Zurück   Trojaner-Board > Archiv - Kein Posten möglich > Mülltonne

Mülltonne: Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-)

Windows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne...

 
Alt 26.07.2014, 23:03   #1
fdl
 
Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-) - Standard

Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-)



Hallo liebe Community,

Ich habe mir um ein Video zu konvertieren eine Software heruntergeladen.
Dabei habe ich mir wohl etwas hässliches eingefangen: Trojan.ADH.2
Dieser wurde aber von Norten Internet Secruity blockiert. Ich habe meinen PC mit:
Kaspersky Rescue Disk 10 gescannt,
Norten Internet Secruity Systemscan,
Trojaner Remover.

Bei allen keine Treffer. Danach orientierte ich mich an anderen Posts und habe die folgenden logfiles:
Ich wurde leider nicht schlau aus diesem Log ... Danke an euch im Vorruas!
Addition.txt:
Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Fabian at 2014-07-26 15:18:29
Running from C:\Users\Fabian\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.28 - GIGABYTE)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.70405.2224 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
ArmA 2 Uninstall (HKLM-x32\...\ArmA 2) (Version: - )
Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
AutoGreen B12.0206.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B12.0206.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.2 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye) (Version: - )
Brother MFL-Pro Suite MFC-J4410DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Easy Tune 6 B12.0912.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B12.0912.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software)
Euro Truck Simulator 2 Multiplayer 0.1.0.6 Alpha (HKLM-x32\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.1.0.6 Alpha - ETS2MP Team)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LEGO MINDSTORMS NXT x64 Driver (HKLM\...\{A0831C28-A6FA-49A3-86AE-B5AE3C9EE19C}) (Version: 1.20.115.0 - LEGO)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
ON_OFF Charge B11.1102.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Raptr (HKLM-x32\...\Raptr) (Version: - )
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Sennheiser 3D G4ME1 (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392DDDFB6}) (Version: 1.00.0001 - )
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.22.gf87988f9 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.450.22786 - SteelSeries)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
tools-linux (x32 Version: 9.6.2.1895310 - VMware, Inc.) Hidden
Trojan Remover 6.9.1.2931 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.1.2931 - Simply Super Software)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 4.6 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.3 - VMware, Inc)
VMware Player (Version: 6.0.3 - VMware, Inc.) Hidden
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

24-07-2014 18:27:16 TuneUp Utilities 2014 wird entfernt
24-07-2014 18:27:28 TuneUp Utilities 2014 (de-DE) wird entfernt
24-07-2014 20:05:47 Wiederherstellungsvorgang
24-07-2014 20:10:20 Windows Update
24-07-2014 21:00:51 Windows-Sicherung
24-07-2014 21:13:04 Windows-Sicherung
24-07-2014 21:13:30 Windows-Sicherung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {06378DB5-75C8-4686-8459-0E463CF088AC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {6EEDB9AA-5852-4C46-9A58-7C7F7A1E9B6C} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AD91A856-1EDB-421D-934E-F8E1DC16953D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {C3916164-D57A-4C0F-8DFF-52ADD5C9DD97} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {DEEC0AA6-06B9-4591-8708-F8A80987EB83} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E7D25787-B467-4F3F-8D9D-0575A60AD422} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-06-08 00:44 - 2014-06-15 18:38 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-12 21:40 - 2005-04-22 06:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2012-01-13 14:04 - 2012-01-13 14:04 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
2014-02-11 20:21 - 2014-02-11 20:21 - 00860160 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 01043968 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-02-11 20:21 - 2014-02-11 20:21 - 00052736 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-02-11 20:22 - 2014-02-11 20:22 - 00236032 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-06-28 17:09 - 2013-05-28 16:56 - 00151552 _____ () C:\Windows\system\3DG4me.exe
2014-06-08 10:02 - 2007-09-02 13:58 - 00495616 _____ () D:\Programme\RocketDock\RocketDock.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () D:\Programme\Teamspeak 3\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () D:\Programme\Teamspeak 3\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () D:\Programme\Teamspeak 3\sqldrivers\qsqlite.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00102344 _____ () D:\Programme\Teamspeak 3\soundbackends\directsound_win64.dll
2014-02-28 15:07 - 2014-02-28 15:07 - 00108488 _____ () D:\Programme\Teamspeak 3\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () D:\Programme\Teamspeak 3\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () D:\Programme\Teamspeak 3\imageformats\qjpeg.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00563656 _____ () D:\Programme\Teamspeak 3\plugins\clientquery_plugin.dll
2014-02-28 15:10 - 2014-02-28 15:10 - 00577480 _____ () D:\Programme\Teamspeak 3\plugins\teamspeak_control_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () D:\Programme\Teamspeak 3\accessible\qtaccessiblewidgets.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00504832 _____ () D:\Programme\SteelSeries Engine\SSEngineLib.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 09315328 _____ () D:\Programme\SteelSeries Engine\SSEngineWinGui.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00015872 _____ () D:\Programme\SteelSeries Engine\Localization.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00011264 _____ () D:\Programme\SteelSeries Engine\ISSPlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00011264 _____ () D:\Programme\SteelSeries Engine\Utilities.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00115200 _____ () D:\Programme\SteelSeries Engine\DriverCommunication.dll
2014-05-16 17:57 - 2014-05-16 17:57 - 00047616 _____ () D:\Programme\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00034304 _____ () D:\Programme\SteelSeries Engine\DBUtils.dll
2014-05-16 17:57 - 2014-05-16 17:57 - 01102336 _____ () D:\Programme\SteelSeries Engine\System.Data.SQLite.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00189440 _____ () D:\Programme\SteelSeries Engine\MousePlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00030720 _____ () D:\Programme\SteelSeries Engine\D3MousePlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00031744 _____ () D:\Programme\SteelSeries Engine\KKMousePlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00030720 _____ () D:\Programme\SteelSeries Engine\SRawPlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00159744 _____ () D:\Programme\SteelSeries Engine\MLGSenseiPlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00020992 _____ () D:\Programme\SteelSeries Engine\WoWGoldPlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00030720 _____ () D:\Programme\SteelSeries Engine\GW2MousePlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00029696 _____ () D:\Programme\SteelSeries Engine\CSGOMousePlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00030208 _____ () D:\Programme\SteelSeries Engine\DOTA2MousePlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00023040 _____ () D:\Programme\SteelSeries Engine\WoWWirelessPlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00030720 _____ () D:\Programme\SteelSeries Engine\CODMousePlugin.dll
2014-06-26 20:39 - 2014-06-26 20:39 - 00030208 _____ () D:\Programme\SteelSeries Engine\WoTMousePlugin.dll
2014-05-25 16:18 - 2014-05-25 16:18 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-05-25 16:18 - 2014-05-25 16:18 - 00747192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-05-25 16:18 - 2014-05-25 16:18 - 00022528 _____ () C:\Program Files\Rainmeter\Plugins\InputText.dll
2014-06-07 21:54 - 2012-08-09 12:55 - 00078480 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2014-06-07 21:54 - 2012-08-09 12:55 - 00386192 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00222720 _____ () D:\Programme\Notepad++\NppShell_06.dll
2014-06-12 18:22 - 2014-06-12 18:22 - 01261272 _____ () D:\Programme\VMWare\libxml2.dll
2012-09-07 14:15 - 2012-09-07 14:15 - 02859079 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll
2012-09-07 16:04 - 2012-09-07 16:04 - 00643139 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll
2012-05-22 19:12 - 2012-05-22 19:12 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll
2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll
2012-09-07 15:49 - 2012-09-07 15:49 - 01495108 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll
2011-09-14 17:12 - 2011-09-14 17:12 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll
2012-05-08 15:01 - 2012-05-08 15:01 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll
2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll
2011-03-01 19:00 - 2011-03-01 19:00 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll
2011-10-18 09:26 - 2011-10-18 09:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll
2012-07-13 13:03 - 2012-07-13 13:03 - 00106496 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll
2012-05-07 21:45 - 2012-05-07 21:45 - 01429589 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll
2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll
2010-06-10 15:52 - 2010-06-10 15:52 - 00110592 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 04449632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll
2010-03-12 05:40 - 2010-03-12 05:40 - 00423256 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll
2012-09-03 14:32 - 2012-09-03 14:32 - 00307200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL
2014-06-28 17:09 - 2012-06-06 09:56 - 00143360 _____ () C:\Windows\system\3DG4me.dll
2014-06-08 10:02 - 2007-09-02 13:57 - 00069632 _____ () D:\Programme\RocketDock\RocketDock.dll
2014-06-07 23:42 - 2014-07-12 02:53 - 01116672 _____ () D:\Programme\Steam\libavcodec-55.dll
2014-06-07 23:42 - 2014-07-12 02:53 - 00438784 _____ () D:\Programme\Steam\libavutil-53.dll
2014-06-07 23:42 - 2014-07-12 02:53 - 00399360 _____ () D:\Programme\Steam\libavformat-55.dll
2014-06-07 23:42 - 2014-07-12 02:53 - 00331264 _____ () D:\Programme\Steam\libavresample-1.dll
2014-06-07 23:42 - 2014-06-27 00:40 - 00764416 _____ () D:\Programme\Steam\SDL2.dll
2014-06-07 23:42 - 2014-07-16 04:28 - 02139328 _____ () D:\Programme\Steam\video.dll
2014-06-07 23:42 - 2014-04-29 02:37 - 00519168 _____ () D:\Programme\Steam\libswscale-2.dll
2014-06-07 23:42 - 2014-07-16 04:28 - 01116864 _____ () D:\Programme\Steam\bin\chromehtml.DLL
2014-06-07 23:42 - 2014-05-02 01:35 - 20628160 _____ () D:\Programme\Steam\bin\libcef.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 22:28 - 2012-02-06 22:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 21:01 - 2011-05-10 21:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-06-07 23:51 - 2014-06-07 23:51 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\00a0b4a9df6e4abf30ae2af3624a77ce\IsdiInterop.ni.dll
2014-06-07 21:55 - 2012-02-01 16:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-06-07 21:53 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-06-11 16:57 - 2014-06-11 16:57 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-07-08 19:31 - 2014-07-08 19:31 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Winmgmt => 2
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: Spotify => "C:\Users\Fabian\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/26/2014 03:10:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm NIS.exe, Version 12.11.2.9 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: c24

