| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Sehe keine desktop icons mehrWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.06.2013, 18:50
| #1 |
 |  Sehe keine desktop icons mehr Hallo ich habe mir ma Fences geholt habe es nach einigen tagen wieder deinstalliert und jetzt sehe ich keine desktop icons ich hoffe ihr könnt mir helfen |
|
17.06.2013, 18:54
| #2 |
| /// the machine /// TB-Ausbilder    | Sehe keine desktop icons mehr Hi,
__________________Systemscan mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
__________________ |
|
17.06.2013, 18:59
| #3 |
| | Sehe keine desktop icons mehrFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2013 01
Ran by Manuel (administrator) on 17-06-2013 19:56:44
Running from C:\Users\Manuel\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Alexander Roshal) D:\Program Files\WinRAR\WinRAR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TeamSpeak Systems GmbH) D:\Users\Manuel\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKCU\...\Run: [AdobeBridge] [x]
MountPoints2: {3b79990d-a5c1-11e2-95c3-d43d7e321382} - E:\RunGame.exe
MountPoints2: {e83e1fc3-7a91-11e2-a13e-806e6f6e6963} - F:\autorun.exe
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
IMEO\taskmgr.exe: [Debugger] "C:\USERS\MANUEL\DESKTOP\ORDNER\PROCESSEXPLORER\PROCEXP.EXE"
IMEO\utilman.exe: [Debugger] cmd.exe
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=9849ca9c000000000000d43d7e321382
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=9849ca9c000000000000d43d7e321382
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Chrome:
=======
CHR HomePage: hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=9849ca9c000000000000d43d7e321382
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=9849ca9c000000000000d43d7e321382"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U17) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.170.2) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Remove Google Redirects) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccenmflbeofaceccfhhggbagkblihpoh\1.0.8_0
CHR Extension: (Google Search) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (avast! Ad Blocker) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd\8.0_0
CHR Extension: (AdBlock) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.64_0
CHR Extension: (avast! Online Security) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\8.0.8_0
CHR Extension: (ProxMate - Improve your Internet!) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.3.6_0
CHR Extension: (EXIF Viewer) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafpfdcmppffipmhcpkbplhkoiekndck\2.3.9_0
CHR Extension: (NotScripts) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0
CHR Extension: (Black & Gray) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\opngpggidjbhmmlapgcmcedfgblofagi\1.1.2_0
CHR Extension: (Gmail) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR Extension: (Twitch Giveaways) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd\1.5.2_0
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-06] ()
S2 Hamachi2Svc; "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [x]
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
S3 NTIOLib_1_0_2; C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [13328 2012-02-14] (MSI)
S3 NTIOLib_1_0_2; C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [13328 2012-02-14] (MSI)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 a3ku4qaoj; \??\C:\Users\Manuel\AppData\Local\Temp\9qw7zava3.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 dzs5d2p7n; \??\C:\Users\Manuel\AppData\Local\Temp\nixxksrx9.sys [x]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
S3 PCAlertDriver; \??\C:\Program Files (x86)\MSI\PC Alert 4\NTGLM7X64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-17 19:56 - 2013-06-17 19:56 - 00000000 ____D C:\FRST
2013-06-17 19:55 - 2013-06-17 19:56 - 01926844 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-06-17 19:46 - 2013-06-17 19:46 - 00001065 ____A C:\Users\Manuel\Desktop\TeamSpeak 3 Client.lnk
2013-06-17 19:45 - 2013-06-17 19:45 - 34954912 ____A (TeamSpeak Systems GmbH) C:\Users\Manuel\Downloads\TeamSpeak3-Client-win64-3.0.10.1 (1).exe
2013-06-17 19:27 - 2013-06-17 19:27 - 00093835 ____A C:\Users\Manuel\Downloads\shexview-x64 (1).zip
2013-06-17 19:27 - 2013-06-17 19:27 - 00064685 ____A C:\Users\Manuel\Downloads\shexview.zip
2013-06-17 19:26 - 2013-06-17 19:27 - 01758823 ____A C:\Users\Manuel\Downloads\winrar-x64-420d.exe
2013-06-17 19:26 - 2013-06-17 19:26 - 00093835 ____A C:\Users\Manuel\Downloads\shexview-x64.zip
2013-06-17 19:16 - 2013-06-17 19:16 - 00000828 ____A C:\Users\Manuel\Desktop\CrossFire.lnk
2013-06-17 19:01 - 2013-06-17 19:17 - 00000000 ____D C:\Users\Manuel\AppData\Local\PMB Files
2013-06-17 19:01 - 2013-06-17 19:02 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-17 18:55 - 2013-06-17 18:56 - 34954912 ____A (TeamSpeak Systems GmbH) C:\Users\Manuel\Downloads\TeamSpeak3-Client-win64-3.0.10.1.exe
2013-06-17 18:55 - 2013-06-17 18:56 - 02874584 ____A C:\Users\Manuel\Downloads\CrossFire_NA.exe
2013-06-17 18:51 - 2013-06-17 18:51 - 00001975 ____A C:\Users\Manuel\Desktop\Skype (2).lnk
2013-06-17 18:41 - 2013-06-17 18:41 - 00595772 ____A C:\Users\Manuel\cc_20130617_184052.reg
2013-06-17 18:38 - 2013-06-17 18:38 - 00000828 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-17 18:38 - 2013-06-17 18:38 - 00000000 ____D C:\Program Files\CCleaner
2013-06-17 18:37 - 2013-06-17 18:37 - 03340088 ____A (Piriform Ltd) C:\Users\Manuel\Downloads\ccsetup402_slim.exe
2013-06-17 18:34 - 2013-06-17 18:34 - 00001124 ____A C:\Users\Manuel\Desktop\GIMP 2.lnk
2013-06-17 18:34 - 2013-06-17 18:34 - 00000355 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung (3).lnk
2013-06-17 18:22 - 2013-06-17 18:22 - 00012598 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung.lnk
2013-06-17 18:22 - 2013-06-17 18:22 - 00000355 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung (2).lnk
2013-06-17 18:11 - 2013-06-17 18:11 - 00000000 ____D C:\Program Files (x86)\Setup Files
2013-06-17 18:09 - 2013-06-17 18:09 - 03548677 ____A C:\Users\Manuel\Downloads\LiveUpdate.zip
2013-06-16 20:18 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\Desktop\vbot
2013-06-16 20:17 - 2013-06-16 20:18 - 08233336 ____A C:\Users\Manuel\Downloads\vBot By xlRiderWT.zip
2013-06-16 18:58 - 2013-06-17 18:19 - 00000000 ____D C:\Program Files (x86)\WinPcap
2013-06-16 18:58 - 2013-06-16 18:58 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wireshark
2013-06-16 18:54 - 2013-06-17 18:19 - 00000000 ____D C:\Program Files\Wireshark
2013-06-16 12:36 - 2013-06-16 12:35 - 08149147 ____A C:\Users\Manuel\Desktop\13x37 0.6.1 Client - Public 003.zip
2013-06-16 12:35 - 2013-06-16 12:35 - 08149147 ____A C:\Users\Manuel\Downloads\13x37 0.6.1 Client - Public 003.zip
2013-06-15 20:16 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\Desktop\appcrashview
2013-06-15 20:16 - 2013-06-15 20:16 - 00042180 ____A C:\Users\Manuel\Downloads\appcrashview.zip
2013-06-15 20:16 - 2013-06-15 20:16 - 00042180 ____A C:\Users\Manuel\Desktop\appcrashview.zip
2013-06-15 20:08 - 2013-03-01 19:32 - 00262162 ____A C:\Users\Manuel\Desktop\cssspray.tga
2013-06-15 14:16 - 2013-06-15 14:47 - 00000000 ____D C:\Users\Manuel\Desktop\Workspace
2013-06-15 14:10 - 2013-06-15 14:10 - 00001172 ____A C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-06-15 14:10 - 2013-06-15 14:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-06-15 14:09 - 2013-06-15 14:09 - 05141464 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de (2).exe
2013-06-15 14:01 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\Desktop\eclipse
2013-06-15 12:48 - 2013-05-04 04:42 - 05318771 ____A C:\Users\Manuel\Desktop\minecraft.jar
2013-06-15 12:47 - 2013-06-15 12:47 - 21363918 ____A C:\Users\Manuel\Desktop\mc.zip
2013-06-14 16:59 - 2013-06-14 16:59 - 00026322 ____A C:\Users\Manuel\AppData\Local\recently-used.xbel
2013-06-12 22:34 - 2013-05-17 03:25 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 22:34 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 22:34 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 22:34 - 2013-05-17 02:58 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 22:34 - 2013-05-14 15:14 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-12 22:34 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 22:34 - 2013-05-14 11:23 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 22:34 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 19:59 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Teeworlds
2013-06-12 19:49 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\Desktop\teeworlds
2013-06-12 16:16 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 16:16 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 16:16 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 16:16 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 16:16 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 16:16 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 16:16 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 16:16 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 16:16 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 16:16 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 16:16 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 16:16 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 16:16 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 16:16 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 16:16 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 16:16 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 16:16 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 16:16 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 16:16 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 16:15 - 2013-06-11 16:20 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.spoutcraft
2013-06-11 16:15 - 2013-06-11 16:15 - 02719504 ____A () C:\Users\Manuel\Downloads\Spoutcraft (2).exe
2013-06-11 16:15 - 2013-06-11 16:15 - 00888369 ____A () C:\Users\Manuel\Downloads\Spoutcraft (1).exe
2013-06-11 16:13 - 2013-06-11 16:13 - 02719504 ____A () C:\Users\Manuel\Downloads\Spoutcraft.exe
2013-06-11 15:02 - 2013-06-11 15:02 - 00364763 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.4.exe
2013-06-11 15:02 - 2013-06-11 15:02 - 00364763 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Desktop\MagicLauncher_1.1.4.exe
2013-06-11 15:01 - 2013-06-11 15:01 - 00324419 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.0.0.exe
2013-06-11 14:53 - 2013-04-04 05:35 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-11 14:53 - 2013-04-04 05:30 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-11 14:53 - 2013-04-04 05:29 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-11 14:52 - 2013-06-11 14:53 - 00004032 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-06-11 14:51 - 2013-06-11 14:51 - 00903072 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u21.exe
2013-06-10 15:59 - 2013-06-10 15:59 - 05141464 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de (1).exe
2013-06-09 13:43 - 2013-06-17 18:19 - 00000000 ___HD C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2013-06-09 13:43 - 2013-06-09 13:43 - 00000938 ____A C:\Users\Manuel\Desktop\Anpassen Fences.lnk
2013-06-09 13:43 - 2013-06-09 13:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Stardock
2013-06-09 13:42 - 2013-06-09 13:42 - 09477848 ____A (Stardock Corporation ) C:\Users\Manuel\Downloads\fences101_public.exe
2013-06-09 13:42 - 2013-06-09 13:42 - 00000000 ____D C:\Users\Manuel\AppData\Local\PackageAware
2013-06-09 13:28 - 2013-06-09 13:28 - 00000000 ____D C:\Users\Manuel\Desktop\Z3G
2013-06-09 13:27 - 2013-06-09 13:27 - 00011009 ____A C:\Users\Manuel\Desktop\Z3G.zip
2013-06-09 12:11 - 2013-06-09 12:11 - 00006184 ____A C:\Users\Manuel\Desktop\gimp.rar
2013-06-08 18:02 - 2013-06-09 12:11 - 00000000 ____D C:\Users\Manuel\Desktop\gimp
2013-06-08 17:51 - 2013-06-08 17:51 - 00000000 ____D C:\Users\Manuel\.thumbnails
2013-06-08 17:33 - 2013-06-08 17:33 - 04904080 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de.exe
2013-06-08 17:26 - 2013-06-14 16:59 - 00000000 ____D C:\Users\Manuel\.gimp-2.8
2013-06-08 17:26 - 2013-06-08 17:26 - 00000000 ____D C:\Users\Manuel\AppData\Local\gegl-0.2
2013-06-08 17:25 - 2013-06-08 17:26 - 00000000 ____D C:\Program Files\GIMP 2
2013-06-08 17:24 - 2013-06-08 17:25 - 76902472 ____A (The GIMP Team ) C:\Users\Manuel\Downloads\gimp-2.8.4-setup.exe
2013-06-08 17:22 - 2013-06-08 17:41 - 00000000 ____D C:\Users\Manuel\AppData\Local\Techne
2013-06-07 23:26 - 2013-06-07 23:26 - 00001294 ____A C:\Users\Public\Desktop\Paint.NET.lnk
2013-06-07 23:25 - 2013-06-15 20:08 - 00000000 ____D C:\Users\Manuel\AppData\Local\Paint.NET
2013-06-07 23:25 - 2013-06-07 23:25 - 00000000 ____D C:\Program Files\Paint.NET
2013-06-07 16:22 - 2013-06-08 13:29 - 00000000 ____D C:\Users\Manuel\Desktop\worlds
2013-06-07 00:02 - 2013-06-07 00:02 - 00176128 ____A C:\Users\Manuel\Downloads\BEClient.dll
2013-06-06 15:53 - 2013-06-06 16:21 - 738668640 ____A (Igor Pavlov) C:\Users\Manuel\Downloads\ARMA2OA_Update_160.exe
2013-06-05 17:27 - 2013-06-05 17:27 - 00000892 ____A C:\Users\Manuel\Desktop\ARMA 2 Combined Operations.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer (2).msi
2013-06-05 16:48 - 2013-06-05 16:48 - 00001360 ____A C:\Users\Manuel\Desktop\DayZ Commander.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 00001342 ____A C:\Users\Public\Desktop\DayZ Commander.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-06-05 16:45 - 2013-06-08 11:47 - 00000000 ____D C:\Users\Manuel\AppData\Local\ArmA 2 OA
2013-06-05 16:21 - 2013-06-05 17:26 - 00000000 ____D C:\Users\Manuel\Documents\ArmA 2
2013-06-05 16:21 - 2013-06-05 16:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\ArmA 2
2013-06-05 16:19 - 2013-06-05 16:19 - 00000862 ____A C:\Users\Manuel\Desktop\ARMA II starten.lnk
2013-06-04 18:49 - 2013-06-17 18:40 - 00000000 ____D C:\Users\Manuel\AppData\Local\LogMeIn Hamachi
2013-06-04 18:48 - 2013-06-04 18:48 - 04292608 ____A C:\Users\Manuel\Downloads\hamachi_2.1.0.362.msi
2013-06-04 18:48 - 2013-06-04 18:48 - 00000686 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-06-04 16:14 - 2013-06-04 16:15 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer (1).msi
2013-06-03 17:09 - 2013-06-03 17:09 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-06-03 16:18 - 2013-06-03 16:18 - 00000000 ____D C:\Users\Manuel\AppData\Local\DayZCommander
