 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-23 21:01 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-23 21:01 - 2013-01-03 08:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-07-23 21:01 - 2012-11-09 07:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-23 21:01 - 2012-11-09 06:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-23 21:00 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-23 21:00 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-23 21:00 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-07-23 21:00 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-23 21:00 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-23 21:00 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-23 21:00 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-23 21:00 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-23 21:00 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-23 21:00 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-23 21:00 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-23 21:00 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-07-23 21:00 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-23 21:00 - 2012-11-01 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-23 21:00 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-23 21:00 - 2012-11-01 06:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-23 20:59 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-23 20:59 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-23 20:59 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-23 20:59 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-23 20:59 - 2013-01-04 07:46 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-07-23 20:59 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-07-23 20:59 - 2013-01-04 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-07-23 20:59 - 2013-01-04 04:47 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-07-23 20:59 - 2013-01-04 04:47 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-07-23 20:59 - 2013-01-04 04:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-07-23 20:59 - 2012-11-20 07:48 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-07-23 20:59 - 2012-11-20 06:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-07-23 20:59 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-07-23 20:59 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-07-23 20:58 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-07-23 20:58 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-07-23 20:58 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-07-23 20:58 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-07-23 20:58 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-07-23 20:58 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-07-23 20:58 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-07-23 20:28 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-07-23 20:28 - 2012-11-30 07:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-07-23 20:28 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-07-23 20:28 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-07-23 20:28 - 2012-11-30 07:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-23 20:28 - 2012-11-30 07:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-23 20:28 - 2012-11-30 06:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 05:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-07-23 20:28 - 2012-11-30 04:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 04:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 04:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 04:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 01:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-07-23 20:28 - 2012-11-30 01:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-07-23 20:26 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-23 20:26 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-23 20:26 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-23 20:26 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-23 20:26 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-07-23 20:25 - 2013-05-13 07:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-23 20:25 - 2013-05-13 07:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-23 20:25 - 2013-05-13 07:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-23 20:25 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-23 20:25 - 2013-05-13 06:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-23 20:25 - 2013-05-13 06:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-07-23 20:25 - 2013-05-13 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-23 20:25 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-23 20:25 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-23 20:25 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-07-23 20:25 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-23 20:25 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-23 20:25 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-07-23 20:24 - 2013-03-19 08:04 - 05550424 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-23 20:24 - 2013-03-19 07:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-07-23 20:24 - 2013-03-19 07:04 - 03968856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-07-23 20:24 - 2013-03-19 07:04 - 03913560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-07-23 20:24 - 2013-03-19 06:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-07-23 20:24 - 2013-03-19 05:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-07-23 20:23 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-07-23 20:23 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-23 20:23 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-23 20:23 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-23 01:35 - 2013-07-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-23 01:35 - 2013-07-23 01:35 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-23 01:35 - 2013-07-23 01:35 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-23 01:35 - 2013-07-23 01:35 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-23 01:35 - 2013-07-23 01:35 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-23 01:35 - 2013-07-23 01:35 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-23 01:35 - 2013-07-23 01:35 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-23 01:35 - 2013-07-23 01:35 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-23 01:35 - 2013-07-23 01:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-23 01:35 - 2013-07-23 01:35 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-23 01:33 - 2013-07-23 01:33 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-23 01:32 - 2013-07-23 01:32 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-23 01:31 - 2013-07-23 01:38 - 00011102 _____ C:\Windows\IE10_main.log
2013-07-22 15:25 - 2013-07-22 16:26 - 00000000 ____D C:\Users\valentin\AppData\Local\Audible
2013-07-22 15:25 - 2013-07-22 15:25 - 00255352 _____ (Audible, Inc.) C:\Windows\SysWOW64\awrdscdc.ax
2013-07-22 15:25 - 2013-07-22 15:25 - 00000870 _____ C:\Users\valentin\Desktop\Audible Manager.lnk
2013-07-22 15:24 - 2001-08-17 22:43 - 00024576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2013-07-22 15:23 - 2013-07-22 15:24 - 00000000 ____D C:\Users\valentin\Documents\Audible
2013-07-22 15:22 - 2013-07-22 15:22 - 01730272 _____ (Audible Inc.) C:\Users\valentin\Downloads\ActiveSetupN.exe
2013-07-22 15:10 - 2013-07-22 15:10 - 00260418 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-07-22 14:45 - 2013-07-22 14:45 - 00275744 _____ C:\Windows\Minidump\072213-59373-01.dmp
2013-07-22 12:22 - 2013-07-22 12:23 - 00000000 ____D C:\ProgramData\Avanquest
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\valentin\Documents\Web Easy
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\valentin\AppData\Local\Avanquest
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\Public\Documents\Avanquest Software
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\ProgramData\Avanquest Software
2013-07-22 12:14 - 2013-07-22 12:14 - 00000000 ____D C:\Users\valentin\Desktop\html
2013-07-22 11:42 - 2013-07-22 12:20 - 00000000 ____D C:\Users\valentin\AppData\Roaming\lexiCan 4
2013-07-22 11:42 - 2013-07-22 11:42 - 00000000 ____D C:\Users\valentin\AppData\Roaming\lexiCan
2013-07-22 11:41 - 2013-07-22 11:41 - 00001607 _____ C:\Users\Public\Desktop\lexiCan 4 starten.lnk
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\Users\valentin\AppData\Roaming\vetafab Software GmbH
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\ProgramData\lexiCan 4
2013-07-22 01:37 - 2013-07-22 01:37 - 00262144 ____N C:\Windows\Minidump\072213-15412-01.dmp
2013-07-22 00:56 - 2013-07-26 20:37 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-22 00:56 - 2013-07-22 00:56 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-22 00:56 - 2013-07-22 00:56 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Spyware Terminator
2013-07-22 00:56 - 2013-07-22 00:56 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-19 10:53 - 2013-07-19 10:53 - 00000831 _____ C:\Users\valentin\.recently-used.xbel
2013-07-19 10:36 - 2013-07-19 10:53 - 00000000 ____D C:\Users\valentin\Desktop\sdchickbar
2013-07-19 00:49 - 2013-07-19 00:49 - 00262144 ____N C:\Windows\Minidump\071913-15724-01.dmp
2013-07-18 12:41 - 2013-07-19 11:26 - 00014692 _____ C:\Users\valentin\Desktop\OpenDocument Text (neu).odt
2013-07-18 11:57 - 2013-07-28 12:30 - 00006716 _____ C:\Windows\PFRO.log
2013-07-18 11:15 - 2013-07-28 13:52 - 00006944 _____ C:\Windows\setupact.log
2013-07-18 11:15 - 2013-07-18 11:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-18 09:53 - 2013-07-18 09:53 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-18 09:26 - 2013-07-18 09:26 - 00275688 _____ C:\Windows\Minidump\071813-44148-01.dmp
2013-07-17 23:13 - 2013-07-17 23:13 - 00275688 _____ C:\Windows\Minidump\071713-43415-01.dmp
2013-07-17 22:47 - 2013-07-17 22:47 - 00262144 ____N C:\Windows\Minidump\071713-14196-01.dmp
2013-07-17 17:11 - 2013-07-17 17:11 - 00275688 _____ C:\Windows\Minidump\071713-55380-01.dmp
2013-07-17 11:09 - 2013-07-17 11:09 - 00000084 _____ C:\Windows\SysWOW64\prime.txt
2013-07-17 11:09 - 2013-07-17 11:09 - 00000065 _____ C:\Windows\SysWOW64\local.txt
2013-07-17 00:45 - 2013-07-17 00:45 - 00000000 ____D C:\Users\valentin\AppData\Local\DM
2013-07-17 00:44 - 2013-07-17 00:44 - 00118805 _____ C:\Users\valentin\Downloads\kuckuck jumping 95bpm zis.wav.exe
2013-07-16 20:41 - 2013-07-16 20:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-16 20:41 - 2013-07-16 20:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-16 20:31 - 2013-07-24 10:51 - 00493584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-16 16:07 - 2013-07-16 16:07 - 00148536 _____ C:\Users\valentin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-15 21:16 - 2013-07-15 21:16 - 00000000 ____D C:\Users\valentin\AppData\Roaming\TuneUp Software
2013-07-15 21:16 - 2013-07-15 21:16 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-15 21:16 - 2013-01-28 14:19 - 00035104 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-07-15 21:16 - 2013-01-28 14:19 - 00026400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-07-15 21:16 - 2013-01-28 14:19 - 00021792 _____ (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-15 21:15 - 2013-07-15 21:25 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-15 21:15 - 2013-07-15 21:16 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-04 23:21 - 2013-07-04 23:21 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2013-07-04 23:15 - 2013-07-04 23:21 - 00000000 ____D C:\Users\valentin\AppData\Roaming\XnView
2013-07-04 20:06 - 2013-07-04 20:14 - 00000000 ____D C:\Users\valentin\Desktop\SCHIZOPHRENICWEBSITE_web_files
2013-07-04 20:06 - 2013-07-04 20:06 - 00000000 ____D C:\Users\valentin\Desktop\J
2013-07-01 00:25 - 2013-07-01 00:25 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager

==================== One Month Modified Files and Folders =======

2013-07-28 14:25 - 2010-06-03 20:28 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Skype
2013-07-28 14:24 - 2013-07-28 14:24 - 00000000 ____D C:\FRST
2013-07-28 14:24 - 2013-07-28 14:22 - 01780547 _____ (Farbar) C:\Users\valentin\Downloads\FRST64.exe
2013-07-28 14:07 - 2010-06-19 20:11 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{061F5AEE-FCAD-4EB6-BB61-1AB6937C291E}
2013-07-28 14:06 - 2012-03-10 10:18 - 00000000 ____D C:\ProgramData\Messenger Plus! for Skype
2013-07-28 13:59 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-28 13:59 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-28 13:53 - 2010-06-03 17:57 - 00000000 _____ C:\ProgramData\Gpu.log
2013-07-28 13:52 - 2013-07-18 11:15 - 00006944 _____ C:\Windows\setupact.log
2013-07-28 13:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-28 12:52 - 2010-06-03 11:19 - 01746264 _____ C:\Windows\WindowsUpdate.log
2013-07-28 12:46 - 2012-03-09 17:41 - 00000940 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job
2013-07-28 12:43 - 2013-07-28 12:43 - 00001417 _____ C:\AdwCleaner[R3].txt
2013-07-28 12:40 - 2013-07-28 12:40 - 00010671 _____ C:\AdwCleaner[S2].txt
2013-07-28 12:40 - 2011-08-04 15:05 - 00000000 ____D C:\ProgramData\ICQ
2013-07-28 12:39 - 2013-07-28 12:39 - 00011055 _____ C:\AdwCleaner[R2].txt
2013-07-28 12:38 - 2009-07-14 19:58 - 06910954 _____ C:\Windows\system32\perfh007.dat
2013-07-28 12:38 - 2009-07-14 19:58 - 02080518 _____ C:\Windows\system32\perfc007.dat
2013-07-28 12:38 - 2009-07-14 07:13 - 02158062 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-28 12:37 - 2013-07-28 12:37 - 00000366 _____ C:\AdwCleaner[S1].txt
2013-07-28 12:36 - 2013-07-28 12:36 - 00010958 _____ C:\AdwCleaner[R1].txt
2013-07-28 12:36 - 2012-03-10 10:21 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job
2013-07-28 12:30 - 2013-07-18 11:57 - 00006716 _____ C:\Windows\PFRO.log
2013-07-28 12:29 - 2012-04-16 17:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-28 11:40 - 2012-09-16 11:35 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job
2013-07-28 11:40 - 2012-09-16 11:35 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job
2013-07-28 10:52 - 2013-07-28 10:52 - 00000859 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-28 01:30 - 2012-12-30 23:54 - 06204993 _____ C:\Users\valentin\Desktop\SCHIZOPHRENICWEBSITE.web
2013-07-27 14:56 - 2012-03-03 11:22 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-07-27 14:47 - 2010-11-27 15:47 - 00001120 _____ C:\Windows\SysWOW64\index.xml
2013-07-27 13:33 - 2010-09-28 15:30 - 00000000 ____D C:\Users\valentin\AppData\Roaming\TeamViewer
2013-07-26 20:37 - 2013-07-22 00:56 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-26 20:36 - 2012-03-10 10:21 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job
2013-07-26 11:18 - 2013-07-25 17:46 - 00018096 _____ C:\Users\valentin\Desktop\Vorlage Rapper.odt
2013-07-25 17:46 - 2013-07-25 17:46 - 00007334 _____ C:\Users\valentin\Desktop\Vorlage Rapper - Kopie.odt
2013-07-25 17:23 - 2012-03-09 17:41 - 00000888 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job
2013-07-25 01:56 - 2013-07-25 01:54 - 00000000 ____D C:\Windows\system32\MRT
2013-07-24 22:09 - 2013-07-24 21:48 - 00020013 _____ C:\Users\valentin\Desktop\DieZwai.odt
2013-07-24 13:25 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-24 11:26 - 2013-07-24 11:26 - 00000000 ____D C:\Users\valentin\Desktop\Alte Firefox-Daten
2013-07-24 10:51 - 2013-07-16 20:31 - 00493584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-24 10:51 - 2010-06-03 11:22 - 00000000 ___RD C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-24 10:51 - 2010-06-03 11:22 - 00000000 ___RD C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-24 10:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-24 10:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-24 10:48 - 2013-07-24 10:48 - 00262144 ____N C:\Windows\Minidump\072413-28813-01.dmp
2013-07-24 10:48 - 2011-05-21 22:54 - 00000296 _____ C:\Windows\Tasks\PCCT - MAGIX AG.job
2013-07-24 10:48 - 2010-12-22 20:31 - 00000000 ____D C:\Windows\Minidump
2013-07-24 10:32 - 2012-09-16 11:35 - 00003932 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA
2013-07-24 10:31 - 2012-12-02 19:15 - 00003040 _____ C:\Windows\System32\Tasks\MSIAfterburner
2013-07-24 10:31 - 2012-10-15 22:47 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-24 10:31 - 2012-09-16 11:35 - 00003564 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core
2013-07-24 10:31 - 2012-03-10 10:21 - 00004118 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA
2013-07-24 10:31 - 2012-03-10 10:21 - 00003722 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core
2013-07-24 10:31 - 2011-08-29 17:53 - 00002938 _____ C:\Windows\System32\Tasks\{1DF9EE0A-DAFD-458A-8925-65FC0F4027B3}
2013-07-24 10:31 - 2011-08-29 17:52 - 00002938 _____ C:\Windows\System32\Tasks\{7A5F28EE-D234-4165-9B3E-E186903BC345}
2013-07-24 10:31 - 2011-05-21 22:54 - 00002694 _____ C:\Windows\System32\Tasks\PCCT - MAGIX AG
2013-07-24 10:20 - 2013-07-24 10:20 - 00262144 ____N C:\Windows\Minidump\072413-38345-01.dmp
2013-07-24 10:14 - 2013-07-24 10:14 - 00262144 ____N C:\Windows\Minidump\072413-47034-01.dmp
2013-07-24 10:08 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-24 09:13 - 2013-07-24 09:13 - 00275688 _____ C:\Windows\Minidump\072413-68312-01.dmp
2013-07-23 10:10 - 2011-05-10 17:48 - 00001387 _____ C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-23 10:09 - 2010-06-03 12:09 - 00000000 ____D C:\Windows\Panther
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-23 01:38 - 2013-07-23 01:31 - 00011102 _____ C:\Windows\IE10_main.log
2013-07-23 01:35 - 2013-07-23 01:35 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-23 01:35 - 2013-07-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-23 01:35 - 2013-07-23 01:35 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-23 01:35 - 2013-07-23 01:35 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-23 01:35 - 2013-07-23 01:35 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-23 01:35 - 2013-07-23 01:35 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-23 01:35 - 2013-07-23 01:35 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-23 01:35 - 2013-07-23 01:35 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-23 01:35 - 2013-07-23 01:35 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-23 01:35 - 2013-07-23 01:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-23 01:35 - 2013-07-23 01:35 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-23 01:33 - 2013-07-23 01:33 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-23 01:32 - 2013-07-23 01:32 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-22 19:05 - 2011-08-04 15:04 - 00000000 ____D C:\Users\valentin\AppData\Roaming\ICQ
2013-07-22 16:26 - 2013-07-22 15:25 - 00000000 ____D C:\Users\valentin\AppData\Local\Audible
2013-07-22 15:25 - 2013-07-22 15:25 - 00255352 _____ (Audible, Inc.) C:\Windows\SysWOW64\awrdscdc.ax
2013-07-22 15:25 - 2013-07-22 15:25 - 00000870 _____ C:\Users\valentin\Desktop\Audible Manager.lnk
2013-07-22 15:24 - 2013-07-22 15:23 - 00000000 ____D C:\Users\valentin\Documents\Audible
2013-07-22 15:22 - 2013-07-22 15:22 - 01730272 _____ (Audible Inc.) C:\Users\valentin\Downloads\ActiveSetupN.exe
2013-07-22 15:10 - 2013-07-22 15:10 - 00260418 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-07-22 14:45 - 2013-07-22 14:45 - 00275744 _____ C:\Windows\Minidump\072213-59373-01.dmp
2013-07-22 12:23 - 2013-07-22 12:22 - 00000000 ____D C:\ProgramData\Avanquest
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\valentin\Documents\Web Easy
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\valentin\AppData\Local\Avanquest
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\Public\Documents\Avanquest Software
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\ProgramData\Avanquest Software
2013-07-22 12:22 - 2010-06-03 17:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-22 12:20 - 2013-07-22 11:42 - 00000000 ____D C:\Users\valentin\AppData\Roaming\lexiCan 4
2013-07-22 12:14 - 2013-07-22 12:14 - 00000000 ____D C:\Users\valentin\Desktop\html
2013-07-22 11:42 - 2013-07-22 11:42 - 00000000 ____D C:\Users\valentin\AppData\Roaming\lexiCan
2013-07-22 11:41 - 2013-07-22 11:41 - 00001607 _____ C:\Users\Public\Desktop\lexiCan 4 starten.lnk
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\Users\valentin\AppData\Roaming\vetafab Software GmbH
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\ProgramData\lexiCan 4
2013-07-22 01:37 - 2013-07-22 01:37 - 00262144 ____N C:\Windows\Minidump\072213-15412-01.dmp
2013-07-22 00:56 - 2013-07-22 00:56 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-22 00:56 - 2013-07-22 00:56 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Spyware Terminator
2013-07-22 00:56 - 2013-07-22 00:56 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-19 11:26 - 2013-07-18 12:41 - 00014692 _____ C:\Users\valentin\Desktop\OpenDocument Text (neu).odt
2013-07-19 11:18 - 2012-03-29 21:36 - 00000000 ____D C:\Users\valentin\.gimp-2.6
2013-07-19 10:53 - 2013-07-19 10:53 - 00000831 _____ C:\Users\valentin\.recently-used.xbel
2013-07-19 10:53 - 2013-07-19 10:36 - 00000000 ____D C:\Users\valentin\Desktop\sdchickbar
2013-07-19 10:53 - 2010-06-03 11:22 - 00000000 ____D C:\Users\valentin
2013-07-19 00:49 - 2013-07-19 00:49 - 00262144 ____N C:\Windows\Minidump\071913-15724-01.dmp
2013-07-18 11:15 - 2013-07-18 11:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-18 09:53 - 2013-07-18 09:53 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-18 09:26 - 2013-07-18 09:26 - 00275688 _____ C:\Windows\Minidump\071813-44148-01.dmp
2013-07-18 09:22 - 2012-04-16 17:52 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-18 09:22 - 2012-04-16 17:52 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-18 09:22 - 2011-06-17 11:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-18 09:19 - 2012-12-28 23:46 - 00000000 ____D C:\Users\valentin\AppData\Local\Adobe
2013-07-17 23:13 - 2013-07-17 23:13 - 00275688 _____ C:\Windows\Minidump\071713-43415-01.dmp
2013-07-17 22:47 - 2013-07-17 22:47 - 00262144 ____N C:\Windows\Minidump\071713-14196-01.dmp
2013-07-17 17:11 - 2013-07-17 17:11 - 00275688 _____ C:\Windows\Minidump\071713-55380-01.dmp
2013-07-17 11:09 - 2013-07-17 11:09 - 00000084 _____ C:\Windows\SysWOW64\prime.txt
2013-07-17 11:09 - 2013-07-17 11:09 - 00000065 _____ C:\Windows\SysWOW64\local.txt
2013-07-17 11:09 - 2010-06-03 17:39 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2013-07-17 00:45 - 2013-07-17 00:45 - 00000000 ____D C:\Users\valentin\AppData\Local\DM
2013-07-17 00:44 - 2013-07-17 00:44 - 00118805 _____ C:\Users\valentin\Downloads\kuckuck jumping 95bpm zis.wav.exe
2013-07-16 20:41 - 2013-07-16 20:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-16 20:41 - 2013-07-16 20:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-16 16:07 - 2013-07-16 16:07 - 00148536 _____ C:\Users\valentin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-15 21:35 - 2010-11-13 14:39 - 00000000 ___HD C:\ProgramData\{7DE921C9-42C8-4DA3-8A44-043C3349FD1D}
2013-07-15 21:25 - 2013-07-15 21:15 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-15 21:25 - 2012-11-18 15:13 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Sony
2013-07-15 21:25 - 2011-12-25 17:12 - 00000000 __HDC C:\ProgramData\{CCE3E562-124D-4D63-8AC7-EC849A579F07}
2013-07-15 21:25 - 2011-12-25 16:52 - 00000000 __HDC C:\ProgramData\{82B9F45C-9378-4B6C-B80A-338C197F3791}
2013-07-15 21:25 - 2011-12-25 16:47 - 00000000 __HDC C:\ProgramData\{AB38F02B-C891-457C-B8C8-DA9D96EFA317}
2013-07-15 21:25 - 2011-12-25 16:19 - 00000000 __HDC C:\ProgramData\{91377244-4B4E-4A81-9F72-FA41DECB3D8F}
2013-07-15 21:25 - 2011-12-25 16:15 - 00000000 __HDC C:\ProgramData\{F2026C51-8509-47B4-816D-CCD2DB993FC1}
2013-07-15 21:25 - 2011-12-25 16:07 - 00000000 __HDC C:\ProgramData\{DFB8047B-FF22-438D-90BD-83E8B78F83D7}
2013-07-15 21:25 - 2011-12-25 15:50 - 00000000 __HDC C:\ProgramData\{80A0A482-175E-4DE8-9D32-C8C8463D1362}
2013-07-15 21:25 - 2011-12-25 15:48 - 00000000 __HDC C:\ProgramData\{AA5037F8-9B97-456B-847E-A64FEB3E393C}
2013-07-15 21:25 - 2011-12-25 13:57 - 00000000 __HDC C:\ProgramData\{E9CDB61C-771D-42BB-B441-4CA7622ACA52}
2013-07-15 21:25 - 2011-12-25 13:19 - 00000000 __HDC C:\ProgramData\{F409EA92-6713-4D2D-AF88-0C51B1CF1D2A}
2013-07-15 21:25 - 2011-12-25 13:17 - 00000000 __HDC C:\ProgramData\{DC597CF0-DB39-40C2-9F8C-CF9D0A386548}
2013-07-15 21:25 - 2011-12-25 13:17 - 00000000 __HDC C:\ProgramData\{CA03436C-933D-4ADA-9E89-2C39CC03E904}
2013-07-15 21:25 - 2011-12-25 13:16 - 00000000 __HDC C:\ProgramData\{D04E7E60-5F77-4E61-9CD4-7AEC5E15C525}
2013-07-15 21:25 - 2011-12-25 13:16 - 00000000 __HDC C:\ProgramData\{B0DF9098-245E-479F-A4ED-B5F91EA4948B}
2013-07-15 21:25 - 2011-12-25 13:15 - 00000000 __HDC C:\ProgramData\{DE181BBE-2522-484E-A620-BDCFB298DC87}
2013-07-15 21:25 - 2011-12-25 13:10 - 00000000 __HDC C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
2013-07-15 21:25 - 2011-12-25 13:06 - 00000000 __HDC C:\ProgramData\{DD2792B0-5B90-4CC3-8D97-1C733D7FB366}
2013-07-15 21:25 - 2011-12-25 12:55 - 00000000 __HDC C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
2013-07-15 21:25 - 2011-12-22 13:32 - 00000000 __HDC C:\ProgramData\{AE4E9D9F-140B-4444-9F54-7EF88D1966D3}
2013-07-15 21:25 - 2011-12-22 11:15 - 00000000 __HDC C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
2013-07-15 21:25 - 2011-12-22 11:14 - 00000000 __HDC C:\ProgramData\{DCC412E7-393B-4016-91FB-9307F059AFB6}
2013-07-15 21:25 - 2011-12-20 21:55 - 00000000 __HDC C:\ProgramData\{C2A88E6D-FA3D-462B-BDFF-A09B1EFA8FBE}
2013-07-15 21:25 - 2011-11-02 15:04 - 00000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2013-07-15 21:25 - 2011-06-05 09:13 - 00000000 __HDC C:\ProgramData\{F032C584-F5A7-4097-B137-C76CAA800BC1}
2013-07-15 21:25 - 2011-02-06 20:17 - 00000000 __HDC C:\ProgramData\{D15CE785-FD15-4860-807A-3B68400084D3}
2013-07-15 21:25 - 2010-06-03 18:05 - 00000000 ____D C:\Users\valentin\AppData\Local\Downloaded Installations
2013-07-15 21:24 - 2012-12-17 18:57 - 00000000 __HDC C:\ProgramData\{34163C5E-1AE4-49D8-B5F9-A3C2422AAB96}
2013-07-15 21:24 - 2011-12-25 17:12 - 00000000 __HDC C:\ProgramData\{27D02406-6F0F-419F-AF2F-A4EE19D2E463}
2013-07-15 21:24 - 2011-12-25 16:03 - 00000000 __HDC C:\ProgramData\{68233086-CF7D-452D-8519-A7815257EC6B}
2013-07-15 21:24 - 2011-12-25 15:30 - 00000000 __HDC C:\ProgramData\{35B46D49-85E2-40EA-8EC6-43B281EDD8E7}
2013-07-15 21:24 - 2011-12-25 13:20 - 00000000 __HDC C:\ProgramData\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE}
2013-07-15 21:24 - 2011-12-25 13:17 - 00000000 __HDC C:\ProgramData\{588D017F-D30B-4C08-8A10-1FEF7D039369}
2013-07-15 21:24 - 2011-12-25 13:16 - 00000000 __HDC C:\ProgramData\{6E467D89-1963-440B-84F9-852C8150E323}
2013-07-15 21:24 - 2011-12-25 13:16 - 00000000 __HDC C:\ProgramData\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC}
2013-07-15 21:24 - 2011-12-25 13:09 - 00000000 __HDC C:\ProgramData\{34B6291D-C0D7-4BAF-B634-1D130C96F9F9}
2013-07-15 21:24 - 2011-12-25 13:04 - 00000000 __HDC C:\ProgramData\{3006A797-CDFA-44FC-98EF-155579E2CDBF}
2013-07-15 21:24 - 2011-12-22 11:14 - 00000000 __HDC C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
2013-07-15 21:24 - 2011-04-18 21:25 - 00000000 __HDC C:\ProgramData\{0C95DFD3-6D9A-4690-B733-6D8C0B0A6578}
2013-07-15 21:24 - 2011-02-06 20:19 - 00000000 __HDC C:\ProgramData\{47960B9E-9E4E-438D-AA0C-2F495913AD7E}
2013-07-15 21:24 - 2011-02-06 20:19 - 00000000 __HDC C:\ProgramData\{2F1A850B-9DA6-4E4A-AB2A-E9005D72D5B2}
2013-07-15 21:24 - 2011-02-06 20:18 - 00000000 __HDC C:\ProgramData\{51753DAD-2BAB-4BB2-A4AA-CAAEF5AA972B}
2013-07-15 21:24 - 2011-02-06 16:14 - 00000000 __HDC C:\ProgramData\{6268CC84-62BB-4890-B980-FC891FC3470E}
2013-07-15 21:24 - 2011-01-23 21:06 - 00000000 __HDC C:\ProgramData\{57B10C8A-9A38-45B2-B696-92DA7712A65C}
2013-07-15 21:16 - 2013-07-15 21:16 - 00000000 ____D C:\Users\valentin\AppData\Roaming\TuneUp Software
2013-07-15 21:16 - 2013-07-15 21:16 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-15 21:16 - 2013-07-15 21:15 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-15 21:16 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-15 20:56 - 2010-09-05 09:48 - 00000000 ____D C:\Users\valentin\Documents\MAGIX
2013-07-15 11:06 - 2010-12-12 12:58 - 00000000 ____D C:\Users\valentin\AppData\Roaming\vlc
2013-07-14 14:32 - 2012-12-15 11:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-14 14:32 - 2010-06-03 20:27 - 00000000 ____D C:\ProgramData\Skype
2013-07-04 23:21 - 2013-07-04 23:21 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2013-07-04 23:21 - 2013-07-04 23:15 - 00000000 ____D C:\Users\valentin\AppData\Roaming\XnView
2013-07-04 20:14 - 2013-07-04 20:06 - 00000000 ____D C:\Users\valentin\Desktop\SCHIZOPHRENICWEBSITE_web_files
2013-07-04 20:06 - 2013-07-04 20:06 - 00000000 ____D C:\Users\valentin\Desktop\J
2013-07-04 15:14 - 2013-05-01 01:47 - 00008920 _____ C:\Users\valentin\Desktop\gutschein code.odt
2013-07-01 00:25 - 2013-07-01 00:25 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2013-07-01 00:25 - 2012-03-10 10:21 - 00000000 ____D C:\Users\valentin\AppData\Local\Google
2013-06-29 21:25 - 2013-05-13 18:46 - 00234768 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2013-06-29 21:11 - 2013-05-13 16:36 - 00234768 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2013-06-29 13:57 - 2011-11-10 19:51 - 00000000 ____D C:\Users\valentin\AppData\Local\Akamai

