| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Aufstarten PC mit Win 7 64 dauert viel zulangeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.05.2014, 19:05
| #16 |
 |  Aufstarten PC mit Win 7 64 dauert viel zulange Hallo Schrauber, hier noch 5 logfiles: 1.das nachgeholte AdwCleaner 2.checkup 3.ESET 4.Frst64 5.Addition Bis jetzt ist der Aufstart von Win7 immer noch sehr langsam. Es dauert bis 5 Minuten! Ich nehme an, es bessesrt sich, nachdem ich jetzt diese 5 Aktionen durchgeführt habe. Mit vielem Dank und freundlichen Grüssen AlfredAdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.205 - Bericht erstellt am 04/05/2014 um 09:36:13
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Alfred - ALFRED-PC
# Gestartet von : C:\Users\Alfred\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\CT2851647
Ordner Gelöscht : C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}
Datei Gelöscht : C:\Uninstall.exe
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Schlüssel Gelöscht : HKCU\Software\InstalledThirdPartyPrograms
Schlüssel Gelöscht : HKCU\Software\Pokki
Schlüssel Gelöscht : HKLM\Software\Minibar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledThirdPartyPrograms
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k1", "4");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k2", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k3", "1381941787242");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k4", "0");
Zeile gelöscht : user_pref("extensions.kango.storage.m2_k5", "1381943410926");
Zeile gelöscht : user_pref("extensions.kango.storage.minibar.config", "{\"name\":\"Apps Hat\",\"description\":\"Apps Hat\",\"button\":{\"tooltip\":\"Visit AppsHat.com\",\"icon\":\"hxxp://www.bigspeedpro.com/button/%af[...]
Zeile gelöscht : user_pref("extensions.kango.storage.nero_options", "\"{\\\"m1\\\":{\\\"ads\\\":{\\\"n1\\\":{\\\"url\\\":\\\"//ulayout.com/nero/hatter/google_post_results_728x90.html?aff_slug=appshat\\\",\\\"width\\\"[...]
Zeile gelöscht : user_pref("extensions.kango.storage.ui.button.iconCache", "\"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABMAAAATCAYAAAByUDbMAAADlElEQVQ4jb3S3U9adxwG8F/BuooQAQscXj0cOIC8nANUPYjoHDClvqAoZ04gpqsZKmrUV[...]
-\\ Google Chrome v34.0.1847.131
*************************
AdwCleaner[R0].txt - [2687 octets] - [13/09/2013 11:09:45]
AdwCleaner[R1].txt - [3327 octets] - [02/05/2014 20:37:28]
AdwCleaner[R2].txt - [3387 octets] - [04/05/2014 08:34:33]
AdwCleaner[S0].txt - [2702 octets] - [13/09/2013 11:12:13]
AdwCleaner[S1].txt - [3035 octets] - [04/05/2014 09:36:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3095 octets] ##########
Results of screen317's Security Check version 0.99.82 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` SpywareBlaster 5.0 Secunia PSI (3.0.0.7011) TuneUp Utilities Language Pack (de-DE) Java 7 Update 55 Adobe Flash Player 13.0.0.206 Adobe Reader XI Mozilla Firefox (28.0) Google Chrome 34.0.1847.116 Google Chrome 34.0.1847.131 Google Chrome Plugins... ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials msseces.exe Windows Defender MSMpEng.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe system32 OnlineScannerApp.exe -?- `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2014 Ran by Alfred (administrator) on ALFRED-PC on 05-05-2014 19:54:21 Running from C:\Users\Alfred\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe (DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (FreeDownloadManager.ORG) C:\Program Files (x86)\Free Download Manager\fdm.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [3165040 2013-08-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.) HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDFXAudioPlugin.dll",DllRegisterServer [X] HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DSEPlugins\DFXAudioPlugin.dll",DllRegisterServer [X] HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXBannerAdPlugin.dll",DllRegisterServer [X] HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXDownloadManagerPlugin.dll",DllRegisterServer [X] HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXMediaManagerPlugin.dll",DllRegisterServer [X] HKLM-x32\...\Runonce: [B Register C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll] - "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Player\DPXPlugins\DPXPlayerPlugin.dll",DllRegisterServer [X] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB655D88E8A01CB01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = Bing SearchScopes: HKCU - {BEC15BFA-01C6-44A5-BD78-38BF5EBE0604} URL = hxxp://ch.