2013-06-03 16:15 - 2013-06-03 16:15 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-06-01 04:31 - 2013-06-17 19:57 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\NetSpeedMonitor
2013-06-01 04:30 - 2013-06-01 04:30 - 00000000 ____D C:\Program Files\NetSpeedMonitor
2013-06-01 04:29 - 2013-06-01 04:29 - 03652608 ____A C:\Users\Manuel\Downloads\netspeedmonitor_2_5_4_0_x64_setup.msi
2013-05-31 02:31 - 2013-05-31 02:31 - 00000353 ____A C:\Windows\SysWOW64\Settings.bin
2013-05-30 15:31 - 2013-06-04 14:28 - 00000000 ____D C:\Users\Manuel\Desktop\ftb
2013-05-29 22:54 - 2013-06-09 19:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.technic
2013-05-29 21:21 - 2013-05-29 22:58 - 00000000 ____D C:\Users\Manuel\Desktop\tekkit worlds
2013-05-29 03:11 - 2013-05-29 03:11 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-29 03:11 - 2013-05-29 03:11 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-29 03:11 - 2013-05-29 03:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-29 03:11 - 2013-05-29 03:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-29 03:11 - 2013-05-29 03:11 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-29 03:11 - 2013-05-29 03:11 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-29 03:11 - 2013-05-29 03:11 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-29 03:11 - 2013-05-29 03:11 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-29 03:11 - 2013-05-29 03:11 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-29 03:00 - 2013-05-29 03:14 - 00009534 ____A C:\Windows\IE10_main.log
2013-05-28 05:07 - 2013-05-28 05:07 - 33119648 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\jre-7u21-windows-x64 (1).exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-28 05:06 - 2013-05-28 05:06 - 00000000 ____D C:\Program Files\Java
2013-05-28 05:05 - 2013-05-28 05:05 - 33119648 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\jre-7u21-windows-x64.exe
2013-05-28 04:38 - 2013-05-28 04:38 - 01440733 ____A C:\Users\Manuel\Desktop\stealthedit2.zip
2013-05-28 04:38 - 2013-05-28 04:38 - 00000000 ____D C:\Users\Manuel\Desktop\stealthedit2
2013-05-27 04:01 - 2013-05-27 04:01 - 00001231 ____A C:\Users\Manuel\Desktop\TreeSize Free.lnk
2013-05-27 04:01 - 2013-05-27 04:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\JAM Software
2013-05-27 04:01 - 2013-05-27 04:01 - 00000000 ____D C:\Program Files (x86)\JAM Software
2013-05-27 04:00 - 2013-05-27 04:01 - 03350608 ____A (JAM Software ) C:\Users\Manuel\Downloads\TreeSizeFreeSetup.exe
2013-05-22 13:22 - 2013-05-22 13:22 - 00001853 ____A C:\Users\Manuel\Desktop\3DMark 11.lnk
2013-05-22 13:20 - 2013-03-19 08:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlmp.exe
2013-05-22 13:20 - 2011-02-05 19:06 - 00605552 ____A (Microsoft Corporation) C:\Windows\System32\osloader.exe
==================== One Month Modified Files and Folders =======
2013-06-17 19:57 - 2013-06-01 04:31 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\NetSpeedMonitor
2013-06-17 19:56 - 2013-06-17 19:56 - 00000000 ____D C:\FRST
2013-06-17 19:56 - 2013-06-17 19:55 - 01926844 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-06-17 19:51 - 2013-02-26 16:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2013-06-17 19:51 - 2013-02-25 17:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\TS3Client
2013-06-17 19:46 - 2013-06-17 19:46 - 00001065 ____A C:\Users\Manuel\Desktop\TeamSpeak 3 Client.lnk
2013-06-17 19:45 - 2013-06-17 19:45 - 34954912 ____A (TeamSpeak Systems GmbH) C:\Users\Manuel\Downloads\TeamSpeak3-Client-win64-3.0.10.1 (1).exe
2013-06-17 19:34 - 2013-02-24 16:23 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-17 19:27 - 2013-06-17 19:27 - 00093835 ____A C:\Users\Manuel\Downloads\shexview-x64 (1).zip
2013-06-17 19:27 - 2013-06-17 19:27 - 00064685 ____A C:\Users\Manuel\Downloads\shexview.zip
2013-06-17 19:27 - 2013-06-17 19:26 - 01758823 ____A C:\Users\Manuel\Downloads\winrar-x64-420d.exe
2013-06-17 19:26 - 2013-06-17 19:26 - 00093835 ____A C:\Users\Manuel\Downloads\shexview-x64.zip
2013-06-17 19:26 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-17 19:26 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-17 19:23 - 2011-04-12 09:43 - 00696620 ____A C:\Windows\System32\perfh007.dat
2013-06-17 19:23 - 2011-04-12 09:43 - 00147916 ____A C:\Windows\System32\perfc007.dat
2013-06-17 19:23 - 2009-07-14 07:13 - 01612484 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-17 19:22 - 2013-02-19 14:48 - 01944751 ____A C:\Windows\WindowsUpdate.log
2013-06-17 19:19 - 2013-02-24 16:23 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-17 19:18 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-17 19:18 - 2009-07-14 06:51 - 00086461 ____A C:\Windows\setupact.log
2013-06-17 19:17 - 2013-06-17 19:01 - 00000000 ____D C:\Users\Manuel\AppData\Local\PMB Files
2013-06-17 19:17 - 2013-02-19 15:27 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-17 19:16 - 2013-06-17 19:16 - 00000828 ____A C:\Users\Manuel\Desktop\CrossFire.lnk
2013-06-17 19:02 - 2013-06-17 19:01 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-17 19:01 - 2013-04-02 16:43 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-17 18:56 - 2013-06-17 18:55 - 34954912 ____A (TeamSpeak Systems GmbH) C:\Users\Manuel\Downloads\TeamSpeak3-Client-win64-3.0.10.1.exe
2013-06-17 18:56 - 2013-06-17 18:55 - 02874584 ____A C:\Users\Manuel\Downloads\CrossFire_NA.exe
2013-06-17 18:51 - 2013-06-17 18:51 - 00001975 ____A C:\Users\Manuel\Desktop\Skype (2).lnk
2013-06-17 18:41 - 2013-06-17 18:41 - 00595772 ____A C:\Users\Manuel\cc_20130617_184052.reg
2013-06-17 18:41 - 2013-02-24 16:13 - 00000000 ____D C:\users\Manuel
2013-06-17 18:40 - 2013-06-04 18:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\LogMeIn Hamachi
2013-06-17 18:40 - 2013-04-15 14:51 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DAEMON Tools Lite
2013-06-17 18:40 - 2013-03-16 14:25 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\FileZilla
2013-06-17 18:38 - 2013-06-17 18:38 - 00000828 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-17 18:38 - 2013-06-17 18:38 - 00000000 ____D C:\Program Files\CCleaner
2013-06-17 18:37 - 2013-06-17 18:37 - 03340088 ____A (Piriform Ltd) C:\Users\Manuel\Downloads\ccsetup402_slim.exe
2013-06-17 18:37 - 2013-02-26 15:04 - 00000000 ____D C:\Users\Manuel\AppData\Local\Adobe
2013-06-17 18:34 - 2013-06-17 18:34 - 00001124 ____A C:\Users\Manuel\Desktop\GIMP 2.lnk
2013-06-17 18:34 - 2013-06-17 18:34 - 00000355 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung (3).lnk
2013-06-17 18:22 - 2013-06-17 18:22 - 00012598 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung.lnk
2013-06-17 18:22 - 2013-06-17 18:22 - 00000355 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung (2).lnk
2013-06-17 18:21 - 2013-02-24 16:29 - 00001928 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-06-17 18:21 - 2013-02-24 16:28 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-06-17 18:21 - 2009-07-14 06:45 - 04893536 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-17 18:19 - 2013-06-16 20:18 - 00000000 ____D C:\Users\Manuel\Desktop\vbot
2013-06-17 18:19 - 2013-06-16 18:58 - 00000000 ____D C:\Program Files (x86)\WinPcap
2013-06-17 18:19 - 2013-06-16 18:54 - 00000000 ____D C:\Program Files\Wireshark
2013-06-17 18:19 - 2013-06-15 20:16 - 00000000 ____D C:\Users\Manuel\Desktop\appcrashview
2013-06-17 18:19 - 2013-06-15 14:01 - 00000000 ____D C:\Users\Manuel\Desktop\eclipse
2013-06-17 18:19 - 2013-06-12 19:59 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Teeworlds
2013-06-17 18:19 - 2013-06-12 19:49 - 00000000 ____D C:\Users\Manuel\Desktop\teeworlds
2013-06-17 18:19 - 2013-06-09 13:43 - 00000000 ___HD C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2013-06-17 18:19 - 2013-05-15 07:28 - 00000000 ___HD C:\ControlCenterCount
2013-06-17 18:19 - 2013-05-14 13:46 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-06-17 18:19 - 2013-04-15 14:55 - 00000000 ____D C:\Users\Manuel\Documents\SimCity 4
2013-06-17 18:19 - 2013-04-15 14:50 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-06-17 18:19 - 2013-03-28 12:41 - 00000000 ____D C:\Users\Manuel\Desktop\spiele
2013-06-17 18:19 - 2013-03-09 19:40 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.minecraft
2013-06-17 18:19 - 2013-02-19 14:48 - 00000000 ____D C:\users\Admin
2013-06-17 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-17 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-17 18:11 - 2013-06-17 18:11 - 00000000 ____D C:\Program Files (x86)\Setup Files
2013-06-17 18:09 - 2013-06-17 18:09 - 03548677 ____A C:\Users\Manuel\Downloads\LiveUpdate.zip
2013-06-16 20:18 - 2013-06-16 20:17 - 08233336 ____A C:\Users\Manuel\Downloads\vBot By xlRiderWT.zip
2013-06-16 18:58 - 2013-06-16 18:58 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wireshark
2013-06-16 12:35 - 2013-06-16 12:36 - 08149147 ____A C:\Users\Manuel\Desktop\13x37 0.6.1 Client - Public 003.zip
2013-06-16 12:35 - 2013-06-16 12:35 - 08149147 ____A C:\Users\Manuel\Downloads\13x37 0.6.1 Client - Public 003.zip
2013-06-15 20:59 - 2013-02-26 17:46 - 00000000 ____D C:\CFLog
2013-06-15 20:16 - 2013-06-15 20:16 - 00042180 ____A C:\Users\Manuel\Downloads\appcrashview.zip
2013-06-15 20:16 - 2013-06-15 20:16 - 00042180 ____A C:\Users\Manuel\Desktop\appcrashview.zip
2013-06-15 20:08 - 2013-06-07 23:25 - 00000000 ____D C:\Users\Manuel\AppData\Local\Paint.NET
2013-06-15 20:04 - 2013-02-24 16:23 - 00000000 ____D C:\Users\Manuel\AppData\Local\Deployment
2013-06-15 14:47 - 2013-06-15 14:16 - 00000000 ____D C:\Users\Manuel\Desktop\Workspace
2013-06-15 14:17 - 2013-02-24 16:14 - 00059192 ____A C:\Users\Manuel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-15 14:10 - 2013-06-15 14:10 - 00001172 ____A C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-06-15 14:10 - 2013-06-15 14:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-06-15 14:09 - 2013-06-15 14:09 - 05141464 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de (2).exe
2013-06-15 12:47 - 2013-06-15 12:47 - 21363918 ____A C:\Users\Manuel\Desktop\mc.zip
2013-06-14 16:59 - 2013-06-14 16:59 - 00026322 ____A C:\Users\Manuel\AppData\Local\recently-used.xbel
2013-06-14 16:59 - 2013-06-08 17:26 - 00000000 ____D C:\Users\Manuel\.gimp-2.8
2013-06-14 15:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 22:35 - 2013-02-19 15:43 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 21:17 - 2013-02-19 15:27 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-11 21:17 - 2013-02-19 15:27 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 16:20 - 2013-06-11 16:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.spoutcraft
2013-06-11 16:15 - 2013-06-11 16:15 - 02719504 ____A () C:\Users\Manuel\Downloads\Spoutcraft (2).exe
2013-06-11 16:15 - 2013-06-11 16:15 - 00888369 ____A () C:\Users\Manuel\Downloads\Spoutcraft (1).exe
2013-06-11 16:13 - 2013-06-11 16:13 - 02719504 ____A () C:\Users\Manuel\Downloads\Spoutcraft.exe
2013-06-11 15:02 - 2013-06-11 15:02 - 00364763 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.4.exe
2013-06-11 15:02 - 2013-06-11 15:02 - 00364763 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Desktop\MagicLauncher_1.1.4.exe
2013-06-11 15:01 - 2013-06-11 15:01 - 00324419 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.0.0.exe
2013-06-11 14:53 - 2013-06-11 14:52 - 00004032 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-06-11 14:53 - 2013-03-25 01:27 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-11 14:51 - 2013-06-11 14:51 - 00903072 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u21.exe
2013-06-10 15:59 - 2013-06-10 15:59 - 05141464 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de (1).exe
2013-06-09 19:26 - 2013-05-29 22:54 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.technic
2013-06-09 16:43 - 2013-03-28 12:42 - 00000000 ____D C:\Users\Manuel\Desktop\anderes
2013-06-09 13:43 - 2013-06-09 13:43 - 00000938 ____A C:\Users\Manuel\Desktop\Anpassen Fences.lnk
2013-06-09 13:43 - 2013-06-09 13:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Stardock
2013-06-09 13:42 - 2013-06-09 13:42 - 09477848 ____A (Stardock Corporation ) C:\Users\Manuel\Downloads\fences101_public.exe
2013-06-09 13:42 - 2013-06-09 13:42 - 00000000 ____D C:\Users\Manuel\AppData\Local\PackageAware
2013-06-09 13:28 - 2013-06-09 13:28 - 00000000 ____D C:\Users\Manuel\Desktop\Z3G
2013-06-09 13:27 - 2013-06-09 13:27 - 00011009 ____A C:\Users\Manuel\Desktop\Z3G.zip
2013-06-09 12:11 - 2013-06-09 12:11 - 00006184 ____A C:\Users\Manuel\Desktop\gimp.rar
2013-06-09 12:11 - 2013-06-08 18:02 - 00000000 ____D C:\Users\Manuel\Desktop\gimp
2013-06-08 17:51 - 2013-06-08 17:51 - 00000000 ____D C:\Users\Manuel\.thumbnails
2013-06-08 17:41 - 2013-06-08 17:22 - 00000000 ____D C:\Users\Manuel\AppData\Local\Techne
2013-06-08 17:33 - 2013-06-08 17:33 - 04904080 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de.exe
2013-06-08 17:26 - 2013-06-08 17:26 - 00000000 ____D C:\Users\Manuel\AppData\Local\gegl-0.2
2013-06-08 17:26 - 2013-06-08 17:25 - 00000000 ____D C:\Program Files\GIMP 2
2013-06-08 17:25 - 2013-06-08 17:24 - 76902472 ____A (The GIMP Team ) C:\Users\Manuel\Downloads\gimp-2.8.4-setup.exe
2013-06-08 13:29 - 2013-06-07 16:22 - 00000000 ____D C:\Users\Manuel\Desktop\worlds
2013-06-08 11:47 - 2013-06-05 16:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\ArmA 2 OA
2013-06-07 23:26 - 2013-06-07 23:26 - 00001294 ____A C:\Users\Public\Desktop\Paint.NET.lnk
2013-06-07 23:25 - 2013-06-07 23:25 - 00000000 ____D C:\Program Files\Paint.NET
2013-06-07 16:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-06-07 00:02 - 2013-06-07 00:02 - 00176128 ____A C:\Users\Manuel\Downloads\BEClient.dll
2013-06-06 16:21 - 2013-06-06 15:53 - 738668640 ____A (Igor Pavlov) C:\Users\Manuel\Downloads\ARMA2OA_Update_160.exe
2013-06-05 17:27 - 2013-06-05 17:27 - 00000892 ____A C:\Users\Manuel\Desktop\ARMA 2 Combined Operations.lnk
2013-06-05 17:26 - 2013-06-05 16:21 - 00000000 ____D C:\Users\Manuel\Documents\ArmA 2
2013-06-05 16:48 - 2013-06-05 16:48 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer (2).msi
2013-06-05 16:48 - 2013-06-05 16:48 - 00001360 ____A C:\Users\Manuel\Desktop\DayZ Commander.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 00001342 ____A C:\Users\Public\Desktop\DayZ Commander.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-06-05 16:21 - 2013-06-05 16:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\ArmA 2
