Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Trendvirus GVU hat wieder zugeschlagen.... (https://www.trojaner-board.de/136419-trendvirus-gvu-hat-zugeschlagen.html)

bastim94 11.06.2013 20:10
Trendvirus GVU hat wieder zugeschlagen....
 
Mich hat der GVIvirus auch erwischt.Ist warscheinlich auch wieder diese berühmte skype datei im Roamingordner aber mal schauen. Hier einmal das,was Farbar's Recovery Scan Tool an Text ausgespuckt hat:

Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-06-2013 03
Ran by SYSTEM on 11-06-2013 21:01:17
Running from G:\
Windows 7 Ultimate (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming [1744152 2011-10-07] (Logitech, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"                                                                                                                                                                                                      [140568 2007-12-03] (Acronis)
HKLM\...\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto                                                                                                                                                                                                                              [4760464 2012-12-18] (SoftPerfect Research)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe [43632 2010-01-19] ()
HKLM-x32\...\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"                                                                                                                                                                                                                    [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe                                                                                                                                                                                                        [2622104 2007-12-03] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe                                                                                                                                                                                                        [911184 2007-12-03] (Acronis)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [2255184 2013-05-15] (LogMeIn Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCU] "C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [375000 2009-10-15] (DeviceVM, Inc.)
HKU\Basti\...\Run: [ICQ] "C:\Program Files (x86)\ICQ7.7\ICQ.exe" silent loginmode=4                                                                                                                                                                                                                [127040 2012-04-08] (ICQ, LLC.)
HKU\Basti\...\Run: [iFunBoxConnector] "C:\Program Files (x86)\i-Funbox DevTeam\ifb_conn.exe"                                                                                                                                                                                                                    [812544 2012-11-20] ()
HKU\Basti\...\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe                                                                                                                                                                                                              [3093624 2013-01-22] ()
HKU\Basti\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.)
HKU\Basti\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] C:\Users\Basti\AppData\Local\Temp\b34btbztdb0vavaw.exe [46080 2013-06-11] (Adobe Systems Incorporated)
HKU\Basti\...\Winlogon: [Shell] cmd.exe [345088 2010-11-20] (Microsoft Corporation) <==== ATTENTION
HKU\Basti\...\Command Processor: "C:\Users\Basti\AppData\Local\Temp\b34btbztdb0vavaw.exe" <===== ATTENTION!
IMEO\chrome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IMEO\gamebooster.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IMEO\icq.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IMEO\ifb_conn.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IMEO\ifunbox.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IMEO\lifecam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IMEO\mediabuilder.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IMEO\networx.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IMEO\trueimage.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
IMEO\unins000.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"
Lsa: [Authentication Packages] msv1_0 relog_ap
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\Basti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Services (Whitelisted) =================