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.) BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.) DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll () FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.633 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: DownloadHelper - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-12] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Alfred\AppData\Roaming\Mozilla\Firefox\Profiles\xuu6a9cg.default\Extensions\adblockpopups@jessehakanen.net.xpi [2013-09-19] FF Extension: BitAccelerator - C:\Program Files (x86)\Mozilla Firefox\extensions\{5ddeb737-082c-48fb-8c06-aa4b38d61e5f} [2013-09-07] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-03-22] FF HKLM-x32\...\Firefox\Extensions: [{09F060FA-566D-42D7-BF79-97AB30863433}] - C:\Program Files (x86)\Steganos Privacy Suite 12\pfplugin FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 12\spmplugin3 FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-18] FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-03-22] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-18] Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (WOT) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-06-29] CHR Extension: (YouTube) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-06-16] CHR Extension: (Google Search) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-06-16] CHR Extension: (RealDownloader) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-06-16] CHR Extension: (Gmail) - C:\Users\Alfred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-06-16] CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2013-06-16] CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2013-06-16] CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2013-06-16] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1228504 2013-07-03] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660184 2013-07-03] (Secunia) S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [275968 2007-05-28] (Rocket Division Software) R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2013-08-14] (Western Digital Technologies, Inc.) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-07-10] (Western Digital Technologies, Inc.) ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-05] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation) S1 mbmiodrvr; C:\Windows\syswow64\mbmiodrvr.sys [4608 2004-04-10] (cansoft@livewiredev.com) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-07-03] (Secunia) S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-06-06] () R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-07-09] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2013-07-09] (Acronis) R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-17] (Windows (R) 2000 DDK provider) R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-17] (Paragon) R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-17] (Paragon) R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2013-07-09] (Acronis International GmbH) U3 acbxmsjk; C:\Windows\System32\Drivers\acbxmsjk.sys [0 ] (Advanced Micro Devices) U3 agjdvbzl; C:\Windows\System32\Drivers\agjdvbzl.sys [0 ] (Advanced Micro Devices) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 cpuz132; \??\C:\Users\Alfred\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-05-05 19:54 - 2014-05-05 19:54 - 00018157 _____ () C:\Users\Alfred\Desktop\FRST.txt 2014-05-05 19:53 - 2014-05-05 19:53 - 02063872 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe 2014-05-05 19:53 - 2014-05-05 19:53 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion 2014-05-05 19:52 - 2014-05-05 19:52 - 00001071 _____ () C:\Users\Alfred\Desktop\checkup.txt 2014-05-05 19:51 - 2014-05-05 19:51 - 00855379 _____ () C:\Users\Alfred\Desktop\SecurityCheck.exe 2014-05-04 22:46 - 2014-05-04 22:46 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-04 22:45 - 2014-05-04 22:45 - 02347384 _____ (ESET) C:\Users\Alfred\Desktop\esetsmartinstaller_deu.exe 2014-05-04 19:08 - 2014-05-04 20:57 - 00000000 ____D () C:\Users\Alfred\Documents\Wechseldatenträger 2014-05-04 16:18 - 2014-05-04 16:22 - 00000000 ____D () C:\Users\Alfred\Desktop\Projekt neuer PC FSX 2014-05-04 09:43 - 2014-05-04 09:43 - 00003187 _____ () C:\Users\Alfred\Desktop\AdwCleaner[S1].txt 2014-05-04 08:34 - 2014-05-02 20:35 - 01310621 _____ () C:\Users\Alfred\Desktop\adwcleaner.exe 2014-05-03 17:42 - 2014-05-03 17:44 - 02521198 _____ () C:\Users\Alfred\Downloads\unalakleet_paunv3_0.zip 2014-05-03 15:46 - 2014-05-03 15:46 - 03511490 _____ () C:\Users\Alfred\Downloads\FSUIPC4(1).zip 2014-05-03 15:45 - 2014-05-03 15:45 - 00002048 _____ () C:\Windows\QW146.lic 2014-05-03 14:16 - 2014-05-03 14:17 - 00000000 ____D () C:\Users\Alfred\Documents\TROJANERBOARD.DE 3.5.14 2014-05-02 23:51 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-02 23:51 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-02 23:51 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-02 23:51 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-02 22:22 - 2014-05-02 22:22 - 01016261 _____ (Thisisu) C:\Users\Alfred\Downloads\JRT.exe 2014-05-02 20:38 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-05-02 20:35 - 2014-05-02 20:35 - 01310621 _____ () C:\Users\Alfred\Downloads\adwcleaner.exe 2014-05-02 18:31 - 2014-05-05 19:00 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-02 18:31 - 2014-05-02 18:31 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-02 18:31 - 2014-05-02 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-02 18:31 - 2014-05-02 18:31 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-02 18:31 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-02 18:31 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-02 18:31 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-02 12:21 - 2014-05-02 12:21 - 00001239 _____ () C:\Users\Alfred\Desktop\Mustang Pilot's Guide.lnk 2014-05-02 10:28 - 2014-05-02 10:28 - 41380253 _____ () C:\Users\Alfred\Downloads\EFASS_1.0.1714.5921.zip 2014-05-02 06:53 - 2014-05-02 06:54 - 00000000 ____D () C:\Users\Alfred\Documents\TROJANERBOARD.DE.2.5.14 2014-05-01 21:36 - 2014-05-01 21:36 - 00039277 _____ () C:\ComboFix.txt 2014-05-01 21:28 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-05-01 21:28 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-05-01 21:28 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-05-01 21:28 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-05-01 21:28 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-05-01 21:28 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-05-01 21:28 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-05-01 21:28 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-05-01 21:27 - 2014-05-01 21:36 - 00000000 ____D () C:\Qoobox 2014-05-01 21:23 - 2014-05-01 21:23 - 00000000 ____D () C:\Windows\System32\Tasks\Western Digital 2014-05-01 21:22 - 2014-05-01 21:22 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Western Digital 2014-05-01 21:21 - 2014-05-01 21:21 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Western_Digital_Technolog 2014-05-01 21:16 - 2014-05-04 09:48 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat 2014-05-01 21:15 - 2014-05-01 21:15 - 00000000 ____D () C:\Program Files\Western Digital 2014-05-01 21:15 - 2014-05-01 21:15 - 00000000 ____D () C:\Program Files\Common Files\Western Digital 2014-05-01 21:14 - 2014-05-01 21:21 - 00000000 ____D () C:\ProgramData\Western Digital 2014-05-01 21:14 - 2014-05-01 21:15 - 00014218 _____ () C:\Windows\DPINST.LOG 2014-05-01 21:14 - 2014-05-01 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital 2014-05-01 21:14 - 2014-05-01 21:15 - 00000000 ____D () C:\Program Files (x86)\Western Digital 2014-04-29 22:07 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-04-29 22:07 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-04-29 22:07 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-04-29 22:07 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-04-29 22:07 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-04-29 22:07 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-04-29 22:07 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-04-29 22:07 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-04-29 22:07 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-04-29 22:07 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-04-29 22:07 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-04-29 22:07 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-04-29 22:07 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-04-29 22:07 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-04-29 22:07 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-04-29 22:07 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-04-29 22:07 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-04-29 22:07 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-04-29 22:07 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-04-29 22:07 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-04-29 22:07 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-04-29 22:07 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-04-29 22:07 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-04-29 22:07 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-04-29 22:07 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-04-29 22:07 