2013-06-05 16:19 - 2013-06-05 16:19 - 00000862 ____A C:\Users\Manuel\Desktop\ARMA II starten.lnk
2013-06-05 16:19 - 2013-02-19 15:40 - 00138064 ____A C:\Windows\DirectX.log
2013-06-04 18:48 - 2013-06-04 18:48 - 04292608 ____A C:\Users\Manuel\Downloads\hamachi_2.1.0.362.msi
2013-06-04 18:48 - 2013-06-04 18:48 - 00000686 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-06-04 16:15 - 2013-06-04 16:14 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer (1).msi
2013-06-04 14:28 - 2013-05-30 15:31 - 00000000 ____D C:\Users\Manuel\Desktop\ftb
2013-06-03 17:09 - 2013-06-03 17:09 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-06-03 16:18 - 2013-06-03 16:18 - 00000000 ____D C:\Users\Manuel\AppData\Local\DayZCommander
2013-06-03 16:15 - 2013-06-03 16:15 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-06-01 04:30 - 2013-06-01 04:30 - 00000000 ____D C:\Program Files\NetSpeedMonitor
2013-06-01 04:29 - 2013-06-01 04:29 - 03652608 ____A C:\Users\Manuel\Downloads\netspeedmonitor_2_5_4_0_x64_setup.msi
2013-05-31 02:31 - 2013-05-31 02:31 - 00000353 ____A C:\Windows\SysWOW64\Settings.bin
2013-05-29 22:58 - 2013-05-29 21:21 - 00000000 ____D C:\Users\Manuel\Desktop\tekkit worlds
2013-05-29 05:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-29 03:14 - 2013-05-29 03:00 - 00009534 ____A C:\Windows\IE10_main.log
2013-05-29 03:11 - 2013-05-29 03:11 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-29 03:11 - 2013-05-29 03:11 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-29 03:11 - 2013-05-29 03:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-29 03:11 - 2013-05-29 03:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-29 03:11 - 2013-05-29 03:11 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-29 03:11 - 2013-05-29 03:11 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-29 03:11 - 2013-05-29 03:11 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-29 03:11 - 2013-05-29 03:11 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-29 03:11 - 2013-05-29 03:11 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-28 05:07 - 2013-05-28 05:07 - 33119648 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\jre-7u21-windows-x64 (1).exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-28 05:06 - 2013-05-28 05:06 - 00000000 ____D C:\Program Files\Java
2013-05-28 05:06 - 2013-02-19 15:28 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-28 05:06 - 2013-02-19 15:28 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-28 05:05 - 2013-05-28 05:05 - 33119648 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\jre-7u21-windows-x64.exe
2013-05-28 04:38 - 2013-05-28 04:38 - 01440733 ____A C:\Users\Manuel\Desktop\stealthedit2.zip
2013-05-28 04:38 - 2013-05-28 04:38 - 00000000 ____D C:\Users\Manuel\Desktop\stealthedit2
2013-05-27 04:01 - 2013-05-27 04:01 - 00001231 ____A C:\Users\Manuel\Desktop\TreeSize Free.lnk
2013-05-27 04:01 - 2013-05-27 04:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\JAM Software
2013-05-27 04:01 - 2013-05-27 04:01 - 00000000 ____D C:\Program Files (x86)\JAM Software
2013-05-27 04:01 - 2013-05-27 04:00 - 03350608 ____A (JAM Software ) C:\Users\Manuel\Downloads\TreeSizeFreeSetup.exe
2013-05-26 21:53 - 2013-03-28 12:42 - 00000000 ____D C:\Users\Manuel\Desktop\ordner
2013-05-22 13:22 - 2013-05-22 13:22 - 00001853 ____A C:\Users\Manuel\Desktop\3DMark 11.lnk
2013-05-18 15:20 - 2013-02-26 17:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-05-18 15:20 - 2013-02-26 16:45 - 00000000 ____D C:\ProgramData\Skype
2013-05-18 09:43 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-06-13 16:10
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2013 01
Ran by Manuel at 2013-06-17 19:58:08 Run:
Running from C:\Users\Manuel\Downloads
Boot Mode: Normal
==========================================================
==================== Installed Programs =======================
3DMark 11 (Version: 1.0.3)
Adobe AIR (Version: 3.7.0.1860)
Adobe Download Assistant (Version: 1.2.5)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Photoshop CS6 (Version: 13.0)
Adobe Reader XI (11.0.02) - Deutsch (Version: 11.0.02)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
AMD Steady Video Plug-In (Version: 2.06.0000)
AMD VISION Engine Control Center (Version: 2012.1219.1521.27485)
Asmedia ASM104x USB 3.0 Host Controller Driver (Version: 1.14.10.0)
AutoHotkey 1.1.09.03 (Version: 1.1.09.03)
avast! Free Antivirus (Version: 8.0.1489.0)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485)
CCC Help Czech (Version: 2012.1219.1520.27485)
CCC Help Danish (Version: 2012.1219.1520.27485)
CCC Help Dutch (Version: 2012.1219.1520.27485)
CCC Help English (Version: 2012.1219.1520.27485)
CCC Help Finnish (Version: 2012.1219.1520.27485)
CCC Help French (Version: 2012.1219.1520.27485)
CCC Help German (Version: 2012.1219.1520.27485)
CCC Help Greek (Version: 2012.1219.1520.27485)
CCC Help Hungarian (Version: 2012.1219.1520.27485)
CCC Help Italian (Version: 2012.1219.1520.27485)
CCC Help Japanese (Version: 2012.1219.1520.27485)
CCC Help Korean (Version: 2012.1219.1520.27485)
CCC Help Norwegian (Version: 2012.1219.1520.27485)
CCC Help Polish (Version: 2012.1219.1520.27485)
CCC Help Portuguese (Version: 2012.1219.1520.27485)
CCC Help Russian (Version: 2012.1219.1520.27485)
CCC Help Spanish (Version: 2012.1219.1520.27485)
CCC Help Swedish (Version: 2012.1219.1520.27485)
CCC Help Thai (Version: 2012.1219.1520.27485)
CCC Help Turkish (Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
CCleaner (Version: 4.02)
Cheat Engine 6.2
ControlCenter (Version: 2.5.053)
Cross Fire En
DayZ Commander (Version: 0.92.79)
Diablo III (Version: 1.0.8.16603)
Diablo III Public Test (Version: 1.0.8.16256)
Fences (Version: 1.0)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
Futuremark SystemInfo (Version: 4.15.0)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (Version: 27.0.1453.110)
Google Update Helper (Version: 1.3.21.145)
Gyazo 1.0
IPFilter Updater 0.9 (Version: 0.9)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
LogMeIn Hamachi (Version: 2.1.0.362)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
MSVCRT Redists (Version: 1.0)
MTA:SA v1.3.1 (Version: v1.3.1)
NetSpeedMonitor 2.5.4.0 x64 (Version: 2.5.4.0)
Paint.NET v3.5.10 (Version: 3.60.0)
Pando Media Booster (Version: 2.6.0.9)
PDF Settings CS6 (Version: 11.0)
Realtek Ethernet Controller Driver (Version: 7.53.216.2012)
Realtek HDMI Audio Driver for ATI (Version: 6.0.1.6650)
Realtek High Definition Audio Driver (Version: 6.0.1.6662)
ROBLOX Player
ROBLOX Studio 2013
SimCity™ (Version: 1.0.0.0)
Skype™ 6.3 (Version: 6.3.107)
Steam (Version: 1.0.0.0)
System Requirements Lab CYRI (Version: 5.0.6.0)
TeamSpeak 3 Client (Version: 3.0.10)
TeamViewer 8 (Version: 8.0.18930)
Techne (Version: 1.3.0.15)
TreeSize Free V2.7 (Version: 2.7)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Vegas Pro 12.0 (64-bit) (Version: 12.0.486)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
XSplit (Version: 1.2.1303.0101)
==================== Restore Points =========================
07-06-2013 21:25:36 Paint.NET v3.5.10
11-06-2013 12:14:24 Windows Update
11-06-2013 12:52:09 Installed Java 7 Update 21
12-06-2013 20:34:08 Windows Update
15-06-2013 13:06:48 Windows Update
17-06-2013 16:17:48 Wiederherstellungsvorgang
17-06-2013 16:42:52 Removed Fences
==================== Scheduled Tasks (whitelisted) =============
Task: {06771D10-2192-404A-A6A0-22FB37A107A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24] (Google Inc.)
Task: {11D1A6AB-D583-4DDF-AF3D-A3BE419A6CD7} - System32\Tasks\WPD\SqmUpload_S-1-5-21-1776738966-1763680080-1705876545-1002 => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {2B2972D3-759F-4529-B4F5-C540001105A0} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {4E19DB63-E1F2-4290-9B45-F254F45F74EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-11] (Adobe Systems Incorporated)
Task: {75859EAA-389D-41BB-830A-28216064F4CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {81540B9F-B5BF-47EB-9C95-BE195BF2C664} - System32\Tasks\Microsoft\Windows\NetTrace\GatherNetworkInfo => C:\Windows\system32\gatherNetworkInfo.vbs [2009-06-10] ()
Task: {A96ACDC2-2E58-47AB-81F7-2B7FE0621877} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {C1E26B17-5CAD-4B07-B956-5911F752EA78} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {D1A4E90B-1F7B-49BD-9DB7-97C0A106680E} - System32\Tasks\AdobeAAMUpdater-1.0-PC-MANUEL-Manuel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {FCCE2EA8-8CD3-4CC8-83A7-325BFFD23B4D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24] (Google Inc.)
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/17/2013 07:20:28 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 06:52:22 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 06:43:20 PM) (Source: MsiInstaller) (User: PC-MANUEL)
Description: Product: Fences -- Error 1706. An installation package for the product Fences cannot be found. Try the installation again using a valid copy of the installation package 'Fences.msi'.
Error: (06/17/2013 06:42:57 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service Futuremark SystemInfo Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/17/2013 06:42:57 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddWin32ServiceFiles: Unable to back up image of service CyberGhost VPN Client since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/17/2013 06:28:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 06:22:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 06:17:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 05:52:36 PM) (Source: Application Hang) (User: )
Description: Programm crossfire.exe, Version 1.1.18.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 136c
Startzeit: 01ce6b72a16fc1e7
Endzeit: 0
Anwendungspfad: D:\Program Files (x86)\Z8Games\CrossFire\crossfire.exe
Berichts-ID: eb284dc5-d765-11e2-8b79-d43d7e321382
Error: (06/17/2013 05:51:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/17/2013 07:18:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/17/2013 07:18:45 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ?17.?06.?2013 um 19:17:27 unerwartet heruntergefahren.
Error: (06/17/2013 06:50:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/17/2013 06:23:05 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Skype Updater" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/17/2013 06:16:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/17/2013 05:49:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/17/2013 04:38:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/16/2013 10:40:33 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "VMware USB Arbitration Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/15/2013 08:15:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Futuremark SystemInfo Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/15/2013 08:15:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Futuremark SystemInfo Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (06/17/2013 07:20:28 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 06:52:22 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 06:43:20 PM) (Source: MsiInstaller)(User: PC-MANUEL)
Description: Product: Fences -- Error 1706. An installation package for the product Fences cannot be found. Try the installation again using a valid copy of the installation package 'Fences.msi'.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (06/17/2013 06:42:57 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Futuremark SystemInfo Service since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (06/17/2013 06:42:57 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service CyberGhost VPN Client since QueryServiceConfig API failed
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (06/17/2013 06:28:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 06:22:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 06:17:39 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/17/2013 05:52:36 PM) (Source: Application Hang)(User: )
Description: crossfire.exe1.1.18.6136c01ce6b72a16fc1e70D:\Program Files (x86)\Z8Games\CrossFire\crossfire.exeeb284dc5-d765-11e2-8b79-d43d7e321382
Error: (06/17/2013 05:51:23 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 25%
Total physical RAM: 8178.14 MB
Available physical RAM: 6082.05 MB
Total Pagefile: 16354.46 MB
Available Pagefile: 13877.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:250.49 GB) (Free:185.56 GB) NTFS (Disk=0 Partition=2)
Drive d: (Daten) (Fixed) (Total:680.92 GB) (Free:675.11 GB) NTFS (Disk=0 Partition=3)
Drive f: (ARMA2OA) (CDROM) (Total:7.4 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 01C5BAD2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=250 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=681 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
17.06.2013, 19:10
| #4 | |
| /// the machine /// TB-Ausbilder | Sehe keine desktop icons mehr Desktop Icons sollten kein Thema sein, aber da is noch mehr im Argen. Zuerst entfernen wir Malware. Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.06.2013, 19:47
| #5 |
| | Sehe keine desktop icons mehr Schreibe dass gerade von meinen handy aus ich habe 2 probleme dass 1 ist dass dad programm beifertigestellt 16 nicht mehr weiter geeht dass 2 es kommt manchmal eine meldung comandline standard stream splitter funktioniert nicht mehr aber das programm schliesst sich auch nicht |
|
17.06.2013, 20:02
| #6 |
| /// the machine /// TB-Ausbilder | Sehe keine desktop icons mehr Gib Combofix noch ne halbe Stunde und melde dich wieder 
__________________ --> Sehe keine desktop icons mehr |
|
17.06.2013, 20:38
| #7 |
| | Sehe keine desktop icons mehr 30 min rum immer noch bei fertigestellt stufe 16 Immet wo die fehler mldung kam bin ich auf abbrechrn und aufeinmal gehts weiter Und sorry fuer die fehler svhreibe mit handy Code:
ATTFilter ComboFix 13-06-17.01 - Manuel 17.06.2013 20:21:51.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8178.5994 [GMT 2:00]
ausgeführt von:: c:\users\Manuel\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\CrashLog_20130602.txt
c:\cflog\EPLog.txt
c:\program files (x86)\WinPCap
c:\program files (x86)\WinPCap\install.log
c:\users\Manuel\AppData\Roaming\app
c:\users\Manuel\AppData\Roaming\app\Jerakine_lang.dat
c:\users\Manuel\AppData\Roaming\app\Jerakine_lang_vesrion.dat
c:\windows\SysWow64\Dump
c:\windows\SysWow64\Dump\MiniDump.dmp
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-17 bis 2013-06-17 ))))))))))))))))))))))))))))))
.