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-09-08] (Advanced Micro Devices, Inc.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
S2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [72304 2010-01-19] ()
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [227232 2010-01-15] (McAfee, Inc.)
S2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-11-30] ()
S2 SCPDFV4ReadSpool; C:\Windows\Installer\MSIC120.tmp [189688 2012-11-04] (Solid Documents, LLC)
S4 TryAndDecideService; C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [498792 2007-12-03] ()
S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2072896 2011-10-14] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
S3 AODDriver; C:\Program Files (x86)\Gigabyte\ET6\amd64\AODDriver.sys [52280 2010-03-12] (Advanced Micro Devices)
S2 AODDriver4.01; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55424 2011-06-24] (Advanced Micro Devices)
S1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-10-07] ()
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-06-11] (Windows (R) Server 2003 DDK provider)
S3 gdrv; C:\Windows\gdrv.sys [25640 2013-06-11] (Windows (R) Server 2003 DDK provider)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-01-24] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-01-24] ()
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-02] (Logitech Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-10-07] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S1 networx; C:\Windows\System32\drivers\networx.sys [58360 2012-11-26] (NetFilterSDK.com)
S3 SRS_AE_Service; C:\Windows\System32\drivers\SRS_AE_amd64.sys [513824 2011-08-01] ()
S3 SRS_HDAL_Service; C:\Windows\System32\drivers\SRS_HDAL_amd64.sys [533280 2010-11-15] ()
S3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] ()
S3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [124176 2012-11-30] (High Criteria inc.)
S3 TotRec8; C:\Windows\system32\drivers\TotRec8.sys [124176 2012-11-30] (High Criteria inc.)
S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-10-13] (TuneUp Software)
S1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider)
S1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon)
S1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-06-11 20:45 - 2013-06-11 20:45 - 00000000 ____D C:\FRST
2013-06-11 19:22 - 2013-06-11 19:22 - 00393516 ____A C:\ProgramData\2433f433
2013-06-11 19:22 - 2013-06-11 19:22 - 00393468 ____A C:\Users\Basti\AppData\Roaming\2433f433
2013-06-11 19:22 - 2013-06-11 19:22 - 00393458 ____A C:\Users\Basti\AppData\Local\2433f433
2013-06-10 19:44 - 2013-06-10 19:44 - 00112086 ____A C:\Users\Basti\Desktop\trivium_watch_the_world_burn.gp5
2013-06-10 17:21 - 2013-06-10 17:21 - 00022170 ____A C:\Users\Basti\Desktop\Indien Handout.odt
2013-06-10 17:21 - 2013-06-10 17:21 - 00000098 ___AH C:\Users\Basti\Desktop\.~lock.Indien Handout.odt#
2013-06-10 16:58 - 2013-06-10 16:58 - 00000098 ___AH C:\Users\Basti\Desktop\.~lock.1Indien.odp#
2013-06-10 16:32 - 2013-06-10 16:56 - 01272233 ____A C:\Users\Basti\Desktop\1Indien.odp
2013-06-10 16:31 - 2013-06-10 16:31 - 00000000 ____A C:\Users\Basti\Desktop\Neues Textdokument.txt
2013-06-09 16:05 - 2013-06-10 16:32 - 01268489 ____A C:\Users\Basti\Desktop\Indien.odp
2013-06-09 15:53 - 2013-06-09 15:53 - 00016700 ____A C:\Users\Basti\Desktop\Kolonialismus.odp
2013-06-09 13:44 - 2013-06-09 13:44 - 00009026 ____A C:\Users\Basti\Desktop\OpenDocument Präsentation (neu).odp
2013-06-07 17:59 - 2013-06-07 17:59 - 00000000 ____D C:\Users\Basti\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-06-07 17:54 - 2013-06-07 17:54 - 00000000 ____D C:\Users\Basti\Documents\Adobe
2013-06-06 20:07 - 2013-06-06 20:10 - 00002268 ____A C:\Windows\logboot_06.06.2013.tureg.log
2013-06-04 18:11 - 2013-06-04 18:11 - 00000900 ____A C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-06-03 20:09 - 2013-06-03 20:09 - 00017578 ____A C:\Users\Basti\Desktop\klaus_badelt_hes_a_pirate.gp5
2013-06-03 17:56 - 2013-06-03 17:56 - 00067598 ____A C:\Users\Basti\Desktop\alestorm_no_quarter.gp5
2013-06-03 16:44 - 2013-06-03 16:44 - 00098164 ____A C:\Users\Basti\Desktop\avenged_sevenfold_nightmare.gp5
2013-06-02 19:52 - 2013-06-02 19:52 - 00739856 ____A (Google Inc.) C:\Users\Basti\AppData\Roaming\chromebrowser.exe
2013-06-02 19:52 - 2013-06-02 19:52 - 00000000 _RSHD C:\Users\Basti\AppData\Roaming\Jjaal
2013-06-02 19:00 - 2013-06-04 18:01 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-02 19:00 - 2013-06-04 18:01 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-02 19:00 - 2013-06-02 19:53 - 00000000 ____D C:\Users\Basti\AppData\Local\Google
2013-06-02 19:00 - 2013-06-02 19:00 - 00002261 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-02 19:00 - 2013-06-02 19:00 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-01 16:09 - 2013-06-02 17:27 - 00000000 ____D C:\Soldat
2013-06-01 16:09 - 2013-06-01 16:09 - 00001523 ____A C:\Users\Basti\Desktop\Soldat Manual.lnk
2013-06-01 16:09 - 2013-06-01 16:09 - 00001513 ____A C:\Users\Basti\Desktop\Soldat Community Guides.lnk
2013-06-01 16:09 - 2013-06-01 16:09 - 00000578 ____A C:\Users\Basti\Desktop\Soldat.lnk
2013-06-01 16:09 - 2013-06-01 16:09 - 00000571 ____A C:\Users\Basti\Desktop\Soldat Mod Starter.lnk
2013-06-01 16:09 - 2013-06-01 16:09 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Soldat
2013-05-31 16:17 - 2013-05-31 16:20 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-05-31 15:51 - 2013-05-31 16:21 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-05-31 15:49 - 2013-05-31 16:19 - 00000000 ____D C:\Program Files\Adobe