Startzeit: 01cfa8cc9e274396

Endzeit: 19

Anwendungspfad: C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe

Berichts-ID: 2e2b6a24-14c6-11e4-ad22-005056c00008

Error: (07/26/2014 02:25:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: DUI70.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdf25
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000000010c5
ID des fehlerhaften Prozesses: 0x146c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (07/26/2014 02:25:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: explorer.exe, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: DUI70.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdf25
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000010c5
ID des fehlerhaften Prozesses: 0x146c
Startzeit der fehlerhaften Anwendung: 0xexplorer.exe0
Pfad der fehlerhaften Anwendung: explorer.exe1
Pfad des fehlerhaften Moduls: explorer.exe2
Berichtskennung: explorer.exe3

Error: (07/26/2014 02:25:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c4102
ID des fehlerhaften Prozesses: 0xcd0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (07/26/2014 02:25:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2014 11:37:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2014 00:07:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 11:56:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 08:47:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 02:58:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm NIS.exe, Version 12.11.2.9 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1644

Startzeit: 01cfa801e8151c1d

Endzeit: 20

Anwendungspfad: C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe

Berichts-ID: 53400aeb-13fb-11e4-8283-005056c00008


System errors:
=============
Error: (07/26/2014 02:23:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Sicherheitscenter" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (07/26/2014 02:21:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Sicherheitscenter" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (07/26/2014 02:19:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Sicherheitscenter" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (07/26/2014 02:18:30 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Sicherheitscenter" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (07/26/2014 02:17:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Sicherheitscenter" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (07/26/2014 02:14:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Sicherheitscenter" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (07/26/2014 02:14:58 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Intel(R) Rapid Storage Technology" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (07/26/2014 02:12:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware USB Arbitration Service" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (07/26/2014 02:12:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "VMware Authorization Service" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058

Error: (07/26/2014 02:12:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "IP-Hilfsdienst" ist vom Dienst "Windows-Verwaltungsinstrumentation" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058


Microsoft Office Sessions:
=========================
Error: (07/26/2014 03:10:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: NIS.exe12.11.2.9c2401cfa8cc9e27439619C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe2e2b6a24-14c6-11e4-ad22-005056c00008

Error: (07/26/2014 02:25:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4DUI70.dll6.1.7600.163854a5bdf25c000041d00000000000010c5146c01cfa8ccbb2a2435C:\Windows\explorer.exeC:\Windows\system3 2\DUI70.dllfd67a29b-14bf-11e4-ad22-005056c00008

Error: (07/26/2014 02:25:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4DUI70.dll6.1.7600.163854a5bdf25c000000500000000000010c5146c01cfa8ccbb2a2435C:\Windows\explorer.exeC:\Windows\system3 2\DUI70.dllfba26c59-14bf-11e4-ad22-005056c00008

Error: (07/26/2014 02:25:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102cd001cfa8cc9e32403fC:\Windows\Explorer.EXEC:\Windows\SYSTEM32 \ntdll.dllf58f4fa3-14bf-11e4-ad22-005056c00008

Error: (07/26/2014 02:25:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2014 11:37:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2014 00:07:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 11:56:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 08:47:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2014 02:58:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: NIS.exe12.11.2.9164401cfa801e8151c1d20C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe53400aeb-13fb-11e4-8283-005056c00008


==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 16345.22 MB
Available physical RAM: 12978.61 MB
Total Pagefile: 32688.62 MB
Available Pagefile: 29175.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.24 GB) (Free:46.07 GB) NTFS
Drive d: () (Fixed) (Total:931.41 GB) (Free:581.07 GB) NTFS
Drive f: (ext FP 1 TB Fabian ) (Fixed) (Total:931.51 GB) (Free:266.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: F35CDF81)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 119 GB) (Disk ID: FFAF0188)
Partition 1: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8 GB) - (Type=84)

========================================================
Disk: 2 (Size: 932 GB) (Disk ID: C2AC2C31)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
für die Hilfe !!! Als erste Antwort ist das FRST.txt

Alt 26.07.2014, 23:04   #2
fdl
 
Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-) - Standard

Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-)