.
2013-06-17 19:57 . 2013-06-17 19:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-17 19:57 . 2013-06-17 19:57 -------- d-----w- c:\users\Admin\AppData\Local\temp
2013-06-17 17:56 . 2013-06-17 17:56 -------- d-----w- C:\FRST
2013-06-17 17:01 . 2013-06-17 17:17 -------- d-----w- c:\users\Manuel\AppData\Local\PMB Files
2013-06-17 17:01 . 2013-06-17 17:02 -------- d-----w- c:\programdata\PMB Files
2013-06-17 16:41 . 2013-06-17 16:41 595772 ----a-w- c:\users\Manuel\cc_20130617_184052.reg
2013-06-17 16:38 . 2013-06-17 16:38 -------- d-----w- c:\program files\CCleaner
2013-06-17 16:11 . 2013-06-17 16:11 -------- d-----w- c:\program files (x86)\Setup Files
2013-06-16 16:58 . 2013-06-16 16:58 -------- d-----w- c:\users\Manuel\AppData\Roaming\Wireshark
2013-06-16 16:54 . 2013-06-17 16:19 -------- d-----w- c:\program files\Wireshark
2013-06-15 12:10 . 2013-06-15 12:10 -------- d-----w- c:\program files (x86)\TeamViewer
2013-06-15 12:01 . 2013-06-17 17:31 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F32D11F-96D2-4DC6-9258-53FB9B906B45}\offreg.dll
2013-06-14 11:28 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F32D11F-96D2-4DC6-9258-53FB9B906B45}\mpengine.dll
2013-06-12 17:59 . 2013-06-17 16:19 -------- d-----w- c:\users\Manuel\AppData\Roaming\Teeworlds
2013-06-11 14:15 . 2013-06-11 14:20 -------- d-----w- c:\users\Manuel\AppData\Roaming\.spoutcraft
2013-06-11 12:53 . 2013-06-11 12:53 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-11 12:53 . 2013-04-04 03:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-09 11:43 . 2013-06-09 11:43 -------- d-----w- c:\users\Manuel\AppData\Roaming\Stardock
2013-06-09 11:43 . 2013-06-17 16:19 -------- d--h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2013-06-09 11:42 . 2013-06-09 11:42 -------- d-----w- c:\users\Manuel\AppData\Local\PackageAware
2013-06-08 15:51 . 2013-06-08 15:51 -------- d-----w- c:\users\Manuel\.thumbnails
2013-06-08 15:26 . 2013-06-08 15:26 -------- d-----w- c:\users\Manuel\AppData\Local\fontconfig
2013-06-08 15:26 . 2013-06-14 14:59 -------- d-----w- c:\users\Manuel\.gimp-2.8
2013-06-08 15:26 . 2013-06-08 15:26 -------- d-----w- c:\users\Manuel\AppData\Local\gegl-0.2
2013-06-08 15:25 . 2013-06-08 15:26 -------- d-----w- c:\program files\GIMP 2
2013-06-08 15:22 . 2013-06-08 15:41 -------- d-----w- c:\users\Manuel\AppData\Local\Techne
2013-06-07 21:25 . 2013-06-07 21:25 -------- d-----w- c:\program files\Paint.NET
2013-06-07 21:25 . 2013-06-15 18:08 -------- d-----w- c:\users\Manuel\AppData\Local\Paint.NET
2013-06-06 14:51 . 2013-06-06 14:51 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2013-06-05 14:48 . 2013-06-05 14:48 -------- d-----w- c:\program files (x86)\Dotjosh Studios
2013-06-05 14:45 . 2013-06-08 09:47 -------- d-----w- c:\users\Manuel\AppData\Local\ArmA 2 OA
2013-06-05 14:21 . 2013-06-05 14:21 -------- d-----w- c:\users\Manuel\AppData\Local\ArmA 2
2013-06-04 16:49 . 2013-06-17 16:40 -------- d-----w- c:\users\Manuel\AppData\Local\LogMeIn Hamachi
2013-06-03 15:09 . 2013-06-03 15:09 -------- d-----w- c:\programdata\Bohemia Interactive Studio
2013-06-03 14:18 . 2013-06-03 14:18 -------- d-----w- c:\users\Manuel\AppData\Local\DayZCommander
2013-06-01 02:31 . 2013-06-17 19:59 -------- d-----w- c:\users\Manuel\AppData\Roaming\NetSpeedMonitor
2013-06-01 02:30 . 2013-06-01 02:30 -------- d-----w- c:\program files\NetSpeedMonitor
2013-05-31 00:31 . 2013-05-31 00:31 353 ----a-w- c:\windows\SysWow64\Settings.bin
2013-05-29 20:54 . 2013-06-09 17:26 -------- d-----w- c:\users\Manuel\AppData\Roaming\.technic
2013-05-28 03:06 . 2013-05-28 03:06 311200 ----a-w- c:\windows\system32\javaws.exe
2013-05-28 03:06 . 2013-05-28 03:06 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-28 03:06 . 2013-05-28 03:06 188832 ----a-w- c:\windows\system32\javaw.exe
2013-05-28 03:06 . 2013-05-28 03:06 188320 ----a-w- c:\windows\system32\java.exe
2013-05-28 03:06 . 2013-05-28 03:06 -------- d-----w- c:\program files\Java
2013-05-27 02:01 . 2013-05-27 02:01 -------- d-----w- c:\users\Manuel\AppData\Roaming\JAM Software
2013-05-27 02:01 . 2013-05-27 02:01 -------- d-----w- c:\program files (x86)\JAM Software
2013-05-22 11:20 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntkrnlmp.exe
2013-05-22 11:20 . 2011-02-05 17:06 605552 ----a-w- c:\windows\system32\osloader.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 20:35 . 2013-02-19 13:43 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-11 19:17 . 2013-02-19 13:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 19:17 . 2013-02-19 13:27 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-28 03:06 . 2013-02-19 13:28 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-28 03:06 . 2013-02-19 13:28 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-09 08:59 . 2013-03-02 09:39 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-02 09:39 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-02-24 14:29 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-02-24 14:29 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2013-02-24 14:29 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-02-24 14:28 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2013-02-24 14:29 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2013-02-24 14:28 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2013-02-24 14:28 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2013-02-24 14:28 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-29 13:22 . 2013-04-29 13:22 67584 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2013-04-13 05:49 . 2013-05-15 08:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 08:48 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 08:48 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 08:48 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 08:48 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 08:48 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 12:01 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 08:48 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 08:48 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 08:48 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-03-24 23:27 . 2013-02-19 13:28 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-24 23:27 . 2013-02-19 13:28 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 a3ku4qaoj;a3ku4qaoj;c:\users\Manuel\AppData\Local\Temp\9qw7zava3.sys;c:\users\Manuel\AppData\Local\Temp\9qw7zava3.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 dzs5d2p7n;dzs5d2p7n;c:\users\Manuel\AppData\Local\Temp\nixxksrx9.sys;c:\users\Manuel\AppData\Local\Temp\nixxksrx9.sys [x]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 PCAlertDriver;PCAlertDriver;c:\program files (x86)\MSI\PC Alert 4\NTGLM7X64.sys;c:\program files (x86)\MSI\PC Alert 4\NTGLM7X64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - PROCEXP152
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 20:09 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-19 19:17]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 14:23]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 14:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=9849ca9c000000000000d43d7e321382
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
SharedTaskScheduler-{1984DD45-52CF-49cd-AB77-18F378FEA264} - (no file)
AddRemove-FileZilla Client - d:\program files (x86)\FileZilla FTP Client\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-17 22:02:39
ComboFix-quarantined-files.txt 2013-06-17 20:02
.
Vor Suchlauf: 9 Verzeichnis(se), 198.886.129.664 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 198.673.465.344 Bytes frei
.
- - End Of File - - AB3EFA12EA409FBD27DA916BC8F2677B
A36C5E4F47E84449FF07ED3517B43A31
|
|
18.06.2013, 06:35
| #8 |
| /// the machine /// TB-Ausbilder | Sehe keine desktop icons mehr Immer locker. Da Du und sonst auch keiner 3 Mille auf mein Konto überweist, muss ich nebenbei auch noch arbeiten gehen, schlafen, essen, Freundin bei Laune halten, das übliche  Combofix-Skript
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST Log. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.06.2013, 12:32
| #9 |
| | Sehe keine desktop icons mehr combofix log die anderen kommen noch aber bei combofix kam wieder ocmmandline reagierte nicht mehr ich habe aber nichts am pc gemacht Code:
ATTFilter ComboFix 13-06-18.02 - Manuel 18.06.2013 13:17:59.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8178.6344 [GMT 2:00]
ausgeführt von:: c:\users\Manuel\Desktop\ComboFix.exe
Benutzte Befehlsschalter :: c:\users\Manuel\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-18 bis 2013-06-18 ))))))))))))))))))))))))))))))
.
.
2013-06-18 11:28 . 2013-06-18 11:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-18 11:28 . 2013-06-18 11:28 -------- d-----w- c:\users\Admin\AppData\Local\temp
2013-06-17 17:56 . 2013-06-17 17:56 -------- d-----w- C:\FRST
2013-06-17 17:01 . 2013-06-17 17:17 -------- d-----w- c:\users\Manuel\AppData\Local\PMB Files
2013-06-17 17:01 . 2013-06-17 17:02 -------- d-----w- c:\programdata\PMB Files
2013-06-17 16:41 . 2013-06-17 16:41 595772 ----a-w- c:\users\Manuel\cc_20130617_184052.reg
2013-06-17 16:38 . 2013-06-17 16:38 -------- d-----w- c:\program files\CCleaner
2013-06-17 16:11 . 2013-06-17 16:11 -------- d-----w- c:\program files (x86)\Setup Files
2013-06-16 16:58 . 2013-06-16 16:58 -------- d-----w- c:\users\Manuel\AppData\Roaming\Wireshark
2013-06-16 16:54 . 2013-06-17 16:19 -------- d-----w- c:\program files\Wireshark
2013-06-15 12:10 . 2013-06-15 12:10 -------- d-----w- c:\program files (x86)\TeamViewer
2013-06-14 11:28 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F32D11F-96D2-4DC6-9258-53FB9B906B45}\mpengine.dll
2013-06-12 17:59 . 2013-06-17 16:19 -------- d-----w- c:\users\Manuel\AppData\Roaming\Teeworlds
2013-06-11 14:15 . 2013-06-11 14:20 -------- d-----w- c:\users\Manuel\AppData\Roaming\.spoutcraft
2013-06-11 12:53 . 2013-06-11 12:53 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-11 12:53 . 2013-04-04 03:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-09 11:43 . 2013-06-09 11:43 -------- d-----w- c:\users\Manuel\AppData\Roaming\Stardock
2013-06-09 11:43 . 2013-06-17 16:19 -------- d--h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2013-06-09 11:42 . 2013-06-09 11:42 -------- d-----w- c:\users\Manuel\AppData\Local\PackageAware
2013-06-08 15:51 . 2013-06-08 15:51 -------- d-----w- c:\users\Manuel\.thumbnails
2013-06-08 15:26 . 2013-06-08 15:26 -------- d-----w- c:\users\Manuel\AppData\Local\fontconfig
2013-06-08 15:26 . 2013-06-14 14:59 -------- d-----w- c:\users\Manuel\.gimp-2.8
2013-06-08 15:26 . 2013-06-08 15:26 -------- d-----w- c:\users\Manuel\AppData\Local\gegl-0.2
2013-06-08 15:25 . 2013-06-08 15:26 -------- d-----w- c:\program files\GIMP 2
2013-06-08 15:22 . 2013-06-08 15:41 -------- d-----w- c:\users\Manuel\AppData\Local\Techne
2013-06-07 21:25 . 2013-06-07 21:25 -------- d-----w- c:\program files\Paint.NET
2013-06-07 21:25 . 2013-06-15 18:08 -------- d-----w- c:\users\Manuel\AppData\Local\Paint.NET
2013-06-06 14:51 . 2013-06-06 14:51 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2013-06-05 14:48 . 2013-06-05 14:48 -------- d-----w- c:\program files (x86)\Dotjosh Studios
2013-06-05 14:45 . 2013-06-08 09:47 -------- d-----w- c:\users\Manuel\AppData\Local\ArmA 2 OA
2013-06-05 14:21 . 2013-06-05 14:21 -------- d-----w- c:\users\Manuel\AppData\Local\ArmA 2
2013-06-04 16:49 . 2013-06-17 16:40 -------- d-----w- c:\users\Manuel\AppData\Local\LogMeIn Hamachi
2013-06-03 15:09 . 2013-06-03 15:09 -------- d-----w- c:\programdata\Bohemia Interactive Studio
2013-06-03 14:18 . 2013-06-03 14:18 -------- d-----w- c:\users\Manuel\AppData\Local\DayZCommander
2013-06-01 02:31 . 2013-06-18 11:27 -------- d-----w- c:\users\Manuel\AppData\Roaming\NetSpeedMonitor
2013-06-01 02:30 . 2013-06-01 02:30 -------- d-----w- c:\program files\NetSpeedMonitor
2013-05-31 00:31 . 2013-05-31 00:31 353 ----a-w- c:\windows\SysWow64\Settings.bin
2013-05-29 20:54 . 2013-06-09 17:26 -------- d-----w- c:\users\Manuel\AppData\Roaming\.technic
2013-05-28 03:06 . 2013-05-28 03:06 311200 ----a-w- c:\windows\system32\javaws.exe
2013-05-28 03:06 . 2013-05-28 03:06 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-28 03:06 . 2013-05-28 03:06 188832 ----a-w- c:\windows\system32\javaw.exe
2013-05-28 03:06 . 2013-05-28 03:06 188320 ----a-w- c:\windows\system32\java.exe
2013-05-28 03:06 . 2013-05-28 03:06 -------- d-----w- c:\program files\Java
2013-05-27 02:01 . 2013-05-27 02:01 -------- d-----w- c:\users\Manuel\AppData\Roaming\JAM Software
2013-05-27 02:01 . 2013-05-27 02:01 -------- d-----w- c:\program files (x86)\JAM Software
2013-05-22 11:20 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntkrnlmp.exe
2013-05-22 11:20 . 2011-02-05 17:06 605552 ----a-w- c:\windows\system32\osloader.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 20:35 . 2013-02-19 13:43 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-11 19:17 . 2013-02-19 13:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 19:17 . 2013-02-19 13:27 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-28 03:06 . 2013-02-19 13:28 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-28 03:06 . 2013-02-19 13:28 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-09 08:59 . 2013-03-02 09:39 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-02 09:39 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-02-24 14:29 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-02-24 14:29 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2013-02-24 14:29 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-02-24 14:28 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2013-02-24 14:29 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2013-02-24 14:28 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2013-02-24 14:28 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2013-02-24 14:28 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-29 13:22 . 2013-04-29 13:22 67584 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2013-04-13 05:49 . 2013-05-15 08:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 08:48 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 08:48 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 08:48 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 08:48 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 08:48 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 12:01 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 08:48 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 08:48 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 08:48 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-03-24 23:27 . 2013-02-19 13:28 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-24 23:27 . 2013-02-19 13:28 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 a3ku4qaoj;a3ku4qaoj;c:\users\Manuel\AppData\Local\Temp\9qw7zava3.sys;c:\users\Manuel\AppData\Local\Temp\9qw7zava3.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 dzs5d2p7n;dzs5d2p7n;c:\users\Manuel\AppData\Local\Temp\nixxksrx9.sys;c:\users\Manuel\AppData\Local\Temp\nixxksrx9.sys [x]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 PCAlertDriver;PCAlertDriver;c:\program files (x86)\MSI\PC Alert 4\NTGLM7X64.sys;c:\program files (x86)\MSI\PC Alert 4\NTGLM7X64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 20:09 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-19 19:17]
.