2013-05-31 15:43 - 2013-05-31 15:43 - 00001131 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-29 23:05 - 2013-05-29 23:05 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-29 23:05 - 2013-05-29 23:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-29 23:05 - 2013-05-29 23:05 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-29 23:05 - 2013-05-29 23:05 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-29 23:05 - 2013-05-29 23:05 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-29 23:05 - 2013-05-29 23:05 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-29 23:05 - 2013-05-29 23:05 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-29 23:05 - 2013-05-29 23:05 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-29 23:05 - 2013-05-29 23:05 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-29 23:05 - 2013-05-29 23:05 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-29 23:05 - 2013-05-29 23:05 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-29 23:04 - 2013-05-29 23:04 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-29 23:03 - 2013-05-29 23:09 - 00010360 ____A C:\Windows\IE10_main.log
2013-05-29 10:00 - 2013-05-29 10:02 - 00000000 ____D C:\Users\Basti\Documents\Battlefield 2
2013-05-29 09:59 - 2013-05-29 09:59 - 00000000 ____D C:\Users\Public\bf 2
2013-05-28 21:21 - 2013-05-28 21:21 - 00001165 ____A C:\Users\Basti\Desktop\Battlefield 2.lnk
2013-05-28 12:23 - 2013-05-28 12:23 - 00000000 ____D C:\Users\Public\Save
2013-05-22 20:00 - 2013-05-23 17:22 - 00000000 ____D C:\Users\Basti\Desktop\Ebay
2013-05-22 15:59 - 2013-05-22 15:59 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-05-21 18:33 - 2013-05-21 18:34 - 30123148 ____A C:\Users\Basti\Desktop\WinRAR-Archiv (neu).rar
2013-05-21 14:18 - 2013-05-21 14:18 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-05-16 16:53 - 2013-05-16 16:53 - 00046700 ____A C:\Users\Basti\Desktop\heaven_shall_burn_black_tears.gp5
2013-05-15 18:56 - 2013-05-15 18:56 - 00013572 ____A C:\Users\Basti\Desktop\DawnguardNoVampireAttacks_1_1-21615-.zip
2013-05-15 17:40 - 2013-04-10 07:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2013-05-15 17:40 - 2013-04-10 07:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2013-05-15 17:40 - 2013-02-27 07:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
2013-05-15 17:40 - 2013-02-27 06:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2013-05-15 17:40 - 2013-02-27 06:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
2013-05-15 17:40 - 2013-02-27 06:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
2013-05-15 17:40 - 2013-02-27 06:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
2013-05-15 17:40 - 2013-02-27 05:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-05-15 17:40 - 2013-02-27 05:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-05-15 17:40 - 2013-02-27 05:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-05-15 17:40 - 2011-02-03 12:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
2013-05-15 17:39 - 2013-04-10 04:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-05-15 17:39 - 2013-03-19 06:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
2013-05-15 17:39 - 2013-03-19 06:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
2013-05-14 16:45 - 2013-05-14 16:46 - 00000000 ____D C:\Users\Basti\Desktop\enb backup 2
2013-05-14 15:28 - 2013-05-14 15:28 - 00003350 ____A C:\Users\Basti\AppData\Local\recently-used.xbel
2013-05-14 15:25 - 2013-05-14 15:25 - 00065367 ____A C:\Users\Basti\Desktop\gimp-dds-win64-2.2.1.zip
2013-05-14 15:24 - 2013-05-14 15:32 - 00000000 ____D C:\Users\Basti\.gimp-2.8
2013-05-14 15:24 - 2013-05-14 15:24 - 00000000 ____D C:\Users\Basti\AppData\Local\gegl-0.2
2013-05-14 15:22 - 2013-05-14 15:22 - 00000000 ____D C:\Program Files\GIMP 2
2013-05-14 15:21 - 2013-05-14 15:21 - 76902472 ____A (The GIMP Team                                              ) C:\Users\Basti\Desktop\gimp-2.8.4-setup.exe
2013-05-14 15:19 - 2013-05-14 15:19 - 00060125 ____A C:\Users\Basti\Desktop\gimp-dds-win32-2.2.1.zip
2013-05-14 15:19 - 2012-03-27 22:13 - 02097280 ____A C:\Users\Basti\Desktop\femalebody_1.dds
2013-05-14 14:34 - 2013-05-14 14:34 - 04657541 ____A C:\Users\Basti\Desktop\UNP Tattoo-23612-1-0.7z
2013-05-14 14:03 - 2013-05-14 14:05 - 07349006 ____A C:\Users\Basti\Desktop\Sporty Sexy Sweat UNP-28946-1-0.rar
2013-05-14 13:54 - 2013-05-14 13:59 - 25652747 ____A C:\Users\Basti\Desktop\BTC- Body Type Change Alpha U3-30407-U3.7z
2013-05-14 13:10 - 2013-05-14 13:10 - 00643157 ____A C:\Users\Basti\Desktop\femalebody_0.nif
2013-05-14 13:04 - 2013-05-14 13:04 - 00997414 ____A C:\Users\Basti\Desktop\bikini_0.nif
2013-05-14 12:49 - 2013-05-14 12:49 - 09113460 ____A C:\Users\Basti\Desktop\UNP BASE Main body V1dot2-6709.7z
2013-05-13 22:33 - 2013-05-13 22:23 - 00096008 ____A C:\Users\Basti\Desktop\Bikini-MTM.esp
2013-05-13 18:45 - 2013-04-06 18:02 - 00001496 ____A C:\Users\Basti\Desktop\Skyrim.INI
2013-05-13 18:44 - 2013-05-13 18:44 - 00000259 ____A C:\Users\Basti\Desktop\Version 1-20663-1.rar
2013-05-13 17:37 - 2013-05-13 18:09 - 00003630 ____A C:\Users\Basti\Desktop\favoritesmenu_equipsets.cfg
2013-05-12 20:41 - 2013-05-12 20:41 - 01200274 ____A C:\Users\Basti\Desktop\enbseries_skyrim_v0119.zip
2013-05-12 20:21 - 2013-05-12 20:21 - 04676632 ____A C:\Users\Basti\Desktop\Project ENB Final Edition for Climates Of Tamriel v3_1-20781-FINAL.zip
2013-05-12 20:06 - 2013-05-12 20:06 - 03054701 ____A C:\Users\Basti\Desktop\Project ENB Data folder for Climates Of Tamriel UPDATE 2-20781-.zip
2013-05-12 19:53 - 2013-05-24 19:04 - 00000000 ____D C:\Users\Basti\Desktop\Neuer Ordner
2013-05-12 19:51 - 2013-05-14 16:45 - 00187878 ____A C:\Users\Basti\Desktop\Superb ENB-RL 2_0f-11318-2-0f.7z
2013-05-12 19:49 - 2013-05-12 19:49 - 00007597 ____A C:\Users\Basti\AppData\Local\Resmon.ResmonCfg
2013-05-12 18:06 - 2013-05-12 18:06 - 00019362 ____A C:\Users\Basti\Desktop\Handout Wipo.odt
2013-05-12 17:39 - 2013-06-10 16:53 - 00058695 ____A C:\Users\Basti\Desktop\OpenDocument Text (neu).odt