Das Frst log:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014 Ran by Fabian (administrator) on FABIAN-PC on 26-07-2014 15:18:11 Running from C:\Users\Fabian\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal    ==================== Processes (Whitelisted) =================  (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)  (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) D:\Programme\VMWare\vmware-authd.exe () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe () C:\Windows\system\3DG4me.exe (Spotify Ltd) C:\Users\Fabian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe () D:\Programme\RocketDock\RocketDock.exe (TeamSpeak Systems GmbH) D:\Programme\Teamspeak 3\ts3client_win64.exe (Valve Corporation) D:\Programme\Steam\Steam.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe (SteelSeries ApS) D:\Programme\SteelSeries Engine\SteelSeriesEngine.exe () C:\Program Files\Rainmeter\Rainmeter.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe   ==================== Registry (Whitelisted) ==================  (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)  HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10396440 2014-04-15] (Logitech Inc.) HKLM\...\Run: [3DG4me] => C:\Windows\System\3DG4me.exe [151552 2013-05-28] () HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation) HKLM-x32\...\Run: [TrojanScanner] => D:\Programme\Trojan Remover\Trjscan.exe [1666432 2014-07-25] (Simply Super Software) HKLM-x32\...\RunOnce: [EasyTuneVI] => C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe [40960 2012-07-09] () HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-3541832501-104971692-278002161-1000\...\Run: [Spotify Web Helper] => C:\Users\Fabian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-06-28] (Spotify Ltd) HKU\S-1-5-21-3541832501-104971692-278002161-1000\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-06-24] (Raptr, Inc) HKU\S-1-5-21-3541832501-104971692-278002161-1000\...\Run: [RocketDock] => D:\Programme\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-3541832501-104971692-278002161-1000\...\Run: [TeamSpeak 3 Client] => D:\Programme\Teamspeak 3\ts3client_win64.exe [10762696 2014-03-12] (TeamSpeak Systems GmbH) HKU\S-1-5-21-3541832501-104971692-278002161-1000\...\Run: [Steam] => D:\Programme\Steam\steam.exe [1753280 2014-07-16] (Valve Corporation) HKU\S-1-5-21-3541832501-104971692-278002161-1000\...\Run: [SteelSeries Engine] => D:\Programme\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-06-26] (SteelSeries ApS) HKU\S-1-5-21-3541832501-104971692-278002161-1000\...\MountPoints2: {1c91139b-ee7c-11e3-b48b-806e6f6e6963} - E:\SETUP.EXE Startup: C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()  ==================== Internet (Whitelisted) ====================  (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)  BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation) BHO: No Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> No File BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation) BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Programme\Java\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Programme\Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Programme\Java\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1  FireFox: ======== FF ProfilePath: C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ofcara1s.default FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL No File FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @esn/npbattlelog,version=2.4.0 - C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 - D:\Programme\Java\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 - D:\Programme\Java\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - D:\PROGRA~1\Office\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - D:\PROGRA~1\Office\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: NoScript - C:\Users\Fabian\AppData\Roaming\Mozilla\Firefox\Profiles\ofcara1s.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-06-08] FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-07-26] FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-07-10]  ==================== Services (Whitelisted) =================  (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)  S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-06-08] () [File not signed] S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-27] (Symantec Corporation) R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-06-10] () R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-15] () S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.) R2 VMAuthdService; D:\Programme\VMWare\vmware-authd.exe [86744 2014-06-12] (VMware, Inc.)  ==================== Drivers (Whitelisted) ====================  (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)  R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21616 2011-11-02] () R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140718.001_e68\BHDrvx64.sys [1530160 2014-07-18] (Symantec Corporation) R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2014-02-21] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-08] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-07-08] (Symantec Corporation) R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-07-26] () R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140725.001\IDSvia64.sys [525016 2014-07-23] (Symantec Corporation) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.) S3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.) R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140725.008\ENG64.SYS [126040 2014-07-24] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140725.008\EX64.SYS [2099288 2014-07-24] (Symantec Corporation) R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [39168 2014-05-27] (SteelSeries Corporation) R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-10-30] (Symantec Corporation) R0 SymDS; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation) R0 SymEFA; C:\Windows\System32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-08] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-10-30] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation) R3 USBADVAU; C:\Windows\System32\drivers\cm11264.sys [1308160 2009-11-25] (C-Media Electronics Inc) R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [32472 2014-06-12] (VMware, Inc.) R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)  ==================== NetSvcs (Whitelisted) ===================  (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)   ==================== One Month Created Files and Folders ========  (If an entry is included in the fixlist, the file\folder will be moved.)  2014-07-26 15:18 - 2014-07-26 15:18 - 00016457 _____ () C:\Users\Fabian\Downloads\FRST.txt 2014-07-26 15:17 - 2014-07-26 15:18 - 00000000 ____D () C:\FRST 2014-07-26 15:16 - 2014-07-26 15:16 - 02093568 _____ (Farbar) C:\Users\Fabian\Downloads\FRST64.exe 2014-07-26 14:47 - 2014-07-26 14:47 - 00002850 _____ () C:\Users\Fabian\Desktop\Behobene Sicherheitsrisiken.txt 2014-07-26 14:38 - 2014-07-26 14:38 - 09612114 _____ () C:\Users\Fabian\Desktop\Behobene Sicherheitsrisiken.mcf 2014-07-26 14:22 - 2014-07-26 14:22 - 00002634 _____ () C:\Users\Fabian\Downloads\Winmgmt.reg 2014-07-26 11:44 - 2014-07-26 14:27 - 00000000 ____D () C:\ProgramData\SecTaskMan 2014-07-26 11:44 - 2014-07-26 11:44 - 00000766 _____ () C:\Users\Fabian\Desktop\Security Task Manager.lnk 2014-07-26 11:44 - 2014-07-26 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager 2014-07-26 11:43 - 2014-07-26 11:43 - 02365840 _____ () C:\Users\Fabian\Downloads\SecurityTaskManager_Setup-1.8g.exe 2014-07-26 11:36 - 2014-03-06 23:53 - 02925760 _____ (Sysinternals - Windows Sysinternals: Documentation, downloads and additional resources) C:\Users\Fabian\Desktop\procexp.exe 2014-07-25 20:54 - 2014-07-25 20:54 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\SteelSeries 2014-07-25 20:54 - 2014-07-25 20:54 - 00000000 ____D () C:\Users\Fabian\AppData\Local\SteelSeries_ApS 2014-07-25 20:53 - 2014-07-25 20:53 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries 2014-07-25 20:53 - 2014-07-25 20:53 - 00000000 ____D () C:\ProgramData\SteelSeries 2014-07-25 20:51 - 2014-07-25 20:52 - 53001320 _____ () C:\Users\Fabian\Downloads\SteelSeriesEngine_2.8.0450.exe 2014-07-25 14:49 - 2014-07-25 14:55 - 412172288 _____ () C:\Users\Fabian\Downloads\kav_rescue_10.iso 2014-07-25 14:09 - 2014-07-25 14:09 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Simply Super Software 2014-07-25 14:06 - 2014-07-26 14:27 - 00000000 ____D () C:\ProgramData\TEMP 2014-07-25 14:06 - 2014-07-25 14:06 - 00000000 ____D () C:\Users\Fabian\Documents\Simply Super Software 2014-07-25 14:06 - 2014-07-25 14:06 - 00000000 ____D () C:\ProgramData\Licenses 2014-07-25 14:04 - 2014-07-25 14:04 - 00000782 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk 2014-07-25 14:04 - 2014-07-25 14:04 - 00000000 ____D () C:\ProgramData\Simply Super Software 2014-07-25 14:04 - 2014-07-25 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover 2014-07-25 14:02 - 2014-07-25 14:02 - 21407864 _____ (Simply Super Software ) C:\Users\Fabian\Downloads\trjsetup690.exe 2014-07-25 13:52 - 2014-07-25 21:02 - 00000776 _____ () C:\Windows\LkmdfCoInst.log 2014-07-25 09:20 - 2014-07-26 14:24 - 00001898 _____ () C:\Windows\setupact.log 2014-07-25 09:20 - 2014-07-25 09:20 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-24 23:31 - 2014-07-25 00:12 - 1017118720 _____ () C:\Users\Fabian\Downloads\ubuntu-14.04-desktop-i386.iso 2014-07-24 23:01 - 2014-07-24 23:01 - 00000038 _____ () C:\Users\Fabian\Desktop\Neues Textdokument.txt 2014-07-24 22:57 - 2014-07-24 23:25 - 1010827264 _____ () C:\Users\Fabian\Downloads\ubuntu-14.04-desktop-amd64.iso 2014-07-24 22:56 - 2014-07-26 14:24 - 00000000 ____D () C:\ProgramData\VMware 2014-07-24 22:56 - 2014-07-25 15:04 - 00000000 ____D () C:\Users\Fabian\AppData\Local\VMware 2014-07-24 22:56 - 2014-07-25 15:03 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\VMware 2014-07-24 22:56 - 2014-07-24 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2014-07-24 22:56 - 2014-07-24 22:56 - 00000000 ____D () C:\Program Files\Common Files\VMware 2014-07-24 22:56 - 2014-06-12 18:23 - 00359128 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe 2014-07-24 22:56 - 2014-06-12 18:23 - 00064728 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys 2014-07-24 22:56 - 2014-06-12 18:22 - 00931032 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll 2014-07-24 22:56 - 2014-06-12 18:22 - 00437976 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe 2014-07-24 22:56 - 2014-06-12 18:22 - 00032472 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMparport.sys 2014-07-24 22:56 - 2014-06-12 18:22 - 00031448 