2013-06-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 14:23]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 14:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=9849ca9c000000000000d43d7e321382
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SharedTaskScheduler-{1984DD45-52CF-49cd-AB77-18F378FEA264} - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-18 13:30:01
ComboFix-quarantined-files.txt 2013-06-18 11:30
ComboFix2.txt 2013-06-17 20:02
.
Vor Suchlauf: 10 Verzeichnis(se), 199.316.647.936 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 199.065.083.904 Bytes frei
.
- - End Of File - - 55D2F9897FB237BF751C3DCBB0C7B894
A36C5E4F47E84449FF07ED3517B43A31
|
|
18.06.2013, 12:35
| #10 |
| /// the machine /// TB-Ausbilder | Sehe keine desktop icons mehr Bitte noch C:\Qoobox\Combofix2.txt posten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.06.2013, 12:38
| #11 |
| | Sehe keine desktop icons mehr Combofix2.txt Code:
ATTFilter ComboFix 13-06-17.01 - Manuel 17.06.2013 20:21:51.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8178.5994 [GMT 2:00]
ausgeführt von:: c:\users\Manuel\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\CFLog
c:\cflog\CrashLog_20130602.txt
c:\cflog\EPLog.txt
c:\program files (x86)\WinPCap
c:\program files (x86)\WinPCap\install.log
c:\users\Manuel\AppData\Roaming\app
c:\users\Manuel\AppData\Roaming\app\Jerakine_lang.dat
c:\users\Manuel\AppData\Roaming\app\Jerakine_lang_vesrion.dat
c:\windows\SysWow64\Dump
c:\windows\SysWow64\Dump\MiniDump.dmp
c:\windows\SysWow64\frapsvid.dll
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-05-17 bis 2013-06-17 ))))))))))))))))))))))))))))))
.
.
2013-06-17 19:57 . 2013-06-17 19:57 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-06-17 19:57 . 2013-06-17 19:57 -------- d-----w- c:\users\Admin\AppData\Local\temp
2013-06-17 17:56 . 2013-06-17 17:56 -------- d-----w- C:\FRST
2013-06-17 17:01 . 2013-06-17 17:17 -------- d-----w- c:\users\Manuel\AppData\Local\PMB Files
2013-06-17 17:01 . 2013-06-17 17:02 -------- d-----w- c:\programdata\PMB Files
2013-06-17 16:41 . 2013-06-17 16:41 595772 ----a-w- c:\users\Manuel\cc_20130617_184052.reg
2013-06-17 16:38 . 2013-06-17 16:38 -------- d-----w- c:\program files\CCleaner
2013-06-17 16:11 . 2013-06-17 16:11 -------- d-----w- c:\program files (x86)\Setup Files
2013-06-16 16:58 . 2013-06-16 16:58 -------- d-----w- c:\users\Manuel\AppData\Roaming\Wireshark
2013-06-16 16:54 . 2013-06-17 16:19 -------- d-----w- c:\program files\Wireshark
2013-06-15 12:10 . 2013-06-15 12:10 -------- d-----w- c:\program files (x86)\TeamViewer
2013-06-15 12:01 . 2013-06-17 17:31 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F32D11F-96D2-4DC6-9258-53FB9B906B45}\offreg.dll
2013-06-14 11:28 . 2013-05-13 06:37 9460464 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0F32D11F-96D2-4DC6-9258-53FB9B906B45}\mpengine.dll
2013-06-12 17:59 . 2013-06-17 16:19 -------- d-----w- c:\users\Manuel\AppData\Roaming\Teeworlds
2013-06-11 14:15 . 2013-06-11 14:20 -------- d-----w- c:\users\Manuel\AppData\Roaming\.spoutcraft
2013-06-11 12:53 . 2013-06-11 12:53 -------- d-----w- c:\program files (x86)\Common Files\Java
2013-06-11 12:53 . 2013-04-04 03:35 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-06-09 11:43 . 2013-06-09 11:43 -------- d-----w- c:\users\Manuel\AppData\Roaming\Stardock
2013-06-09 11:43 . 2013-06-17 16:19 -------- d--h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2013-06-09 11:42 . 2013-06-09 11:42 -------- d-----w- c:\users\Manuel\AppData\Local\PackageAware
2013-06-08 15:51 . 2013-06-08 15:51 -------- d-----w- c:\users\Manuel\.thumbnails
2013-06-08 15:26 . 2013-06-08 15:26 -------- d-----w- c:\users\Manuel\AppData\Local\fontconfig
2013-06-08 15:26 . 2013-06-14 14:59 -------- d-----w- c:\users\Manuel\.gimp-2.8
2013-06-08 15:26 . 2013-06-08 15:26 -------- d-----w- c:\users\Manuel\AppData\Local\gegl-0.2
2013-06-08 15:25 . 2013-06-08 15:26 -------- d-----w- c:\program files\GIMP 2
2013-06-08 15:22 . 2013-06-08 15:41 -------- d-----w- c:\users\Manuel\AppData\Local\Techne
2013-06-07 21:25 . 2013-06-07 21:25 -------- d-----w- c:\program files\Paint.NET
2013-06-07 21:25 . 2013-06-15 18:08 -------- d-----w- c:\users\Manuel\AppData\Local\Paint.NET
2013-06-06 14:51 . 2013-06-06 14:51 -------- d-----w- c:\program files (x86)\Common Files\BattlEye
2013-06-05 14:48 . 2013-06-05 14:48 -------- d-----w- c:\program files (x86)\Dotjosh Studios
2013-06-05 14:45 . 2013-06-08 09:47 -------- d-----w- c:\users\Manuel\AppData\Local\ArmA 2 OA
2013-06-05 14:21 . 2013-06-05 14:21 -------- d-----w- c:\users\Manuel\AppData\Local\ArmA 2
2013-06-04 16:49 . 2013-06-17 16:40 -------- d-----w- c:\users\Manuel\AppData\Local\LogMeIn Hamachi
2013-06-03 15:09 . 2013-06-03 15:09 -------- d-----w- c:\programdata\Bohemia Interactive Studio
2013-06-03 14:18 . 2013-06-03 14:18 -------- d-----w- c:\users\Manuel\AppData\Local\DayZCommander
2013-06-01 02:31 . 2013-06-17 19:59 -------- d-----w- c:\users\Manuel\AppData\Roaming\NetSpeedMonitor
2013-06-01 02:30 . 2013-06-01 02:30 -------- d-----w- c:\program files\NetSpeedMonitor
2013-05-31 00:31 . 2013-05-31 00:31 353 ----a-w- c:\windows\SysWow64\Settings.bin
2013-05-29 20:54 . 2013-06-09 17:26 -------- d-----w- c:\users\Manuel\AppData\Roaming\.technic
2013-05-28 03:06 . 2013-05-28 03:06 311200 ----a-w- c:\windows\system32\javaws.exe
2013-05-28 03:06 . 2013-05-28 03:06 108448 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-28 03:06 . 2013-05-28 03:06 188832 ----a-w- c:\windows\system32\javaw.exe
2013-05-28 03:06 . 2013-05-28 03:06 188320 ----a-w- c:\windows\system32\java.exe
2013-05-28 03:06 . 2013-05-28 03:06 -------- d-----w- c:\program files\Java
2013-05-27 02:01 . 2013-05-27 02:01 -------- d-----w- c:\users\Manuel\AppData\Roaming\JAM Software
2013-05-27 02:01 . 2013-05-27 02:01 -------- d-----w- c:\program files (x86)\JAM Software
2013-05-22 11:20 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntkrnlmp.exe
2013-05-22 11:20 . 2011-02-05 17:06 605552 ----a-w- c:\windows\system32\osloader.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 20:35 . 2013-02-19 13:43 75825640 ----a-w- c:\windows\system32\MRT.exe
2013-06-11 19:17 . 2013-02-19 13:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-11 19:17 . 2013-02-19 13:27 692104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-28 03:06 . 2013-02-19 13:28 971680 ----a-w- c:\windows\system32\deployJava1.dll
2013-05-28 03:06 . 2013-02-19 13:28 1092512 ----a-w- c:\windows\system32\npDeployJava1.dll
2013-05-09 08:59 . 2013-03-02 09:39 189936 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2013-03-02 09:39 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-02-24 14:29 378432 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-02-24 14:29 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-05-09 08:59 . 2013-02-24 14:29 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2013-02-24 14:28 1025808 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2013-02-24 14:29 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:59 . 2013-02-24 14:28 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:58 . 2013-02-24 14:28 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2013-02-24 14:28 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-05-02 00:06 . 2010-11-21 03:27 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-04-29 13:22 . 2013-04-29 13:22 67584 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2013-04-13 05:49 . 2013-05-15 08:48 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-15 08:48 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-15 08:48 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-15 08:48 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-15 08:48 474624 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-15 08:48 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 12:01 1656680 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-15 08:48 265064 ----a-w- c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-15 08:48 983400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-15 08:48 3153920 ----a-w- c:\windows\system32\win32k.sys
2013-03-24 23:27 . 2013-02-19 13:28 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-03-24 23:27 . 2013-02-19 13:28 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"ControlCenterCount"="c:\program files (x86)\MSI\ControlCenter\ControlCenterCount.exe" [2012-03-26 872448]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 a3ku4qaoj;a3ku4qaoj;c:\users\Manuel\AppData\Local\Temp\9qw7zava3.sys;c:\users\Manuel\AppData\Local\Temp\9qw7zava3.sys [x]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 dzs5d2p7n;dzs5d2p7n;c:\users\Manuel\AppData\Local\Temp\nixxksrx9.sys;c:\users\Manuel\AppData\Local\Temp\nixxksrx9.sys [x]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
R3 FairplayKD;FairplayKD;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys;c:\programdata\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
R3 NTIOLib_1_0_2;NTIOLib_1_0_2;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys;c:\program files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [x]
R3 PCAlertDriver;PCAlertDriver;c:\program files (x86)\MSI\PC Alert 4\NTGLM7X64.sys;c:\program files (x86)\MSI\PC Alert 4\NTGLM7X64.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - PROCEXP152
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 20:09 1165776 ----a-w- c:\program files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-02-19 19:17]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 14:23]
.
2013-06-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-24 14:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 133840 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-06-12 6548112]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=9849ca9c000000000000d43d7e321382
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
SharedTaskScheduler-{1984DD45-52CF-49cd-AB77-18F378FEA264} - (no file)
AddRemove-FileZilla Client - d:\program files (x86)\FileZilla FTP Client\uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-17 22:02:39
ComboFix-quarantined-files.txt 2013-06-17 20:02
.
Vor Suchlauf: 9 Verzeichnis(se), 198.886.129.664 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 198.673.465.344 Bytes frei
.
- - End Of File - - AB3EFA12EA409FBD27DA916BC8F2677B
A36C5E4F47E84449FF07ED3517B43A31
Code:
ATTFilter # AdwCleaner v2.303 - Datei am 18/06/2013 um 13:34:01 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : Manuel - PC-MANUEL
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Manuel\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Ordner Gelöscht : C:\Users\Manuel\AppData\Local\PackageAware
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\52edad0e76de512
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16611
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=9849ca9c000000000000d43d7e321382 --> hxxp://www.google.com
-\\ Google Chrome v27.0.1453.110
Datei : C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.2647] : homepage = "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId=9849ca9c000000000000d4[...]
Gelöscht [l.3139] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119816&babsrc=HP_ss&mntrId[...]