==================== One Month Modified Files and Folders =======

2013-06-11 20:45 - 2013-06-11 20:45 - 00000000 ____D C:\FRST
2013-06-11 19:42 - 2013-02-20 16:34 - 00000416 ___AH C:\Windows\Tasks\schedule!3036567561.job
2013-06-11 19:42 - 2012-12-14 15:35 - 00085247 ____A C:\Windows\setupact.log
2013-06-11 19:42 - 2011-10-09 12:09 - 00025640 ____A (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2013-06-11 19:42 - 2011-10-07 20:12 - 00000236 ____A C:\service.log
2013-06-11 19:42 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-11 19:42 - 2009-07-14 05:45 - 00014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-11 19:42 - 2009-07-14 05:45 - 00014016 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-11 19:27 - 2013-05-02 22:12 - 00000000 ____D C:\Users\Basti\AppData\Roaming\NetSpeedMonitor
2013-06-11 19:23 - 2012-12-29 16:45 - 00000000 ____D C:\Program Files (x86)\JDownloader 2
2013-06-11 19:22 - 2013-06-11 19:22 - 00393516 ____A C:\ProgramData\2433f433
2013-06-11 19:22 - 2013-06-11 19:22 - 00393468 ____A C:\Users\Basti\AppData\Roaming\2433f433
2013-06-11 19:22 - 2013-06-11 19:22 - 00393458 ____A C:\Users\Basti\AppData\Local\2433f433
2013-06-11 19:15 - 2011-10-20 16:08 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Skype
2013-06-11 18:52 - 2012-04-18 20:01 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-11 18:41 - 2011-10-07 15:06 - 01503802 ____A C:\Windows\WindowsUpdate.log
2013-06-11 16:57 - 2013-04-23 21:03 - 00000000 ____D C:\witzig
2013-06-11 16:21 - 2009-07-14 18:58 - 00707918 ____A C:\Windows\System32\perfh007.dat
2013-06-11 16:21 - 2009-07-14 18:58 - 00153404 ____A C:\Windows\System32\perfc007.dat
2013-06-11 16:21 - 2009-07-14 06:13 - 01644414 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-11 16:15 - 2011-10-19 20:44 - 00000000 ____D C:\Users\Basti\AppData\Local\LogMeIn Hamachi
2013-06-11 12:22 - 2011-10-28 12:58 - 00000000 ____D C:\Users\Basti\AppData\Local\Adobe
2013-06-10 20:18 - 2012-07-31 02:14 - 00000000 ____D C:\Users\Basti\AppData\Roaming\uTorrent
2013-06-10 19:44 - 2013-06-10 19:44 - 00112086 ____A C:\Users\Basti\Desktop\trivium_watch_the_world_burn.gp5
2013-06-10 19:30 - 2011-10-07 15:35 - 00000000 ____D C:\Musik
2013-06-10 17:21 - 2013-06-10 17:21 - 00022170 ____A C:\Users\Basti\Desktop\Indien Handout.odt
2013-06-10 17:21 - 2013-06-10 17:21 - 00000098 ___AH C:\Users\Basti\Desktop\.~lock.Indien Handout.odt#
2013-06-10 16:58 - 2013-06-10 16:58 - 00000098 ___AH C:\Users\Basti\Desktop\.~lock.1Indien.odp#
2013-06-10 16:56 - 2013-06-10 16:32 - 01272233 ____A C:\Users\Basti\Desktop\1Indien.odp
2013-06-10 16:53 - 2013-05-12 17:39 - 00058695 ____A C:\Users\Basti\Desktop\OpenDocument Text (neu).odt
2013-06-10 16:32 - 2013-06-09 16:05 - 01268489 ____A C:\Users\Basti\Desktop\Indien.odp
2013-06-10 16:31 - 2013-06-10 16:31 - 00000000 ____A C:\Users\Basti\Desktop\Neues Textdokument.txt
2013-06-09 16:09 - 2011-11-10 15:20 - 00000000 ____D C:\Users\Basti\AppData\Local\Skyrim
2013-06-09 15:53 - 2013-06-09 15:53 - 00016700 ____A C:\Users\Basti\Desktop\Kolonialismus.odp
2013-06-09 13:56 - 2012-06-12 13:46 - 00000000 ____D C:\Users\Basti\AppData\Roaming\TS3Client
2013-06-09 13:44 - 2013-06-09 13:44 - 00009026 ____A C:\Users\Basti\Desktop\OpenDocument Präsentation (neu).odp
2013-06-07 21:04 - 2011-10-19 20:27 - 00000000 ____D C:\Users\Basti\AppData\Roaming\.minecraft
2013-06-07 17:59 - 2013-06-07 17:59 - 00000000 ____D C:\Users\Basti\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2013-06-07 17:59 - 2011-10-10 16:50 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Adobe
2013-06-07 17:54 - 2013-06-07 17:54 - 00000000 ____D C:\Users\Basti\Documents\Adobe
2013-06-07 17:34 - 2011-10-28 12:56 - 00000000 ____D C:\ProgramData\Adobe
2013-06-07 12:15 - 2012-02-28 21:55 - 00000000 ____D C:\Users\Basti\AppData\Local\CrashDumps
2013-06-06 20:11 - 2011-10-07 15:15 - 00000000 ____D C:\users\Basti
2013-06-06 20:10 - 2013-06-06 20:07 - 00002268 ____A C:\Windows\logboot_06.06.2013.tureg.log
2013-06-06 20:10 - 2009-07-14 03:34 - 71041024 ____A C:\Windows\System32\config\SOFTWARE_tureg_old