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys 2014-07-24 22:56 - 2014-06-12 18:21 - 00033496 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys 2014-07-24 22:56 - 2014-02-27 18:40 - 00054464 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys 2014-07-24 22:56 - 2013-10-08 18:21 - 00073296 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys 2014-07-24 22:56 - 2013-10-08 18:21 - 00067664 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll 2014-07-24 22:56 - 2013-10-08 18:21 - 00063568 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll 2014-07-24 22:50 - 2014-07-24 22:53 - 98900000 _____ (VMware, Inc.) C:\Users\Fabian\Downloads\VMware-player-6.0.3-1895310.exe 2014-07-24 22:30 - 2014-07-24 22:30 - 03736040 _____ (Piriform Ltd) C:\Users\Fabian\Downloads\ccsetup415_slim.exe 2014-07-24 22:30 - 2014-07-24 22:30 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-07-24 22:30 - 2014-07-24 22:30 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-24 21:50 - 2014-07-24 22:30 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-24 21:50 - 2014-07-24 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-24 21:11 - 2014-07-24 22:27 - 00000000 ____D () C:\NPE 2014-07-24 21:10 - 2014-07-24 22:28 - 00000000 ____D () C:\Users\Fabian\AppData\Local\NPE 2014-07-24 20:37 - 2014-07-24 20:37 - 01243655 _____ () C:\Users\Fabian\Downloads\ProcessExplorer.zip 2014-07-24 20:24 - 2014-07-24 22:06 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-07-24 20:24 - 2014-07-24 20:56 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-07-24 20:24 - 2014-07-24 20:24 - 00000000 ____D () C:\Users\Fabian\AppData\Local\TuneUp Software 2014-07-24 20:22 - 2014-07-24 22:06 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\OpenCandy 2014-07-24 20:20 - 2014-07-24 22:06 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\DVDVideoSoft 2014-07-24 19:28 - 2014-07-24 22:06 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder 2014-07-24 19:28 - 2014-07-24 19:28 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Mediatronic 2014-07-24 14:30 - 2014-07-24 14:30 - 00458649 _____ () C:\Users\Fabian\Downloads\imagetomp3_22632.zip 2014-07-24 14:09 - 2014-07-24 14:09 - 00000000 ____D () C:\ProgramData\Ashampoo 2014-07-24 14:01 - 2014-07-24 14:01 - 04264137 _____ () C:\Users\Fabian\Downloads\acfpc71.zip 2014-07-24 13:52 - 2014-07-24 13:52 - 05001832 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part5.rar 2014-07-24 13:48 - 2014-07-24 13:52 - 208666624 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part4.rar 2014-07-24 13:43 - 2014-07-24 13:47 - 208666624 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part3.rar 2014-07-24 13:39 - 2014-07-24 13:42 - 208666624 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part2.rar 2014-07-24 13:34 - 2014-07-24 13:38 - 208666624 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part1.rar 2014-07-24 13:10 - 2014-07-24 13:10 - 00000000 ____D () C:\Users\Fabian\AppData\Local\CyberGhost 2014-07-24 13:09 - 2014-07-24 22:06 - 00000000 ____D () C:\Program Files\TAP-Windows 2014-07-24 13:09 - 2014-07-24 22:06 - 00000000 ____D () C:\Program Files\CyberGhost 5 2014-07-23 22:45 - 2014-07-23 22:46 - 40153667 _____ () C:\Users\Fabian\Downloads\BladeSlapSND-v11.zip 2014-07-23 21:43 - 2014-07-23 21:45 - 44357952 _____ () C:\Users\Fabian\Downloads\Zeppelin_NT_FSX.zip 2014-07-23 21:42 - 2014-07-23 21:49 - 282762749 _____ () C:\Users\Fabian\Downloads\H_S_Design_EC135_X.zip 2014-07-22 16:07 - 2014-07-22 16:08 - 45031920 _____ () C:\Users\Fabian\Downloads\HC075DI_AS332L2_FSX_ACCELERATION.zip 2014-07-21 23:25 - 2014-07-21 23:25 - 00000000 ____D () C:\ProgramData\newrestore 2014-07-21 23:24 - 2014-07-21 23:24 - 00000000 ____D () C:\ProgramData\logsaver 2014-07-21 23:23 - 2014-07-21 23:23 - 00000000 ____D () C:\ProgramData\managecapsule 2014-07-21 18:52 - 2014-07-21 18:52 - 00000000 ____D () C:\ProgramData\newbackup 2014-07-21 18:52 - 2014-07-21 18:52 - 00000000 ____D () C:\ProgramData\launcher 2014-07-21 18:52 - 2014-07-21 18:52 - 00000000 ____D () C:\ProgramData\ibackupvhd 2014-07-21 18:51 - 2014-07-21 18:51 - 00000000 ____D () C:\ProgramData\rmbwizard 2014-07-21 18:49 - 2014-07-21 18:49 - 00000000 ____D () C:\ProgramData\explauncher 2014-07-21 17:53 - 2014-07-21 17:56 - 156439928 _____ () C:\Users\Fabian\Downloads\FSX Concorde 2011 FULL collection.zip 2014-07-21 17:33 - 2014-07-21 17:35 - 18635685 _____ () C:\Users\Fabian\Downloads\edgley_optica_fsx_p3d.zip 2014-07-21 17:26 - 2014-07-21 17:30 - 24181036 _____ () C:\Users\Fabian\Downloads\fsnd_citationx_ultra_package_fsx_p3d.zip 2014-07-21 17:20 - 2014-07-21 17:22 - 12016313 _____ () C:\Users\Fabian\Downloads\bombardier_canadair_cl-215_v3.0x_fsx_p3d.zip 2014-07-21 17:17 - 2014-07-21 17:20 - 22743374 _____ () C:\Users\Fabian\Downloads\icon_aircraft_a5_fsx_sp2_acc_p3d.zip 2014-07-21 17:04 - 2014-07-21 17:16 - 83022300 _____ () C:\Users\Fabian\Downloads\raf_hawker_siddeley_nimrod_package_for_fsx.zip 2014-07-21 16:45 - 2014-07-21 17:04 - 127624268 _____ () C:\Users\Fabian\Downloads\lufthansa_pack_fsx_p3d.zip 2014-07-21 16:43 - 2014-07-21 16:45 - 11509540 _____ () C:\Users\Fabian\Downloads\northrop_b-2a_spirit_alphasim_fsx_p3d.zip 2014-07-21 16:36 - 2014-07-21 17:39 - 00000000 ____D () C:\ProgramData\InstallMate 2014-07-21 16:35 - 2014-07-21 16:41 - 43827756 _____ () C:\Users\Fabian\Downloads\hughes_oh-6_series_fsx.zip 2014-07-21 16:26 - 2014-07-21 16:34 - 52576126 _____ () C:\Users\Fabian\Downloads\enstrom_280fx_fsx.zip 2014-07-21 16:24 - 2014-07-21 16:26 - 15873135 _____ () C:\Users\Fabian\Downloads\ukmil_boeing_chinook_hc2_fsx_p3d.zip 2014-07-21 15:36 - 2014-07-24 22:06 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons 2014-07-21 15:31 - 2014-07-21 15:35 - 28344613 _____ () C:\Users\Fabian\Downloads\tom_airbus_a300-beluga_fsx.zip 2014-07-21 12:31 - 2014-07-21 12:31 - 16573534 _____ () C:\Users\Fabian\Downloads\Piaggio P-180 Avanti.zip 2014-07-21 12:29 - 2014-07-21 12:30 - 26477706 _____ () C:\Users\Fabian\Downloads\Antonov AN-124.zip 2014-07-21 12:19 - 2014-07-21 12:19 - 27097674 _____ () C:\Users\Fabian\Downloads\dhc8-q400_x.zip 2014-07-21 12:11 - 2014-07-21 12:11 - 03042305 _____ () C:\Users\Fabian\Downloads\Bombardier Dash 8-Q400 Qantas Link.zip 2014-07-21 12:10 - 2014-07-21 12:11 - 21014993 _____ () C:\Users\Fabian\Downloads\Bombardier Dash 8-Q400 Basepack.zip 2014-07-20 21:30 - 2014-07-20 21:31 - 00166078 _____ () C:\Users\Fabian\Downloads\FPS_Limiter_0.2.rar 2014-07-20 21:10 - 2014-07-20 21:13 - 174078464 _____ () C:\Users\Fabian\Downloads\fsx_sp2_DEU.msi 2014-07-20 16:02 - 2014-07-20 16:03 - 09006434 _____ () C:\Users\Fabian\Downloads\texture.sunexpress.zip 2014-07-20 12:57 - 2014-07-20 13:11 - 18273643 _____ () C:\Users\Fabian\Downloads\B737-500Lufthansa.zip 2014-07-20 12:56 - 2014-07-20 13:01 - 14699938 _____ () C:\Users\Fabian\Downloads\a321.zip 2014-07-19 14:36 - 2014-07-19 14:37 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Ubisoft Game Launcher 2014-07-19 14:36 - 2014-07-19 14:36 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-07-19 14:35 - 2014-07-19 14:36 - 61513304 _____ (Ubisoft) C:\Users\Fabian\Downloads\UplayInstaller.exe 2014-07-19 14:31 - 2014-07-19 15:09 - 113183445 _____ () C:\Users\Fabian\Downloads\dlh737-700-FSX.zip 2014-07-19 14:00 - 2014-07-19 14:00 - 01099187 _____ () C:\Users\Fabian\Downloads\3repaints-SpruceGoose.zip 2014-07-19 13:56 - 2014-07-19 13:59 - 230008963 _____ () C:\Users\Fabian\Downloads\ACJ_AirbusA380MegaPackage.zip 2014-07-19 13:33 - 2014-07-19 13:33 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Microsoft Game Studios 2014-07-19 13:25 - 2014-07-23 16:29 - 00000000 ____D () C:\Users\Fabian\Documents\Flight Simulator X-Dateien 2014-07-19 12:49 - 2014-07-19 12:49 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-07-18 16:25 - 2014-07-18 16:25 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security 2014-07-17 20:03 - 2014-07-17 20:03 - 00004251 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-17 20:03 - 2014-07-17 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-17 19:20 - 2014-07-17 19:20 - 00000000 ____D () C:\ProgramData\Riot Games 2014-07-15 20:53 - 2014-07-15 21:10 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Temporary Projects 2014-07-15 20:52 - 2014-07-15 20:53 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Deployment 2014-07-15 20:52 - 2014-07-15 20:52 - 00343896 _____ () C:\Users\Fabian\Downloads\publish.7z 2014-07-15 20:52 - 2014-07-15 20:52 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Apps\2.0 2014-07-15 20:38 - 2014-07-15 20:38 - 00008377 _____ () C:\Users\Fabian\AppData\Local\recently-used.xbel 2014-07-15 20:13 - 2014-07-24 22:06 - 00000000 ____D () C:\Users\Fabian\Desktop\Angebot 2014-07-15 19:35 - 2014-07-15 19:35 - 00000000 ____D () C:\Windows\system32\RsFx 2014-07-15 19:35 - 2009-07-21 02:42 - 00111640 _____ (Microsoft Corporation) C:\Windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll 2014-07-15 19:35 - 2009-07-21 02:42 - 00079896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-MSSQL$SQLEXPRESS-sqlctr10.1.2531.0.dll 2014-07-15 19:35 - 2009-07-21 02:42 - 00078872 _____ (Microsoft Corporation) C:\Windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2014-07-15 19:35 - 2009-07-21 02:42 - 00050200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll 2014-07-15 19:34 - 2014-07-15 19:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 2014-07-15 19:34 - 2014-07-15 19:35 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\1033 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\1031 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Windows\system32\1033 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Windows\system32\1031 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 9.0 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0 2014-07-14 22:30 - 2014-07-14 22:30 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\AntMe 2014-07-14 22:30 - 2014-07-14 22:30 - 00000000 ____D () C:\Users\Fabian\AppData\Local\AntMe!