*************************
AdwCleaner[S1].txt - [3026 octets] - [18/06/2013 13:34:01]
########## EOF - C:\AdwCleaner[S1].txt - [3086 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Professional x64
Ran by Manuel on 18.06.2013 at 13:40:01,17
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.06.2013 at 13:45:54,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
18.06.2013, 13:30
| #12 |
| /// the machine /// TB-Ausbilder | Sehe keine desktop icons mehr Dann noch den Rest bitte
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.06.2013, 14:39
| #13 |
| | Sehe keine desktop icons mehr eset Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=115b7e9baca6c548937dffe69922e4f5
# engine=14101
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-06-18 01:15:35
# local_time=2013-06-18 03:15:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 85 91 1985920 148271207 0 0
# compatibility_mode=5893 16776573 100 94 5365 123191185 0 0
# scanned=140043
# found=0
# cleaned=0
# scan_time=4900
frischer frst FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2013 01
Ran by Manuel (administrator) on 18-06-2013 15:44:16
Running from C:\Users\Manuel\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\system32\wbengine.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [946352 2012-12-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenterCount] C:\Program Files (x86)\MSI\ControlCenter\ControlCenterCount.exe [872448 2012-03-26] (MSI CO.,LTD.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (AdobeAAMDetect) - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Roblox Launcher Plugin) - C:\Program Files (x86)\Roblox\Versions\version-7c745f9d0c23471b\\NPRobloxProxy.dll ( ROBLOX Corporation)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (avast! Ad Blocker) - C:\Users\Manuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd\8.0_0
==================== Services (Whitelisted) =================
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-06] ()
S2 Hamachi2Svc; "D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s [x]
==================== Drivers (Whitelisted) ====================
R2 AODDriver4.2; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [57472 2012-04-09] (Advanced Micro Devices)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1025808 2013-05-09] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378432 2013-05-09] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-05-09] ()
S3 NTIOLib_1_0_2; C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [13328 2012-02-14] (MSI)
S3 NTIOLib_1_0_2; C:\Program Files (x86)\MSI\ControlCenter\NTIOLib_X64.sys [13328 2012-02-14] (MSI)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 a3ku4qaoj; \??\C:\Users\Manuel\AppData\Local\Temp\9qw7zava3.sys [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [x]
S3 dzs5d2p7n; \??\C:\Users\Manuel\AppData\Local\Temp\nixxksrx9.sys [x]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\1.3\temp\FairplayKD.sys [x]
S3 PCAlertDriver; \??\C:\Program Files (x86)\MSI\PC Alert 4\NTGLM7X64.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-06-18 15:44 - 2013-06-17 19:56 - 01926844 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-06-18 15:43 - 2013-06-18 15:43 - 01926844 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64 (1).exe
2013-06-18 15:40 - 2013-06-18 15:39 - 00890839 ____A C:\Users\Manuel\Desktop\SecurityCheck.exe
2013-06-18 15:39 - 2013-06-18 15:39 - 00890839 ____A C:\Users\Manuel\Downloads\SecurityCheck.exe
2013-06-18 13:50 - 2013-06-18 13:50 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-18 13:48 - 2013-06-18 13:48 - 02347384 ____A (ESET) C:\Users\Manuel\Downloads\esetsmartinstaller_enu.exe
2013-06-18 13:48 - 2013-06-18 13:48 - 02347384 ____A (ESET) C:\Users\Manuel\Desktop\esetsmartinstaller_enu.exe
2013-06-18 13:45 - 2013-06-18 13:45 - 00000626 ____A C:\Users\Manuel\Desktop\JRT.txt
2013-06-18 13:39 - 2013-06-18 13:39 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Desktop\JRT.exe
2013-06-18 13:39 - 2013-06-18 13:39 - 00000000 ____D C:\Windows\ERUNT
2013-06-18 13:39 - 2013-06-18 13:39 - 00000000 ____D C:\JRT
2013-06-18 13:38 - 2013-06-18 13:39 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Downloads\JRT.exe
2013-06-18 13:34 - 2013-06-18 13:34 - 00003125 ____A C:\AdwCleaner[S1].txt
2013-06-18 13:33 - 2013-06-18 13:33 - 00648201 ____A C:\Users\Manuel\Desktop\adwcleaner.exe
2013-06-18 13:32 - 2013-06-18 13:33 - 00648201 ____A C:\Users\Manuel\Downloads\adwcleaner.exe
2013-06-18 13:30 - 2013-06-18 13:30 - 00019803 ____A C:\ComboFix.txt
2013-06-18 13:12 - 2013-06-18 13:12 - 05081021 ____R (Swearware) C:\Users\Manuel\Desktop\ComboFix.exe
2013-06-18 13:11 - 2013-06-18 13:12 - 05081021 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix.exe
2013-06-17 23:34 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-17 23:34 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-17 23:34 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-17 23:34 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-17 23:34 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-17 23:34 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-17 23:34 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-17 23:34 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-17 23:34 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-17 23:34 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-17 23:34 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-17 23:34 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-17 20:18 - 2013-06-18 13:30 - 00000000 ____D C:\Qoobox
2013-06-17 20:18 - 2013-06-17 21:59 - 00000000 ____D C:\Windows\erdnt
2013-06-17 20:18 - 2011-06-26 08:45 - 00256000 ____A C:\Windows\PEV.exe
2013-06-17 20:18 - 2010-11-07 19:20 - 00208896 ____A C:\Windows\MBR.exe
2013-06-17 20:18 - 2009-04-20 06:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2013-06-17 20:18 - 2000-08-31 02:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2013-06-17 20:18 - 2000-08-31 02:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2013-06-17 20:18 - 2000-08-31 02:00 - 00098816 ____A C:\Windows\sed.exe
2013-06-17 20:18 - 2000-08-31 02:00 - 00080412 ____A C:\Windows\grep.exe
2013-06-17 20:18 - 2000-08-31 02:00 - 00068096 ____A C:\Windows\zip.exe
2013-06-17 19:58 - 2013-06-17 19:58 - 00062150 ____A C:\Users\Manuel\Downloads\FRST.txt
2013-06-17 19:58 - 2013-06-17 19:58 - 00016510 ____A C:\Users\Manuel\Downloads\Addition.txt
2013-06-17 19:56 - 2013-06-17 19:56 - 00000000 ____D C:\FRST
2013-06-17 19:55 - 2013-06-17 19:56 - 01926844 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-06-17 19:46 - 2013-06-17 19:46 - 00001065 ____A C:\Users\Manuel\Desktop\TeamSpeak 3 Client.lnk
2013-06-17 19:45 - 2013-06-17 19:45 - 34954912 ____A (TeamSpeak Systems GmbH) C:\Users\Manuel\Downloads\TeamSpeak3-Client-win64-3.0.10.1 (1).exe
2013-06-17 19:27 - 2013-06-17 19:27 - 00093835 ____A C:\Users\Manuel\Downloads\shexview-x64 (1).zip
2013-06-17 19:27 - 2013-06-17 19:27 - 00064685 ____A C:\Users\Manuel\Downloads\shexview.zip
2013-06-17 19:26 - 2013-06-17 19:27 - 01758823 ____A C:\Users\Manuel\Downloads\winrar-x64-420d.exe
2013-06-17 19:26 - 2013-06-17 19:26 - 00093835 ____A C:\Users\Manuel\Downloads\shexview-x64.zip
2013-06-17 19:16 - 2013-06-17 19:16 - 00000828 ____A C:\Users\Manuel\Desktop\CrossFire.lnk
2013-06-17 19:01 - 2013-06-17 19:17 - 00000000 ____D C:\Users\Manuel\AppData\Local\PMB Files
2013-06-17 19:01 - 2013-06-17 19:02 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-17 18:55 - 2013-06-17 18:56 - 34954912 ____A (TeamSpeak Systems GmbH) C:\Users\Manuel\Downloads\TeamSpeak3-Client-win64-3.0.10.1.exe
2013-06-17 18:55 - 2013-06-17 18:56 - 02874584 ____A C:\Users\Manuel\Downloads\CrossFire_NA.exe
2013-06-17 18:51 - 2013-06-17 18:51 - 00001975 ____A C:\Users\Manuel\Desktop\Skype (2).lnk
2013-06-17 18:41 - 2013-06-17 18:41 - 00595772 ____A C:\Users\Manuel\cc_20130617_184052.reg
2013-06-17 18:38 - 2013-06-17 18:38 - 00000828 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-17 18:38 - 2013-06-17 18:38 - 00000000 ____D C:\Program Files\CCleaner
2013-06-17 18:37 - 2013-06-17 18:37 - 03340088 ____A (Piriform Ltd) C:\Users\Manuel\Downloads\ccsetup402_slim.exe
2013-06-17 18:34 - 2013-06-17 18:34 - 00001124 ____A C:\Users\Manuel\Desktop\GIMP 2.lnk
2013-06-17 18:34 - 2013-06-17 18:34 - 00000355 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung (3).lnk
2013-06-17 18:22 - 2013-06-17 18:22 - 00012598 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung.lnk
2013-06-17 18:22 - 2013-06-17 18:22 - 00000355 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung (2).lnk
2013-06-17 18:11 - 2013-06-17 18:11 - 00000000 ____D C:\Program Files (x86)\Setup Files
2013-06-17 18:09 - 2013-06-17 18:09 - 03548677 ____A C:\Users\Manuel\Downloads\LiveUpdate.zip
2013-06-16 20:18 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\Desktop\vbot
2013-06-16 20:17 - 2013-06-16 20:18 - 08233336 ____A C:\Users\Manuel\Downloads\vBot By xlRiderWT.zip
2013-06-16 18:58 - 2013-06-16 18:58 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wireshark
2013-06-16 18:54 - 2013-06-17 18:19 - 00000000 ____D C:\Program Files\Wireshark
2013-06-16 12:36 - 2013-06-16 12:35 - 08149147 ____A C:\Users\Manuel\Desktop\13x37 0.6.1 Client - Public 003.zip
2013-06-16 12:35 - 2013-06-16 12:35 - 08149147 ____A C:\Users\Manuel\Downloads\13x37 0.6.1 Client - Public 003.zip
2013-06-15 20:16 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\Desktop\appcrashview
2013-06-15 20:16 - 2013-06-15 20:16 - 00042180 ____A C:\Users\Manuel\Downloads\appcrashview.zip
2013-06-15 20:16 - 2013-06-15 20:16 - 00042180 ____A C:\Users\Manuel\Desktop\appcrashview.zip
2013-06-15 20:08 - 2013-03-01 19:32 - 00262162 ____A C:\Users\Manuel\Desktop\cssspray.tga
2013-06-15 14:16 - 2013-06-15 14:47 - 00000000 ____D C:\Users\Manuel\Desktop\Workspace
2013-06-15 14:10 - 2013-06-15 14:10 - 00001172 ____A C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-06-15 14:10 - 2013-06-15 14:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-06-15 14:09 - 2013-06-15 14:09 - 05141464 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de (2).exe
2013-06-15 14:01 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\Desktop\eclipse
2013-06-15 12:48 - 2013-05-04 04:42 - 05318771 ____A C:\Users\Manuel\Desktop\minecraft.jar
2013-06-15 12:47 - 2013-06-15 12:47 - 21363918 ____A C:\Users\Manuel\Desktop\mc.zip
2013-06-14 16:59 - 2013-06-14 16:59 - 00026322 ____A C:\Users\Manuel\AppData\Local\recently-used.xbel
2013-06-12 22:34 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 22:34 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 22:34 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 22:34 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 22:34 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 22:34 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 22:34 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 22:34 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 19:59 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Teeworlds
2013-06-12 19:49 - 2013-06-17 18:19 - 00000000 ____D C:\Users\Manuel\Desktop\teeworlds
2013-06-12 16:16 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 16:16 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 16:16 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 16:16 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 16:16 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 16:16 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 16:16 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 16:16 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 16:16 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 16:16 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 16:16 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 16:16 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 16:16 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 16:16 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 16:16 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 16:16 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 16:16 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 16:16 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 16:16 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 16:15 - 2013-06-11 16:20 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.spoutcraft
2013-06-11 16:15 - 2013-06-11 16:15 - 02719504 ____A () C:\Users\Manuel\Downloads\Spoutcraft (2).exe
2013-06-11 16:15 - 2013-06-11 16:15 - 00888369 ____A () C:\Users\Manuel\Downloads\Spoutcraft (1).exe
2013-06-11 16:13 - 2013-06-11 16:13 - 02719504 ____A () C:\Users\Manuel\Downloads\Spoutcraft.exe
2013-06-11 15:02 - 2013-06-11 15:02 - 00364763 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.4.exe
2013-06-11 15:02 - 2013-06-11 15:02 - 00364763 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Desktop\MagicLauncher_1.1.4.exe
2013-06-11 15:01 - 2013-06-11 15:01 - 00324419 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.0.0.exe