2013-06-06 20:10 - 2009-07-14 03:34 - 25427968 ____A C:\Windows\System32\config\SYSTEM_tureg_old
2013-06-06 20:10 - 2009-07-14 03:34 - 00024576 ____A C:\Windows\System32\config\SECURITY_tureg_old
2013-06-06 16:19 - 2009-07-14 03:34 - 00524288 ____A C:\Windows\System32\config\DEFAULT_tureg_old
2013-06-06 16:19 - 2009-07-14 03:34 - 00032768 ____A C:\Windows\System32\config\SAM_tureg_old
2013-06-04 18:11 - 2013-06-04 18:11 - 00000900 ____A C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2013-06-04 18:11 - 2012-01-06 23:22 - 00000000 ____D C:\Program Files\Nexus Mod Manager
2013-06-04 18:11 - 2011-10-07 15:30 - 00068472 ____A C:\Users\Basti\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-04 18:01 - 2013-06-02 19:00 - 00001108 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-04 18:01 - 2013-06-02 19:00 - 00001104 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-04 18:01 - 2009-07-14 05:45 - 04927776 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-04 18:00 - 2012-12-25 17:48 - 00092564 ____A C:\Windows\PFRO.log
2013-06-04 16:15 - 2012-01-09 18:28 - 00000000 ____D C:\Users\Basti\AppData\Local\PMB Files
2013-06-03 20:09 - 2013-06-03 20:09 - 00017578 ____A C:\Users\Basti\Desktop\klaus_badelt_hes_a_pirate.gp5
2013-06-03 17:56 - 2013-06-03 17:56 - 00067598 ____A C:\Users\Basti\Desktop\alestorm_no_quarter.gp5
2013-06-03 17:47 - 2011-12-10 20:54 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Guitar Pro 6
2013-06-03 16:44 - 2013-06-03 16:44 - 00098164 ____A C:\Users\Basti\Desktop\avenged_sevenfold_nightmare.gp5
2013-06-02 19:53 - 2013-06-02 19:00 - 00000000 ____D C:\Users\Basti\AppData\Local\Google
2013-06-02 19:52 - 2013-06-02 19:52 - 00739856 ____A (Google Inc.) C:\Users\Basti\AppData\Roaming\chromebrowser.exe
2013-06-02 19:52 - 2013-06-02 19:52 - 00000000 _RSHD C:\Users\Basti\AppData\Roaming\Jjaal
2013-06-02 19:00 - 2013-06-02 19:00 - 00002261 ____A C:\Users\Public\Desktop\Google Chrome.lnk
2013-06-02 19:00 - 2013-06-02 19:00 - 00000000 ____D C:\Program Files (x86)\Google
2013-06-02 17:27 - 2013-06-01 16:09 - 00000000 ____D C:\Soldat
2013-06-01 16:09 - 2013-06-01 16:09 - 00001523 ____A C:\Users\Basti\Desktop\Soldat Manual.lnk
2013-06-01 16:09 - 2013-06-01 16:09 - 00001513 ____A C:\Users\Basti\Desktop\Soldat Community Guides.lnk
2013-06-01 16:09 - 2013-06-01 16:09 - 00000578 ____A C:\Users\Basti\Desktop\Soldat.lnk
2013-06-01 16:09 - 2013-06-01 16:09 - 00000571 ____A C:\Users\Basti\Desktop\Soldat Mod Starter.lnk
2013-06-01 16:09 - 2013-06-01 16:09 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Soldat
2013-05-31 17:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-05-31 16:23 - 2012-01-04 13:18 - 00000178 ____A C:\Windows\System32\Drivers\etc\hosts.txt
2013-05-31 16:21 - 2013-05-31 15:51 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2013-05-31 16:20 - 2013-05-31 16:17 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-05-31 16:19 - 2013-05-31 15:49 - 00000000 ____D C:\Program Files\Adobe
2013-05-31 16:19 - 2011-10-28 12:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-05-31 15:43 - 2013-05-31 15:43 - 00001131 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-05-31 15:43 - 2012-04-24 17:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-05-30 17:07 - 2011-10-07 14:10 - 00000000 ____D C:\Windows\Panther
2013-05-30 16:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2013-05-30 16:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2013-05-30 16:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\zh-HK
2013-05-30 16:56 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-30 16:55 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\tr-TR
2013-05-29 23:09 - 2013-05-29 23:03 - 00010360 ____A C:\Windows\IE10_main.log