_Ltd 2014-07-14 22:24 - 2014-07-24 22:06 - 00000000 ____D () C:\Users\Fabian\Desktop\Website [HTML,CSS] 2014-07-14 22:24 - 2014-07-24 22:06 - 00000000 ____D () C:\Users\Fabian\Desktop\Taschenrechner 2 2014-07-14 22:23 - 2014-07-24 22:06 - 00000000 ____D () C:\Users\Fabian\Desktop\C# 2014-07-14 22:23 - 2014-07-15 19:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-07-14 22:23 - 2014-07-14 22:23 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services 2014-07-14 22:23 - 2014-07-14 22:23 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-07-14 22:23 - 2014-07-14 22:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services 2014-07-14 22:23 - 2014-07-14 22:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-07-14 22:22 - 2014-07-15 20:51 - 00000000 ____D () C:\Users\Fabian\Documents\Visual Studio 2010 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\Windows\symbols 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-07-14 22:13 - 2014-07-14 22:13 - 03277648 _____ (Microsoft Corporation) C:\Users\Fabian\Downloads\vcRaute_web.exe 2014-07-14 22:12 - 2014-07-14 22:12 - 02182278 _____ () C:\Users\Fabian\Downloads\C#.7z 2014-07-14 22:12 - 2014-07-14 22:12 - 01754045 _____ () C:\Users\Fabian\Downloads\Website [HTML,CSS].7z 2014-07-14 22:12 - 2014-07-14 22:12 - 00023090 _____ () C:\Users\Fabian\Downloads\Taschenrechner 2.7z 2014-07-13 14:22 - 2014-07-13 14:22 - 00000678 _____ () C:\Users\Public\Desktop\PDFCreator.lnk 2014-07-13 14:22 - 2014-07-13 14:22 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\pdfforge 2014-07-13 14:22 - 2014-07-13 14:22 - 00000000 ____D () C:\ProgramData\PDF Architect 2 2014-07-13 14:22 - 2014-07-13 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2014-07-13 14:22 - 2014-04-25 17:44 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX 2014-07-13 14:22 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX 2014-07-13 14:22 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll 2014-07-13 14:22 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL 2014-07-13 14:22 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL 2014-07-13 14:22 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL 2014-07-13 14:22 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL 2014-07-13 14:20 - 2014-07-21 23:20 - 00000000 ____D () C:\Users\Fabian\Desktop\Bewerbungen+Lebensläufe Nach der Schule 2014-07-13 14:20 - 2014-07-13 14:21 - 27843432 _____ (pdfforge ) C:\Users\Fabian\Downloads\PDFCreator-1_7_3_setup.exe 2014-07-10 22:34 - 2014-07-18 17:43 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\SpinTires 2014-07-10 22:34 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-10 22:34 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-10 22:34 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-10 22:34 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-10 22:34 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-10 22:34 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-10 22:34 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-10 22:34 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-10 22:34 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-10 22:34 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-10 22:34 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-10 22:34 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-10 22:34 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-10 22:34 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-10 22:34 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-10 22:34 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-10 22:34 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-10 22:34 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-10 22:34 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-10 22:34 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-10 22:34 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-10 22:34 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-10 22:34 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-10 22:34 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-10 22:34 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-10 22:34 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-10 22:34 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-10 22:34 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-10 22:34 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-10 22:34 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-10 22:34 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-10 22:34 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-10 22:34 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-10 22:34 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-10 22:34 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-10 22:34 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-10 22:34 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-10 22:34 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-10 22:34 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-10 22:34 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-10 22:34 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-10 22:34 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-10 22:34 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-10 22:34 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-10 22:34 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-10 22:34 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-10 22:34 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-10 22:34 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-10 22:34 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-10 22:34 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-10 22:34 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-10 22:34 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-10 22:34 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-10 22:34 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-10 22:34 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-10 22:34 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-10 22:34 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-10 22:34 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-10 22:34 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-10 22:34 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-10 22:34 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-10 22:34 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-10 22:34 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-10 22:34 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-10 22:34 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-10 22:34 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-10 22:34 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-10 22:34 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-10 22:34 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-10 22:34 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-10 22:34 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-10 22:34 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-10 22:34 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-10 22:34 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-10 22:34 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-10 22:34 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-10 22:34 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-10 22:34 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-10 22:34 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-10 22:34 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-10 22:34 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-10 22:22 - 2014-07-18 16:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security 2014-07-08 20:02 - 2014-07-18 16:20 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk 2014-07-08 19:31 - 2014-07-08 19:31 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-07-05 23:00 - 2014-07-15 20:38 - 00000000 ____D () C:\Users\Fabian\AppData\Local\gtk-2.0 2014-07-05 21:58 - 2014-07-15 20:38 - 00000000 ____D () C:\Users\Fabian\.gimp-2.8 2014-07-05 21:58 - 2014-07-05 21:58 - 00000000 ____D () C:\Users\Fabian\AppData\Local\gegl-0.2 2014-07-05 21:58 - 2014-07-05 21:58 - 00000000 ____D () C:\Users\Fabian\.thumbnails 2014-07-05 14:11 - 2014-07-05 14:11 - 00000736 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2014-07-05 14:07 - 2014-07-05 14:09 - 90396104 _____ (The GIMP Team ) C:\Users\Fabian\Downloads\gimp-2.8.10-setup.exe 2014-07-04 22:43 - 2014-07-04 22:43 - 00000000 ____H () C:\Users\Fabian\Documents\Default.rdp 2014-07-02 19:22 - 2014-07-02 19:22 - 00000000 ____D () C:\Users\Fabian\Documents\SniperEliteV2_Benchmark 2014-07-01 18:37 - 2014-07-01 18:37 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\TERA 2014-07-01 18:37 - 2014-07-01 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA 2014-07-01 18:35 - 2014-07-01 18:35 - 15366160 _____ (Gameforge Productions GmbH ) C:\Users\Fabian\Downloads\TERASetup.exe 2014-06-30 16:36 - 2014-06-30 16:38 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Notepad++ 2014-06-30 16:36 - 2014-06-30 16:36 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2014-06-30 16:36 - 2014-06-30 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2014-06-30 16:35 - 2014-06-30 16:35 - 07674224 _____ () C:\Users\Fabian\Downloads\npp.6.6.7.Installer.exe 2014-06-29 18:03 - 2014-06-29 18:03 - 00004932 _____ () C:\Users\Fabian\Downloads\bibanator_csgo_gaming_cfg_13-06-2014.rar 2014-06-28 17:09 - 2014-06-28 17:09 - 00000286 _____ () C:\Windows\Cm112.ini.imi 2014-06-28 17:09 - 2014-06-28 17:09 - 00000235 _____ () C:\Windows\system\Cm112.ini 2014-06-28 17:09 - 2014-06-28 17:09 - 00000185 _____ () C:\Windows\Cm112.ini.cfl 2014-06-28 17:09 - 2014-06-28 17:09 - 00000137 _____ () C:\Windows\system\Dlap.pfx 2014-06-28 17:09 - 2013-05-28 16:56 - 00151552 _____ () C:\Windows\system\3DG4me.exe 2014-06-28 17:09 - 2012-06-06 09:56 - 00143360 _____ () C:\Windows\system\3DG4me.dll 2014-06-28 17:09 - 2012-01-31 10:26 - 00122096 _____ (HID Dll) C:\Windows\system\CM_HID3.dll 2014-06-28 17:09 - 2010-03-23 14:33 - 00001198 _____ () C:\Windows\Cm112.ini.cfg 2014-06-28 17:09 - 2009-12-15 13:58 - 00000678 _____ () C:\Windows\cm112.ini 2014-06-28 17:09 - 2009-07-07 12:02 - 00779776 _____ () C:\Windows\system32\Cmeau112.exe 2014-06-28 17:09 - 2009-04-08 14:22 - 00354304 _____ () C:\Windows\system32\CmiInstallResAll64.dll 2014-06-28 17:09 - 2007-10-22 14:18 - 00004608 ___SH () C:\Windows\Thumbs.db 2014-06-28 17:08 - 2014-06-28 17:08 - 16873491 _____ () C:\Users\Fabian\Downloads\3D_G4ME_1_Driver_V1_4.zip  ==================== One Month Modified Files and Folders =======  (If an entry is included in the fixlist, the file\folder will be moved.)  