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-28 02:28

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Geändert von schizo (28.07.2013 um 14:14 Uhr)

Alt 28.07.2013, 13:43   #4
schizo
 
TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Addition.txt: (Post war anscheinend zu lang für einen beitrag)

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-07-2013
Ran by valentin at 2013-07-28 14:28:48
Running from E:\Programme\Neuer Ordner
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

   
1-abc.net Hard Drive Washer (Remove only) (x32)
Absolute Video to Audio Converter 3.1.8 (x32)
Acid Rack 2.1a (x32)
Adobe AIR (x32 Version: 3.5.0.880)
Adobe Download Assistant (x32 Version: 1.2.3)
Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Help Manager (x32 Version: 4.0.244)
Adobe Shockwave Player 11.5 (x32 Version: 11.5.9.615)
Adobe Widget Browser (x32 Version: 2.0 Build 348)
Adobe Widget Browser (x32 Version: 2.0.348)
AFPL Ghostscript 8.54 (x32)
AFPL Ghostscript Fonts (x32)
Akamai NetSession Interface (HKCU)
Akamai NetSession Interface (x32)
Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18)
AMD USB Filter Driver (x32 Version: 1.0.14.91)
AnalogX SayIt (x32)
Apple Application Support (x32 Version: 2.1.6)
Apple Mobile Device Support (Version: 4.0.0.97)
Apple Software Update (x32 Version: 2.1.3.127)
AQtime 7 Standard for Embarcadero RAD Studio XE (x32 Version: 7.0.307.86)
ASIO4ALL (x32 Version: 2.10)
ATI Catalyst Install Manager (Version: 3.0.762.0)
Audacity 1.2.6 (x32)
Audacity 1.3.12 (Unicode) (x32)
AudibleManager (x32 Version: 1997028590.48.56.10627434)
AutoHotkey 1.0.44.06 (x32 Version: 1.0.44.06)
AutomatedQA AQtime 7 Standard for Embarcadero RAD Studio (HKCU Version: 7.0.307.86)
Avidemux 2.6 (32-bit) (x32 Version: 2.6.0.8179)
Avira Free Antivirus (x32 Version: 13.0.0.3884)
Awave Studio v10.4 (x32)
Battlefield Play4Free (x32)
BDE_ENT (x32 Version: 5.1.1)
billiger.de Sparberater (x32 Version: 1.4.6)
Bonjour (Version: 3.0.0.10)
BSS Intended Shutdown 1.1.0.0 (x32 Version: 1.1.0.0)
CamStudio (x32)
Camtasia Studio 7 (x32 Version: 7.0.0)
Catalyst Control Center Core Implementation (x32 Version: 2010.0113.2208.39662)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0113.2208.39662)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0113.2208.39662)
Catalyst Control Center Graphics Light (x32 Version: 2010.0113.2208.39662)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0113.2208.39662)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0113.2208.39662)
Catalyst Control Center InstallProxy (x32 Version: 2010.0113.2208.39662)
Catalyst Control Center Localization All (x32 Version: 2010.0113.2208.39662)
CCC Help Chinese Standard (x32 Version: 2010.0113.2207.39662)
CCC Help Chinese Traditional (x32 Version: 2010.0113.2207.39662)
CCC Help Czech (x32 Version: 2010.0113.2207.39662)
CCC Help Danish (x32 Version: 2010.0113.2207.39662)
CCC Help Dutch (x32 Version: 2010.0113.2207.39662)
CCC Help English (x32 Version: 2010.0113.2207.39662)
CCC Help Finnish (x32 Version: 2010.0113.2207.39662)
CCC Help French (x32 Version: 2010.0113.2207.39662)
CCC Help German (x32 Version: 2010.0113.2207.39662)
CCC Help Greek (x32 Version: 2010.0113.2207.39662)
CCC Help Hungarian (x32 Version: 2010.0113.2207.39662)
CCC Help Italian (x32 Version: 2010.0113.2207.39662)
CCC Help Japanese (x32 Version: 2010.0113.2207.39662)
CCC Help Korean (x32 Version: 2010.0113.2207.39662)
CCC Help Norwegian (x32 Version: 2010.0113.2207.39662)
CCC Help Polish (x32 Version: 2010.0113.2207.39662)
CCC Help Portuguese (x32 Version: 2010.0113.2207.39662)
CCC Help Russian (x32 Version: 2010.0113.2207.39662)
CCC Help Spanish (x32 Version: 2010.0113.2207.39662)
CCC Help Swedish (x32 Version: 2010.0113.2207.39662)
CCC Help Thai (x32 Version: 2010.0113.2207.39662)
CCC Help Turkish (x32 Version: 2010.0113.2207.39662)
ccc-core-static (x32 Version: 2010.0113.2208.39662)
ccc-utility64 (Version: 2010.0113.2208.39662)
CDBurnerXP (x32 Version: 4.4.0.3018)
CDXtract 4 demo (x32)
CodeSite Express 4.6.1 (x32 Version: 4.0)
CollabNet Automatic Update 1.2 (x32 Version: 1.2)
CollabNet Subversion Client 1.6.12 (x32 Version: 1.6.12)
D3DX10 (x32 Version: 15.4.2368.0902)
Das große Tafelwerk interaktiv (x32)
DATA BECKER web to date 8 (x32 Version: 8.0.0.2377)
Debut Video Capture Software (x32)
Delphi 7 Second Edition (x32)
DHTML Editing Component (x32 Version: 6.02.0001)
eaner (Version: 4.03)
easyHTML (x32)
Elastik v2.0.4
eLicenser Control (x32)
ElsterFormular für Privatanwender (x32 Version: 12.2.2.6665p)
Embarcadero RAD Studio XE (x32 Version: 8.0)
energyXT 2.5.4 (x32)
Engine 2 (Version: 2.0)
EPU (x32 Version: 1.02.10)
EVEREST Home Edition v2.20 (x32 Version: 2.20)
Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
FileZilla Client 3.5.1 (HKCU Version: 3.5.1)
FinalBuilder 7.0.0.600 Embarcadero Edition (x32 Version: 7.0.0.600)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0)
FL Studio 10 (x32)
FL Studio 9 (x32)
FlashGet 1.9.6.1073 (x32 Version: 1.9.6.1073)
Flv Audio Extractor 1.04 (x32)
FLV Player 2.0 (build 25) (x32 Version: 2.0 (build 25))
FotoTagger 2.13.0.1 (x32 Version: 2.13.0.1)
Foxit Reader (x32 Version: 4.2.0.928)
Free Studio version 5.0.3 (x32)
Free YouTube to MP3 Converter version 3.11.37.1212 (x32 Version: 3.11.37.1212)
Freecom GREEN BUTTON 1.64 (x32)
Freecom Hard Drive Formatter 1.41 (x32)
GIMP 2.6.11 (x32 Version: 2.6.11)
Google Chrome (HKCU Version: 28.0.1500.72)
Google Drive (x32 Version: 1.8.4357.4863)
Google SketchUp Pro 8 (x32 Version: 3.0.11762)
Google Update Helper (x32 Version: 1.3.21.135)
GPU Boost Driver (x32 Version: 1.01.07)
Green Line 5 Sprachtrainer (x32 Version: 1.00.000)
GUILD WARS (x32)
Guitar Explorer 1.0 (x32)
iCloud (Version: 1.0.1.29)
ICQ7.5 (x32 Version: 7.5)
IL Download Manager (x32)
Interlok driver setup x64 (Version: 5.8.12)
Internet-TV für Windows Media Center (x32 Version: 4.2.2.0)
iTunes (Version: 10.5.0.142)
IZArc 4.1.2 (x32 Version: 4.1.2)
JMicron JMB36X Driver (x32 Version: 1.17.59.0)
KeePass Password Safe 2.10 (x32)
Lern-o-Mat (x32)
lexiCan 4 (x32 Version: 4.5.1)
Live 8.0.4 (x32)
LPD8 Editor (x32)
MAGIX PC Check & Tuning Free 2011 (x32 Version: 6.0.403.1050)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MAGIX Video deluxe 17 Download-Version (x32 Version: 10.0.0.32)
MAGIX Video deluxe 17 Premium Sonderedition Download-Version (x32 Version: 10.0.11.0)
MAGIX Video easy Chip Edition (x32 Version: 2.0.1.4)
MAGIX Web Designer 6 Download-Version (x32 Version: 6.0.1.12379)
MAGIX Web Designer 9 Premium (Version: 9.0.1.27343)
MAGIX Web Designer MX Premium (Version: 8.0.2.21761)
MAGIX Web Designer MX Premium (x32 Version: 8.0.2.21761)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MatheAss 8.2 (x32)
M-Audio FastTrackPro Driver 6.0.7 (x64) (Version: 6.0.7)
MeldaProduction MDrummer 4 Small (x32)
MeldaProduction MTotalBundle 5 (x32)
MeldaProduction MTotalBundle64 5 (x32)
Messenger Companion (x32 Version: 15.4.3502.0922)
Messenger Plus! for Skype (x32 Version: 0.7.0.75 (BETA))
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 9.0.21022)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (x32 Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual J# 2.0 Redistributable Package (x32 Version: 2.0.50727)
Microsoft Visual J# 2.0 Redistributable Package (x32)
MIDI to WAV Converter 6.0 (x32)
mirabyte Web Architect 9.1.4 (x32 Version: 9.1.4)
Miroslav Philharmonik (x32 Version: 1.1.2)
Mozilla Firefox (3.6.3) (x32 Version: 3.6.3 (de))
Mozilla Firefox 18.0.1 (x86 de) (HKCU Version: 18.0.1)
MSI Afterburner 2.3.0 (x32 Version: 2.3.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Music Manager (HKCU)
Native Instruments Abbey Road 60s Drums (Version: 1.2.0.003)
Native Instruments Absynth 5 (Version: 5.1.0.1013)
Native Instruments Battery 3 (Version: 3.2.2.633)
Native Instruments Battery Library Importer for Maschine (Version: 1.0.0.003)
Native Instruments Berlin Concert Grand (Version: 1.3.0.004)
Native Instruments Controller Editor (Version: 1.3.5.667)
Native Instruments Driver (Version: 1.0.1.288)
Native Instruments FM8 (Version: 1.2.0.1016)
Native Instruments Guitar Rig 4 (Version: 4.1.0.1751)
Native Instruments Guitar Rig 5 (Version: 5.0.0.2354)
Native Instruments Guitar Rig Session I/O (Version: 3.0.0.625)
Native Instruments Komplete 7 Players (Version: 7.0.0.002)
Native Instruments Komplete 8 (Version: 8.0.0.001)
Native Instruments Kontakt 4 (Version: 4.2.4.5316)
Native Instruments Kontakt 4 Demo Content (Version: )
Native Instruments Kontakt 5 (Version: 5.0.0.5133)
Native Instruments Kontakt Factory Library (Version: 1.0.0.004)
Native Instruments Kontakt Factory Selection (Version: 1.0.0.011)
Native Instruments Kore Player (Version: 2.1.1.8200)
Native Instruments Massive (Version: 1.3.0.2050)
Native Instruments Mikro Prism (Version: 1.0.0.001)
Native Instruments New York Concert Grand (Version: 1.3.0.004)
Native Instruments Rammfire (Version: 1.1.0.003)
Native Instruments Reaktor 5 (Version: 5.6.1.11150)
Native Instruments Reaktor Factory Selection (Version: 1.0.0.000)
Native Instruments Reaktor Prism (Version: 1.2.0.005)
Native Instruments Reaktor Spark R2 (Version: 1.1.0.004)
Native Instruments Reflektor (Version: 1.2.0.003)
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)
Native Instruments Scarbee MM-Bass (Version: 1.2.0.006)
Native Instruments Scarbee Vintage Keys (Version: 1.1.0.002)
Native Instruments Service Center (Version: 2.2.6.676)
Native Instruments Studio Drummer (Version: 1.0.0.005)
Native Instruments The Finger R2 (Version: 1.1.0.004)
Native Instruments Traktors 12 (Version: 1.1.0.002)
Native Instruments Transient Master (Version: 1.0.0.004)
Native Instruments Upright Piano (Version: 1.3.0.004)
Native Instruments Vienna Concert Grand (Version: 1.3.0.003)
Native Instruments Vintage Organs (Version: 1.1.0.007)
Native Instruments West Africa (Version: 1.1.0.004)
NetBalancer
n-Track Studio 6 (x32 Version: 6.0.0)
OpenOffice.org 3.2 (x32 Version: 3.2.9502)
Paragon Backup & Recovery™ 2012 Free (x32 Version: 90.00.0003)
Pianoteq 3.6 Trial (64-bit) (x32)
Pinnacle Studio 16 - Install Manager (x32 Version: 16.0.75)
Pinnacle Studio 16 (x32 Version: 16.0.0.75)
Pinnacle Video Treiber (Version: 12.1.0.030)
Pivot 2.3.0 Deutsch (x32 Version: 2.3.0)
Pivot 3.2 Beta Deutsch (x32 Version: 3.2 Beta)
Protect Disc License Helper 1.0.125 (IE) (HKCU Version: 1.0.125)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14)
PunkBuster Services (x32 Version: 0.990)
PURE-PONE V1.5 (x32)
QuickTime (x32 Version: 7.71.80.42)
Rave Reports 9.0.0 BE (x32)
Realtek Ethernet Controller Driver (x32 Version: 7.31.1025.2010)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6201)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30105)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.26.0)
RockMelt (HKCU Version: 0.16.91.483)
roomeon 3D-Planer (x32 Version: 1.2.0)
Safari (x32 Version: 5.34.52.7)
SampleTank FREE (x32 Version: 2.5.5)
Samplitude 11 Download-Version (x32 Version: 11.0.2.0)
Samplitude Music Studio 16 Download-Version (x32 Version: 16.0.0.1)
Samplitude Music Studio 17 Content Pack (x32 Version: 1.0.0.0)
Samplitude Music Studio 17 Download-Version (x32 Version: 17.0.0.0)
Samplitude Music Studio 17 Vita Pack 1 (x32 Version: 1.0.0.0)
Samplitude Music Studio 17 Vita Pack 2 (x32 Version: 1.0.0.0)
Samplitude Music Studio 17 Vita Pack 3 (x32 Version: 1.0.0.0)
Samsung Network PC Fax (x32 Version: 1.04.027)
SeaTools for Windows (x32 Version: 1.2.0.5)
Seesu Music Player (HKCU)
SimAquarium (2) (HKCU)
SimAquarium (HKCU)
simplitec simplicheck (x32 Version: 1.3.10.0)
Skype Click to Call (x32 Version: 5.9.9216)
Skype™ 6.6 (x32 Version: 6.6.106)
Sonigen Modular version  (x32)
Spicy Guitar 1.2.0.1 (x32 Version: 1.2.0.1)
SPL DrumXchanger Native 1.0.1 (x32)
Sprachtrainer Fonts (x32 Version: 1.00.01)
Spyware Terminator 2012 (x32 Version: 3.0.0.82)
Steam (x32)
StreamTransport version: 1.0.2.2171 (x32)
Stronghold Legends (x32 Version: 1.20.0000)
Sweet Home 3D version 3.6 (x32)
TeamSpeak 2 RC2 (x32 Version: 2.0.32.60)
TeamSpeak 3 Client
Tiny Download Manager (remove only) (x32 Version: 2)
Torus (HKCU)
T-RackS 3 EQ (x32 Version: 3.1.2)
Try Nero Digital (x32 Version: 7.02.6270)
Tube Toolbox (x32 Version: 2.10.5)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3020.2)
TurboV EVO (x32 Version: 1.02.05)
Uninstall Analog Laboratory (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Vegas Pro 12.0 (64-bit) (Version: 12.0.394)
Ventrilo Client (x32 Version: 3.0.8)
Ventrilo Client for Windows x64 (Version: 3.0.5.0)
VLC media player 2.0.2 (Version: 2.0.2)
V-Station demo (x32 Version: 01.20.0000)
VSynth (x32 Version: 1.0)
Web Designer Premium 9 Update (Version: 9.0.3.28277)
Web Designer Premium MX Update (Version: 8.1.4.24749)
Web Easy Professional (x32 Version: 9.1.0)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Media Center Add-in for Silverlight (x32 Version: 4.7.3.0)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
WinZip 14.5 (x32 Version: 14.5.9095)
XnView 2.03 (x32 Version: 2.03)
YTD Video Downloader 3.9.6 (x32 Version: 3.9.6)