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-04-29 22:07 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-04-29 22:07 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-04-29 22:07 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-04-29 22:07 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-04-29 22:07 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-04-29 22:07 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-04-29 22:07 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-04-29 22:07 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-04-29 22:07 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-04-29 22:07 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-04-29 22:07 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-04-29 22:07 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-04-29 22:07 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-04-29 22:07 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-04-29 22:07 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-04-29 22:07 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-04-29 22:07 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-04-29 22:07 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-04-27 20:14 - 2014-04-27 20:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-04-26 22:09 - 2014-04-26 22:09 - 02061824 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64.exe 2014-04-26 09:39 - 2013-09-16 11:18 - 00000679 _____ () C:\Users\Alfred\Desktop\AVIATION - Verknüpfung.lnk 2014-04-23 08:11 - 2014-04-23 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLS DC10 2014-04-22 14:11 - 2014-04-22 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VFR Extreeme - Boise X 2014-04-22 14:11 - 2014-04-22 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boise X - Patch V1.2 2014-04-22 14:01 - 2014-04-22 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VFR Kaui HI01 Taxiway sign fix 2014-04-22 14:00 - 2014-04-22 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalaupapa Molokai Compatibility Patch 2014-04-22 12:11 - 2014-04-22 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-22 12:11 - 2014-04-22 12:10 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-22 12:11 - 2014-04-22 12:10 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-22 12:11 - 2014-04-22 12:10 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-22 12:11 - 2014-04-22 12:10 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-21 13:01 - 2014-04-21 13:01 - 00000000 ____D () C:\Users\Alfred\Documents\0.0.my Documents ex PC DELL new 2014-04-19 17:41 - 2014-04-21 15:07 - 00000000 ____D () C:\Users\Alfred\Desktop\FSX F 2014-04-19 17:39 - 2014-04-19 17:39 - 00000000 ____D () C:\Users\Alfred\Documents\1.speedtest 2014-04-19 17:38 - 2014-04-21 14:34 - 00001943 _____ () C:\Users\Alfred\Desktop\eSATA inventar23.4.14.lnk 2014-04-19 17:35 - 2014-04-27 16:46 - 00000000 ____D () C:\Users\Alfred\Documents\0.PENDINGS 2014-04-19 17:26 - 2014-04-19 17:30 - 02853583 _____ () C:\Users\Alfred\Downloads\l1011p1.zip 2014-04-18 21:36 - 2014-04-18 22:03 - 550797932 _____ () C:\Users\Alfred\Downloads\Grand_Canyon_KGCN_V2.zip 2014-04-18 21:35 - 2014-04-18 21:35 - 00599860 _____ () C:\Users\Alfred\Downloads\kgcn_jrm(1).zip 2014-04-18 21:34 - 2014-04-18 21:34 - 00599860 _____ () C:\Users\Alfred\Downloads\kgcn_jrm.zip 2014-04-18 11:44 - 2014-04-18 11:44 - 00000933 _____ () C:\Users\Alfred\Desktop\aerofly-fs.exe - Verknüpfung.lnk 2014-04-18 11:40 - 2014-04-18 11:42 - 510211567 _____ (IPACS ) C:\Users\Alfred\Downloads\aerofly-fs-update-win-v1020005.exe 2014-04-17 07:37 - 2014-04-17 07:37 - 00000691 _____ () C:\Users\Alfred\Desktop\Alfred - Verknüpfung.lnk 2014-04-15 18:36 - 2014-04-15 18:36 - 00000000 ____D () C:\0.abelssoft checkdrive 100% 2014-04-14 06:10 - 2014-04-14 11:01 - 862628484 _____ () C:\Users\Alfred\Downloads\AZ_North4West7_FSX.zip 2014-04-14 06:09 - 2014-04-14 11:00 - 881134877 _____ () C:\Users\Alfred\Downloads\AZ_North3West7_FSX.zip 2014-04-14 05:59 - 2014-04-14 09:57 - 701746171 _____ () C:\Users\Alfred\Downloads\AZ_North6_FSX.zip 2014-04-14 05:58 - 2014-04-14 10:40 - 853437347 _____ () C:\Users\Alfred\Downloads\AZ_North6West_FSX.zip 2014-04-14 05:57 - 2014-04-14 10:15 - 761091948 _____ () C:\Users\Alfred\Downloads\AZ_North6West2_FSX.zip 2014-04-14 05:56 - 2014-04-14 10:24 - 824296777 _____ () C:\Users\Alfred\Downloads\AZ_North6West3_FSX.zip 2014-04-13 17:23 - 2014-04-14 00:50 - 781741209 _____ () C:\Users\Alfred\Downloads\AZ_North5West3_FSX.zip 2014-04-13 17:21 - 2014-04-14 01:32 - 887973415 _____ () C:\Users\Alfred\Downloads\AZ_North5West2_FSX.zip 2014-04-13 17:08 - 2014-04-14 00:32 - 719635327 _____ () C:\Users\Alfred\Downloads\AZ_North5_FSX.zip 2014-04-13 17:06 - 2014-04-14 00:15 - 657504760 _____ () C:\Users\Alfred\Downloads\AZ_North5West_FSX(1).zip 2014-04-13 16:16 - 2014-04-13 16:16 - 03803978 _____ () C:\Users\Alfred\Downloads\FSUIPC4.zip 2014-04-13 11:44 - 2014-04-13 11:49 - 14672866 _____ () C:\Users\Alfred\Downloads\tds_boeing_737-900er_united_airlines_n28457.zip 2014-04-13 11:43 - 2014-04-13 11:48 - 13607325 _____ () C:\Users\Alfred\Downloads\tds_boeing_737-700bbj_n111vm.zip 2014-04-13 11:29 - 2014-04-13 11:29 - 00003236 _____ () C:\Windows\System32\Tasks\{457CE8F6-C106-4511-8541-12838E9A7FCD} 2014-04-13 11:24 - 2014-04-13 11:24 - 03434022 _____ () C:\Users\Alfred\Downloads\FSUIPC.zip 2014-04-13 07:38 - 2014-04-13 07:38 - 00000386 _____ () C:\Users\Alfred\Downloads\Autostart-Reparierer.zip 2014-04-12 22:27 - 2014-04-12 22:27 - 00003036 _____ () C:\Windows\System32\Tasks\{96ECFB14-EFAD-4688-B824-B03F910FC9EB} 2014-04-12 21:26 - 2014-04-12 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FS Water Configurator 2014-04-12 21:06 - 2014-04-12 21:25 - 00000000 ____D () C:\Program Files\FS Water Configurator 2014-04-12 19:20 - 2014-04-12 19:20 - 03486130 _____ () C:\Users\Alfred\Downloads\fswc3.15.zip 2014-04-12 18:56 - 2014-04-12 18:56 - 00035803 _____ () C:\Users\Alfred\Downloads\wake-isl(1).zip 2014-04-12 18:52 - 2014-04-12 18:52 - 14588631 _____ () C:\Users\Alfred\Downloads\Wake-Island.zip 2014-04-11 17:50 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2014-04-11 17:47 - 2014-04-11 17:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-04-11 17:47 - 2014-04-11 17:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-11 17:47 - 2014-04-11 17:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-11 17:47 - 2014-04-11 17:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-04-11 17:47 - 2014-04-11 17:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-11 17:47 - 2014-04-11 17:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-04-11 17:47 - 2014-04-11 17:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-04-11 17:46 - 2014-04-11 17:50 - 00009961 _____ () C:\Windows\IE11_main.log 2014-04-10 21:20 - 2014-04-10 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-04-10 21:19 - 2014-04-10 21:19 - 00002563 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-04-10 21:19 - 2014-04-10 21:19 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-04-10 21:19 - 2014-04-10 21:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple 2014-04-10 21:19 - 2014-04-10 21:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple 2014-04-10 21:19 - 2014-04-10 21:19 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-04-10 21:05 - 2013-05-10 07:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-04-10 21:05 - 2013-05-10 07:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-04-10 21:05 - 2013-05-10 06:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-04-10 21:05 - 2013-05-10 06:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-04-10 19:01 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-04-10 19:01 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-04-10 19:00 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-04-10 19:00 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-04-10 19:00 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-04-10 19:00 - 2014-01-01 01:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-04-10 19:00 - 2014-01-01 01:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-04-10 19:00 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-04-10 19:00 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-04-10 19:00 - 2013-11-12 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-04-10 19:00 - 2013-11-12 04:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-04-10 19:00 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2014-04-10 19:00 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2014-04-10 18:59 - 2013-12-06 04:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-04-10 18:59 - 2013-12-06 04:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-04-10 18:59 - 2013-12-06 04:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-04-10 18:59 - 2013-12-06 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-04-10 18:58 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-04-10 18:58 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-10 18:58 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-10 18:58 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-10 18:58 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-10 18:58 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-10 18:58 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-04-10 