2013-06-11 14:53 - 2013-04-04 05:35 - 00095648 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-11 14:53 - 2013-04-04 05:30 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-11 14:53 - 2013-04-04 05:29 - 00174496 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-11 14:52 - 2013-06-11 14:53 - 00004032 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-06-11 14:51 - 2013-06-11 14:51 - 00903072 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u21.exe
2013-06-10 15:59 - 2013-06-10 15:59 - 05141464 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de (1).exe
2013-06-09 13:43 - 2013-06-17 18:19 - 00000000 ___HD C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2013-06-09 13:43 - 2013-06-09 13:43 - 00000938 ____A C:\Users\Manuel\Desktop\Anpassen Fences.lnk
2013-06-09 13:43 - 2013-06-09 13:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Stardock
2013-06-09 13:42 - 2013-06-09 13:42 - 09477848 ____A (Stardock Corporation ) C:\Users\Manuel\Downloads\fences101_public.exe
2013-06-09 13:28 - 2013-06-09 13:28 - 00000000 ____D C:\Users\Manuel\Desktop\Z3G
2013-06-09 13:27 - 2013-06-09 13:27 - 00011009 ____A C:\Users\Manuel\Desktop\Z3G.zip
2013-06-09 12:11 - 2013-06-09 12:11 - 00006184 ____A C:\Users\Manuel\Desktop\gimp.rar
2013-06-08 18:02 - 2013-06-09 12:11 - 00000000 ____D C:\Users\Manuel\Desktop\gimp
2013-06-08 17:51 - 2013-06-08 17:51 - 00000000 ____D C:\Users\Manuel\.thumbnails
2013-06-08 17:33 - 2013-06-08 17:33 - 04904080 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de.exe
2013-06-08 17:26 - 2013-06-14 16:59 - 00000000 ____D C:\Users\Manuel\.gimp-2.8
2013-06-08 17:26 - 2013-06-08 17:26 - 00000000 ____D C:\Users\Manuel\AppData\Local\gegl-0.2
2013-06-08 17:25 - 2013-06-08 17:26 - 00000000 ____D C:\Program Files\GIMP 2
2013-06-08 17:24 - 2013-06-08 17:25 - 76902472 ____A (The GIMP Team ) C:\Users\Manuel\Downloads\gimp-2.8.4-setup.exe
2013-06-08 17:22 - 2013-06-08 17:41 - 00000000 ____D C:\Users\Manuel\AppData\Local\Techne
2013-06-07 23:26 - 2013-06-07 23:26 - 00001294 ____A C:\Users\Public\Desktop\Paint.NET.lnk
2013-06-07 23:25 - 2013-06-15 20:08 - 00000000 ____D C:\Users\Manuel\AppData\Local\Paint.NET
2013-06-07 23:25 - 2013-06-07 23:25 - 00000000 ____D C:\Program Files\Paint.NET
2013-06-07 16:22 - 2013-06-08 13:29 - 00000000 ____D C:\Users\Manuel\Desktop\worlds
2013-06-07 00:02 - 2013-06-07 00:02 - 00176128 ____A C:\Users\Manuel\Downloads\BEClient.dll
2013-06-06 15:53 - 2013-06-06 16:21 - 738668640 ____A (Igor Pavlov) C:\Users\Manuel\Downloads\ARMA2OA_Update_160.exe
2013-06-05 17:27 - 2013-06-05 17:27 - 00000892 ____A C:\Users\Manuel\Desktop\ARMA 2 Combined Operations.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer (2).msi
2013-06-05 16:48 - 2013-06-05 16:48 - 00001360 ____A C:\Users\Manuel\Desktop\DayZ Commander.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 00001342 ____A C:\Users\Public\Desktop\DayZ Commander.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-06-05 16:45 - 2013-06-08 11:47 - 00000000 ____D C:\Users\Manuel\AppData\Local\ArmA 2 OA
2013-06-05 16:21 - 2013-06-05 17:26 - 00000000 ____D C:\Users\Manuel\Documents\ArmA 2
2013-06-05 16:21 - 2013-06-05 16:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\ArmA 2
2013-06-05 16:19 - 2013-06-05 16:19 - 00000862 ____A C:\Users\Manuel\Desktop\ARMA II starten.lnk
2013-06-04 18:49 - 2013-06-17 18:40 - 00000000 ____D C:\Users\Manuel\AppData\Local\LogMeIn Hamachi
2013-06-04 18:48 - 2013-06-04 18:48 - 04292608 ____A C:\Users\Manuel\Downloads\hamachi_2.1.0.362.msi
2013-06-04 18:48 - 2013-06-04 18:48 - 00000686 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-06-04 16:14 - 2013-06-04 16:15 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer (1).msi
2013-06-03 17:09 - 2013-06-03 17:09 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-06-03 16:18 - 2013-06-03 16:18 - 00000000 ____D C:\Users\Manuel\AppData\Local\DayZCommander
2013-06-03 16:15 - 2013-06-03 16:15 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-06-01 04:31 - 2013-06-18 15:44 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\NetSpeedMonitor
2013-06-01 04:30 - 2013-06-01 04:30 - 00000000 ____D C:\Program Files\NetSpeedMonitor
2013-06-01 04:29 - 2013-06-01 04:29 - 03652608 ____A C:\Users\Manuel\Downloads\netspeedmonitor_2_5_4_0_x64_setup.msi
2013-05-31 02:31 - 2013-05-31 02:31 - 00000353 ____A C:\Windows\SysWOW64\Settings.bin
2013-05-30 15:31 - 2013-06-04 14:28 - 00000000 ____D C:\Users\Manuel\Desktop\ftb
2013-05-29 22:54 - 2013-06-09 19:26 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.technic
2013-05-29 21:21 - 2013-05-29 22:58 - 00000000 ____D C:\Users\Manuel\Desktop\tekkit worlds
2013-05-29 03:11 - 2013-05-29 03:11 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-29 03:11 - 2013-05-29 03:11 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-29 03:11 - 2013-05-29 03:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-29 03:11 - 2013-05-29 03:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-29 03:11 - 2013-05-29 03:11 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-29 03:11 - 2013-05-29 03:11 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-29 03:11 - 2013-05-29 03:11 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-29 03:11 - 2013-05-29 03:11 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-29 03:11 - 2013-05-29 03:11 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-29 03:00 - 2013-05-29 03:14 - 00009534 ____A C:\Windows\IE10_main.log
2013-05-28 05:07 - 2013-05-28 05:07 - 33119648 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\jre-7u21-windows-x64 (1).exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-28 05:06 - 2013-05-28 05:06 - 00000000 ____D C:\Program Files\Java
2013-05-28 05:05 - 2013-05-28 05:05 - 33119648 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\jre-7u21-windows-x64.exe
2013-05-28 04:38 - 2013-06-18 15:40 - 02226148 ____A C:\Users\Manuel\Desktop\stealthedit2.zip
2013-05-28 04:38 - 2013-05-28 04:38 - 00000000 ____D C:\Users\Manuel\Desktop\stealthedit2
2013-05-27 04:01 - 2013-05-27 04:01 - 00001231 ____A C:\Users\Manuel\Desktop\TreeSize Free.lnk
2013-05-27 04:01 - 2013-05-27 04:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\JAM Software
2013-05-27 04:01 - 2013-05-27 04:01 - 00000000 ____D C:\Program Files (x86)\JAM Software
2013-05-27 04:00 - 2013-05-27 04:01 - 03350608 ____A (JAM Software ) C:\Users\Manuel\Downloads\TreeSizeFreeSetup.exe
2013-05-22 13:22 - 2013-05-22 13:22 - 00001853 ____A C:\Users\Manuel\Desktop\3DMark 11.lnk
2013-05-22 13:20 - 2013-03-19 08:04 - 05550424 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlmp.exe
2013-05-22 13:20 - 2011-02-05 19:06 - 00605552 ____A (Microsoft Corporation) C:\Windows\System32\osloader.exe
==================== One Month Modified Files and Folders =======
2013-06-18 15:44 - 2013-06-01 04:31 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\NetSpeedMonitor
2013-06-18 15:43 - 2013-06-18 15:43 - 01926844 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64 (1).exe
2013-06-18 15:40 - 2013-05-28 04:38 - 02226148 ____A C:\Users\Manuel\Desktop\stealthedit2.zip
2013-06-18 15:39 - 2013-06-18 15:40 - 00890839 ____A C:\Users\Manuel\Desktop\SecurityCheck.exe
2013-06-18 15:39 - 2013-06-18 15:39 - 00890839 ____A C:\Users\Manuel\Downloads\SecurityCheck.exe
2013-06-18 15:39 - 2013-02-19 14:48 - 02074595 ____A C:\Windows\WindowsUpdate.log
2013-06-18 15:34 - 2013-02-24 16:23 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-06-18 15:31 - 2009-07-14 06:51 - 00087525 ____A C:\Windows\setupact.log
2013-06-18 15:17 - 2013-02-19 15:27 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-06-18 13:50 - 2013-06-18 13:50 - 00000000 ____D C:\Program Files (x86)\ESET
2013-06-18 13:48 - 2013-06-18 13:48 - 02347384 ____A (ESET) C:\Users\Manuel\Downloads\esetsmartinstaller_enu.exe
2013-06-18 13:48 - 2013-06-18 13:48 - 02347384 ____A (ESET) C:\Users\Manuel\Desktop\esetsmartinstaller_enu.exe
2013-06-18 13:45 - 2013-06-18 13:45 - 00000626 ____A C:\Users\Manuel\Desktop\JRT.txt
2013-06-18 13:43 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-06-18 13:43 - 2009-07-14 06:45 - 00021872 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-06-18 13:42 - 2011-04-12 09:43 - 00696620 ____A C:\Windows\System32\perfh007.dat
2013-06-18 13:42 - 2011-04-12 09:43 - 00147916 ____A C:\Windows\System32\perfc007.dat
2013-06-18 13:42 - 2009-07-14 07:13 - 01612484 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-18 13:39 - 2013-06-18 13:39 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Desktop\JRT.exe
2013-06-18 13:39 - 2013-06-18 13:39 - 00000000 ____D C:\Windows\ERUNT
2013-06-18 13:39 - 2013-06-18 13:39 - 00000000 ____D C:\JRT
2013-06-18 13:39 - 2013-06-18 13:38 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Manuel\Downloads\JRT.exe
2013-06-18 13:36 - 2013-02-24 16:23 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-06-18 13:35 - 2010-11-21 05:47 - 00014120 ____A C:\Windows\PFRO.log
2013-06-18 13:35 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-06-18 13:34 - 2013-06-18 13:34 - 00003125 ____A C:\AdwCleaner[S1].txt
2013-06-18 13:33 - 2013-06-18 13:33 - 00648201 ____A C:\Users\Manuel\Desktop\adwcleaner.exe
2013-06-18 13:33 - 2013-06-18 13:32 - 00648201 ____A C:\Users\Manuel\Downloads\adwcleaner.exe
2013-06-18 13:30 - 2013-06-18 13:30 - 00019803 ____A C:\ComboFix.txt
2013-06-18 13:30 - 2013-06-17 20:18 - 00000000 ____D C:\Qoobox
2013-06-18 13:28 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-06-18 13:17 - 2013-02-26 15:04 - 00000000 ____D C:\Users\Manuel\AppData\Local\Adobe
2013-06-18 13:12 - 2013-06-18 13:12 - 05081021 ____R (Swearware) C:\Users\Manuel\Desktop\ComboFix.exe
2013-06-18 13:12 - 2013-06-18 13:11 - 05081021 ____A (Swearware) C:\Users\Manuel\Downloads\ComboFix.exe
2013-06-17 23:37 - 2013-02-19 16:05 - 01589442 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-17 23:34 - 2013-02-25 17:49 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\TS3Client
2013-06-17 23:25 - 2013-02-26 16:45 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Skype
2013-06-17 22:54 - 2013-02-25 17:33 - 00007597 ____A C:\Users\Manuel\AppData\Local\Resmon.ResmonCfg
2013-06-17 22:02 - 2009-07-14 05:20 - 00000000 __RHD C:\users\Default
2013-06-17 21:59 - 2013-06-17 20:18 - 00000000 ____D C:\Windows\erdnt
2013-06-17 19:58 - 2013-06-17 19:58 - 00062150 ____A C:\Users\Manuel\Downloads\FRST.txt
2013-06-17 19:58 - 2013-06-17 19:58 - 00016510 ____A C:\Users\Manuel\Downloads\Addition.txt
2013-06-17 19:56 - 2013-06-18 15:44 - 01926844 ____A (Farbar) C:\Users\Manuel\Desktop\FRST64.exe
2013-06-17 19:56 - 2013-06-17 19:56 - 00000000 ____D C:\FRST
2013-06-17 19:56 - 2013-06-17 19:55 - 01926844 ____A (Farbar) C:\Users\Manuel\Downloads\FRST64.exe
2013-06-17 19:46 - 2013-06-17 19:46 - 00001065 ____A C:\Users\Manuel\Desktop\TeamSpeak 3 Client.lnk
2013-06-17 19:45 - 2013-06-17 19:45 - 34954912 ____A (TeamSpeak Systems GmbH) C:\Users\Manuel\Downloads\TeamSpeak3-Client-win64-3.0.10.1 (1).exe
2013-06-17 19:27 - 2013-06-17 19:27 - 00093835 ____A C:\Users\Manuel\Downloads\shexview-x64 (1).zip
2013-06-17 19:27 - 2013-06-17 19:27 - 00064685 ____A C:\Users\Manuel\Downloads\shexview.zip
2013-06-17 19:27 - 2013-06-17 19:26 - 01758823 ____A C:\Users\Manuel\Downloads\winrar-x64-420d.exe
2013-06-17 19:26 - 2013-06-17 19:26 - 00093835 ____A C:\Users\Manuel\Downloads\shexview-x64.zip
2013-06-17 19:17 - 2013-06-17 19:01 - 00000000 ____D C:\Users\Manuel\AppData\Local\PMB Files
2013-06-17 19:16 - 2013-06-17 19:16 - 00000828 ____A C:\Users\Manuel\Desktop\CrossFire.lnk
2013-06-17 19:02 - 2013-06-17 19:01 - 00000000 ____D C:\ProgramData\PMB Files
2013-06-17 19:01 - 2013-04-02 16:43 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2013-06-17 18:56 - 2013-06-17 18:55 - 34954912 ____A (TeamSpeak Systems GmbH) C:\Users\Manuel\Downloads\TeamSpeak3-Client-win64-3.0.10.1.exe
2013-06-17 18:56 - 2013-06-17 18:55 - 02874584 ____A C:\Users\Manuel\Downloads\CrossFire_NA.exe
2013-06-17 18:51 - 2013-06-17 18:51 - 00001975 ____A C:\Users\Manuel\Desktop\Skype (2).lnk
2013-06-17 18:41 - 2013-06-17 18:41 - 00595772 ____A C:\Users\Manuel\cc_20130617_184052.reg
2013-06-17 18:41 - 2013-02-24 16:13 - 00000000 ____D C:\users\Manuel
2013-06-17 18:40 - 2013-06-04 18:49 - 00000000 ____D C:\Users\Manuel\AppData\Local\LogMeIn Hamachi
2013-06-17 18:40 - 2013-04-15 14:51 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\DAEMON Tools Lite
2013-06-17 18:40 - 2013-03-16 14:25 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\FileZilla
2013-06-17 18:38 - 2013-06-17 18:38 - 00000828 ____A C:\Users\Public\Desktop\CCleaner.lnk
2013-06-17 18:38 - 2013-06-17 18:38 - 00000000 ____D C:\Program Files\CCleaner
2013-06-17 18:37 - 2013-06-17 18:37 - 03340088 ____A (Piriform Ltd) C:\Users\Manuel\Downloads\ccsetup402_slim.exe
2013-06-17 18:34 - 2013-06-17 18:34 - 00001124 ____A C:\Users\Manuel\Desktop\GIMP 2.lnk
2013-06-17 18:34 - 2013-06-17 18:34 - 00000355 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung (3).lnk
2013-06-17 18:22 - 2013-06-17 18:22 - 00012598 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung.lnk
2013-06-17 18:22 - 2013-06-17 18:22 - 00000355 ____A C:\Users\Manuel\Desktop\Computer - Verknüpfung (2).lnk
2013-06-17 18:21 - 2013-02-24 16:29 - 00001928 ____A C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-06-17 18:21 - 2013-02-24 16:28 - 00000000 ____A C:\Windows\SysWOW64\config.nt