==================== Restore Points  =========================

28-07-2013 10:28:11 malwarebytes
28-07-2013 12:25:22 frst

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {03D82E88-1979-4962-BADA-D6BF1A71269F} - System32\Tasks\billigerdeSWU => C:\Windows\System32\cscript.exe [2009-07-14] (Microsoft Corporation)
Task: {059D3C18-7850-490E-9E25-2273CF884FD4} - System32\Tasks\HENRIK
Task: {069DE1C8-336C-41D8-8490-182A76CB77CC} - System32\Tasks\CollabNet => C:\PROGRA~2\COLLAB~1\AUTOUP~1\AUTOUP~1.EXE [2010-06-21] ()
Task: {0BDB1E95-2326-4B2E-8B71-4A1AF6C40C78} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe [2010-01-19] (ASUSTeK Computer Inc.)
Task: {0D88E696-AAF4-42D6-8DF8-6B6CD9C4A90E} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {106CED74-14A5-4FD3-90D4-2ADF66B4D758} - System32\Tasks\User_Feed_Synchronization-{061F5AEE-FCAD-4EB6-BB61-1AB6937C291E} => C:\Windows\system32\msfeedssync.exe [2013-07-23] (Microsoft Corporation)
Task: {10DD549E-29BD-4A43-AFD5-4DD835D7FC26} - System32\Tasks\MSIAfterburner => E:\Programme\afterburner\MSI Afterburner\MSIAfterburner.exe [2012-11-19] ()
Task: {22D630F4-758F-4ABE-9EF6-D777A755B97D} - System32\Tasks\ASUS\Gpu Boost Driver => C:\Program Files (x86)\ASUS\GPU Boost Driver\GpuBoostServer.exe [2010-01-25] (
ASUSTeK Computer Inc.)
Task: {288BC1F7-8CA7-4EA1-9302-9A857DD02606} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe No File
Task: {295DCF0C-707D-4022-99FE-87677C692DA4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA => C:\Users\valentin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-16] (Facebook Inc.)
Task: {3BAA2AE1-2172-4C8D-A541-570F34F5EB46} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {3CD227D9-96F9-4EFE-A498-33B3D62A46F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-18] (Adobe Systems Incorporated)
Task: {71656BFB-FAC5-44D0-847B-FA10FB45F76D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core => C:\Users\valentin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-10] (Google Inc.)
Task: {87E288F9-BE0E-483B-8148-D4FEA5C9C1E2} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)
Task: {894F8707-CD24-4EC9-8D64-DD4F7CAECF72} - System32\Tasks\{7A5F28EE-D234-4165-9B3E-E186903BC345} => E:\Programme\matheass\MA80.EXE [2003-03-16] ()
Task: {98776F79-D80D-4F9E-869E-96037776AD15} - System32\Tasks\PCCT - MAGIX AG => E:\Programme\mbat\MxTray.exe [2010-11-08] ()
Task: {991217B9-3B4A-4E1C-8642-545F5D743D52} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA => C:\Users\valentin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-10] (Google Inc.)
Task: {9A452257-DF67-4434-9FAD-5C62729D8375} - System32\Tasks\Klettern+Training
Task: {9C655083-FCE1-4196-A304-DBDC44FDF6AF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe [2010-11-20] (Microsoft Corporation)
Task: {A6D1FFD1-514E-4BFB-BCF8-4F9903B39A5E} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core => C:\Users\valentin\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-03-09] (Google Inc.)
Task: {A91C19C4-4394-4C16-A251-A32FF98A54E6} - System32\Tasks\Google Updater and Installer => C:\Users\valentin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-10] (Google Inc.)
Task: {ABC994F4-CE3C-4B46-8B22-72FC59EBB1F7} - System32\Tasks\{172CDE0B-9A45-48A3-B1B4-54A7F24FA203} => D:\Programme\Defrag\CrossFire\CF_G4box.exe No File
Task: {B3010EED-BE08-4211-A5AB-BA2391D36780} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {B5D1A837-759E-42E5-8479-8986AF7A0346} - System32\Tasks\{54EDBB9A-1C63-4800-BC31-6AC5C7B78A88} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {B8664CFD-B92C-4441-A0E1-DEE8FCED1138} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core => C:\Users\valentin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-16] (Facebook Inc.)
Task: {C2AC4650-A513-4294-A0CC-8153AA69AFDA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {C9E823B1-81CB-4650-B8E7-92CC0576E928} - System32\Tasks\CCleanerSkipUAC => D:\Programme\cambildschirm\ccleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {D00E910D-C6DD-4431-B133-2DE596B4664E} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File
Task: {DF15F0E8-DDFD-4B8E-927C-480EBC184E31} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA => C:\Users\valentin\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-03-09] (Google Inc.)
Task: {E0B818EF-F62D-4538-BCFE-8C85355EB48B} - System32\Tasks\AdobeAAMUpdater-1.0-valentin-PC-valentin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe No File
Task: {F3F85533-F000-4F09-B121-48C51F9C8583} - System32\Tasks\{1DF9EE0A-DAFD-458A-8925-65FC0F4027B3} => E:\Programme\matheass\MA80.EXE [2003-03-16] ()
Task: {FCB7D744-0AB9-44BE-A0C2-C9A35217794E} - System32\Tasks\ENSEMBLE+PUMPEN
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job => C:\Users\valentin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job => C:\Users\valentin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job => C:\Users\valentin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job => C:\Users\valentin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCCT - MAGIX AG.job => E:\Programme\mbat\MxTray.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job => C:\Users\valentin\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job => C:\Users\valentin\AppData\Local\RockMelt\Update\RockMeltUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2013 00:46:06 PM) (Source: Google Update) (User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (07/28/2013 00:38:06 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (07/28/2013 00:38:06 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (07/28/2013 00:38:06 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (07/28/2013 00:29:05 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: AsSysCtrlService.exe, Version: 1.0.0.1, Zeitstempel: 0x4a8be873
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x654
Startzeit der fehlerhaften Anwendung: 0xAsSysCtrlService.exe0
Pfad der fehlerhaften Anwendung: AsSysCtrlService.exe1
Pfad des fehlerhaften Moduls: AsSysCtrlService.exe2
Berichtskennung: AsSysCtrlService.exe3

Error: (07/28/2013 11:46:06 AM) (Source: Google Update) (User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (07/28/2013 11:40:05 AM) (Source: Google Update) (User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (07/28/2013 10:46:06 AM) (Source: Google Update) (User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (07/28/2013 06:46:05 AM) (Source: Google Update) (User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (07/28/2013 05:46:05 AM) (Source: Google Update) (User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072


System errors:
=============
Error: (07/28/2013 01:59:15 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.101
registriert werden. Der Computer mit IP-Adresse 192.168.2.103 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (07/28/2013 01:52:38 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (07/28/2013 01:52:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/28/2013 01:52:31 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "\\?\Volume{de290f9e-6eef-11df-b366-806e6f6e6963}" können nicht gelesen werden.

Error: (07/28/2013 00:50:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/28/2013 00:49:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/28/2013 00:44:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (07/28/2013 00:44:29 PM) (Source: DCOM) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (07/28/2013 00:42:31 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (07/28/2013 00:42:03 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (07/28/2013 00:46:06 PM) (Source: Google Update)(User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (07/28/2013 00:38:06 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (07/28/2013 00:38:06 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000184A01000000000009030000

Error: (07/28/2013 00:38:06 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000184A01000000000009030000

Error: (07/28/2013 00:29:05 PM) (Source: Application Error)(User: )
Description: AsSysCtrlService.exe1.0.0.14a8be873unknown0.0.0.000000000c00000050000000065401ce8b6df249982bC:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exeunknown86d2048e-f770-11e2-a1c5-485b390258a0

Error: (07/28/2013 11:46:06 AM) (Source: Google Update)(User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (07/28/2013 11:40:05 AM) (Source: Google Update)(User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7

Error: (07/28/2013 10:46:06 AM) (Source: Google Update)(User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (07/28/2013 06:46:05 AM) (Source: Google Update)(User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072

Error: (07/28/2013 05:46:05 AM) (Source: Google Update)(User: valentin-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://us-w1.rockmelt.com/update/1.0/update
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072


CodeIntegrity Errors:
===================================
  Date: 2010-09-02 16:27:40.051
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\valentin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-09-02 16:27:40.032
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\valentin\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-09-02 16:27:39.819
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Programme\everest home\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-09-02 16:27:39.812
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Programme\everest home\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 35%
Total physical RAM: 7934.18 MB
Available physical RAM: 5079.46 MB
Total Pagefile: 15866.54 MB
Available Pagefile: 12535.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (system) (Fixed) (Total:35 GB) (Free:4.39 GB) NTFS (Disk=0 Partition=2)
Drive d: (programme) (Fixed) (Total:35 GB) (Free:4.07 GB) NTFS (Disk=0 Partition=3)
Drive e: (daten) (Fixed) (Total:395.66 GB) (Free:29.76 GB) NTFS (Disk=0 Partition=4)
Drive g: (FREECOM HDD) (Fixed) (Total:2794.39 GB) (Free:1201.24 GB) NTFS (Disk=1 Partition=2)

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         

Alt 28.07.2013, 16:44   #5
schrauber
/// the machine
/// TB-Ausbilder
 

TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.07.2013, 09:20   #6
schizo
 
TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Vielen Dank dass du dir die Zeit nimmst