2013-05-29 23:05 - 2013-05-29 23:05 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-05-29 23:05 - 2013-05-29 23:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-05-29 23:05 - 2013-05-29 23:05 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-29 23:05 - 2013-05-29 23:05 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-29 23:05 - 2013-05-29 23:05 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-29 23:05 - 2013-05-29 23:05 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-29 23:05 - 2013-05-29 23:05 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-29 23:05 - 2013-05-29 23:05 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-29 23:05 - 2013-05-29 23:05 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-29 23:05 - 2013-05-29 23:05 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-29 23:05 - 2013-05-29 23:05 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-29 23:05 - 2013-05-29 23:05 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-29 23:05 - 2013-05-29 23:05 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-29 23:04 - 2013-05-29 23:04 - 03928064 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 03419136 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 02776576 ____A (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 02565120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 02284544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01988096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01682432 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01643520 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01504768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01247744 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01238528 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01175552 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01158144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 01080832 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00648192 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00604160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00522752 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00465920 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00417792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00364544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00363008 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00333312 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00296960 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00293376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00249856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00245248 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00221184 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00220160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00207872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00187392 ____A (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00161792 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00010752 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00010752 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00009728 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00009728 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00005632 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00004096 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003584 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00003072 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00002560 ___AH (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-29 23:04 - 2013-05-29 23:04 - 00002560 ___AH (Microsoft Corporation) C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-05-29 17:53 - 2011-11-02 19:23 - 00234536 ____A C:\Windows\SysWOW64\PnkBstrB.xtr
2013-05-29 17:53 - 2011-11-02 19:23 - 00000000 ____D C:\Users\Basti\AppData\Local\PunkBuster
2013-05-29 17:53 - 2011-11-02 19:02 - 00234536 ____A C:\Windows\SysWOW64\PnkBstrB.exe
2013-05-29 17:53 - 2011-11-02 19:02 - 00234536 ____A C:\Windows\SysWOW64\PnkBstrB.ex0
2013-05-29 10:02 - 2013-05-29 10:00 - 00000000 ____D C:\Users\Basti\Documents\Battlefield 2
2013-05-29 09:59 - 2013-05-29 09:59 - 00000000 ____D C:\Users\Public\bf 2
2013-05-28 21:33 - 2011-10-07 15:34 - 00000000 ____D C:\Spiele
2013-05-28 21:21 - 2013-05-28 21:21 - 00001165 ____A C:\Users\Basti\Desktop\Battlefield 2.lnk