2013-06-17 18:21 - 2009-07-14 06:45 - 04893536 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-17 18:19 - 2013-06-16 20:18 - 00000000 ____D C:\Users\Manuel\Desktop\vbot
2013-06-17 18:19 - 2013-06-16 18:54 - 00000000 ____D C:\Program Files\Wireshark
2013-06-17 18:19 - 2013-06-15 20:16 - 00000000 ____D C:\Users\Manuel\Desktop\appcrashview
2013-06-17 18:19 - 2013-06-15 14:01 - 00000000 ____D C:\Users\Manuel\Desktop\eclipse
2013-06-17 18:19 - 2013-06-12 19:59 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Teeworlds
2013-06-17 18:19 - 2013-06-12 19:49 - 00000000 ____D C:\Users\Manuel\Desktop\teeworlds
2013-06-17 18:19 - 2013-06-09 13:43 - 00000000 ___HD C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2013-06-17 18:19 - 2013-05-15 07:28 - 00000000 ___HD C:\ControlCenterCount
2013-06-17 18:19 - 2013-05-14 13:46 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2
2013-06-17 18:19 - 2013-04-15 14:55 - 00000000 ____D C:\Users\Manuel\Documents\SimCity 4
2013-06-17 18:19 - 2013-04-15 14:50 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2013-06-17 18:19 - 2013-03-28 12:41 - 00000000 ____D C:\Users\Manuel\Desktop\spiele
2013-06-17 18:19 - 2013-03-09 19:40 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.minecraft
2013-06-17 18:19 - 2013-02-19 14:48 - 00000000 ____D C:\users\Admin
2013-06-17 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2013-06-17 18:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2013-06-17 18:11 - 2013-06-17 18:11 - 00000000 ____D C:\Program Files (x86)\Setup Files
2013-06-17 18:09 - 2013-06-17 18:09 - 03548677 ____A C:\Users\Manuel\Downloads\LiveUpdate.zip
2013-06-16 20:18 - 2013-06-16 20:17 - 08233336 ____A C:\Users\Manuel\Downloads\vBot By xlRiderWT.zip
2013-06-16 18:58 - 2013-06-16 18:58 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Wireshark
2013-06-16 12:35 - 2013-06-16 12:36 - 08149147 ____A C:\Users\Manuel\Desktop\13x37 0.6.1 Client - Public 003.zip
2013-06-16 12:35 - 2013-06-16 12:35 - 08149147 ____A C:\Users\Manuel\Downloads\13x37 0.6.1 Client - Public 003.zip
2013-06-15 20:16 - 2013-06-15 20:16 - 00042180 ____A C:\Users\Manuel\Downloads\appcrashview.zip
2013-06-15 20:16 - 2013-06-15 20:16 - 00042180 ____A C:\Users\Manuel\Desktop\appcrashview.zip
2013-06-15 20:08 - 2013-06-07 23:25 - 00000000 ____D C:\Users\Manuel\AppData\Local\Paint.NET
2013-06-15 20:04 - 2013-02-24 16:23 - 00000000 ____D C:\Users\Manuel\AppData\Local\Deployment
2013-06-15 14:47 - 2013-06-15 14:16 - 00000000 ____D C:\Users\Manuel\Desktop\Workspace
2013-06-15 14:17 - 2013-02-24 16:14 - 00059192 ____A C:\Users\Manuel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-06-15 14:10 - 2013-06-15 14:10 - 00001172 ____A C:\Users\Public\Desktop\TeamViewer 8.lnk
2013-06-15 14:10 - 2013-06-15 14:10 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2013-06-15 14:09 - 2013-06-15 14:09 - 05141464 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de (2).exe
2013-06-15 12:47 - 2013-06-15 12:47 - 21363918 ____A C:\Users\Manuel\Desktop\mc.zip
2013-06-14 16:59 - 2013-06-14 16:59 - 00026322 ____A C:\Users\Manuel\AppData\Local\recently-used.xbel
2013-06-14 16:59 - 2013-06-08 17:26 - 00000000 ____D C:\Users\Manuel\.gimp-2.8
2013-06-14 15:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-12 22:35 - 2013-02-19 15:43 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-11 21:17 - 2013-02-19 15:27 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-11 21:17 - 2013-02-19 15:27 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 16:20 - 2013-06-11 16:15 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.spoutcraft
2013-06-11 16:15 - 2013-06-11 16:15 - 02719504 ____A () C:\Users\Manuel\Downloads\Spoutcraft (2).exe
2013-06-11 16:15 - 2013-06-11 16:15 - 00888369 ____A () C:\Users\Manuel\Downloads\Spoutcraft (1).exe
2013-06-11 16:13 - 2013-06-11 16:13 - 02719504 ____A () C:\Users\Manuel\Downloads\Spoutcraft.exe
2013-06-11 15:02 - 2013-06-11 15:02 - 00364763 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.1.4.exe
2013-06-11 15:02 - 2013-06-11 15:02 - 00364763 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Desktop\MagicLauncher_1.1.4.exe
2013-06-11 15:01 - 2013-06-11 15:01 - 00324419 ____A (hxxp://magiclauncher.com) C:\Users\Manuel\Downloads\MagicLauncher_1.0.0.exe
2013-06-11 14:53 - 2013-06-11 14:52 - 00004032 ____A C:\Windows\SysWOW64\jupdate-1.7.0_21-b11.log
2013-06-11 14:53 - 2013-03-25 01:27 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-11 14:51 - 2013-06-11 14:51 - 00903072 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\chromeinstall-7u21.exe
2013-06-10 15:59 - 2013-06-10 15:59 - 05141464 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de (1).exe
2013-06-09 19:26 - 2013-05-29 22:54 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\.technic
2013-06-09 16:43 - 2013-03-28 12:42 - 00000000 ____D C:\Users\Manuel\Desktop\anderes
2013-06-09 13:43 - 2013-06-09 13:43 - 00000938 ____A C:\Users\Manuel\Desktop\Anpassen Fences.lnk
2013-06-09 13:43 - 2013-06-09 13:43 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\Stardock
2013-06-09 13:42 - 2013-06-09 13:42 - 09477848 ____A (Stardock Corporation ) C:\Users\Manuel\Downloads\fences101_public.exe
2013-06-09 13:28 - 2013-06-09 13:28 - 00000000 ____D C:\Users\Manuel\Desktop\Z3G
2013-06-09 13:27 - 2013-06-09 13:27 - 00011009 ____A C:\Users\Manuel\Desktop\Z3G.zip
2013-06-09 12:11 - 2013-06-09 12:11 - 00006184 ____A C:\Users\Manuel\Desktop\gimp.rar
2013-06-09 12:11 - 2013-06-08 18:02 - 00000000 ____D C:\Users\Manuel\Desktop\gimp
2013-06-08 17:51 - 2013-06-08 17:51 - 00000000 ____D C:\Users\Manuel\.thumbnails
2013-06-08 17:41 - 2013-06-08 17:22 - 00000000 ____D C:\Users\Manuel\AppData\Local\Techne
2013-06-08 17:33 - 2013-06-08 17:33 - 04904080 ____A (TeamViewer GmbH) C:\Users\Manuel\Downloads\TeamViewer_Setup_de.exe
2013-06-08 17:26 - 2013-06-08 17:26 - 00000000 ____D C:\Users\Manuel\AppData\Local\gegl-0.2
2013-06-08 17:26 - 2013-06-08 17:25 - 00000000 ____D C:\Program Files\GIMP 2
2013-06-08 17:25 - 2013-06-08 17:24 - 76902472 ____A (The GIMP Team ) C:\Users\Manuel\Downloads\gimp-2.8.4-setup.exe
2013-06-08 16:08 - 2013-06-17 23:34 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-17 23:34 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-17 23:34 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-17 23:34 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-17 23:34 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-17 23:34 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-17 23:34 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-17 23:34 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-17 23:34 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-17 23:34 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-17 23:34 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:29 - 2013-06-07 16:22 - 00000000 ____D C:\Users\Manuel\Desktop\worlds
2013-06-08 13:13 - 2013-06-17 23:34 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-08 11:47 - 2013-06-05 16:45 - 00000000 ____D C:\Users\Manuel\AppData\Local\ArmA 2 OA
2013-06-07 23:26 - 2013-06-07 23:26 - 00001294 ____A C:\Users\Public\Desktop\Paint.NET.lnk
2013-06-07 23:25 - 2013-06-07 23:25 - 00000000 ____D C:\Program Files\Paint.NET
2013-06-07 16:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-06-07 00:02 - 2013-06-07 00:02 - 00176128 ____A C:\Users\Manuel\Downloads\BEClient.dll
2013-06-06 16:21 - 2013-06-06 15:53 - 738668640 ____A (Igor Pavlov) C:\Users\Manuel\Downloads\ARMA2OA_Update_160.exe
2013-06-05 17:27 - 2013-06-05 17:27 - 00000892 ____A C:\Users\Manuel\Desktop\ARMA 2 Combined Operations.lnk
2013-06-05 17:26 - 2013-06-05 16:21 - 00000000 ____D C:\Users\Manuel\Documents\ArmA 2
2013-06-05 16:48 - 2013-06-05 16:48 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer (2).msi
2013-06-05 16:48 - 2013-06-05 16:48 - 00001360 ____A C:\Users\Manuel\Desktop\DayZ Commander.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 00001342 ____A C:\Users\Public\Desktop\DayZ Commander.lnk
2013-06-05 16:48 - 2013-06-05 16:48 - 00000000 ____D C:\Program Files (x86)\Dotjosh Studios
2013-06-05 16:21 - 2013-06-05 16:21 - 00000000 ____D C:\Users\Manuel\AppData\Local\ArmA 2
2013-06-05 16:19 - 2013-06-05 16:19 - 00000862 ____A C:\Users\Manuel\Desktop\ARMA II starten.lnk
2013-06-05 16:19 - 2013-02-19 15:40 - 00138064 ____A C:\Windows\DirectX.log
2013-06-04 18:48 - 2013-06-04 18:48 - 04292608 ____A C:\Users\Manuel\Downloads\hamachi_2.1.0.362.msi
2013-06-04 18:48 - 2013-06-04 18:48 - 00000686 ____A C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2013-06-04 16:15 - 2013-06-04 16:14 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer (1).msi
2013-06-04 14:28 - 2013-05-30 15:31 - 00000000 ____D C:\Users\Manuel\Desktop\ftb
2013-06-03 17:09 - 2013-06-03 17:09 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2013-06-03 16:18 - 2013-06-03 16:18 - 00000000 ____D C:\Users\Manuel\AppData\Local\DayZCommander
2013-06-03 16:15 - 2013-06-03 16:15 - 02936832 ____A C:\Users\Manuel\Downloads\Dotjosh.DayZCommander.Installer.msi
2013-06-01 04:30 - 2013-06-01 04:30 - 00000000 ____D C:\Program Files\NetSpeedMonitor
2013-06-01 04:29 - 2013-06-01 04:29 - 03652608 ____A C:\Users\Manuel\Downloads\netspeedmonitor_2_5_4_0_x64_setup.msi
2013-05-31 02:31 - 2013-05-31 02:31 - 00000353 ____A C:\Windows\SysWOW64\Settings.bin
2013-05-29 22:58 - 2013-05-29 21:21 - 00000000 ____D C:\Users\Manuel\Desktop\tekkit worlds
2013-05-29 05:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-05-29 03:14 - 2013-05-29 03:00 - 00009534 ____A C:\Windows\IE10_main.log
2013-05-29 03:11 - 2013-05-29 03:11 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-05-29 03:11 - 2013-05-29 03:11 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-05-29 03:11 - 2013-05-29 03:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-05-29 03:11 - 2013-05-29 03:11 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-05-29 03:11 - 2013-05-29 03:11 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-05-29 03:11 - 2013-05-29 03:11 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-05-29 03:11 - 2013-05-29 03:11 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-05-29 03:11 - 2013-05-29 03:11 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-05-29 03:11 - 2013-05-29 03:11 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-05-29 03:11 - 2013-05-29 03:11 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-05-29 03:11 - 2013-05-29 03:11 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-05-28 05:07 - 2013-05-28 05:07 - 33119648 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\jre-7u21-windows-x64 (1).exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00311200 ____A (Oracle Corporation) C:\Windows\System32\javaws.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00188832 ____A (Oracle Corporation) C:\Windows\System32\javaw.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00188320 ____A (Oracle Corporation) C:\Windows\System32\java.exe
2013-05-28 05:06 - 2013-05-28 05:06 - 00108448 ____A (Oracle Corporation) C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-28 05:06 - 2013-05-28 05:06 - 00000000 ____D C:\Program Files\Java
2013-05-28 05:06 - 2013-02-19 15:28 - 01092512 ____A (Oracle Corporation) C:\Windows\System32\npDeployJava1.dll
2013-05-28 05:06 - 2013-02-19 15:28 - 00971680 ____A (Oracle Corporation) C:\Windows\System32\deployJava1.dll
2013-05-28 05:05 - 2013-05-28 05:05 - 33119648 ____A (Oracle Corporation) C:\Users\Manuel\Downloads\jre-7u21-windows-x64.exe
2013-05-28 04:38 - 2013-05-28 04:38 - 00000000 ____D C:\Users\Manuel\Desktop\stealthedit2
2013-05-27 04:01 - 2013-05-27 04:01 - 00001231 ____A C:\Users\Manuel\Desktop\TreeSize Free.lnk
2013-05-27 04:01 - 2013-05-27 04:01 - 00000000 ____D C:\Users\Manuel\AppData\Roaming\JAM Software
2013-05-27 04:01 - 2013-05-27 04:01 - 00000000 ____D C:\Program Files (x86)\JAM Software
2013-05-27 04:01 - 2013-05-27 04:00 - 03350608 ____A (JAM Software ) C:\Users\Manuel\Downloads\TreeSizeFreeSetup.exe
2013-05-26 21:53 - 2013-03-28 12:42 - 00000000 ____D C:\Users\Manuel\Desktop\ordner
2013-05-22 13:22 - 2013-05-22 13:22 - 00001853 ____A C:\Users\Manuel\Desktop\3DMark 11.lnk
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!
LastRegBack: 2013-06-13 16:10
==================== End Of Log ============================
--- --- --- |
|
18.06.2013, 18:26
| #14 |
| /// the machine /// TB-Ausbilder | Sehe keine desktop icons mehr Fix mit FRST Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!
Noch Probleme mit dem Rechner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.06.2013, 18:58
| #15 |
| | Sehe keine desktop icons mehrCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-06-2013 01
Ran by Manuel at 2013-06-18 19:57:39 Run:1
Running from C:\Users\Manuel\Desktop
Boot Mode: Normal
==============================================
Fehler beim L”schen des angegebenen Datenelements.
Element nicht gefunden.
==== End of Fixlog ====
|
|
| Themen zu Sehe keine desktop icons mehr |
| deinstalliert, desktop, hoffe, icons, tagen |
WARNUNG für die MITLESER: 
Linear-Darstellung