Code:
ATTFilter
ComboFix 13-07-27.01 - valentin 29.07.2013  10:00:15.1.3 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.7934.5639 [GMT 2:00]
ausgeführt von:: c:\users\valentin\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\CrashLog_20100921.txt
c:\cflog\CrashLog_20100923.txt
c:\cflog\CrashLog_20100928.txt
c:\cflog\CrashLog_20101107.txt
c:\cflog\CrashLog_20101203.txt
c:\cflog\CrashLog_20111230.txt
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\14(07-21-23-53-13).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\14.gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\att5DE0.pdf
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\att6834.jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\att6BA7.JPG
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\att7ED.doc
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\att93D7.JPG
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\attB11A.pdf
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\attF0FA.odt
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\attFE.pdf
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Berlin_07-13_04.JPG
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Favorite vs DCVNDS-13 (1).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Favorite vs DCVNDS-37.jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Favorite vs DCVNDS-52.jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\fm725C
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\fm74CD
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\fm93B6
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\fox
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\fox(07-18-23-38-17)
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\image001.gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\P2260026.JPG
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\scrollbar.css
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-09-20-13).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-10-21-36).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-10-21-41).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-10-21-46).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-10-21-57).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-10-22-00).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-10-22-02).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-10-22-12).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-10-22-26).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-10-22-41).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-09-38).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-09-40).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-09-41).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-09-53).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-09-55).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-09-56).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-10-05).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-10-08).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-10-24).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-11-10-33).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-22-43-01).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-37-25).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-37-32).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-37-35).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-38-07).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-38-08).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-38-15).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-38-31).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-38-33).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-38-38).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-38-43).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-38-44).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-38-57).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-05).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-10).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-12).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-16).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-17)(1).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-17)(2).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-17).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-18).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-20).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-18-23-39-22).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-19-00-49-12).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-21-55-02).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-21-55-08).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-00).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-03).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-07).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-11).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-12).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-14).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-17).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-18).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-23).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-40).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-14-53).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-29).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-30).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-31).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-33).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(1).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(1).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(2).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(2).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(3).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(3).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(4).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(5).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(6).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(7).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57)(8).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-57).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-15-59).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-01).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-02).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-03).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-04).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-05)(1).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-05).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-06).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-07).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-08).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-09)(1).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-09).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(1).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(1).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(2).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(2).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(3).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(3).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(4).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(4).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(5).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(6).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(7).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(8).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10)(9).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10).gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-10).jpg
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-12).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-13).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-15).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-20).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-21).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-46).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-47).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-16-49).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-17-11).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-40-31)(1).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-40-31).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-40-40).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-22-41-05).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-03-21).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-06-51).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-06-52).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-07-00).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-37-57).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-37-59).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-38-01).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-38-04).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-38-16).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-38-25).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-38-34).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-52-52).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-52-59).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-53-07).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-53-08).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-53-13).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-21-23-59-51).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-22-00-18-26).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-22-00-19-05).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-20-56-47).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-20-56-51).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-21-11-28).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-03-37).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-03-38).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-03-40).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-03-45).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-03-48).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-03-49).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-03-50).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-03-51).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-03-52).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-23-23-04-01).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-24-09-19-44).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-24-09-19-45).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-24-09-24-49).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-24-09-24-56).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-24-09-24-57).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-24-09-24-58).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-24-09-25-00).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-25-10-37-01).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-25-10-37-04).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-28-10-51-21).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-28-10-51-26).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-28-10-51-27)(1).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-28-10-51-27).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-29-09-53-20).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-29-09-53-23).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-29-09-53-24).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-29-09-53-49).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-29-09-53-57).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-29-09-53-58)(1).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-29-09-53-58).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-29-09-54-00).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown(07-29-09-54-01).htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown.gif
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown.htm
c:\users\valentin\AppData\Local\Microsoft\Windows\Temporary Internet Files\unknown.jpg
c:\windows\IsUn0407.exe
c:\windows\SysWow64\local.txt
c:\windows\SysWow64\SET71B3.tmp
c:\windows\SysWow64\SET793F.tmp
E:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-06-28 bis 2013-07-29  ))))))))))))))))))))))))))))))
.
.
2013-07-28 12:24 . 2013-07-28 12:24	--------	d-----w-	C:\FRST
2013-07-24 23:54 . 2013-07-24 23:56	--------	d-----w-	c:\windows\system32\MRT
2013-07-24 08:32 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2013-07-24 08:32 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2013-07-24 08:32 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2013-07-24 08:32 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2013-07-23 19:02 . 2013-04-10 06:01	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-07-23 19:02 . 2013-04-10 06:01	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-07-23 19:02 . 2011-02-03 11:25	144384	----a-w-	c:\windows\system32\cdd.dll
2013-07-23 19:01 . 2013-02-15 06:06	3717632	----a-w-	c:\windows\system32\mstscax.dll
2013-07-23 19:01 . 2013-02-15 04:37	3217408	----a-w-	c:\windows\SysWow64\mstscax.dll
2013-07-23 19:01 . 2013-02-15 06:02	158720	----a-w-	c:\windows\system32\aaclient.dll
2013-07-23 19:01 . 2013-02-15 04:34	131584	----a-w-	c:\windows\SysWow64\aaclient.dll
2013-07-23 19:01 . 2013-02-15 06:08	44032	----a-w-	c:\windows\system32\tsgqec.dll
2013-07-23 19:01 . 2013-02-15 03:25	36864	----a-w-	c:\windows\SysWow64\tsgqec.dll
2013-07-23 19:01 . 2013-05-08 06:39	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-07-23 19:01 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-07-23 19:01 . 2012-11-09 05:45	2048	----a-w-	c:\windows\system32\tzres.dll
2013-07-23 19:01 . 2012-11-09 04:42	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2013-07-23 18:59 . 2012-11-02 05:59	478208	----a-w-	c:\windows\system32\dpnet.dll
2013-07-23 18:58 . 2012-11-22 05:44	800768	----a-w-	c:\windows\system32\usp10.dll
2013-07-23 18:28 . 2012-11-30 05:41	424448	----a-w-	c:\windows\system32\KernelBase.dll
2013-07-23 18:26 . 2013-04-26 05:51	751104	----a-w-	c:\windows\system32\win32spl.dll
2013-07-23 18:26 . 2013-04-26 04:55	492544	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-07-23 18:26 . 2013-06-05 03:34	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-07-23 18:26 . 2013-05-10 05:49	30720	----a-w-	c:\windows\system32\cryptdlg.dll
2013-07-23 18:26 . 2013-05-10 03:20	24576	----a-w-	c:\windows\SysWow64\cryptdlg.dll
2013-07-23 18:24 . 2013-03-19 06:04	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-07-23 18:24 . 2013-03-19 05:04	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-07-23 18:24 . 2013-03-19 05:46	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-07-23 18:24 . 2013-03-19 05:04	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-07-23 18:24 . 2013-03-19 03:06	112640	----a-w-	c:\windows\system32\smss.exe
2013-07-23 18:24 . 2013-03-19 04:47	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-07-23 18:23 . 2013-04-02 22:51	1643520	----a-w-	c:\windows\system32\DWrite.dll
2013-07-23 18:23 . 2013-04-09 23:34	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2013-07-23 18:23 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\SysWow64\d3d11.dll
2013-07-23 18:23 . 2013-03-31 22:52	1887232	----a-w-	c:\windows\system32\d3d11.dll
2013-07-22 23:33 . 2013-07-22 23:33	68608	----a-w-	c:\windows\system32\taskhost.exe
2013-07-22 13:25 . 2013-07-22 14:26	--------	d-----w-	c:\users\valentin\AppData\Local\Audible
2013-07-22 13:25 . 2013-07-22 13:25	255352	----a-w-	c:\windows\SysWow64\awrdscdc.ax
2013-07-22 13:24 . 2001-08-17 20:43	24576	------w-	c:\windows\SysWow64\msxml3a.dll
2013-07-22 10:22 . 2013-07-22 10:22	--------	d-----w-	c:\users\valentin\AppData\Local\Avanquest
2013-07-22 10:22 . 2013-07-22 10:23	--------	d-----w-	c:\programdata\Avanquest
2013-07-22 10:22 . 2013-07-22 10:22	--------	d-----w-	c:\programdata\Avanquest Software
2013-07-22 09:42 . 2013-07-22 09:42	--------	d-----w-	c:\users\valentin\AppData\Roaming\lexiCan
2013-07-22 09:42 . 2013-07-22 10:20	--------	d-----w-	c:\users\valentin\AppData\Roaming\lexiCan 4
2013-07-22 09:41 . 2013-07-22 09:41	--------	d-----w-	c:\programdata\lexiCan 4
2013-07-22 09:41 . 2013-07-22 09:41	--------	d-----w-	c:\users\valentin\AppData\Roaming\vetafab Software GmbH
2013-07-21 22:56 . 2013-07-26 18:37	--------	d-----w-	c:\programdata\Spyware Terminator
2013-07-21 22:56 . 2013-07-21 22:56	51496	----a-w-	c:\windows\system32\drivers\stflt.sys
2013-07-21 22:56 . 2013-07-21 22:56	--------	d-----w-	c:\users\valentin\AppData\Roaming\Spyware Terminator
2013-07-21 22:56 . 2013-07-21 22:56	--------	d-----w-	c:\program files (x86)\Spyware Terminator
2013-07-16 22:45 . 2013-07-16 22:45	--------	d-----w-	c:\users\valentin\AppData\Local\DM
2013-07-16 18:41 . 2013-07-16 18:41	--------	d-----w-	c:\program files\Microsoft Silverlight
2013-07-16 18:41 . 2013-07-16 18:41	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2013-07-15 19:16 . 2013-01-28 12:19	35104	----a-w-	c:\windows\system32\TURegOpt.exe
2013-07-15 19:16 . 2013-01-28 12:19	26400	----a-w-	c:\windows\system32\authuitu.dll
2013-07-15 19:16 . 2013-01-28 12:19	21792	----a-w-	c:\windows\SysWow64\authuitu.dll
2013-07-15 19:16 . 2013-07-15 19:16	--------	d-----w-	c:\users\valentin\AppData\Roaming\TuneUp Software
2013-07-15 19:16 . 2013-07-15 19:16	--------	d-----w-	c:\program files (x86)\TuneUp Utilities 2013
2013-07-15 19:15 . 2013-07-15 19:16	--------	d-----w-	c:\programdata\TuneUp Software
2013-07-15 19:15 . 2013-07-15 19:25	--------	d-sh--w-	c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-15 19:15 . 2013-07-15 19:15	--------	d--h--w-	c:\programdata\Common Files
2013-07-04 21:15 . 2013-07-04 21:21	--------	d-----w-	c:\users\valentin\AppData\Roaming\XnView
2013-06-30 22:25 . 2013-07-16 22:46	--------	d-----w-	c:\users\valentin\AppData\Local\Programs
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-18 07:22 . 2012-04-16 15:52	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-18 07:22 . 2011-06-17 09:44	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-29 19:25 . 2013-05-13 16:46	234768	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-06-29 19:11 . 2013-05-13 14:36	234768	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-06-27 13:38 . 2013-05-25 23:10	83672	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-06-23 22:57 . 2010-06-05 12:06	78277128	----a-w-	c:\windows\system32\MRT.exe
2013-06-11 08:19 . 2007-04-27 08:43	120200	----a-w-	c:\windows\SysWow64\DLLDEV32i.dll
2013-05-25 22:46 . 2013-05-25 23:08	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-05-25 22:46 . 2013-05-25 23:08	130016	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-05-25 22:46 . 2013-05-25 23:08	100712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-05-13 14:36 . 2013-05-13 14:36	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2013-05-02 20:04 . 2011-03-28 16:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2007-03-12 17:59 . 2007-03-12 17:59	299008	----a-w-	c:\program files\navigram_register.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9E571C81-21E7-496B-9E6B-127E60263022}]
2012-01-12 10:23	269312	----a-w-	c:\users\valentin\AppData\LocalLow\WOT\IE\WOT.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C5A83FB3-EA76-49C5-BA8D-11AEB924738B}]
2012-07-18 15:34	185464	----a-w-	c:\program files (x86)\billigerde\Internet Explorer\billigerde.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="c:\users\valentin\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"GoogleChromeAutoLaunch_2239D68823CEE3A8A12F033F821D7A1E"="c:\users\valentin\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-07-12 846288]
"Tiny download manager"="c:\users\valentin\AppData\Local\DM\TinyDM.exe" [2013-07-16 282624]
"Sidebar"="c:\program files\WINDOWS SIDEBAR\SIDEBAR.EXE" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"TurboV EVO"="c:\program files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" [2010-01-19 9900672]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2010-09-07 43608]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-01-13 98304]
"TrayServer"="e:\programme\VDL\TrayServer.exe" [2008-08-07 90112]
"avgnt"="e:\programme\AVIRA2\Avira\AntiVir Desktop\avgnt.exe" [2013-06-27 345144]
.
c:\users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Freecom GREEN BUTTON.lnk - c:\program files (x86)\Freecom\GREEN BUTTON\GREEN BUTTON.exe /a [2012-9-25 491792]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Six Engine"="c:\program files (x86)\ASUS\EPU\EPU.exe" -b
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;e:\programme\kaspersky\Malwarebytes' Anti-Malware\mbamscheduler.exe;e:\programme\kaspersky\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;e:\programme\kaspersky\Malwarebytes' Anti-Malware\mbamservice.exe;e:\programme\kaspersky\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 dump_wmimmc;dump_wmimmc;e:\programme\wolfstein\GameGuard\dump_wmimmc.sys;e:\programme\wolfstein\GameGuard\dump_wmimmc.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 phaudlwr;Philips Audio Filter;c:\windows\system32\DRIVERS\phaudlwr.sys;c:\windows\SYSNATIVE\DRIVERS\phaudlwr.sys [x]
R3 SPC530;Philips SPC530NC PC Camera;c:\windows\system32\drivers\SPC530.sys;c:\windows\SYSNATIVE\drivers\SPC530.sys [x]
R3 SPC530m;Philips SPC530NC PC Cameram;c:\windows\system32\drivers\SPC530m.sys;c:\windows\SYSNATIVE\drivers\SPC530m.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 wolf;wolf;e:\programme\video delu\Wolfteam\Wolfteam\avital\wolf64.sys;e:\programme\video delu\Wolfteam\Wolfteam\avital\wolf64.sys [x]
R3 X6va002;X6va002;c:\users\valentin\AppData\Local\Temp\00247D8.tmp;c:\users\valentin\AppData\Local\Temp\00247D8.tmp [x]
R3 X6va003;X6va003;c:\users\valentin\AppData\Local\Temp\00370FC.tmp;c:\users\valentin\AppData\Local\Temp\00370FC.tmp [x]
R3 X6va005;X6va005;c:\users\valentin\AppData\Local\Temp\005261B.tmp;c:\users\valentin\AppData\Local\Temp\005261B.tmp [x]
R3 X6va006;X6va006;c:\users\valentin\AppData\Local\Temp\006F6FB.tmp;c:\users\valentin\AppData\Local\Temp\006F6FB.tmp [x]
R3 X6va007;X6va007;c:\users\valentin\AppData\Local\Temp\007E9B5.tmp;c:\users\valentin\AppData\Local\Temp\007E9B5.tmp [x]
R3 X6va008;X6va008;c:\windows\SysWOW64\Drivers\X6va008;c:\windows\SysWOW64\Drivers\X6va008 [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 Uim_VIM;UIM Virtual Image Plugin;c:\windows\system32\Drivers\uim_vimx64.sys;c:\windows\SYSNATIVE\Drivers\uim_vimx64.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;e:\programme\AVIRA2\Avira\AntiVir Desktop\sched.exe;e:\programme\AVIRA2\Avira\AntiVir Desktop\sched.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [x]
S2 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;e:\programme\mbat\MXSAS.exe;e:\programme\mbat\MXSAS.exe [x]
S2 MsgPlusService;Messenger Plus! Service;e:\programme\skype\Messenger Plus!\MsgPlusForSkypeService.exe;e:\programme\skype\Messenger Plus!\MsgPlusForSkypeService.exe [x]
S2 NetBalancer Windows Service;NetBalancer Windows Service;e:\programme\netbalancer\NetBalancer\SeriousBit.NetBalancer.Service.exe;e:\programme\netbalancer\NetBalancer\SeriousBit.NetBalancer.Service.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 Samsung Network Fax Server;Samsung Network Fax Server;c:\windows\system32\spool\drivers\x64\3\NetFaxServer64.exe;c:\windows\SYSNATIVE\spool\drivers\x64\3\NetFaxServer64.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 WOTUpdater;WOT Updater;c:\users\valentin\AppData\LocalLow\WOT\IE\WOTUpdater.exe;c:\users\valentin\AppData\LocalLow\WOT\IE\WOTUpdater.exe [x]
S3 AODDriver;AODDriver;c:\program files (x86)\ASUS\GPU Boost Driver\amd64\AODDriver.sys;c:\program files (x86)\ASUS\GPU Boost Driver\amd64\AODDriver.sys [x]
S3 MAUSBFASTTRACKPRO;Service for M-Audio FastTrack Pro;c:\windows\system32\DRIVERS\MAudioFastTrackPro.sys;c:\windows\SYSNATIVE\DRIVERS\MAudioFastTrackPro.sys [x]
S3 Nbdrv;NetBalancer Service;c:\windows\system32\DRIVERS\nbdrv.sys;c:\windows\SYSNATIVE\DRIVERS\nbdrv.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - AODDRIVER
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai	REG_MULTI_SZ   	Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2013-07-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 07:22]
.
2013-07-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job
- c:\users\valentin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-16 09:35]
.
2013-07-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job
- c:\users\valentin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-16 09:35]
.
2013-07-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job
- c:\users\valentin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-10 08:21]
.
2013-07-28 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job
- c:\users\valentin\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-10 08:21]
.
2013-07-24 c:\windows\Tasks\PCCT - MAGIX AG.job
- e:\programme\mbat\MxTray.exe [2010-11-08 16:08]
.
2013-07-28 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job
- c:\users\valentin\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-03-09 15:41]
.
2013-07-28 c:\windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job
- c:\users\valentin\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2012-03-09 15:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-03-07 14:31	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-03-07 14:31	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-03-07 14:31	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-03-07 14:31	776144	----a-w-	c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-09-14 11465832]
"SpywareTerminatorShield"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorShield.exe" [2013-04-03 2777736]
"SpywareTerminatorUpdater"="c:\program files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe" [2013-04-03 3684488]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: &Alles mit FlashGet laden - e:\programme\Alive\FGlashget\jc_all.htm
IE: &Mit FlashGet laden - e:\programme\Alive\FGlashget\jc_link.htm
IE: Free YouTube Download - c:\users\valentin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\valentin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - e:\programme\ICQ\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\srr41pe0.default-1374657962050\
FF - ExtSQL: 2013-07-23 20:02; Tubesaver@istqt.co; c:\program files (x86)\TubeSaver\125.xpi
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{57F2FC14-BE99-4DFB-B9F1-2458A4F496AB} - c:\program files (x86)\TubeSaver\125.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
AddRemove-Audacity_is1 - k:\programme\Audacity\unins000.exe
AddRemove-{EFCDD6E3-3869-4AB9-8073-CED0EC7C2E75} - c:\programdata\{7DE921C9-42C8-4DA3-8A44-043C3349FD1D}\Setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\X6va002]
"ImagePath"="\??\c:\users\valentin\AppData\Local\Temp\00247D8.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\X6va003]
"ImagePath"="\??\c:\users\valentin\AppData\Local\Temp\00370FC.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\X6va005]
"ImagePath"="\??\c:\users\valentin\AppData\Local\Temp\005261B.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\X6va006]
"ImagePath"="\??\c:\users\valentin\AppData\Local\Temp\006F6FB.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\X6va007]
"ImagePath"="\??\c:\users\valentin\AppData\Local\Temp\007E9B5.tmp"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\X6va008]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va008"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-178520715-3526337842-3463229803-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2D3E216C-433A-86FA-C4AC-18596464CD01}*]
"hadohhdfkcoikhkl"=hex:6b,61,65,6c,70,67,6c,6e,65,70,61,70,67,63,67,6c,6c,65,
   70,62,69,70,00,76
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_94_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_94.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
e:\programme\AVIRA2\Avira\AntiVir Desktop\avguard.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\DAODx.exe
c:\program files (x86)\ASUS\GPU Boost Driver\GpuBoostServer.exe
c:\program files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-07-29  10:11:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-07-29 08:11
.
Vor Suchlauf: 4.448.686.080 Bytes frei
Nach Suchlauf: 5.104.418.816 Bytes frei
.
- - End Of File - - 0A366D64D46FFD5BE54441474BDC8AA0
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 29.07.2013, 11:01   #7
schrauber
/// the machine
/// TB-Ausbilder
 

TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.07.2013, 17:57   #8
schizo
 
TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



adwCleaner Report:

Code:
ATTFilter
# AdwCleaner v2.306 - Datei am 29/07/2013 um 18:28:51 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : valentin - VALENTIN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\valentin\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16635

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v3.6.3 (de)

Datei : C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\srr41pe0.default-1374657962050\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v [Version kann nicht ermittelt werden]

Datei : C:\Users\valentin\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [10958 octets] - [28/07/2013 12:36:20]
AdwCleaner[R2].txt - [11055 octets] - [28/07/2013 12:39:32]
AdwCleaner[R3].txt - [1417 octets] - [28/07/2013 12:43:07]
AdwCleaner[S1].txt - [366 octets] - [28/07/2013 12:37:43]
AdwCleaner[S2].txt - [10671 octets] - [28/07/2013 12:40:16]
AdwCleaner[S3].txt - [1360 octets] - [29/07/2013 18:28:51]