18:58 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-04-10 18:58 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-04-10 18:58 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-04-10 18:58 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-04-10 18:58 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-04-10 18:58 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-04-10 18:58 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-04-10 18:58 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-04-10 18:58 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-04-10 18:58 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-04-10 18:58 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-04-10 18:58 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-04-10 18:58 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-04-10 18:58 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-04-10 18:58 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-04-10 18:58 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-04-10 18:58 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-04-10 18:58 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-04-10 18:58 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-04-10 18:58 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2014-04-10 18:58 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2014-04-10 18:58 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2014-04-10 18:58 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2014-04-10 18:58 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys 2014-04-10 18:58 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2014-04-10 18:58 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2014-04-10 18:58 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-04-10 18:58 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-04-10 18:58 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2014-04-10 18:58 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2014-04-10 18:57 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-10 18:57 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-10 18:57 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-10 18:57 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-10 18:57 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-10 18:57 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-10 18:57 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-10 18:57 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-10 18:57 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-10 18:57 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-10 18:57 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-10 18:57 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-04-10 18:57 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-04-10 18:57 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-04-10 18:57 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-04-10 18:57 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2014-04-10 18:57 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2014-04-10 18:57 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx 2014-04-10 18:57 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2014-04-10 18:57 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe 2014-04-10 18:57 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2014-04-10 18:57 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe 2014-04-10 18:57 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2014-04-10 18:48 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-04-10 18:48 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-04-10 18:44 - 2014-04-10 18:44 - 00000000 ____D () C:\Windows\Temp49BB3881-48A0-2973-C58E-D790194EC1C9-Signatures ==================== One Month Modified Files and Folders ======= 2014-05-05 19:54 - 2014-05-05 19:54 - 00018157 _____ () C:\Users\Alfred\Desktop\FRST.txt 2014-05-05 19:54 - 2013-09-13 09:08 - 00000000 ____D () C:\FRST 2014-05-05 19:53 - 2014-05-05 19:53 - 02063872 _____ (Farbar) C:\Users\Alfred\Desktop\FRST64.exe 2014-05-05 19:53 - 2014-05-05 19:53 - 00000000 ____D () C:\Users\Alfred\Desktop\FRST-OlderVersion 2014-05-05 19:53 - 2011-04-11 14:25 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-05 19:52 - 2014-05-05 19:52 - 00001071 _____ () C:\Users\Alfred\Desktop\checkup.txt 2014-05-05 19:51 - 2014-05-05 19:51 - 00855379 _____ () C:\Users\Alfred\Desktop\SecurityCheck.exe 2014-05-05 19:51 - 2013-06-29 12:07 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Free Download Manager 2014-05-05 19:05 - 2012-05-31 09:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-05-05 