2013-05-28 12:23 - 2013-05-28 12:23 - 00000000 ____D C:\Users\Public\Save
2013-05-28 10:33 - 2013-01-30 16:04 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-05-28 10:33 - 2011-10-20 16:08 - 00000000 ____D C:\ProgramData\Skype
2013-05-24 19:04 - 2013-05-12 19:53 - 00000000 ____D C:\Users\Basti\Desktop\Neuer Ordner
2013-05-23 17:22 - 2013-05-22 20:00 - 00000000 ____D C:\Users\Basti\Desktop\Ebay
2013-05-22 15:59 - 2013-05-22 15:59 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-05-21 20:17 - 2013-05-06 17:32 - 00125719 ____A C:\Users\Basti\Desktop\PPP Wipo.odp
2013-05-21 18:34 - 2013-05-21 18:33 - 30123148 ____A C:\Users\Basti\Desktop\WinRAR-Archiv (neu).rar
2013-05-21 14:22 - 2012-06-28 02:40 - 00000000 ____D C:\Users\Basti\AppData\Roaming\Audacity
2013-05-21 14:18 - 2013-05-21 14:18 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
2013-05-16 16:53 - 2013-05-16 16:53 - 00046700 ____A C:\Users\Basti\Desktop\heaven_shall_burn_black_tears.gp5
2013-05-15 18:56 - 2013-05-15 18:56 - 00013572 ____A C:\Users\Basti\Desktop\DawnguardNoVampireAttacks_1_1-21615-.zip
2013-05-15 18:52 - 2012-04-18 20:01 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-05-15 18:52 - 2011-10-10 16:49 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-05-14 16:46 - 2013-05-14 16:45 - 00000000 ____D C:\Users\Basti\Desktop\enb backup 2
2013-05-14 16:45 - 2013-05-12 19:51 - 00187878 ____A C:\Users\Basti\Desktop\Superb ENB-RL 2_0f-11318-2-0f.7z
2013-05-14 15:32 - 2013-05-14 15:24 - 00000000 ____D C:\Users\Basti\.gimp-2.8
2013-05-14 15:28 - 2013-05-14 15:28 - 00003350 ____A C:\Users\Basti\AppData\Local\recently-used.xbel
2013-05-14 15:25 - 2013-05-14 15:25 - 00065367 ____A C:\Users\Basti\Desktop\gimp-dds-win64-2.2.1.zip
2013-05-14 15:24 - 2013-05-14 15:24 - 00000000 ____D C:\Users\Basti\AppData\Local\gegl-0.2
2013-05-14 15:22 - 2013-05-14 15:22 - 00000000 ____D C:\Program Files\GIMP 2
2013-05-14 15:22 - 2011-12-11 19:40 - 00000000 ____D C:\Program Files (x86)\GIMP-2.0
2013-05-14 15:21 - 2013-05-14 15:21 - 76902472 ____A (The GIMP Team                                              ) C:\Users\Basti\Desktop\gimp-2.8.4-setup.exe
2013-05-14 15:20 - 2011-12-11 19:41 - 00000000 ____D C:\Users\Basti\AppData\Roaming\gtk-2.0
2013-05-14 15:20 - 2011-12-11 19:40 - 00000000 ____D C:\Users\Basti\.gimp-2.6
2013-05-14 15:19 - 2013-05-14 15:19 - 00060125 ____A C:\Users\Basti\Desktop\gimp-dds-win32-2.2.1.zip
2013-05-14 14:34 - 2013-05-14 14:34 - 04657541 ____A C:\Users\Basti\Desktop\UNP Tattoo-23612-1-0.7z
2013-05-14 14:05 - 2013-05-14 14:03 - 07349006 ____A C:\Users\Basti\Desktop\Sporty Sexy Sweat UNP-28946-1-0.rar
2013-05-14 13:59 - 2013-05-14 13:54 - 25652747 ____A C:\Users\Basti\Desktop\BTC- Body Type Change Alpha U3-30407-U3.7z
2013-05-14 13:10 - 2013-05-14 13:10 - 00643157 ____A C:\Users\Basti\Desktop\femalebody_0.nif
2013-05-14 13:04 - 2013-05-14 13:04 - 00997414 ____A C:\Users\Basti\Desktop\bikini_0.nif
2013-05-14 12:49 - 2013-05-14 12:49 - 09113460 ____A C:\Users\Basti\Desktop\UNP BASE Main body V1dot2-6709.7z
2013-05-13 22:23 - 2013-05-13 22:33 - 00096008 ____A C:\Users\Basti\Desktop\Bikini-MTM.esp
2013-05-13 18:44 - 2013-05-13 18:44 - 00000259 ____A C:\Users\Basti\Desktop\Version 1-20663-1.rar
2013-05-13 18:09 - 2013-05-13 17:37 - 00003630 ____A C:\Users\Basti\Desktop\favoritesmenu_equipsets.cfg
2013-05-12 20:52 - 2012-01-06 23:22 - 00000000 ____D C:\Users\Basti\Documents\Nexus Mod Manager
2013-05-12 20:41 - 2013-05-12 20:41 - 01200274 ____A C:\Users\Basti\Desktop\enbseries_skyrim_v0119.zip
2013-05-12 20:21 - 2013-05-12 20:21 - 04676632 ____A C:\Users\Basti\Desktop\Project ENB Final Edition for Climates Of Tamriel v3_1-20781-FINAL.zip
2013-05-12 20:06 - 2013-05-12 20:06 - 03054701 ____A C:\Users\Basti\Desktop\Project ENB Data folder for Climates Of Tamriel UPDATE 2-20781-.zip
2013-05-12 19:49 - 2013-05-12 19:49 - 00007597 ____A C:\Users\Basti\AppData\Local\Resmon.ResmonCfg
2013-05-12 18:06 - 2013-05-12 18:06 - 00019362 ____A C:\Users\Basti\Desktop\Handout Wipo.odt