########## EOF - C:\AdwCleaner[S3].txt - [1420 octets] ##########
         

JRT Report:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.7 (07.29.2013:1)
OS: Windows 7 Home Premium x64
Ran by valentin on 29.07.2013 at 18:32:24,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{16C8C46E-C811-4977-BF0A-B5CC1FA78D95}



~~~ Files

Successfully deleted: [File] "C:\Windows\syswow64\authuitu.dll"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\simplitec"
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\valentin\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Program Files (x86)\simplitec"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{0A85CE8C-2352-42FD-8255-738C1C4D2429}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{0F61939F-167D-468F-9093-5C64655D6AAC}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{12AC413D-E686-453C-AFCF-0564E41B1AA1}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{1B7EF1F9-A386-497C-A77A-CC22471DD1FC}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{1C759C27-3EEC-46A8-AF5D-837252A2364E}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{29DF138E-B6FB-466A-8D10-0FE367FB5616}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{2C94C8DA-C519-4579-86BB-DFEC9B1742E5}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{4D382AEE-8B80-4C57-B268-94AF9B0F3BC6}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{52B6AAFC-EEC7-4564-8A78-9E502B17A506}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{52C6E4DF-141B-4F54-BD4C-81F5C6E3D95A}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{57D6E74E-6E0C-498D-957D-3A0990A7F6CE}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{5C95C183-062F-4942-9224-E148CFE4C979}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{65B1F710-BE7A-4AE3-961F-6AA808AC70FD}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{67DA348B-D2CE-4765-9ACC-00EB60BA675F}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{6F0225B1-384E-4D0F-8122-DD51F885883A}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{6FB33B35-C9DE-4383-A4E6-050496A7EADD}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{8E3BF91D-0160-4CE3-B2F9-05D7C67A9C06}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{8E6BE4B1-A46D-4E66-AE6B-CC2B717747E5}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{9B785389-76BF-4AC6-BD4D-2114B112F0A7}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{A03DAE4A-07AB-4EA7-A0A5-6DD4F8BDF27F}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{AF5F62FD-15DD-4FEF-BC49-4B1DE6912B06}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{D92F2AD6-328B-4326-8F81-A787D5A64924}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{DB6D62F1-F39B-4355-8576-B010A379E883}
Successfully deleted: [Empty Folder] C:\Users\valentin\appdata\local\{EBF87D0B-79C7-4D49-A352-532B808ED594}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.07.2013 at 18:37:09,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 29.07.2013, 19:57   #9
schrauber
/// the machine
/// TB-Ausbilder
 

TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

udn ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.07.2013, 19:42   #10
schizo
 
TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



ESET Log: (FL- Studio ist übrigens nicht gecracked)

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ad7492e56daaf244b3b9fa2d1f8129d9
# engine=14584
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-30 03:56:34
# local_time=2013-07-30 05:56:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 24048 145871099 16837 0
# compatibility_mode=5893 16776574 100 94 544031 126829644 0 0
# compatibility_mode=7937 16777214 28 75 752394 9413442 0 0
# scanned=548586
# found=244
# cleaned=0
# scan_time=21694
sh=03FD14F7F284B51E060D2AA2C0918954CF128847 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\3d-music-flow-10.zip"
sh=FCDC12D5A61E7C0376AD0F4DBAA6AF577C527C19 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\aero-inspirat.zip"
sh=45E845AB6CE31E243B7F4323003DE06290382099 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\black-splat-wr.1.7.zip"
sh=D87977FA28B80FE88E0D5F4A093BB5F8CEB55AB1 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\BlackGelly.zip"
sh=A8E67739B69ECCB9D93A2F784B6C0DA121129679 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\BlackMagic.zip"
sh=E4333926F87567536BAFC63DABFBA3ECD5B9B72D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\Black_Soul.zip"
sh=AD1FDC701BB748F4AA321162C2645EEAC1C2F01A ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\butterfly-trip.zip"
sh=08799F705B316325227A69C12EFABFFE41636623 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\charade-theme.zip"
sh=7509A838072DABCC1FC37FA16F600C1E12377389 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\city-art.zip"
sh=42B06D6F6C5508CDD87105B082486896837F3890 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\ClubJeans.zip"
sh=ED46850831416313D8C96BEE145A72D6135827D9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\compositio.zip"
sh=C902CDC06044EA781B83740B075610162FE77FEE ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\cornergreen-10.zip"
sh=43B2558C08E0A080DBFA73706A37EB6980FB60D2 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\corpo-geek-10.zip"
sh=5660C8A515A3EC2489654A24DA2484C13C6427BA ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\curtain.zip"
sh=CE17C843AEA069FA684854A27417458BACAAB3CC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\dark-ritual-wordpress-theme.zip"
sh=01712DDBA5AEBF98DAE6116DBAA6A65A27668EC8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\darksplash.zip"
sh=0EA043D3804288C4F28A4069260F8402DD348B38 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\daydreams.2.02.zip"
sh=687E71C9B63E08651F3151CBEF522A5CB5F16B1F ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\deep-silent.zip"
sh=9B21E0ED32017C74F60C110F6BB28F9C7F40E369 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\dilectio.zip"
sh=1056AE084B1C2C1D264DB542B75F94D05378DC5D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\dirty_green_wall_theme.zip"
sh=E57EC436B64C5BC16B6AF06F818281A03F99BF8F ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\easybuddy.zip"
sh=655848689C9F66C1ED4FB983135928EB13956DB1 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\Feel-the-beat.zip"
sh=80ED56C4A2EE1E3EEA8BA9539C261B218D2DDA6E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\firetec.zip"
sh=1777B4682D12EEED31167131F7B18F066BAE7C57 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\FloweralVector.zip"
sh=7FF31A9D00362A2913893C86DFFF77B7C2C8D2A8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\freedom.zip"
sh=9D8D789AC410C90BBC003F7C0482E7911660C60D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\hemingwayEx.zip"
sh=21A9ECFCAAB086CE01BF2D4290ADFAB99A4DC16C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\hot_orange_t_en.zip"
sh=3B8BAF3D15E3359E8BE582E69A4EFD2E58D2EE9C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\humidor.zip"
sh=97F7BDB662CD28ECB8FBBF43732DB7B5E0B471E9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\japan-style.zip"
sh=7FC1367DCFC1E1E23EAD98D102D054ED1FB9D7ED ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\KindOfBusiness.zip"
sh=8523FD11110491F2887A91A0F79A16957CEF943B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\lady-in-mood.zip"
sh=3AF19AFF6D11F1C611C2E5B33591526F7274EB34 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\led_leisten.zip"
sh=A7B7F1546A299F83FD1BC56188AB90A1F788B240 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\lighthouse-field-10.zip"
sh=8312A7D3D246FAF9AC6AF8396675A9A6EFF47AA9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\magix-10.zip"
sh=2A559BE15246644574E3253BE9C78D45E623A928 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\maxblog.zip"
sh=06DF72C21E969293BA498EE3A38B3F95788D51EC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\mimbo2.2.zip"
sh=85C8F93B4C6ED8387B2701CB5F6DB2291B8F911E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\minimal20.zip"
sh=112BE8965F2809B57EC74C83CB9BD3C0E56EEAB9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\modxblog.zip"
sh=925F4EAE1BD0A36C7DE402B1E516A03B1ED71817 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\natures-gift-102.zip"
sh=30E7468622C8DFBD9590EC7F1555C7143EAAADDB ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\nerds-magazine-10.zip"
sh=ED2565DF812588A2923B42837FF3A1523D8E7FA5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\NotePad.zip"
sh=CB30988094CDF2609E91DD6B5839FF9812F79DE0 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\pixeled.zip"
sh=6EE5DFA8A2C3A44DE9FBB0774F8B16D154086A75 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\redpepper.zip"
sh=0B87D2E7FD5E454077B7D233AE61A93A41DEBCA8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\reformasi.zip"
sh=7E536F08EB0EBD39786948F2A32591B9862ABA08 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\royaleblue.zip"
sh=83F787ED64AD0B18E5DB541C2EC0C97C099C8842 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\rustic-portrait.zip"
sh=EEBE7A51651F58B0B924C407BCFF7D6DADE577EC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\scruffy.zip"
sh=F142CB37C94173E6851C00A7FE025C17035A0885 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\SEO_Executive.zip"
sh=D4300A29D5BFC5611AFCF6B1EBF6983D535F9F14 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\silverlight.zip"
sh=261693F52023A9D30E99BC260CFAC0B0B659AA33 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\soulvision.zip"
sh=A84390F81069199734B68A9F6C14E8D375754487 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\Speakr.zip"
sh=4FD7D470A89BB444390C776C77C12B3E2E689C4B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\StudioPress.zip"
sh=5AAF115DADAC61B9EDC20B7E0B8EB8F0C769FD26 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\StudioPress_Orange.zip"
sh=801E8B57CB8668808D812CADC34D3C494BADBD9D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\styleicious.zip"
sh=4F27D18A5EA4EB05B90B690733F09DFB66526309 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\Supernova.zip"
sh=0D1246A7FA3ABC1A552B39E3F02AAC1DF8B60E85 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\travelbook.zip"
sh=281A9D1031E923FBAD7EDD3A764DA172A7DE0C0B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\underwater-blue.zip"
sh=3B79BEDF02C7DEE858D5D7AD651743F1A66EFC46 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\underwater.zip"
sh=78044406EEAEAB4B7FB2AE1E7DB20424671D493D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\webby-green-10.zip"
sh=9F83D1E05285AB6B83E4DEBF0F01183AB32274A5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\winter-red-10.zip"
sh=0E766FA4FEBF5C9117F1FC4C07A25BCA070CFBD5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\wp-city-vector.zip"
sh=03FD14F7F284B51E060D2AA2C0918954CF128847 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\3d-music-flow-10.zip"
sh=FCDC12D5A61E7C0376AD0F4DBAA6AF577C527C19 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\aero-inspirat.zip"
sh=45E845AB6CE31E243B7F4323003DE06290382099 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\black-splat-wr.1.7.zip"
sh=D87977FA28B80FE88E0D5F4A093BB5F8CEB55AB1 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\BlackGelly.zip"
sh=A8E67739B69ECCB9D93A2F784B6C0DA121129679 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\BlackMagic.zip"
sh=E4333926F87567536BAFC63DABFBA3ECD5B9B72D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\Black_Soul.zip"
sh=AD1FDC701BB748F4AA321162C2645EEAC1C2F01A ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\butterfly-trip.zip"
sh=08799F705B316325227A69C12EFABFFE41636623 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\charade-theme.zip"
sh=7509A838072DABCC1FC37FA16F600C1E12377389 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\city-art.zip"
sh=42B06D6F6C5508CDD87105B082486896837F3890 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\ClubJeans.zip"
sh=ED46850831416313D8C96BEE145A72D6135827D9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\compositio.zip"
sh=C902CDC06044EA781B83740B075610162FE77FEE ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\cornergreen-10.zip"
sh=43B2558C08E0A080DBFA73706A37EB6980FB60D2 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\corpo-geek-10.zip"
sh=5660C8A515A3EC2489654A24DA2484C13C6427BA ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\curtain.zip"
sh=CE17C843AEA069FA684854A27417458BACAAB3CC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\dark-ritual-wordpress-theme.zip"
sh=01712DDBA5AEBF98DAE6116DBAA6A65A27668EC8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\darksplash.zip"
sh=0EA043D3804288C4F28A4069260F8402DD348B38 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\daydreams.2.02.zip"
sh=687E71C9B63E08651F3151CBEF522A5CB5F16B1F ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\deep-silent.zip"
sh=9B21E0ED32017C74F60C110F6BB28F9C7F40E369 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\dilectio.zip"
sh=1056AE084B1C2C1D264DB542B75F94D05378DC5D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\dirty_green_wall_theme.zip"
sh=E57EC436B64C5BC16B6AF06F818281A03F99BF8F ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\easybuddy.zip"
sh=655848689C9F66C1ED4FB983135928EB13956DB1 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\Feel-the-beat.zip"
sh=80ED56C4A2EE1E3EEA8BA9539C261B218D2DDA6E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\firetec.zip"
sh=1777B4682D12EEED31167131F7B18F066BAE7C57 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\FloweralVector.zip"
sh=7FF31A9D00362A2913893C86DFFF77B7C2C8D2A8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\freedom.zip"
sh=9D8D789AC410C90BBC003F7C0482E7911660C60D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\hemingwayEx.zip"
sh=21A9ECFCAAB086CE01BF2D4290ADFAB99A4DC16C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\hot_orange_t_en.zip"
sh=3B8BAF3D15E3359E8BE582E69A4EFD2E58D2EE9C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\humidor.zip"
sh=97F7BDB662CD28ECB8FBBF43732DB7B5E0B471E9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\japan-style.zip"
sh=7FC1367DCFC1E1E23EAD98D102D054ED1FB9D7ED ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\KindOfBusiness.zip"
sh=8523FD11110491F2887A91A0F79A16957CEF943B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\lady-in-mood.zip"
sh=3AF19AFF6D11F1C611C2E5B33591526F7274EB34 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\led_leisten.zip"
sh=A7B7F1546A299F83FD1BC56188AB90A1F788B240 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\lighthouse-field-10.zip"
sh=8312A7D3D246FAF9AC6AF8396675A9A6EFF47AA9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\magix-10.zip"
sh=2A559BE15246644574E3253BE9C78D45E623A928 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\maxblog.zip"
sh=06DF72C21E969293BA498EE3A38B3F95788D51EC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\mimbo2.2.zip"
sh=85C8F93B4C6ED8387B2701CB5F6DB2291B8F911E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\minimal20.zip"
sh=112BE8965F2809B57EC74C83CB9BD3C0E56EEAB9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\modxblog.zip"
sh=925F4EAE1BD0A36C7DE402B1E516A03B1ED71817 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\natures-gift-102.zip"
sh=30E7468622C8DFBD9590EC7F1555C7143EAAADDB ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\nerds-magazine-10.zip"
sh=ED2565DF812588A2923B42837FF3A1523D8E7FA5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\NotePad.zip"
sh=CB30988094CDF2609E91DD6B5839FF9812F79DE0 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\pixeled.zip"
sh=6EE5DFA8A2C3A44DE9FBB0774F8B16D154086A75 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\redpepper.zip"
sh=0B87D2E7FD5E454077B7D233AE61A93A41DEBCA8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\reformasi.zip"
sh=7E536F08EB0EBD39786948F2A32591B9862ABA08 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\royaleblue.zip"
sh=83F787ED64AD0B18E5DB541C2EC0C97C099C8842 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\rustic-portrait.zip"
sh=EEBE7A51651F58B0B924C407BCFF7D6DADE577EC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\scruffy.zip"
sh=F142CB37C94173E6851C00A7FE025C17035A0885 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\SEO_Executive.zip"
sh=D4300A29D5BFC5611AFCF6B1EBF6983D535F9F14 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\silverlight.zip"
sh=261693F52023A9D30E99BC260CFAC0B0B659AA33 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\soulvision.zip"
sh=A84390F81069199734B68A9F6C14E8D375754487 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\Speakr.zip"
sh=4FD7D470A89BB444390C776C77C12B3E2E689C4B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\StudioPress.zip"
sh=5AAF115DADAC61B9EDC20B7E0B8EB8F0C769FD26 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\StudioPress_Orange.zip"
sh=801E8B57CB8668808D812CADC34D3C494BADBD9D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\styleicious.zip"
sh=4F27D18A5EA4EB05B90B690733F09DFB66526309 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\Supernova.zip"
sh=0D1246A7FA3ABC1A552B39E3F02AAC1DF8B60E85 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\travelbook.zip"
sh=281A9D1031E923FBAD7EDD3A764DA172A7DE0C0B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\underwater-blue.zip"
sh=3B79BEDF02C7DEE858D5D7AD651743F1A66EFC46 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\underwater.zip"
sh=78044406EEAEAB4B7FB2AE1E7DB20424671D493D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\webby-green-10.zip"
sh=9F83D1E05285AB6B83E4DEBF0F01183AB32274A5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\winter-red-10.zip"
sh=0E766FA4FEBF5C9117F1FC4C07A25BCA070CFBD5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\BeatsCDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\wp-city-vector.zip"
sh=03FD14F7F284B51E060D2AA2C0918954CF128847 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\3d-music-flow-10.zip"
sh=FCDC12D5A61E7C0376AD0F4DBAA6AF577C527C19 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\aero-inspirat.zip"
sh=45E845AB6CE31E243B7F4323003DE06290382099 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\black-splat-wr.1.7.zip"
sh=D87977FA28B80FE88E0D5F4A093BB5F8CEB55AB1 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\BlackGelly.zip"
sh=A8E67739B69ECCB9D93A2F784B6C0DA121129679 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\BlackMagic.zip"
sh=E4333926F87567536BAFC63DABFBA3ECD5B9B72D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\Black_Soul.zip"
sh=AD1FDC701BB748F4AA321162C2645EEAC1C2F01A ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\butterfly-trip.zip"
sh=08799F705B316325227A69C12EFABFFE41636623 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\charade-theme.zip"
sh=7509A838072DABCC1FC37FA16F600C1E12377389 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\city-art.zip"
sh=42B06D6F6C5508CDD87105B082486896837F3890 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\ClubJeans.zip"
sh=ED46850831416313D8C96BEE145A72D6135827D9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\compositio.zip"
sh=C902CDC06044EA781B83740B075610162FE77FEE ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\cornergreen-10.zip"
sh=43B2558C08E0A080DBFA73706A37EB6980FB60D2 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\corpo-geek-10.zip"
sh=5660C8A515A3EC2489654A24DA2484C13C6427BA ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\curtain.zip"
sh=CE17C843AEA069FA684854A27417458BACAAB3CC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\dark-ritual-wordpress-theme.zip"
sh=01712DDBA5AEBF98DAE6116DBAA6A65A27668EC8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\darksplash.zip"
sh=0EA043D3804288C4F28A4069260F8402DD348B38 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\daydreams.2.02.zip"
sh=687E71C9B63E08651F3151CBEF522A5CB5F16B1F ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\deep-silent.zip"
sh=9B21E0ED32017C74F60C110F6BB28F9C7F40E369 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\dilectio.zip"
sh=1056AE084B1C2C1D264DB542B75F94D05378DC5D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\dirty_green_wall_theme.zip"
sh=E57EC436B64C5BC16B6AF06F818281A03F99BF8F ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\easybuddy.zip"
sh=655848689C9F66C1ED4FB983135928EB13956DB1 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\Feel-the-beat.zip"
sh=80ED56C4A2EE1E3EEA8BA9539C261B218D2DDA6E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\firetec.zip"
sh=1777B4682D12EEED31167131F7B18F066BAE7C57 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\FloweralVector.zip"
sh=7FF31A9D00362A2913893C86DFFF77B7C2C8D2A8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\freedom.zip"
sh=9D8D789AC410C90BBC003F7C0482E7911660C60D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\hemingwayEx.zip"
sh=21A9ECFCAAB086CE01BF2D4290ADFAB99A4DC16C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\hot_orange_t_en.zip"
sh=3B8BAF3D15E3359E8BE582E69A4EFD2E58D2EE9C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\humidor.zip"
sh=97F7BDB662CD28ECB8FBBF43732DB7B5E0B471E9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\japan-style.zip"
sh=7FC1367DCFC1E1E23EAD98D102D054ED1FB9D7ED ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\KindOfBusiness.zip"
sh=8523FD11110491F2887A91A0F79A16957CEF943B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\lady-in-mood.zip"