2014-07-26 15:18 - 2014-07-26 15:18 - 00016457 _____ () C:\Users\Fabian\Downloads\FRST.txt 2014-07-26 15:18 - 2014-07-26 15:17 - 00000000 ____D () C:\FRST 2014-07-26 15:16 - 2014-07-26 15:16 - 02093568 _____ (Farbar) C:\Users\Fabian\Downloads\FRST64.exe 2014-07-26 15:08 - 2014-06-07 21:49 - 01159163 _____ () C:\Windows\WindowsUpdate.log 2014-07-26 14:47 - 2014-07-26 14:47 - 00002850 _____ () C:\Users\Fabian\Desktop\Behobene Sicherheitsrisiken.txt 2014-07-26 14:38 - 2014-07-26 14:38 - 09612114 _____ () C:\Users\Fabian\Desktop\Behobene Sicherheitsrisiken.mcf 2014-07-26 14:32 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-26 14:32 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-26 14:31 - 2014-06-08 00:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-26 14:30 - 2011-04-12 09:43 - 00768310 _____ () C:\Windows\system32\perfh007.dat 2014-07-26 14:30 - 2011-04-12 09:43 - 00176066 _____ () C:\Windows\system32\perfc007.dat 2014-07-26 14:30 - 2009-07-14 07:13 - 01815616 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-26 14:28 - 2014-06-08 00:53 - 00000000 ____D () C:\Program Files (x86)\Raptr 2014-07-26 14:27 - 2014-07-26 11:44 - 00000000 ____D () C:\ProgramData\SecTaskMan 2014-07-26 14:27 - 2014-07-25 14:06 - 00000000 ____D () C:\ProgramData\TEMP 2014-07-26 14:25 - 2014-06-09 13:27 - 00000004 _____ () C:\Windows\SysWOW64\GVTunner.ref 2014-07-26 14:25 - 2014-06-08 10:30 - 00000000 ____D () C:\Users\Fabian\AppData\Local\CrashDumps 2014-07-26 14:25 - 2014-06-08 00:53 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Raptr 2014-07-26 14:25 - 2014-06-07 23:41 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\TS3Client 2014-07-26 14:25 - 2014-06-07 23:28 - 00030528 _____ () C:\Windows\GVTDrv64.sys 2014-07-26 14:25 - 2014-06-07 23:28 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys 2014-07-26 14:24 - 2014-07-25 09:20 - 00001898 _____ () C:\Windows\setupact.log 2014-07-26 14:24 - 2014-07-24 22:56 - 00000000 ____D () C:\ProgramData\VMware 2014-07-26 14:24 - 2014-06-07 22:31 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs 2014-07-26 14:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-26 14:22 - 2014-07-26 14:22 - 00002634 _____ () C:\Users\Fabian\Downloads\Winmgmt.reg 2014-07-26 11:44 - 2014-07-26 11:44 - 00000766 _____ () C:\Users\Fabian\Desktop\Security Task Manager.lnk 2014-07-26 11:44 - 2014-07-26 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager 2014-07-26 11:43 - 2014-07-26 11:43 - 02365840 _____ () C:\Users\Fabian\Downloads\SecurityTaskManager_Setup-1.8g.exe 2014-07-25 21:02 - 2014-07-25 13:52 - 00000776 _____ () C:\Windows\LkmdfCoInst.log 2014-07-25 21:02 - 2014-06-08 00:27 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2014-07-25 20:54 - 2014-07-25 20:54 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\SteelSeries 2014-07-25 20:54 - 2014-07-25 20:54 - 00000000 ____D () C:\Users\Fabian\AppData\Local\SteelSeries_ApS 2014-07-25 20:53 - 2014-07-25 20:53 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries 2014-07-25 20:53 - 2014-07-25 20:53 - 00000000 ____D () C:\ProgramData\SteelSeries 2014-07-25 20:52 - 2014-07-25 20:51 - 53001320 _____ () C:\Users\Fabian\Downloads\SteelSeriesEngine_2.8.0450.exe 2014-07-25 20:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-25 15:04 - 2014-07-24 22:56 - 00000000 ____D () C:\Users\Fabian\AppData\Local\VMware 2014-07-25 15:03 - 2014-07-24 22:56 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\VMware 2014-07-25 14:55 - 2014-07-25 14:49 - 412172288 _____ () C:\Users\Fabian\Downloads\kav_rescue_10.iso 2014-07-25 14:09 - 2014-07-25 14:09 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Simply Super Software 2014-07-25 14:06 - 2014-07-25 14:06 - 00000000 ____D () C:\Users\Fabian\Documents\Simply Super Software 2014-07-25 14:06 - 2014-07-25 14:06 - 00000000 ____D () C:\ProgramData\Licenses 2014-07-25 14:04 - 2014-07-25 14:04 - 00000782 _____ () C:\Users\Public\Desktop\Trojan Remover.lnk 2014-07-25 14:04 - 2014-07-25 14:04 - 00000000 ____D () C:\ProgramData\Simply Super Software 2014-07-25 14:04 - 2014-07-25 14:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover 2014-07-25 14:02 - 2014-07-25 14:02 - 21407864 _____ (Simply Super Software ) C:\Users\Fabian\Downloads\trjsetup690.exe 2014-07-25 09:20 - 2014-07-25 09:20 - 00000000 _____ () C:\Windows\setuperr.log 2014-07-25 00:12 - 2014-07-24 23:31 - 1017118720 _____ () C:\Users\Fabian\Downloads\ubuntu-14.04-desktop-i386.iso 2014-07-24 23:25 - 2014-07-24 22:57 - 1010827264 _____ () C:\Users\Fabian\Downloads\ubuntu-14.04-desktop-amd64.iso 2014-07-24 23:01 - 2014-07-24 23:01 - 00000038 _____ () C:\Users\Fabian\Desktop\Neues Textdokument.txt 2014-07-24 22:56 - 2014-07-24 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2014-07-24 22:56 - 2014-07-24 22:56 - 00000000 ____D () C:\Program Files\Common Files\VMware 2014-07-24 22:56 - 2014-06-07 21:53 - 01835572 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-07-24 22:53 - 2014-07-24 22:50 - 98900000 _____ (VMware, Inc.) C:\Users\Fabian\Downloads\VMware-player-6.0.3-1895310.exe 2014-07-24 22:30 - 2014-07-24 22:30 - 03736040 _____ (Piriform Ltd) C:\Users\Fabian\Downloads\ccsetup415_slim.exe 2014-07-24 22:30 - 2014-07-24 22:30 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-07-24 22:30 - 2014-07-24 22:30 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-07-24 22:30 - 2014-07-24 21:50 - 00000000 ____D () C:\Program Files\CCleaner 2014-07-24 22:28 - 2014-07-24 21:10 - 00000000 ____D () C:\Users\Fabian\AppData\Local\NPE 2014-07-24 22:27 - 2014-07-24 21:11 - 00000000 ____D () C:\NPE 2014-07-24 22:06 - 2014-07-24 20:24 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2014-07-24 22:06 - 2014-07-24 20:22 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\OpenCandy 2014-07-24 22:06 - 2014-07-24 20:20 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\DVDVideoSoft 2014-07-24 22:06 - 2014-07-24 19:28 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaCoder 2014-07-24 22:06 - 2014-07-24 13:09 - 00000000 ____D () C:\Program Files\TAP-Windows 2014-07-24 22:06 - 2014-07-24 13:09 - 00000000 ____D () C:\Program Files\CyberGhost 5 2014-07-24 22:06 - 2014-07-21 15:36 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rikoooo Add-ons 2014-07-24 22:06 - 2014-07-15 20:13 - 00000000 ____D () C:\Users\Fabian\Desktop\Angebot 2014-07-24 22:06 - 2014-07-14 22:24 - 00000000 ____D () C:\Users\Fabian\Desktop\Website [HTML,CSS] 2014-07-24 22:06 - 2014-07-14 22:24 - 00000000 ____D () C:\Users\Fabian\Desktop\Taschenrechner 2 2014-07-24 22:06 - 2014-07-14 22:23 - 00000000 ____D () C:\Users\Fabian\Desktop\C# 2014-07-24 22:06 - 2014-06-18 16:26 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Rainmeter 2014-07-24 22:06 - 2014-06-12 21:10 - 00000000 __RHD () C:\MSOCache 2014-07-24 22:06 - 2014-06-08 00:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4 2014-07-24 22:06 - 2014-06-07 23:43 - 00000000 ____D () C:\ProgramData\Origin 2014-07-24 22:06 - 2014-06-07 23:32 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Mozilla 2014-07-24 22:06 - 2014-06-07 22:12 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Microsoft Help 2014-07-24 22:06 - 2014-06-07 22:00 - 00000000 ____D () C:\ProgramData\Norton 2014-07-24 22:06 - 2014-06-07 21:49 - 00000000 ____D () C:\Users\Fabian 2014-07-24 22:06 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-07-24 22:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-24 21:51 - 2014-06-07 22:44 - 00000000 ____D () C:\Windows\Panther 2014-07-24 21:50 - 2014-07-24 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-07-24 20:56 - 2014-07-24 20:24 - 00000000 ____D () C:\ProgramData\TuneUp Software 2014-07-24 20:37 - 2014-07-24 20:37 - 01243655 _____ () C:\Users\Fabian\Downloads\ProcessExplorer.zip 2014-07-24 20:24 - 2014-07-24 20:24 - 00000000 ____D () C:\Users\Fabian\AppData\Local\TuneUp Software 2014-07-24 19:28 - 2014-07-24 19:28 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Mediatronic 2014-07-24 14:30 - 2014-07-24 14:30 - 00458649 _____ () C:\Users\Fabian\Downloads\imagetomp3_22632.zip 2014-07-24 14:09 - 2014-07-24 14:09 - 00000000 ____D () C:\ProgramData\Ashampoo 2014-07-24 14:01 - 2014-07-24 14:01 - 04264137 _____ () C:\Users\Fabian\Downloads\acfpc71.zip 2014-07-24 13:52 - 2014-07-24 13:52 - 05001832 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part5.rar 2014-07-24 13:52 - 2014-07-24 13:48 - 208666624 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part4.rar 2014-07-24 13:47 - 2014-07-24 13:43 - 208666624 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part3.rar 2014-07-24 13:42 - 2014-07-24 13:39 - 208666624 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part2.rar 2014-07-24 13:38 - 2014-07-24 13:34 - 208666624 _____ () C:\Users\Fabian\Downloads\German_TOP100_Single_Charts_28_07_2014-NoGroup.part1.rar 2014-07-24 13:10 - 2014-07-24 13:10 - 00000000 ____D () C:\Users\Fabian\AppData\Local\CyberGhost 2014-07-24 13:10 - 2014-06-07 21:49 - 00000000 ____D () C:\Users\Fabian\AppData\Local\VirtualStore 2014-07-23 22:46 - 2014-07-23 22:45 - 40153667 _____ () C:\Users\Fabian\Downloads\BladeSlapSND-v11.zip 2014-07-23 21:49 - 2014-07-23 21:42 - 282762749 _____ () C:\Users\Fabian\Downloads\H_S_Design_EC135_X.zip 2014-07-23 21:45 - 2014-07-23 21:43 - 44357952 _____ () C:\Users\Fabian\Downloads\Zeppelin_NT_FSX.zip 2014-07-23 16:29 - 2014-07-19 13:25 - 00000000 ____D () C:\Users\Fabian\Documents\Flight Simulator X-Dateien 2014-07-22 16:08 - 2014-07-22 16:07 - 45031920 _____ () C:\Users\Fabian\Downloads\HC075DI_AS332L2_FSX_ACCELERATION.zip 2014-07-21 23:25 - 2014-07-21 23:25 - 00000000 ____D () C:\ProgramData\newrestore 2014-07-21 23:24 - 2014-07-21 23:24 - 00000000 ____D () C:\ProgramData\logsaver 2014-07-21 23:23 - 2014-07-21 23:23 - 00000000 ____D () C:\ProgramData\managecapsule 2014-07-21 23:20 - 2014-07-13 14:20 - 00000000 ____D () C:\Users\Fabian\Desktop\Bewerbungen+Lebensläufe Nach der Schule 2014-07-21 18:52 - 2014-07-21 18:52 - 00000000 ____D () C:\ProgramData\newbackup 2014-07-21 18:52 - 2014-07-21 18:52 - 00000000 ____D () C:\ProgramData\launcher 2014-07-21 18:52 - 2014-07-21 18:52 - 00000000 ____D () C:\ProgramData\ibackupvhd 2014-07-21 18:51 - 2014-07-21 18:51 - 00000000 ____D () C:\ProgramData\rmbwizard 2014-07-21 18:49 - 2014-07-21 18:49 - 00000000 ____D () C:\ProgramData\explauncher 2014-07-21 17:56 - 2014-07-21 17:53 - 156439928 _____ () C:\Users\Fabian\Downloads\FSX Concorde 2011 FULL collection.zip 2014-07-21 17:39 - 2014-07-21 16:36 - 00000000 ____D () C:\ProgramData\InstallMate 2014-07-21 17:35 - 2014-07-21 17:33 - 18635685 _____ () C:\Users\Fabian\Downloads\edgley_optica_fsx_p3d.zip 2014-07-21 17:30 - 2014-07-21 17:26 - 24181036 _____ () C:\Users\Fabian\Downloads\fsnd_citationx_ultra_package_fsx_p3d.zip 2014-07-21 17:22 - 2014-07-21 17:20 - 12016313 _____ () C:\Users\Fabian\Downloads\bombardier_canadair_cl-215_v3.0x_fsx_p3d.zip 2014-07-21 17:20 - 2014-07-21 17:17 - 22743374 _____ () C:\Users\Fabian\Downloads\icon_aircraft_a5_fsx_sp2_acc_p3d.zip 2014-07-21 17:16 - 2014-07-21 17:04 - 83022300 _____ () C:\Users\Fabian\Downloads\raf_hawker_siddeley_nimrod_package_for_fsx.zip 2014-07-21 17:04 - 2014-07-21 16:45 - 127624268 _____ () C:\Users\Fabian\Downloads\lufthansa_pack_fsx_p3d.zip 2014-07-21 16:45 - 2014-07-21 16:43 - 11509540 _____ () C:\Users\Fabian\Downloads\northrop_b-2a_spirit_alphasim_fsx_p3d.zip 2014-07-21 16:41 - 2014-07-21 16:35 - 43827756 _____ () C:\Users\Fabian\Downloads\hughes_oh-6_series_fsx.zip 2014-07-21 16:34 - 2014-07-21 16:26 - 52576126 _____ () C:\Users\Fabian\Downloads\enstrom_280fx_fsx.zip 2014-07-21 16:26 - 2014-07-21 16:24 - 15873135 _____ () C:\Users\Fabian\Downloads\ukmil_boeing_chinook_hc2_fsx_p3d.zip 2014-07-21 15:35 - 2014-07-21 