Files to move or delete:
====================
C:\Users\Public\Firefox Setup 19.0.exe
C:\ProgramData\ras_0oed.pad

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info ===========================

Percentage of memory in use: 15%
Total physical RAM: 4093.55 MB
Available physical RAM: 3451.79 MB
Total Pagefile: 4091.7 MB
Available Pagefile: 3452.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:23.87 GB) NTFS (Disk=1 Partition=1)
Drive e: () (Fixed) (Total:297.99 GB) (Free:37.84 GB) NTFS (Disk=0 Partition=2)
Drive g: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:156.58 GB) NTFS (Disk=2 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=1) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 39891999)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AD1B23BE)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 1F1654BB)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)


LastRegBack: 2013-05-27 18:57

==================== End Of Log ============================

markusg 11.06.2013 20:20
hi,


Fix mit FRST
Drücke bitte die Windows taste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument
Code:
HKU\Basti\...\Run: [qcgce2mrvjq91kk1e7pnbb19m52fx] C:\Users\Basti\AppData\Local\Temp\b34btbztdb0vavaw.exe [46080 2013-06-11] (Adobe Systems Incorporated)
Speichere diese bitte als Fixlist.txt auf deinem Stick.
  • Starte nun FRST erneut und klicke den Fix Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.
starte bitte neu.

bastim94 11.06.2013 20:31
Hab ich gemacht. Sperre besteht immernoch.
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-06-2013 03
Ran by SYSTEM at 2013-06-11 21:29:05 Run:1
Running from G:\
Boot Mode: Recovery
==============================================

HKU\Basti\Software\Microsoft\Windows\CurrentVersion\Run\\qcgce2mrvjq91kk1e7pnbb19m52fx => Value deleted successfully.

==== End of Fixlog ====

markusg 11.06.2013 23:46
kommst du an nen pc mit brenner?
download:
http://filepony.de/download-otlpe/
und brenne es mit ISOBurner auf eine CD.
ISO Burner - Download - Filepony
isoburner anleitung:
http://www.trojaner-board.de/83208-b...ei-cd-dvd.html
• Wenn der Download fertig ist mache ein doppel Klick auf die OTLPENet.exe, was ISOBurner öffnet um es auf die CD zu brennen.
Starte dein System neu und boote von der CD die du gerade erstellt hast.
Wenn du nicht weist wie du deinen Computer dazu bringst von der CD zu booten,
http://www.trojaner-board.de/81857-c...cd-booten.html

• Dein System sollte jetzt einen REATOGO-X-PE Desktop anzeigen.
• Mache einen doppel Klick auf das OTLPE Icon.
• Wenn du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
• Wenn du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
• entferne den haken bei "Automatically Load All Remaining Users" wenn er gesetzt ist.

• OTL sollte nun starten.
Kopiere nun den Inhalt in die http://larusso.trojaner-board.de/Images/otlfix.jpg
Textbox.
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
• Drücke Run Scan um den Scan zu starten.
• Wenn er fertig ist werden die Dateien in C:\otl.txt gesichert
• Kopiere diesen Ordner auf deinen USB-Stick wenn du keine Internetverbindung auf diesem System hast.
poste beide logs

bastim94 12.06.2013 19:46
Momentan leider nicht. Ich habs aber geschafft durch ne hintertür die ich mal eingerichtet habe an der sperre vorbeizukommen. Ich hab die prozesse durchgeschaut und festgestelt,dass die svchost.exe in c:/windows/syswow64 der übeltäter ist.

markusg 12.06.2013 20:06
nein, diese exe ist sicherlich nicht das problem.

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

bastim94 13.06.2013 13:30
Hmm da die Textdokumente zu groß für den CODE sind und zu groß für ein Anhang als .txt sind, lade ich sie hier einfach mal in einer .rar hoch.

aharonov 21.06.2013 13:03
Hi und sorry für die Verzögerung,

ich springe hier für Markus ein, da er eine Wochen im wohlverdienten Urlaub weilt..

Brauchst du immer noch Hilfe oder hat es sich mittlerweile erledigt?

aharonov 27.06.2013 12:26
Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten.
Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter.

Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 14:51 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131