sh=3AF19AFF6D11F1C611C2E5B33591526F7274EB34 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\led_leisten.zip"
sh=A7B7F1546A299F83FD1BC56188AB90A1F788B240 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\lighthouse-field-10.zip"
sh=8312A7D3D246FAF9AC6AF8396675A9A6EFF47AA9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\magix-10.zip"
sh=2A559BE15246644574E3253BE9C78D45E623A928 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\maxblog.zip"
sh=06DF72C21E969293BA498EE3A38B3F95788D51EC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\mimbo2.2.zip"
sh=85C8F93B4C6ED8387B2701CB5F6DB2291B8F911E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\minimal20.zip"
sh=112BE8965F2809B57EC74C83CB9BD3C0E56EEAB9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\modxblog.zip"
sh=925F4EAE1BD0A36C7DE402B1E516A03B1ED71817 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\natures-gift-102.zip"
sh=30E7468622C8DFBD9590EC7F1555C7143EAAADDB ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\nerds-magazine-10.zip"
sh=ED2565DF812588A2923B42837FF3A1523D8E7FA5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\NotePad.zip"
sh=CB30988094CDF2609E91DD6B5839FF9812F79DE0 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\pixeled.zip"
sh=6EE5DFA8A2C3A44DE9FBB0774F8B16D154086A75 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\redpepper.zip"
sh=0B87D2E7FD5E454077B7D233AE61A93A41DEBCA8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\reformasi.zip"
sh=7E536F08EB0EBD39786948F2A32591B9862ABA08 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\royaleblue.zip"
sh=83F787ED64AD0B18E5DB541C2EC0C97C099C8842 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\rustic-portrait.zip"
sh=EEBE7A51651F58B0B924C407BCFF7D6DADE577EC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\scruffy.zip"
sh=F142CB37C94173E6851C00A7FE025C17035A0885 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\SEO_Executive.zip"
sh=D4300A29D5BFC5611AFCF6B1EBF6983D535F9F14 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\silverlight.zip"
sh=261693F52023A9D30E99BC260CFAC0B0B659AA33 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\soulvision.zip"
sh=A84390F81069199734B68A9F6C14E8D375754487 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\Speakr.zip"
sh=4FD7D470A89BB444390C776C77C12B3E2E689C4B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\StudioPress.zip"
sh=5AAF115DADAC61B9EDC20B7E0B8EB8F0C769FD26 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\StudioPress_Orange.zip"
sh=801E8B57CB8668808D812CADC34D3C494BADBD9D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\styleicious.zip"
sh=4F27D18A5EA4EB05B90B690733F09DFB66526309 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\Supernova.zip"
sh=0D1246A7FA3ABC1A552B39E3F02AAC1DF8B60E85 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\travelbook.zip"
sh=281A9D1031E923FBAD7EDD3A764DA172A7DE0C0B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\underwater-blue.zip"
sh=3B79BEDF02C7DEE858D5D7AD651743F1A66EFC46 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\underwater.zip"
sh=78044406EEAEAB4B7FB2AE1E7DB20424671D493D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\webby-green-10.zip"
sh=9F83D1E05285AB6B83E4DEBF0F01183AB32274A5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\winter-red-10.zip"
sh=0E766FA4FEBF5C9117F1FC4C07A25BCA070CFBD5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#60\Software\WordPress 3.0.1 DE\WP_Themes\wp-city-vector.zip"
sh=03FD14F7F284B51E060D2AA2C0918954CF128847 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\3d-music-flow-10.zip"
sh=FCDC12D5A61E7C0376AD0F4DBAA6AF577C527C19 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\aero-inspirat.zip"
sh=45E845AB6CE31E243B7F4323003DE06290382099 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\black-splat-wr.1.7.zip"
sh=D87977FA28B80FE88E0D5F4A093BB5F8CEB55AB1 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\BlackGelly.zip"
sh=A8E67739B69ECCB9D93A2F784B6C0DA121129679 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\BlackMagic.zip"
sh=E4333926F87567536BAFC63DABFBA3ECD5B9B72D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\Black_Soul.zip"
sh=AD1FDC701BB748F4AA321162C2645EEAC1C2F01A ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\butterfly-trip.zip"
sh=08799F705B316325227A69C12EFABFFE41636623 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\charade-theme.zip"
sh=7509A838072DABCC1FC37FA16F600C1E12377389 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\city-art.zip"
sh=42B06D6F6C5508CDD87105B082486896837F3890 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\ClubJeans.zip"
sh=ED46850831416313D8C96BEE145A72D6135827D9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\compositio.zip"
sh=C902CDC06044EA781B83740B075610162FE77FEE ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\cornergreen-10.zip"
sh=43B2558C08E0A080DBFA73706A37EB6980FB60D2 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\corpo-geek-10.zip"
sh=5660C8A515A3EC2489654A24DA2484C13C6427BA ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\curtain.zip"
sh=CE17C843AEA069FA684854A27417458BACAAB3CC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\dark-ritual-wordpress-theme.zip"
sh=01712DDBA5AEBF98DAE6116DBAA6A65A27668EC8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\darksplash.zip"
sh=0EA043D3804288C4F28A4069260F8402DD348B38 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\daydreams.2.02.zip"
sh=687E71C9B63E08651F3151CBEF522A5CB5F16B1F ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\deep-silent.zip"
sh=9B21E0ED32017C74F60C110F6BB28F9C7F40E369 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\dilectio.zip"
sh=1056AE084B1C2C1D264DB542B75F94D05378DC5D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\dirty_green_wall_theme.zip"
sh=E57EC436B64C5BC16B6AF06F818281A03F99BF8F ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\easybuddy.zip"
sh=655848689C9F66C1ED4FB983135928EB13956DB1 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\Feel-the-beat.zip"
sh=80ED56C4A2EE1E3EEA8BA9539C261B218D2DDA6E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\firetec.zip"
sh=1777B4682D12EEED31167131F7B18F066BAE7C57 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\FloweralVector.zip"
sh=7FF31A9D00362A2913893C86DFFF77B7C2C8D2A8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\freedom.zip"
sh=9D8D789AC410C90BBC003F7C0482E7911660C60D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\hemingwayEx.zip"
sh=21A9ECFCAAB086CE01BF2D4290ADFAB99A4DC16C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\hot_orange_t_en.zip"
sh=3B8BAF3D15E3359E8BE582E69A4EFD2E58D2EE9C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\humidor.zip"
sh=97F7BDB662CD28ECB8FBBF43732DB7B5E0B471E9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\japan-style.zip"
sh=7FC1367DCFC1E1E23EAD98D102D054ED1FB9D7ED ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\KindOfBusiness.zip"
sh=8523FD11110491F2887A91A0F79A16957CEF943B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\lady-in-mood.zip"
sh=3AF19AFF6D11F1C611C2E5B33591526F7274EB34 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\led_leisten.zip"
sh=A7B7F1546A299F83FD1BC56188AB90A1F788B240 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\lighthouse-field-10.zip"
sh=8312A7D3D246FAF9AC6AF8396675A9A6EFF47AA9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\magix-10.zip"
sh=2A559BE15246644574E3253BE9C78D45E623A928 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\maxblog.zip"
sh=06DF72C21E969293BA498EE3A38B3F95788D51EC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\mimbo2.2.zip"
sh=85C8F93B4C6ED8387B2701CB5F6DB2291B8F911E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\minimal20.zip"
sh=112BE8965F2809B57EC74C83CB9BD3C0E56EEAB9 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\modxblog.zip"
sh=925F4EAE1BD0A36C7DE402B1E516A03B1ED71817 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\natures-gift-102.zip"
sh=30E7468622C8DFBD9590EC7F1555C7143EAAADDB ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\nerds-magazine-10.zip"
sh=ED2565DF812588A2923B42837FF3A1523D8E7FA5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\NotePad.zip"
sh=CB30988094CDF2609E91DD6B5839FF9812F79DE0 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\pixeled.zip"
sh=6EE5DFA8A2C3A44DE9FBB0774F8B16D154086A75 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\redpepper.zip"
sh=0B87D2E7FD5E454077B7D233AE61A93A41DEBCA8 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\reformasi.zip"
sh=7E536F08EB0EBD39786948F2A32591B9862ABA08 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\royaleblue.zip"
sh=83F787ED64AD0B18E5DB541C2EC0C97C099C8842 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\rustic-portrait.zip"
sh=EEBE7A51651F58B0B924C407BCFF7D6DADE577EC ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\scruffy.zip"
sh=F142CB37C94173E6851C00A7FE025C17035A0885 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\SEO_Executive.zip"
sh=D4300A29D5BFC5611AFCF6B1EBF6983D535F9F14 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\silverlight.zip"
sh=261693F52023A9D30E99BC260CFAC0B0B659AA33 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\soulvision.zip"
sh=A84390F81069199734B68A9F6C14E8D375754487 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\Speakr.zip"
sh=4FD7D470A89BB444390C776C77C12B3E2E689C4B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\StudioPress.zip"
sh=5AAF115DADAC61B9EDC20B7E0B8EB8F0C769FD26 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\StudioPress_Orange.zip"
sh=801E8B57CB8668808D812CADC34D3C494BADBD9D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\styleicious.zip"
sh=4F27D18A5EA4EB05B90B690733F09DFB66526309 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\Supernova.zip"
sh=0D1246A7FA3ABC1A552B39E3F02AAC1DF8B60E85 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\travelbook.zip"
sh=281A9D1031E923FBAD7EDD3A764DA172A7DE0C0B ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\underwater-blue.zip"
sh=3B79BEDF02C7DEE858D5D7AD651743F1A66EFC46 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\underwater.zip"
sh=78044406EEAEAB4B7FB2AE1E7DB20424671D493D ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\webby-green-10.zip"
sh=9F83D1E05285AB6B83E4DEBF0F01183AB32274A5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\winter-red-10.zip"
sh=0E766FA4FEBF5C9117F1FC4C07A25BCA070CFBD5 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="E:\Programme\FL Studio 9\Plugins\VST\CDs\#61\Software\WordPress 3.0.1 DE\WP_Themes\wp-city-vector.zip"
         


Security Scan log:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.71  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spyware Terminator 2012   
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (de-DE) 
 Adobe Flash Player 11.7.700.224  
 Mozilla Firefox (3.6.3) Firefox out of Date!  
 Google Chrome 28.0.1500.71  
 Google Chrome 28.0.1500.72  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Alt 30.07.2013, 19:43   #11
schizo
 
TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Neues FRST log:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-07-2013
Ran by valentin (administrator) on 30-07-2013 20:35:12
Running from C:\Users\valentin\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) E:\PROGRAMME\AVIRA2\AVIRA\ANTIVIR DESKTOP\AVGUARD.EXE
(Avira Operations GmbH & Co. KG) E:\Programme\AVIRA2\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) E:\PROGRAMME\AVIRA2\AVIRA\ANTIVIR DESKTOP\SCHED.EXE
(Microsoft Corporation) C:\WINDOWS\SYSWOW64\SVCHOST.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(DATA BECKER GmbH & Co KG) C:\PROGRAM FILES (X86)\COMMON FILES\DATA BECKER SHARED\DBSERVICE.EXE
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(MAGIX AG) E:\PROGRAMME\MBAT\MXSAS.EXE
(Yuna Software) E:\Programme\skype\Messenger Plus!\MsgPlusForSkypeService.exe
(Microsoft) E:\PROGRAMME\NETBALANCER\NETBALANCER\SERIOUSBIT.NETBALANCER.SERVICE.EXE
() C:\Windows\SysWOW64\PnkBstrA.exe
(Samsung Software Center, Moscow) C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TuneUp Software) C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE
(Microsoft Corp.) C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLIDSVC.EXE
() C:\USERS\VALENTIN\APPDATA\LOCALLOW\WOT\IE\WOTUPDATER.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Realtek Semiconductor) C:\PROGRAM FILES\REALTEK\AUDIO\HDA\RAVCPL64.EXE
(Akamai Technologies, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\AKAMAI\NETSESSION_WIN.EXE
(Google Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
(hxxp://www.tinydm.com/) C:\USERS\VALENTIN\APPDATA\LOCAL\DM\TINYDM.EXE
(Microsoft Corporation) C:\PROGRAM FILES\WINDOWS SIDEBAR\SIDEBAR.EXE
(Freecom) C:\PROGRAM FILES (X86)\FREECOM\GREEN BUTTON\GREEN BUTTON.EXE
(Google Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
(Avira Operations GmbH & Co. KG) E:\PROGRAMME\AVIRA2\AVIRA\ANTIVIR DESKTOP\AVGNT.EXE
(Google Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\GOOGLE\CHROME\APPLICATION\CHROME.EXE
(Advanced Micro Devices Inc.) C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE
(Akamai Technologies, Inc.) C:\USERS\VALENTIN\APPDATA\LOCAL\AKAMAI\NETSESSION_WIN.EXE
(ASUSTeK Computer Inc.) C:\PROGRAM FILES (X86)\ASUS\TURBOV EVO\TURBOVHELP.EXE
() C:\WINDOWS\DAODX.EXE
(
ASUSTeK Computer Inc.) C:\PROGRAM FILES (X86)\ASUS\GPU BOOST DRIVER\GPUBOOSTSERVER.EXE
(ATI Technologies Inc.) C:\PROGRAM FILES (X86)\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE
(Tencent Inc.) D:\PROGRAMME\FOXMAIL\FOXMAIL\FOXMAIL.EXE
(Google Inc.) C:\Users\valentin\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
() C:\Users\valentin\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(RockMelt, Inc.) C:\Users\valentin\AppData\Local\RockMelt\Application\rockmelt.exe
(RockMelt, Inc.) C:\Users\valentin\AppData\Local\RockMelt\Application\rockmelt.exe
(RockMelt, Inc.) C:\Users\valentin\AppData\Local\RockMelt\Application\rockmelt.exe
(RockMelt, Inc.) C:\Users\valentin\AppData\Local\RockMelt\Application\rockmelt.exe
(RockMelt, Inc.) C:\Users\valentin\AppData\Local\RockMelt\Application\rockmelt.exe
(RockMelt, Inc.) C:\Users\valentin\AppData\Local\RockMelt\Application\rockmelt.exe
(RockMelt, Inc.) C:\Users\valentin\AppData\Local\RockMelt\Application\rockmelt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11465832 2010-09-14] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-04-03] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-04-03] (Crawler.com)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\valentin\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [GoogleChromeAutoLaunch_2239D68823CEE3A8A12F033F821D7A1E] - C:\Users\valentin\AppData\Local\Google\Chrome\Application\chrome.exe [846288 2013-07-12] (Google Inc.)
HKCU\...\Run: [Tiny download manager] - C:\Users\valentin\AppData\Local\DM\TinyDM.exe [282624 2013-07-17] (hxxp://www.tinydm.com/)
HKLM-x32\...\Run: [TurboV EVO] - C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [9900672 2010-01-19] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] - C:\Windows\RaidTool\xInsIDE.exe [43608 2010-09-07] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TrayServer] - E:\Programme\VDL\TrayServer.exe [90112 2008-08-07] (MAGIX AG)
HKLM-x32\...\Run: [avgnt] - E:\Programme\AVIRA2\Avira\AntiVir Desktop\avgnt.exe [345144 2013-06-27] (Avira Operations GmbH & Co. KG)
Startup: C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Freecom GREEN BUTTON.lnk
ShortcutTarget: Freecom GREEN BUTTON.lnk -> C:\Program Files (x86)\Freecom\GREEN BUTTON\GREEN BUTTON.exe (Freecom)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files (x86)\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {F8626EE2-2B6E-4059-A550-4773EDD8FDBB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKCU - {F8626EE2-2B6E-4059-A550-4773EDD8FDBB} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: FGCatchUrl - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\Programme\Alive\FGlashget\jccatch.dll (www.flashget.com)
BHO-x32: TubeSaver - {57F2FC14-BE99-4DFB-B9F1-2458A4F496AB} - C:\Program Files (x86)\TubeSaver\125.dll No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: WOT - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Users\valentin\AppData\LocalLow\WOT\IE\WOT.dll (WOT Services Oy)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -  No File
BHO-x32: billiger.de Sparberater - {C5A83FB3-EA76-49C5-BA8D-11AEB924738B} - C:\Program Files (x86)\billigerde\Internet Explorer\billigerde.dll ()
BHO-x32: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:\Programme\Alive\FGlashget\getflash.dll (www.flashget.com)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: HKLM {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\valentin\AppData\Roaming\Mozilla\Firefox\Profiles\srr41pe0.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 - E:\Programme\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
FF Plugin HKCU: @protectdisc.com/NPPDLicenseHelper - C:\Users\valentin\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\valentin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\valentin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\valentin\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @us-w1.rockmelt.com/RockMelt Update;version=8 - C:\Users\valentin\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\valentin\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Extension: No Name - C:\Users\valentin\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF StartMenuInternet: FIREFOX.EXE - D:\Programme\Firefox\firefox.exe

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\valentin\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\valentin\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\valentin\AppData\Local\Google\Chrome\Application\28.0.1500.72\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (         "name": "",) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0\chromeNPAPI.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - D:\Programme\Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Google Update) - C:\Users\valentin\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (RockMelt Update) - C:\Users\valentin\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR Extension: (WOT) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphjeokkkbngjpiofnfpnafjeofjomfb\2.11.7_0
CHR Extension: (Battlefield Play4Free) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh\1.0.96.0_0
CHR Extension: (Google Publisher Toolbar) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc\4.0.6_0
CHR Extension: (Gmail) - C:\Users\valentin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [nphjeokkkbngjpiofnfpnafjeofjomfb] - C:\Users\valentin\AppData\LocalLow\WOT\CHROME\WOT.crx

==================== Services (Whitelisted) =================

R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-01] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; E:\Programme\AVIRA2\Avira\AntiVir Desktop\sched.exe [84024 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; E:\Programme\AVIRA2\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-27] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
R2 MAGIX StartUp Analyze Service; E:\Programme\mbat\MXSAS.exe [186368 2010-11-04] (MAGIX AG)
S2 MBAMScheduler; E:\Programme\kaspersky\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; E:\Programme\kaspersky\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsgPlusService; E:\Programme\skype\Messenger Plus!\MsgPlusForSkypeService.exe [124832 2012-01-22] (Yuna Software)
R2 NetBalancer Windows Service; E:\Programme\netbalancer\NetBalancer\SeriousBit.NetBalancer.Service.exe [10752 2010-06-01] (Microsoft)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [3885424 2011-01-19] (INCA Internet Co., Ltd.)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [75136 2013-05-13] ()
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [216576 2009-12-02] (Samsung Software Center, Moscow)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-28] (TuneUp Software)
R2 WOTUpdater; C:\Users\valentin\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] ()

==================== Drivers (Whitelisted) ====================

R3 AODDriver; C:\Program Files (x86)\ASUS\GPU Boost Driver\amd64\AODDriver.sys [21048 2010-01-06] (Advanced Micro Devices)
R3 AODDriver; C:\Program Files (x86)\ASUS\GPU Boost Driver\amd64\AODDriver.sys [21048 2010-01-06] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-05-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-05-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-05-26] (Avira Operations GmbH & Co. KG)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [187912 2010-12-07] (Avid Technology, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 Nbdrv; C:\Windows\System32\DRIVERS\nbdrv.sys [34280 2010-05-15] (SeriousBit)
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.)
S3 phaudlwr; C:\Windows\System32\DRIVERS\phaudlwr.sys [114608 2009-10-21] (Philips Applied Technologies)
S3 SPC530; C:\Windows\System32\drivers\SPC530.sys [583168 2008-05-21] (                                                            )
S3 SPC530m; C:\Windows\System32\drivers\SPC530m.sys [8192 2008-05-21] (                                                            )