15:31 - 28344613 _____ () C:\Users\Fabian\Downloads\tom_airbus_a300-beluga_fsx.zip 2014-07-21 12:31 - 2014-07-21 12:31 - 16573534 _____ () C:\Users\Fabian\Downloads\Piaggio P-180 Avanti.zip 2014-07-21 12:30 - 2014-07-21 12:29 - 26477706 _____ () C:\Users\Fabian\Downloads\Antonov AN-124.zip 2014-07-21 12:19 - 2014-07-21 12:19 - 27097674 _____ () C:\Users\Fabian\Downloads\dhc8-q400_x.zip 2014-07-21 12:11 - 2014-07-21 12:11 - 03042305 _____ () C:\Users\Fabian\Downloads\Bombardier Dash 8-Q400 Qantas Link.zip 2014-07-21 12:11 - 2014-07-21 12:10 - 21014993 _____ () C:\Users\Fabian\Downloads\Bombardier Dash 8-Q400 Basepack.zip 2014-07-20 21:31 - 2014-07-20 21:30 - 00166078 _____ () C:\Users\Fabian\Downloads\FPS_Limiter_0.2.rar 2014-07-20 21:13 - 2014-07-20 21:10 - 174078464 _____ () C:\Users\Fabian\Downloads\fsx_sp2_DEU.msi 2014-07-20 16:03 - 2014-07-20 16:02 - 09006434 _____ () C:\Users\Fabian\Downloads\texture.sunexpress.zip 2014-07-20 13:11 - 2014-07-20 12:57 - 18273643 _____ () C:\Users\Fabian\Downloads\B737-500Lufthansa.zip 2014-07-20 13:01 - 2014-07-20 12:56 - 14699938 _____ () C:\Users\Fabian\Downloads\a321.zip 2014-07-20 12:45 - 2009-07-14 06:45 - 00420568 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-19 15:09 - 2014-07-19 14:31 - 113183445 _____ () C:\Users\Fabian\Downloads\dlh737-700-FSX.zip 2014-07-19 14:37 - 2014-07-19 14:36 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Ubisoft Game Launcher 2014-07-19 14:36 - 2014-07-19 14:36 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-07-19 14:36 - 2014-07-19 14:35 - 61513304 _____ (Ubisoft) C:\Users\Fabian\Downloads\UplayInstaller.exe 2014-07-19 14:02 - 2014-06-07 23:29 - 00110904 _____ () C:\Users\Fabian\AppData\Local\GDIPFONTCACHEV1.DAT 2014-07-19 14:00 - 2014-07-19 14:00 - 01099187 _____ () C:\Users\Fabian\Downloads\3repaints-SpruceGoose.zip 2014-07-19 13:59 - 2014-07-19 13:56 - 230008963 _____ () C:\Users\Fabian\Downloads\ACJ_AirbusA380MegaPackage.zip 2014-07-19 13:33 - 2014-07-19 13:33 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Microsoft Game Studios 2014-07-19 12:49 - 2014-07-19 12:49 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0 2014-07-19 12:49 - 2014-06-07 21:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-18 17:43 - 2014-07-10 22:34 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\SpinTires 2014-07-18 16:33 - 2014-06-08 00:37 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Arma 3 2014-07-18 16:25 - 2014-07-18 16:25 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security 2014-07-18 16:20 - 2014-07-10 22:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security 2014-07-18 16:20 - 2014-07-08 20:02 - 00002501 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk 2014-07-18 16:20 - 2014-06-07 22:00 - 00003234 _____ () C:\Windows\System32\Tasks\Norton WSC Integration 2014-07-18 16:20 - 2014-06-07 22:00 - 00000000 ____D () C:\Windows\system32\Drivers\NISx64 2014-07-17 20:04 - 2014-06-08 00:28 - 00000000 ____D () C:\ProgramData\Oracle 2014-07-17 20:03 - 2014-07-17 20:03 - 00004251 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-17 20:03 - 2014-07-17 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-07-17 19:20 - 2014-07-17 19:20 - 00000000 ____D () C:\ProgramData\Riot Games 2014-07-15 21:10 - 2014-07-15 20:53 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Temporary Projects 2014-07-15 20:53 - 2014-07-15 20:52 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Deployment 2014-07-15 20:52 - 2014-07-15 20:52 - 00343896 _____ () C:\Users\Fabian\Downloads\publish.7z 2014-07-15 20:52 - 2014-07-15 20:52 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Apps\2.0 2014-07-15 20:51 - 2014-07-14 22:22 - 00000000 ____D () C:\Users\Fabian\Documents\Visual Studio 2010 2014-07-15 20:38 - 2014-07-15 20:38 - 00008377 _____ () C:\Users\Fabian\AppData\Local\recently-used.xbel 2014-07-15 20:38 - 2014-07-05 23:00 - 00000000 ____D () C:\Users\Fabian\AppData\Local\gtk-2.0 2014-07-15 20:38 - 2014-07-05 21:58 - 00000000 ____D () C:\Users\Fabian\.gimp-2.8 2014-07-15 19:35 - 2014-07-15 19:35 - 00000000 ____D () C:\Windows\system32\RsFx 2014-07-15 19:35 - 2014-07-15 19:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 2014-07-15 19:35 - 2014-07-15 19:34 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\1033 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Windows\SysWOW64\1031 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Windows\system32\1033 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Windows\system32\1031 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 9.0 2014-07-15 19:34 - 2014-07-15 19:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 9.0 2014-07-15 19:34 - 2014-07-14 22:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-07-15 19:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-07-14 22:30 - 2014-07-14 22:30 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\AntMe 2014-07-14 22:30 - 2014-07-14 22:30 - 00000000 ____D () C:\Users\Fabian\AppData\Local\AntMe!_Ltd 2014-07-14 22:23 - 2014-07-14 22:23 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services 2014-07-14 22:23 - 2014-07-14 22:23 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition 2014-07-14 22:23 - 2014-07-14 22:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services 2014-07-14 22:23 - 2014-07-14 22:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\Windows\symbols 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer 2014-07-14 22:22 - 2014-07-14 22:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs 2014-07-14 22:13 - 2014-07-14 22:13 - 03277648 _____ (Microsoft Corporation) C:\Users\Fabian\Downloads\vcRaute_web.exe 2014-07-14 22:12 - 2014-07-14 22:12 - 02182278 _____ () C:\Users\Fabian\Downloads\C#.7z 2014-07-14 22:12 - 2014-07-14 22:12 - 01754045 _____ () C:\Users\Fabian\Downloads\Website [HTML,CSS].7z 2014-07-14 22:12 - 2014-07-14 22:12 - 00023090 _____ () C:\Users\Fabian\Downloads\Taschenrechner 2.7z 2014-07-13 14:22 - 2014-07-13 14:22 - 00000678 _____ () C:\Users\Public\Desktop\PDFCreator.lnk 2014-07-13 14:22 - 2014-07-13 14:22 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\pdfforge 2014-07-13 14:22 - 2014-07-13 14:22 - 00000000 ____D () C:\ProgramData\PDF Architect 2 2014-07-13 14:22 - 2014-07-13 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2014-07-13 14:21 - 2014-07-13 14:20 - 27843432 _____ (pdfforge ) C:\Users\Fabian\Downloads\PDFCreator-1_7_3_setup.exe 2014-07-12 22:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-11 18:58 - 2014-06-07 23:23 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-11 18:58 - 2011-04-12 09:55 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-11 18:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-11 18:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-11 03:02 - 2014-06-08 00:28 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-07-11 02:56 - 2014-06-08 00:28 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-07-11 02:56 - 2014-06-08 00:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-07-11 02:55 - 2014-06-08 00:28 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-07-10 22:57 - 2014-06-07 22:37 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-10 22:57 - 2014-06-07 22:37 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-08 20:02 - 2014-06-07 22:00 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS 2014-07-08 20:02 - 2014-06-07 22:00 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT 2014-07-08 20:02 - 2014-06-07 22:00 - 00000000 ____D () C:\Program Files (x86)\Norton Internet Security 2014-07-08 19:31 - 2014-07-08 19:31 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2014-07-08 19:31 - 2014-06-08 00:36 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-08 19:31 - 2014-06-08 00:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 19:31 - 2014-06-08 00:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-06 20:43 - 2014-06-08 00:33 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Spotify 2014-07-05 21:58 - 2014-07-05 21:58 - 00000000 ____D () C:\Users\Fabian\AppData\Local\gegl-0.2 2014-07-05 21:58 - 2014-07-05 21:58 - 00000000 ____D () C:\Users\Fabian\.thumbnails 2014-07-05 14:11 - 2014-07-05 14:11 - 00000736 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2014-07-05 14:09 - 2014-07-05 14:07 - 90396104 _____ (The GIMP Team ) C:\Users\Fabian\Downloads\gimp-2.8.10-setup.exe 2014-07-04 22:43 - 2014-07-04 22:43 - 00000000 ____H () C:\Users\Fabian\Documents\Default.rdp 2014-07-03 17:17 - 2014-06-08 00:34 - 00000000 ____D () C:\Users\Fabian\AppData\Local\Spotify 2014-07-02 19:22 - 2014-07-02 19:22 - 00000000 ____D () C:\Users\Fabian\Documents\SniperEliteV2_Benchmark 2014-07-02 18:04 - 2014-06-08 18:22 - 00000000 ____D () C:\Users\Fabian\Documents\Euro Truck Simulator 2 2014-07-01 18:37 - 2014-07-01 18:37 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\TERA 2014-07-01 18:37 - 2014-07-01 18:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TERA 2014-07-01 18:35 - 2014-07-01 18:35 - 15366160 _____ (Gameforge Productions GmbH ) C:\Users\Fabian\Downloads\TERASetup.exe 2014-06-30 16:38 - 2014-06-30 16:36 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Notepad++ 2014-06-30 16:36 - 2014-06-30 16:36 - 00000000 ____D () C:\Users\Fabian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2014-06-30 16:36 - 2014-06-30 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2014-06-30 16:35 - 2014-06-30 16:35 - 07674224 _____ () C:\Users\Fabian\Downloads\npp.6.6.7.Installer.exe 2014-06-30 04:09 - 2014-07-10 22:34 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-10 22:34 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-29 18:03 - 2014-06-29 18:03 - 00004932 _____ () C:\Users\Fabian\Downloads\bibanator_csgo_gaming_cfg_13-06-2014.rar 2014-06-29 17:19 - 2014-06-25 19:22 - 00000000 ____D () C:\Users\Fabian\AppData\Local\SniperV2 2014-06-28 17:09 - 2014-06-28 17:09 - 00000286 _____ () C:\Windows\Cm112.ini.imi 2014-06-28 17:09 - 2014-06-28 17:09 - 00000235 _____ () C:\Windows\system\Cm112.ini 2014-06-28 17:09 - 2014-06-28 17:09 - 00000185 _____ () C:\Windows\Cm112.ini.cfl 2014-06-28 17:09 - 2014-06-28 17:09 - 00000137 _____ () C:\Windows\system\Dlap.pfx 2014-06-28 17:09 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system 2014-06-28 17:08 - 2014-06-28 17:08 - 16873491 _____ () C:\Users\Fabian\Downloads\3D_G4ME_1_Driver_V1_4.zip 2014-06-26 19:04 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports  Some content of TEMP: ==================== C:\Users\Fabian\AppData\Local\Temp\x2blapi.dll   ==================== Bamital & volsnap Check =================  (There is no automatic fix for files that do not pass verification.)  C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed   LastRegBack: 2014-07-18 18:06  ==================== End Of Log ============================
         
--- --- ---
__________________


 

Themen zu Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-)
.dll, adware, bios, blockiert, branding, browser, defender, dll, error, excel, firefox, flash player, help, hilfe bei trojaner, home, internet, ip-hilfsdienst, maleware, opera, programme, rundll, security, server, software, suche, super, symantec, temp, trojaner, usb, verdacht auf trojaner, windows, windows 7



Ähnliche Themen: Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-)


  1. Malwarebytes erkannte "DTSGainCompensatorDLL.dll" als Trojan.crypt kann ich mein System noch bereinigen oder sollte ich es platt machen?
    Plagegeister aller Art und deren Bekämpfung - 26.11.2015 (15)
  2. Norten blockierte Trojan.ADH.2, immernoch verdach auf Trojaner!
    Plagegeister aller Art und deren Bekämpfung - 29.07.2014 (8)
  3. WINXP Virus - Maus & Tastatur blockiert, keine Kontrolle über BIOS
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (5)
  4. Avast: Webseite wurde blockiert, Virus trotzdem empfangen ?
    Plagegeister aller Art und deren Bekämpfung - 28.10.2010 (1)
  5. Browser werden blockiert ! Bitte um kontrolle des HiJackThis Logs.
    Log-Analyse und Auswertung - 28.08.2009 (23)
  6. Norten zeigt "Trojan.Pandex" auf meinem PC
    Plagegeister aller Art und deren Bekämpfung - 17.08.2008 (19)
  7. Bitte um Kontrolle HJT
    Log-Analyse und Auswertung - 25.07.2008 (7)
  8. Bitte um Hjt Logfile kontrolle!
    Mülltonne - 07.06.2008 (0)
  9. Bitte um Log-File-Kontrolle
    Log-Analyse und Auswertung - 11.04.2006 (3)
  10. bitte um Logfile-Kontrolle
    Log-Analyse und Auswertung - 25.09.2005 (7)
  11. Bitte um Kontrolle - ist alles weg?
    Log-Analyse und Auswertung - 24.02.2005 (6)
  12. Bitte um Kontrolle
    Log-Analyse und Auswertung - 24.02.2005 (1)
  13. bitte um kontrolle
    Log-Analyse und Auswertung - 24.02.2005 (2)
  14. Hijack log bitte auswerten, spybot/adaware/norten bereist geprüft
    Log-Analyse und Auswertung - 21.12.2004 (1)
  15. Norten Ativirus Hilfe bitte (Iwantsearch)
    Log-Analyse und Auswertung - 30.10.2004 (9)
  16. HijackThis Kontrolle 2 - Bitte!
    Log-Analyse und Auswertung - 18.10.2004 (5)
  17. Bitte um Kontrolle des Logfiles
    Log-Analyse und Auswertung - 28.06.2004 (14)

Zum Thema Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-) - Hallo liebe Community, Ich habe mir um ein Video zu konvertieren eine Software heruntergeladen. Dabei habe ich mir wohl etwas hässliches eingefangen: Trojan.ADH.2 Dieser wurde aber von Norten Internet Secruity - Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-)...
Archiv
Du betrachtest: Norten erkannte Trojan.ADH.2! Blockiert, trotzdem bitte ich um Kontrolle :-) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.