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2013-07-22] (Windows (R) Win 7 DDK provider)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz132; \??\C:\Users\valentin\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [x]
S3 dump_wmimmc; \??\E:\Programme\wolfstein\GameGuard\dump_wmimmc.sys [x]
S3 NPPTNT2; \??\C:\Windows\system32\npptNT2.sys [x]
S3 wolf; \??\E:\Programme\video delu\Wolfteam\Wolfteam\avital\wolf64.sys [x]
S3 X6va002; \??\C:\Users\valentin\AppData\Local\Temp\00247D8.tmp [x]
S3 X6va003; \??\C:\Users\valentin\AppData\Local\Temp\00370FC.tmp [x]
S3 X6va005; \??\C:\Users\valentin\AppData\Local\Temp\005261B.tmp [x]
S3 X6va006; \??\C:\Users\valentin\AppData\Local\Temp\006F6FB.tmp [x]
S3 X6va007; \??\C:\Users\valentin\AppData\Local\Temp\007E9B5.tmp [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-30 20:34 - 2013-07-30 20:34 - 01781589 _____ (Farbar) C:\Users\valentin\Downloads\FRST64.exe
2013-07-30 20:21 - 2013-07-30 20:21 - 00029066 _____ C:\Users\valentin\Desktop\results.txt
2013-07-30 11:40 - 2013-07-30 11:40 - 00891098 _____ C:\Users\valentin\Desktop\SecurityCheck.exe
2013-07-30 11:40 - 2013-07-30 11:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-30 11:39 - 2013-07-30 11:40 - 02347384 _____ (ESET) C:\Users\valentin\Desktop\esetsmartinstaller_enu.exe
2013-07-29 19:31 - 2013-07-29 19:31 - 00007334 _____ C:\Users\valentin\Desktop\OpenDocument Text (neu) (2).odt
2013-07-29 18:52 - 2008-07-21 17:11 - 00427328 _____ (Tencent Inc.) C:\Windows\SysWOW64\TXGYMailActiveX.dll
2013-07-29 18:52 - 2008-07-21 17:11 - 00261256 _____ (TENCENT) C:\Windows\SysWOW64\TXGYMailCamera.dll
2013-07-29 18:37 - 2013-07-29 18:37 - 00004366 _____ C:\Users\valentin\Desktop\JRT.txt
2013-07-29 18:32 - 2013-07-29 18:32 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 18:28 - 2013-07-29 18:29 - 00001489 _____ C:\AdwCleaner[S3].txt
2013-07-29 18:25 - 2013-07-29 18:25 - 00562353 _____ (Oleg N. Scherbakov) C:\Users\valentin\Desktop\JRT.exe
2013-07-29 18:24 - 2013-07-29 18:24 - 00666633 _____ C:\Users\valentin\Desktop\adwcleaner.exe
2013-07-29 14:20 - 2013-07-29 14:25 - 00000000 ____D C:\Users\valentin\Desktop\katzen
2013-07-29 10:11 - 2013-07-29 10:11 - 00048961 _____ C:\ComboFix.txt
2013-07-29 09:59 - 2013-07-29 10:11 - 00000000 ____D C:\Qoobox
2013-07-29 09:59 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-29 09:59 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-29 09:59 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-29 09:59 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-29 09:59 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-29 09:59 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-29 09:59 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-29 09:59 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-29 09:58 - 2013-07-29 10:10 - 00000000 ____D C:\Windows\erdnt
2013-07-29 09:54 - 2013-07-29 09:55 - 05095176 ____R (Swearware) C:\Users\valentin\Desktop\ComboFix.exe
2013-07-28 14:24 - 2013-07-28 14:24 - 00000000 ____D C:\FRST
2013-07-28 14:22 - 2013-07-28 14:24 - 01780547 _____ (Farbar) C:\Users\valentin\Desktop\FRST64.exe
2013-07-28 12:43 - 2013-07-28 12:43 - 00001417 _____ C:\AdwCleaner[R3].txt
2013-07-28 12:40 - 2013-07-28 12:40 - 00010671 _____ C:\AdwCleaner[S2].txt
2013-07-28 12:39 - 2013-07-28 12:39 - 00011055 _____ C:\AdwCleaner[R2].txt
2013-07-28 12:37 - 2013-07-28 12:37 - 00000366 _____ C:\AdwCleaner[S1].txt
2013-07-28 12:36 - 2013-07-28 12:36 - 00010958 _____ C:\AdwCleaner[R1].txt
2013-07-28 10:52 - 2013-07-28 10:52 - 00000859 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-25 17:46 - 2013-07-30 00:55 - 00010863 _____ C:\Users\valentin\Desktop\Vorlage Rapper - Kopie.odt
2013-07-25 17:46 - 2013-07-26 11:18 - 00018096 _____ C:\Users\valentin\Desktop\Vorlage Rapper.odt
2013-07-25 01:54 - 2013-07-25 01:56 - 00000000 ____D C:\Windows\system32\MRT
2013-07-24 21:48 - 2013-07-24 22:09 - 00020013 _____ C:\Users\valentin\Desktop\DieZwai.odt
2013-07-24 11:26 - 2013-07-24 11:26 - 00000000 ____D C:\Users\valentin\Desktop\Alte Firefox-Daten
2013-07-24 10:48 - 2013-07-24 10:48 - 00262144 ____N C:\Windows\Minidump\072413-28813-01.dmp
2013-07-24 10:32 - 2012-12-16 19:11 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-07-24 10:32 - 2012-12-16 16:45 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-07-24 10:32 - 2012-12-16 16:13 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-07-24 10:32 - 2012-12-16 16:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-07-24 10:20 - 2013-07-24 10:20 - 00262144 ____N C:\Windows\Minidump\072413-38345-01.dmp
2013-07-24 10:14 - 2013-07-24 10:14 - 00262144 ____N C:\Windows\Minidump\072413-47034-01.dmp
2013-07-24 09:13 - 2013-07-24 09:13 - 00275688 _____ C:\Windows\Minidump\072413-68312-01.dmp
2013-07-23 21:02 - 2013-04-10 08:01 - 00983400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-07-23 21:02 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-07-23 21:02 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-07-23 21:01 - 2013-05-08 08:39 - 01910632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-23 21:01 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-07-23 21:01 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-07-23 21:01 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-07-23 21:01 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-07-23 21:01 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-07-23 21:01 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-07-23 21:01 - 2013-01-03 08:00 - 00288088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-07-23 21:01 - 2012-11-09 07:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-07-23 21:01 - 2012-11-09 06:42 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-07-23 21:00 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-07-23 21:00 - 2013-03-19 07:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-07-23 21:00 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2013-07-23 21:00 - 2013-02-27 08:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-23 21:00 - 2013-02-27 07:52 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-07-23 21:00 - 2013-02-27 07:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-07-23 21:00 - 2013-02-27 07:48 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-07-23 21:00 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2013-07-23 21:00 - 2013-02-27 06:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-07-23 21:00 - 2013-02-27 06:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-07-23 21:00 - 2013-02-27 06:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-07-23 21:00 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-07-23 21:00 - 2012-11-01 07:43 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-07-23 21:00 - 2012-11-01 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-07-23 21:00 - 2012-11-01 06:47 - 01389568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-07-23 21:00 - 2012-11-01 06:47 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-07-23 20:59 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-23 20:59 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-07-23 20:59 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-23 20:59 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-07-23 20:59 - 2013-01-04 07:46 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-07-23 20:59 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-07-23 20:59 - 2013-01-04 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-07-23 20:59 - 2013-01-04 04:47 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-07-23 20:59 - 2013-01-04 04:47 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-07-23 20:59 - 2013-01-04 04:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-07-23 20:59 - 2012-11-20 07:48 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-07-23 20:59 - 2012-11-20 06:51 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-07-23 20:59 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-07-23 20:59 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-07-23 20:58 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-07-23 20:58 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-07-23 20:58 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-07-23 20:58 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-07-23 20:58 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-07-23 20:58 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-07-23 20:58 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-07-23 20:58 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-07-23 20:58 - 2012-11-22 07:44 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-07-23 20:58 - 2012-11-22 06:45 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-07-23 20:28 - 2012-11-30 07:45 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-07-23 20:28 - 2012-11-30 07:45 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-07-23 20:28 - 2012-11-30 07:45 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-07-23 20:28 - 2012-11-30 07:43 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-07-23 20:28 - 2012-11-30 07:41 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-07-23 20:28 - 2012-11-30 07:41 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 07:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-07-23 20:28 - 2012-11-30 06:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 06:45 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 05:23 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-07-23 20:28 - 2012-11-30 04:38 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 04:38 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 04:38 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 04:38 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-07-23 20:28 - 2012-11-30 01:17 - 00420064 _____ C:\Windows\SysWOW64\locale.nls
2013-07-23 20:28 - 2012-11-30 01:15 - 00420064 _____ C:\Windows\system32\locale.nls
2013-07-23 20:26 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-23 20:26 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-23 20:26 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-07-23 20:26 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-23 20:26 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-07-23 20:25 - 2013-05-13 07:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-23 20:25 - 2013-05-13 07:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-23 20:25 - 2013-05-13 07:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-23 20:25 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-23 20:25 - 2013-05-13 06:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-07-23 20:25 - 2013-05-13 06:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-07-23 20:25 - 2013-05-13 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-07-23 20:25 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-23 20:25 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-07-23 20:25 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-07-23 20:25 - 2013-04-17 09:02 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-07-23 20:25 - 2013-04-17 08:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-07-23 20:25 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-07-23 20:24 - 2013-03-19 08:04 - 05550424 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-23 20:24 - 2013-03-19 07:46 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-07-23 20:24 - 2013-03-19 07:04 - 03968856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-07-23 20:24 - 2013-03-19 07:04 - 03913560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-07-23 20:24 - 2013-03-19 06:47 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-07-23 20:24 - 2013-03-19 05:06 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-07-23 20:23 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-07-23 20:23 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-07-23 20:23 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-23 20:23 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-23 01:35 - 2013-07-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-23 01:35 - 2013-07-23 01:35 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-23 01:35 - 2013-07-23 01:35 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-23 01:35 - 2013-07-23 01:35 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-23 01:35 - 2013-07-23 01:35 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-23 01:35 - 2013-07-23 01:35 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-23 01:35 - 2013-07-23 01:35 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-23 01:35 - 2013-07-23 01:35 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-23 01:35 - 2013-07-23 01:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-23 01:35 - 2013-07-23 01:35 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-23 01:33 - 2013-07-23 01:33 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-23 01:32 - 2013-07-23 01:32 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-23 01:31 - 2013-07-23 01:38 - 00011102 _____ C:\Windows\IE10_main.log
2013-07-22 15:25 - 2013-07-22 16:26 - 00000000 ____D C:\Users\valentin\AppData\Local\Audible
2013-07-22 15:25 - 2013-07-22 15:25 - 00255352 _____ (Audible, Inc.) C:\Windows\SysWOW64\awrdscdc.ax
2013-07-22 15:25 - 2013-07-22 15:25 - 00000870 _____ C:\Users\valentin\Desktop\Audible Manager.lnk
2013-07-22 15:24 - 2001-08-17 22:43 - 00024576 ____N (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2013-07-22 15:23 - 2013-07-22 15:24 - 00000000 ____D C:\Users\valentin\Documents\Audible
2013-07-22 15:22 - 2013-07-22 15:22 - 01730272 _____ (Audible Inc.) C:\Users\valentin\Downloads\ActiveSetupN.exe
2013-07-22 15:10 - 2013-07-22 15:10 - 00260418 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-07-22 14:45 - 2013-07-22 14:45 - 00275744 _____ C:\Windows\Minidump\072213-59373-01.dmp
2013-07-22 12:22 - 2013-07-22 12:23 - 00000000 ____D C:\ProgramData\Avanquest
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\valentin\Documents\Web Easy
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\valentin\AppData\Local\Avanquest
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\Public\Documents\Avanquest Software
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\ProgramData\Avanquest Software
2013-07-22 12:14 - 2013-07-22 12:14 - 00000000 ____D C:\Users\valentin\Desktop\html
2013-07-22 11:42 - 2013-07-22 12:20 - 00000000 ____D C:\Users\valentin\AppData\Roaming\lexiCan 4
2013-07-22 11:42 - 2013-07-22 11:42 - 00000000 ____D C:\Users\valentin\AppData\Roaming\lexiCan
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\Users\valentin\AppData\Roaming\vetafab Software GmbH
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\ProgramData\lexiCan 4
2013-07-22 01:37 - 2013-07-22 01:37 - 00262144 ____N C:\Windows\Minidump\072213-15412-01.dmp
2013-07-22 00:56 - 2013-07-29 17:00 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-22 00:56 - 2013-07-22 00:56 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-22 00:56 - 2013-07-22 00:56 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Spyware Terminator
2013-07-22 00:56 - 2013-07-22 00:56 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-19 10:53 - 2013-07-19 10:53 - 00000831 _____ C:\Users\valentin\.recently-used.xbel
2013-07-19 10:36 - 2013-07-29 14:25 - 00000000 ____D C:\Users\valentin\Desktop\sdchickbar
2013-07-19 00:49 - 2013-07-19 00:49 - 00262144 ____N C:\Windows\Minidump\071913-15724-01.dmp
2013-07-18 12:41 - 2013-07-19 11:26 - 00014692 _____ C:\Users\valentin\Desktop\OpenDocument Text (neu).odt
2013-07-18 11:57 - 2013-07-29 10:06 - 00007262 _____ C:\Windows\PFRO.log
2013-07-18 11:15 - 2013-07-30 12:57 - 00008232 _____ C:\Windows\setupact.log
2013-07-18 11:15 - 2013-07-18 11:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-18 09:53 - 2013-07-18 09:53 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-18 09:26 - 2013-07-18 09:26 - 00275688 _____ C:\Windows\Minidump\071813-44148-01.dmp
2013-07-17 23:13 - 2013-07-17 23:13 - 00275688 _____ C:\Windows\Minidump\071713-43415-01.dmp
2013-07-17 22:47 - 2013-07-17 22:47 - 00262144 ____N C:\Windows\Minidump\071713-14196-01.dmp
2013-07-17 17:11 - 2013-07-17 17:11 - 00275688 _____ C:\Windows\Minidump\071713-55380-01.dmp
2013-07-17 11:09 - 2013-07-17 11:09 - 00000084 _____ C:\Windows\SysWOW64\prime.txt
2013-07-17 00:45 - 2013-07-17 00:45 - 00000000 ____D C:\Users\valentin\AppData\Local\DM
2013-07-17 00:44 - 2013-07-17 00:44 - 00118805 _____ C:\Users\valentin\Downloads\kuckuck jumping 95bpm zis.wav.exe
2013-07-16 20:41 - 2013-07-16 20:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-16 20:41 - 2013-07-16 20:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-16 20:31 - 2013-07-24 10:51 - 00493584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-16 16:07 - 2013-07-16 16:07 - 00148536 _____ C:\Users\valentin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-15 21:16 - 2013-07-15 21:16 - 00000000 ____D C:\Users\valentin\AppData\Roaming\TuneUp Software
2013-07-15 21:16 - 2013-07-15 21:16 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-15 21:16 - 2013-01-28 14:19 - 00035104 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2013-07-15 21:16 - 2013-01-28 14:19 - 00026400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2013-07-15 21:15 - 2013-07-15 21:25 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-15 21:15 - 2013-07-15 21:16 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-04 23:21 - 2013-07-04 23:21 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2013-07-04 23:15 - 2013-07-04 23:21 - 00000000 ____D C:\Users\valentin\AppData\Roaming\XnView
2013-07-04 20:06 - 2013-07-04 20:14 - 00000000 ____D C:\Users\valentin\Desktop\SCHIZOPHRENICWEBSITE_web_files
2013-07-04 20:06 - 2013-07-04 20:06 - 00000000 ____D C:\Users\valentin\Desktop\J
2013-07-01 00:25 - 2013-07-01 00:25 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager

==================== One Month Modified Files and Folders =======

2013-07-30 20:34 - 2013-07-30 20:34 - 01781589 _____ (Farbar) C:\Users\valentin\Downloads\FRST64.exe
2013-07-30 20:29 - 2012-04-16 17:52 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-30 20:21 - 2013-07-30 20:21 - 00029066 _____ C:\Users\valentin\Desktop\results.txt
2013-07-30 19:46 - 2012-03-09 17:41 - 00000940 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job
2013-07-30 19:36 - 2012-03-10 10:21 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job
2013-07-30 17:40 - 2012-09-16 11:35 - 00000940 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA.job
2013-07-30 17:17 - 2010-06-19 20:11 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{061F5AEE-FCAD-4EB6-BB61-1AB6937C291E}
2013-07-30 16:46 - 2012-03-09 17:41 - 00000888 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job
2013-07-30 16:22 - 2010-06-03 11:19 - 01874446 _____ C:\Windows\WindowsUpdate.log
2013-07-30 15:06 - 2009-07-14 19:58 - 06954580 _____ C:\Windows\system32\perfh007.dat
2013-07-30 15:06 - 2009-07-14 19:58 - 02094072 _____ C:\Windows\system32\perfc007.dat
2013-07-30 15:06 - 2009-07-14 07:13 - 02172120 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-30 13:28 - 2012-12-30 23:54 - 05944238 _____ C:\Users\valentin\Desktop\SCHIZOPHRENICWEBSITE.web
2013-07-30 12:57 - 2013-07-18 11:15 - 00008232 _____ C:\Windows\setupact.log
2013-07-30 11:40 - 2013-07-30 11:40 - 00891098 _____ C:\Users\valentin\Desktop\SecurityCheck.exe
2013-07-30 11:40 - 2013-07-30 11:40 - 00000000 ____D C:\Program Files (x86)\ESET
2013-07-30 11:40 - 2013-07-30 11:39 - 02347384 _____ (ESET) C:\Users\valentin\Desktop\esetsmartinstaller_enu.exe
2013-07-30 11:40 - 2012-09-16 11:35 - 00000918 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job
2013-07-30 11:18 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-30 11:18 - 2009-07-14 06:45 - 00014928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-30 11:11 - 2010-06-03 17:57 - 00000000 _____ C:\ProgramData\Gpu.log
2013-07-30 11:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-30 01:08 - 2010-06-03 20:28 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Skype
2013-07-30 00:55 - 2013-07-25 17:46 - 00010863 _____ C:\Users\valentin\Desktop\Vorlage Rapper - Kopie.odt
2013-07-30 00:38 - 2012-03-10 10:18 - 00000000 ____D C:\ProgramData\Messenger Plus! for Skype
2013-07-30 00:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2013-07-29 20:36 - 2012-03-10 10:21 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core.job
2013-07-29 19:31 - 2013-07-29 19:31 - 00007334 _____ C:\Users\valentin\Desktop\OpenDocument Text (neu) (2).odt
2013-07-29 18:37 - 2013-07-29 18:37 - 00004366 _____ C:\Users\valentin\Desktop\JRT.txt
2013-07-29 18:32 - 2013-07-29 18:32 - 00000000 ____D C:\Windows\ERUNT
2013-07-29 18:29 - 2013-07-29 18:28 - 00001489 _____ C:\AdwCleaner[S3].txt
2013-07-29 18:25 - 2013-07-29 18:25 - 00562353 _____ (Oleg N. Scherbakov) C:\Users\valentin\Desktop\JRT.exe
2013-07-29 18:24 - 2013-07-29 18:24 - 00666633 _____ C:\Users\valentin\Desktop\adwcleaner.exe
2013-07-29 17:00 - 2013-07-22 00:56 - 00000000 ____D C:\ProgramData\Spyware Terminator
2013-07-29 14:25 - 2013-07-29 14:20 - 00000000 ____D C:\Users\valentin\Desktop\katzen
2013-07-29 14:25 - 2013-07-19 10:36 - 00000000 ____D C:\Users\valentin\Desktop\sdchickbar
2013-07-29 10:11 - 2013-07-29 10:11 - 00048961 _____ C:\ComboFix.txt
2013-07-29 10:11 - 2013-07-29 09:59 - 00000000 ____D C:\Qoobox
2013-07-29 10:11 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-29 10:10 - 2013-07-29 09:58 - 00000000 ____D C:\Windows\erdnt
2013-07-29 10:08 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2013-07-29 10:06 - 2013-07-18 11:57 - 00007262 _____ C:\Windows\PFRO.log
2013-07-29 09:55 - 2013-07-29 09:54 - 05095176 ____R (Swearware) C:\Users\valentin\Desktop\ComboFix.exe
2013-07-28 14:24 - 2013-07-28 14:24 - 00000000 ____D C:\FRST
2013-07-28 14:24 - 2013-07-28 14:22 - 01780547 _____ (Farbar) C:\Users\valentin\Desktop\FRST64.exe
2013-07-28 12:43 - 2013-07-28 12:43 - 00001417 _____ C:\AdwCleaner[R3].txt
2013-07-28 12:40 - 2013-07-28 12:40 - 00010671 _____ C:\AdwCleaner[S2].txt
2013-07-28 12:40 - 2011-08-04 15:05 - 00000000 ____D C:\ProgramData\ICQ
2013-07-28 12:39 - 2013-07-28 12:39 - 00011055 _____ C:\AdwCleaner[R2].txt
2013-07-28 12:37 - 2013-07-28 12:37 - 00000366 _____ C:\AdwCleaner[S1].txt
2013-07-28 12:36 - 2013-07-28 12:36 - 00010958 _____ C:\AdwCleaner[R1].txt
2013-07-28 10:52 - 2013-07-28 10:52 - 00000859 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-07-27 14:56 - 2012-03-03 11:22 - 00000072 _____ C:\Users\Public\LMDebug.log
2013-07-27 14:47 - 2010-11-27 15:47 - 00001120 _____ C:\Windows\SysWOW64\index.xml
2013-07-27 13:33 - 2010-09-28 15:30 - 00000000 ____D C:\Users\valentin\AppData\Roaming\TeamViewer
2013-07-26 11:18 - 2013-07-25 17:46 - 00018096 _____ C:\Users\valentin\Desktop\Vorlage Rapper.odt
2013-07-25 01:56 - 2013-07-25 01:54 - 00000000 ____D C:\Windows\system32\MRT
2013-07-24 22:09 - 2013-07-24 21:48 - 00020013 _____ C:\Users\valentin\Desktop\DieZwai.odt
2013-07-24 13:25 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-24 11:26 - 2013-07-24 11:26 - 00000000 ____D C:\Users\valentin\Desktop\Alte Firefox-Daten
2013-07-24 10:51 - 2013-07-16 20:31 - 00493584 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-24 10:51 - 2010-06-03 11:22 - 00000000 ___RD C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-07-24 10:51 - 2010-06-03 11:22 - 00000000 ___RD C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-07-24 10:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-24 10:49 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-24 10:48 - 2013-07-24 10:48 - 00262144 ____N C:\Windows\Minidump\072413-28813-01.dmp
2013-07-24 10:48 - 2011-05-21 22:54 - 00000296 _____ C:\Windows\Tasks\PCCT - MAGIX AG.job
2013-07-24 10:48 - 2010-12-22 20:31 - 00000000 ____D C:\Windows\Minidump
2013-07-24 10:32 - 2012-09-16 11:35 - 00003932 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA
2013-07-24 10:31 - 2012-12-02 19:15 - 00003040 _____ C:\Windows\System32\Tasks\MSIAfterburner
2013-07-24 10:31 - 2012-10-15 22:47 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-07-24 10:31 - 2012-09-16 11:35 - 00003564 _____ C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core
2013-07-24 10:31 - 2012-03-10 10:21 - 00004118 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000UA
2013-07-24 10:31 - 2012-03-10 10:21 - 00003722 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178520715-3526337842-3463229803-1000Core
2013-07-24 10:31 - 2011-08-29 17:53 - 00002938 _____ C:\Windows\System32\Tasks\{1DF9EE0A-DAFD-458A-8925-65FC0F4027B3}
2013-07-24 10:31 - 2011-08-29 17:52 - 00002938 _____ C:\Windows\System32\Tasks\{7A5F28EE-D234-4165-9B3E-E186903BC345}
2013-07-24 10:31 - 2011-05-21 22:54 - 00002694 _____ C:\Windows\System32\Tasks\PCCT - MAGIX AG
2013-07-24 10:20 - 2013-07-24 10:20 - 00262144 ____N C:\Windows\Minidump\072413-38345-01.dmp
2013-07-24 10:14 - 2013-07-24 10:14 - 00262144 ____N C:\Windows\Minidump\072413-47034-01.dmp
2013-07-24 10:08 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-24 09:13 - 2013-07-24 09:13 - 00275688 _____ C:\Windows\Minidump\072413-68312-01.dmp
2013-07-23 10:10 - 2011-05-10 17:48 - 00001387 _____ C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-07-23 10:09 - 2010-06-03 12:09 - 00000000 ____D C:\Windows\Panther
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2013-07-23 10:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-23 01:38 - 2013-07-23 01:31 - 00011102 _____ C:\Windows\IE10_main.log
2013-07-23 01:35 - 2013-07-23 01:35 - 19238912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 14329856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-23 01:35 - 2013-07-23 01:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-23 01:35 - 2013-07-23 01:35 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 02046976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01509376 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-23 01:35 - 2013-07-23 01:35 - 01441280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-23 01:35 - 2013-07-23 01:35 - 01400416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-23 01:35 - 2013-07-23 01:35 - 01400416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-07-23 01:35 - 2013-07-23 01:35 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 01054720 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00905728 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00719360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00629248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00523264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-07-23 01:35 - 2013-07-23 01:35 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00361984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-23 01:35 - 2013-07-23 01:35 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00242200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00232960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00185344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00137216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-07-23 01:35 - 2013-07-23 01:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-23 01:35 - 2013-07-23 01:35 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-23 01:35 - 2013-07-23 01:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-07-23 01:35 - 2013-07-23 01:35 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-23 01:33 - 2013-07-23 01:33 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-07-23 01:32 - 2013-07-23 01:32 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-23 01:32 - 2013-07-23 01:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-07-22 19:05 - 2011-08-04 15:04 - 00000000 ____D C:\Users\valentin\AppData\Roaming\ICQ
2013-07-22 16:26 - 2013-07-22 15:25 - 00000000 ____D C:\Users\valentin\AppData\Local\Audible
2013-07-22 15:25 - 2013-07-22 15:25 - 00255352 _____ (Audible, Inc.) C:\Windows\SysWOW64\awrdscdc.ax
2013-07-22 15:25 - 2013-07-22 15:25 - 00000870 _____ C:\Users\valentin\Desktop\Audible Manager.lnk
2013-07-22 15:24 - 2013-07-22 15:23 - 00000000 ____D C:\Users\valentin\Documents\Audible
2013-07-22 15:22 - 2013-07-22 15:22 - 01730272 _____ (Audible Inc.) C:\Users\valentin\Downloads\ActiveSetupN.exe
2013-07-22 15:10 - 2013-07-22 15:10 - 00260418 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2013-07-22 14:45 - 2013-07-22 14:45 - 00275744 _____ C:\Windows\Minidump\072213-59373-01.dmp
2013-07-22 12:23 - 2013-07-22 12:22 - 00000000 ____D C:\ProgramData\Avanquest
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\valentin\Documents\Web Easy
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\valentin\AppData\Local\Avanquest
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\Users\Public\Documents\Avanquest Software
2013-07-22 12:22 - 2013-07-22 12:22 - 00000000 ____D C:\ProgramData\Avanquest Software
2013-07-22 12:22 - 2010-06-03 17:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-07-22 12:20 - 2013-07-22 11:42 - 00000000 ____D C:\Users\valentin\AppData\Roaming\lexiCan 4
2013-07-22 12:14 - 2013-07-22 12:14 - 00000000 ____D C:\Users\valentin\Desktop\html
2013-07-22 11:42 - 2013-07-22 11:42 - 00000000 ____D C:\Users\valentin\AppData\Roaming\lexiCan
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\Users\valentin\AppData\Roaming\vetafab Software GmbH
2013-07-22 11:41 - 2013-07-22 11:41 - 00000000 ____D C:\ProgramData\lexiCan 4
2013-07-22 01:37 - 2013-07-22 01:37 - 00262144 ____N C:\Windows\Minidump\072213-15412-01.dmp
2013-07-22 00:56 - 2013-07-22 00:56 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2013-07-22 00:56 - 2013-07-22 00:56 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Spyware Terminator
2013-07-22 00:56 - 2013-07-22 00:56 - 00000000 ____D C:\Program Files (x86)\Spyware Terminator
2013-07-19 11:26 - 2013-07-18 12:41 - 00014692 _____ C:\Users\valentin\Desktop\OpenDocument Text (neu).odt
2013-07-19 11:18 - 2012-03-29 21:36 - 00000000 ____D C:\Users\valentin\.gimp-2.6
2013-07-19 10:53 - 2013-07-19 10:53 - 00000831 _____ C:\Users\valentin\.recently-used.xbel
2013-07-19 10:53 - 2010-06-03 11:22 - 00000000 ____D C:\Users\valentin
2013-07-19 00:49 - 2013-07-19 00:49 - 00262144 ____N C:\Windows\Minidump\071913-15724-01.dmp
2013-07-18 11:15 - 2013-07-18 11:15 - 00000000 _____ C:\Windows\setuperr.log
2013-07-18 09:53 - 2013-07-18 09:53 - 00002770 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2013-07-18 09:26 - 2013-07-18 09:26 - 00275688 _____ C:\Windows\Minidump\071813-44148-01.dmp
2013-07-18 09:22 - 2012-04-16 17:52 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-18 09:22 - 2012-04-16 17:52 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-07-18 09:22 - 2011-06-17 11:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-18 09:19 - 2012-12-28 23:46 - 00000000 ____D C:\Users\valentin\AppData\Local\Adobe
2013-07-17 23:13 - 2013-07-17 23:13 - 00275688 _____ C:\Windows\Minidump\071713-43415-01.dmp
2013-07-17 22:47 - 2013-07-17 22:47 - 00262144 ____N C:\Windows\Minidump\071713-14196-01.dmp
2013-07-17 17:11 - 2013-07-17 17:11 - 00275688 _____ C:\Windows\Minidump\071713-55380-01.dmp
2013-07-17 11:09 - 2013-07-17 11:09 - 00000084 _____ C:\Windows\SysWOW64\prime.txt
2013-07-17 11:09 - 2010-06-03 17:39 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2013-07-17 00:45 - 2013-07-17 00:45 - 00000000 ____D C:\Users\valentin\AppData\Local\DM
2013-07-17 00:44 - 2013-07-17 00:44 - 00118805 _____ C:\Users\valentin\Downloads\kuckuck jumping 95bpm zis.wav.exe
2013-07-16 20:41 - 2013-07-16 20:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-16 20:41 - 2013-07-16 20:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-16 16:07 - 2013-07-16 16:07 - 00148536 _____ C:\Users\valentin\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-15 21:35 - 2010-11-13 14:39 - 00000000 ___HD C:\ProgramData\{7DE921C9-42C8-4DA3-8A44-043C3349FD1D}
2013-07-15 21:25 - 2013-07-15 21:15 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-15 21:25 - 2012-11-18 15:13 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Sony
2013-07-15 21:25 - 2011-12-25 17:12 - 00000000 __HDC C:\ProgramData\{CCE3E562-124D-4D63-8AC7-EC849A579F07}
2013-07-15 21:25 - 2011-12-25 16:52 - 00000000 __HDC C:\ProgramData\{82B9F45C-9378-4B6C-B80A-338C197F3791}
2013-07-15 21:25 - 2011-12-25 16:47 - 00000000 __HDC C:\ProgramData\{AB38F02B-C891-457C-B8C8-DA9D96EFA317}
2013-07-15 21:25 - 2011-12-25 16:19 - 00000000 __HDC C:\ProgramData\{91377244-4B4E-4A81-9F72-FA41DECB3D8F}
2013-07-15 21:25 - 2011-12-25 16:15 - 00000000 __HDC C:\ProgramData\{F2026C51-8509-47B4-816D-CCD2DB993FC1}
2013-07-15 21:25 - 2011-12-25 16:07 - 00000000 __HDC C:\ProgramData\{DFB8047B-FF22-438D-90BD-83E8B78F83D7}
2013-07-15 21:25 - 2011-12-25 15:50 - 00000000 __HDC C:\ProgramData\{80A0A482-175E-4DE8-9D32-C8C8463D1362}
2013-07-15 21:25 - 2011-12-25 15:48 - 00000000 __HDC C:\ProgramData\{AA5037F8-9B97-456B-847E-A64FEB3E393C}
2013-07-15 21:25 - 2011-12-25 13:57 - 00000000 __HDC C:\ProgramData\{E9CDB61C-771D-42BB-B441-4CA7622ACA52}
2013-07-15 21:25 - 2011-12-25 13:19 - 00000000 __HDC C:\ProgramData\{F409EA92-6713-4D2D-AF88-0C51B1CF1D2A}
2013-07-15 21:25 - 2011-12-25 13:17 - 00000000 __HDC C:\ProgramData\{DC597CF0-DB39-40C2-9F8C-CF9D0A386548}
2013-07-15 21:25 - 2011-12-25 13:17 - 00000000 __HDC C:\ProgramData\{CA03436C-933D-4ADA-9E89-2C39CC03E904}
2013-07-15 21:25 - 2011-12-25 13:16 - 00000000 __HDC C:\ProgramData\{D04E7E60-5F77-4E61-9CD4-7AEC5E15C525}
2013-07-15 21:25 - 2011-12-25 13:16 - 00000000 __HDC C:\ProgramData\{B0DF9098-245E-479F-A4ED-B5F91EA4948B}
2013-07-15 21:25 - 2011-12-25 13:15 - 00000000 __HDC C:\ProgramData\{DE181BBE-2522-484E-A620-BDCFB298DC87}
2013-07-15 21:25 - 2011-12-25 13:10 - 00000000 __HDC C:\ProgramData\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
2013-07-15 21:25 - 2011-12-25 13:06 - 00000000 __HDC C:\ProgramData\{DD2792B0-5B90-4CC3-8D97-1C733D7FB366}
2013-07-15 21:25 - 2011-12-25 12:55 - 00000000 __HDC C:\ProgramData\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
2013-07-15 21:25 - 2011-12-22 13:32 - 00000000 __HDC C:\ProgramData\{AE4E9D9F-140B-4444-9F54-7EF88D1966D3}
2013-07-15 21:25 - 2011-12-22 11:15 - 00000000 __HDC C:\ProgramData\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
2013-07-15 21:25 - 2011-12-22 11:14 - 00000000 __HDC C:\ProgramData\{DCC412E7-393B-4016-91FB-9307F059AFB6}
2013-07-15 21:25 - 2011-12-20 21:55 - 00000000 __HDC C:\ProgramData\{C2A88E6D-FA3D-462B-BDFF-A09B1EFA8FBE}
2013-07-15 21:25 - 2011-11-02 15:04 - 00000000 ____D C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2013-07-15 21:25 - 2011-06-05 09:13 - 00000000 __HDC C:\ProgramData\{F032C584-F5A7-4097-B137-C76CAA800BC1}
2013-07-15 21:25 - 2011-02-06 20:17 - 00000000 __HDC C:\ProgramData\{D15CE785-FD15-4860-807A-3B68400084D3}
2013-07-15 21:25 - 2010-06-03 18:05 - 00000000 ____D C:\Users\valentin\AppData\Local\Downloaded Installations
2013-07-15 21:24 - 2012-12-17 18:57 - 00000000 __HDC C:\ProgramData\{34163C5E-1AE4-49D8-B5F9-A3C2422AAB96}
2013-07-15 21:24 - 2011-12-25 17:12 - 00000000 __HDC C:\ProgramData\{27D02406-6F0F-419F-AF2F-A4EE19D2E463}
2013-07-15 21:24 - 2011-12-25 16:03 - 00000000 __HDC C:\ProgramData\{68233086-CF7D-452D-8519-A7815257EC6B}
2013-07-15 21:24 - 2011-12-25 15:30 - 00000000 __HDC C:\ProgramData\{35B46D49-85E2-40EA-8EC6-43B281EDD8E7}
2013-07-15 21:24 - 2011-12-25 13:20 - 00000000 __HDC C:\ProgramData\{0A583E76-A7A0-45F8-9386-AEE1E529A4DE}
2013-07-15 21:24 - 2011-12-25 13:17 - 00000000 __HDC C:\ProgramData\{588D017F-D30B-4C08-8A10-1FEF7D039369}
2013-07-15 21:24 - 2011-12-25 13:16 - 00000000 __HDC C:\ProgramData\{6E467D89-1963-440B-84F9-852C8150E323}
2013-07-15 21:24 - 2011-12-25 13:16 - 00000000 __HDC C:\ProgramData\{3DFBC806-D62A-4312-81FF-5F343DDCB5DC}
2013-07-15 21:24 - 2011-12-25 13:09 - 00000000 __HDC C:\ProgramData\{34B6291D-C0D7-4BAF-B634-1D130C96F9F9}
2013-07-15 21:24 - 2011-12-25 13:04 - 00000000 __HDC C:\ProgramData\{3006A797-CDFA-44FC-98EF-155579E2CDBF}
2013-07-15 21:24 - 2011-12-22 11:14 - 00000000 __HDC C:\ProgramData\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
2013-07-15 21:24 - 2011-04-18 21:25 - 00000000 __HDC C:\ProgramData\{0C95DFD3-6D9A-4690-B733-6D8C0B0A6578}
2013-07-15 21:24 - 2011-02-06 20:19 - 00000000 __HDC C:\ProgramData\{47960B9E-9E4E-438D-AA0C-2F495913AD7E}
2013-07-15 21:24 - 2011-02-06 20:19 - 00000000 __HDC C:\ProgramData\{2F1A850B-9DA6-4E4A-AB2A-E9005D72D5B2}
2013-07-15 21:24 - 2011-02-06 20:18 - 00000000 __HDC C:\ProgramData\{51753DAD-2BAB-4BB2-A4AA-CAAEF5AA972B}
2013-07-15 21:24 - 2011-02-06 16:14 - 00000000 __HDC C:\ProgramData\{6268CC84-62BB-4890-B980-FC891FC3470E}
2013-07-15 21:24 - 2011-01-23 21:06 - 00000000 __HDC C:\ProgramData\{57B10C8A-9A38-45B2-B696-92DA7712A65C}
2013-07-15 21:16 - 2013-07-15 21:16 - 00000000 ____D C:\Users\valentin\AppData\Roaming\TuneUp Software
2013-07-15 21:16 - 2013-07-15 21:16 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-15 21:16 - 2013-07-15 21:15 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-07-15 21:16 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-15 20:56 - 2010-09-05 09:48 - 00000000 ____D C:\Users\valentin\Documents\MAGIX
2013-07-15 11:06 - 2010-12-12 12:58 - 00000000 ____D C:\Users\valentin\AppData\Roaming\vlc
2013-07-14 14:32 - 2012-12-15 11:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-07-14 14:32 - 2010-06-03 20:27 - 00000000 ____D C:\ProgramData\Skype
2013-07-04 23:21 - 2013-07-04 23:21 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ghostscript
2013-07-04 23:21 - 2013-07-04 23:15 - 00000000 ____D C:\Users\valentin\AppData\Roaming\XnView
2013-07-04 20:14 - 2013-07-04 20:06 - 00000000 ____D C:\Users\valentin\Desktop\SCHIZOPHRENICWEBSITE_web_files
2013-07-04 20:06 - 2013-07-04 20:06 - 00000000 ____D C:\Users\valentin\Desktop\J
2013-07-04 15:14 - 2013-05-01 01:47 - 00008920 _____ C:\Users\valentin\Desktop\gutschein code.odt
2013-07-01 00:25 - 2013-07-01 00:25 - 00000000 ____D C:\Users\valentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2013-07-01 00:25 - 2012-03-10 10:21 - 00000000 ____D C:\Users\valentin\AppData\Local\Google

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-28 02:28

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Nochmals Danke Die ganze Sache hat noch einen positiven Nebeneffekt. Gute 3 GB an Festplattenspeicher wiederbekommen und unnötige Adware gelöscht.

Eine Frage: Wenn ich Speichermedien im Pc hatte wärend er infiziert war, sind diese ja wahrscheinlich auch infiziert. Nun habe ich alle speichermedien dir bei den operationen nicht an Bord waren einfach formatiert, ich denke doch das ist ok?

Alt 31.07.2013, 08:45   #12
schrauber
/// the machine
/// TB-Ausbilder
 

TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Firefox bitte updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
S3 X6va002; \??\C:\Users\valentin\AppData\Local\Temp\00247D8.tmp [x]
S3 X6va003; \??\C:\Users\valentin\AppData\Local\Temp\00370FC.tmp [x]
S3 X6va005; \??\C:\Users\valentin\AppData\Local\Temp\005261B.tmp [x]
S3 X6va006; \??\C:\Users\valentin\AppData\Local\Temp\006F6FB.tmp [x]
S3 X6va007; \??\C:\Users\valentin\AppData\Local\Temp\007E9B5.tmp [x]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x]
C:\Windows\SysWOW64\Drivers\X6va008
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Speichermedien sollte keine infiziert sein, aber durch formatieren sind sie auf alle Fälle sauber
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.07.2013, 11:11   #13
schizo
 
TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 30-07-2013 03
Ran by valentin at 2013-07-31 12:10:02 Run:1
Running from C:\Users\valentin\Desktop
Boot Mode: Normal
==============================================

X6va002 => Service deleted successfully.
X6va003 => Service deleted successfully.
X6va005 => Service deleted successfully.
X6va006 => Service deleted successfully.
X6va007 => Service deleted successfully.
X6va008 => Service deleted successfully.
"C:\Windows\SysWOW64\Drivers\X6va008" => File/Directory not found.

==== End of Fixlog ====
         

Alt 31.07.2013, 11:56   #14
schrauber
/// the machine
/// TB-Ausbilder
 

TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.


Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.08.2013, 12:28   #15
schizo
 
TubeSaver Virus entfernen - Standard

TubeSaver Virus entfernen



Super, viele vielen Dank nochmal!
Hat alles wunderbar geklappt

Antwort

Themen zu TubeSaver Virus entfernen
avira, beiträge, browser, entfernen, google startseite, malware, morgen, plug-ins, problem, seiten, sichere, trojaner, tube saver, tubesaver, tubesaver virus, virus, virus entfernen, website, werbung



Ähnliche Themen: TubeSaver Virus entfernen


  1. Win 7: Tubesaver-16 entfernen
    Plagegeister aller Art und deren Bekämpfung - 16.04.2014 (7)
  2. Trojanerbefall Tubesaver
    Log-Analyse und Auswertung - 23.11.2013 (10)
  3. Tubesaver - Windows 7 vom gefährlichen Virus befallen
    Plagegeister aller Art und deren Bekämpfung - 04.11.2013 (4)
  4. TubeSaver entfernen
    Anleitungen, FAQs & Links - 28.10.2013 (2)
  5. Trojaner-Tubesaver
    Plagegeister aller Art und deren Bekämpfung - 25.10.2013 (7)
  6. Windows 8: Tubesaver Virus
    Plagegeister aller Art und deren Bekämpfung - 23.10.2013 (7)
  7. Tubesaver
    Plagegeister aller Art und deren Bekämpfung - 10.10.2013 (22)
  8. TubeSaver-Virus, doppelt untersrichene Wörter auf websides die zuPopups werden, viele Popups, Windows XP Professional 32bit
    Plagegeister aller Art und deren Bekämpfung - 10.10.2013 (12)
  9. TubeSaver Virus und DeltaSearch - erfolgreich entfernt?
    Plagegeister aller Art und deren Bekämpfung - 25.09.2013 (9)
  10. WINDOWS 7-32-BIT, TubeSaver VIRUS
    Log-Analyse und Auswertung - 19.09.2013 (9)
  11. Tubesaver Virus
    Log-Analyse und Auswertung - 13.09.2013 (2)
  12. Bei mir ist der TubeSaver am Werk
    Plagegeister aller Art und deren Bekämpfung - 12.09.2013 (15)
  13. TubeSaver hat sich installiert. Virus?
    Plagegeister aller Art und deren Bekämpfung - 03.09.2013 (31)
  14. TubeSaver - wie entfernen? Im Browser sind plötzlich Werbung + unterstrichende Wörter mit Pop-Ups und Links
    Log-Analyse und Auswertung - 28.08.2013 (10)
  15. Tubesaver - auch bei mir
    Plagegeister aller Art und deren Bekämpfung - 26.08.2013 (11)
  16. TubeSaver Virus entfernen
    Plagegeister aller Art und deren Bekämpfung - 17.08.2013 (21)
  17. Tubesaver beseitigrn
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (10)

Zum Thema TubeSaver Virus entfernen - Guten Morgen allerseits! Ich habe seit gestern folgendes Problem: In sämtlichen Browsern öffnete sich plötzlich Werbung (auch z.B auf der eigenen Website und der Google Startseite, wo ich Werbung sicher - TubeSaver Virus entfernen...
Archiv
Du betrachtest: TubeSaver Virus entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.