19:00 - 2014-05-02 18:31 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-05-05 18:52 - 2011-04-11 14:25 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-05 10:56 - 2010-06-01 14:17 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B9570399-0E5E-4E61-89B3-CA9D442C62AF} 2014-05-05 10:51 - 2013-06-16 21:19 - 01535002 _____ () C:\Windows\WindowsUpdate.log 2014-05-05 08:42 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat 2014-05-05 08:42 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat 2014-05-05 08:42 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-04 22:46 - 2014-05-04 22:46 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-05-04 22:45 - 2014-05-04 22:45 - 02347384 _____ (ESET) C:\Users\Alfred\Desktop\esetsmartinstaller_deu.exe 2014-05-04 22:40 - 2012-10-06 20:36 - 00000000 ____D () C:\Users\Alfred\Documents\Flight Simulator X-Dateien 2014-05-04 22:40 - 2012-06-06 19:59 - 00002770 _____ () C:\Users\Alfred\d3d_antilag.log 2014-05-04 21:52 - 2013-07-18 21:21 - 00000290 _____ () C:\Windows\Tasks\CheckDriveBackgroundGuard.job 2014-05-04 20:57 - 2014-05-04 19:08 - 00000000 ____D () C:\Users\Alfred\Documents\Wechseldatenträger 2014-05-04 16:22 - 2014-05-04 16:18 - 00000000 ____D () C:\Users\Alfred\Desktop\Projekt neuer PC FSX 2014-05-04 11:28 - 2010-06-01 13:44 - 00072048 _____ () C:\Users\Alfred\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-04 11:14 - 2012-05-18 17:50 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Navdata 2014-05-04 11:12 - 2010-07-15 09:17 - 00000000 ____D () C:\Eaglesoft Development Group 2014-05-04 09:59 - 2009-07-14 06:45 - 00013776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-05-04 09:59 - 2009-07-14 06:45 - 00013776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-05-04 09:48 - 2014-05-01 21:16 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat 2014-05-04 09:47 - 2013-09-20 11:27 - 00026674 _____ () C:\Windows\setupact.log 2014-05-04 09:47 - 2012-07-22 22:24 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-05-04 09:47 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-05-04 09:43 - 2014-05-04 09:43 - 00003187 _____ () C:\Users\Alfred\Desktop\AdwCleaner[S1].txt 2014-05-04 09:39 - 2013-09-28 07:53 - 00286854 _____ () C:\Windows\PFRO.log 2014-05-04 09:36 - 2013-09-13 11:09 - 00000000 ____D () C:\AdwCleaner 2014-05-03 22:11 - 2010-08-28 11:39 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\vlc 2014-05-03 17:57 - 2010-07-11 07:32 - 00000000 ____D () C:\Program Files (x86)\Movies 2014-05-03 17:57 - 2010-06-27 19:40 - 00000000 ____D () C:\Program Files (x86)\Screenshots 2014-05-03 17:55 - 2009-07-14 06:45 - 02237192 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-05-03 17:44 - 2014-05-03 17:42 - 02521198 _____ () C:\Users\Alfred\Downloads\unalakleet_paunv3_0.zip 2014-05-03 16:55 - 2012-11-03 16:34 - 00000000 ____D () C:\Users\Alfred\Desktop\texture.ScandiHD 2014-05-03 15:46 - 2014-05-03 15:46 - 03511490 _____ () C:\Users\Alfred\Downloads\FSUIPC4(1).zip 2014-05-03 15:45 - 2014-05-03 15:45 - 00002048 _____ () C:\Windows\QW146.lic 2014-05-03 14:17 - 2014-05-03 14:16 - 00000000 ____D () C:\Users\Alfred\Documents\TROJANERBOARD.DE 3.5.14 2014-05-02 22:22 - 2014-05-02 22:22 - 01016261 _____ (Thisisu) C:\Users\Alfred\Downloads\JRT.exe 2014-05-02 20:35 - 2014-05-04 08:34 - 01310621 _____ () C:\Users\Alfred\Desktop\adwcleaner.exe 2014-05-02 20:35 - 2014-05-02 20:35 - 01310621 _____ () C:\Users\Alfred\Downloads\adwcleaner.exe 2014-05-02 18:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Globalization 2014-05-02 18:31 - 2014-05-02 18:31 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-05-02 18:31 - 2014-05-02 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-05-02 18:31 - 2014-05-02 18:31 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-05-02 18:31 - 2013-06-26 13:52 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-05-02 12:21 - 2014-05-02 12:21 - 00001239 _____ () C:\Users\Alfred\Desktop\Mustang Pilot's Guide.lnk 2014-05-02 12:21 - 2010-06-13 15:57 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flight One Software 2014-05-02 12:07 - 2013-09-14 10:03 - 00002048 _____ () C:\Windows\mustang1.lic 2014-05-02 10:28 - 2014-05-02 10:28 - 41380253 _____ () C:\Users\Alfred\Downloads\EFASS_1.0.1714.5921.zip 2014-05-02 06:54 - 2014-05-02 06:53 - 00000000 ____D () C:\Users\Alfred\Documents\TROJANERBOARD.DE.2.5.14 2014-05-01 21:36 - 2014-05-01 21:36 - 00039277 _____ () C:\ComboFix.txt 2014-05-01 21:36 - 2014-05-01 21:27 - 00000000 ____D () C:\Qoobox 2014-05-01 21:34 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-05-01 21:23 - 2014-05-01 21:23 - 00000000 ____D () C:\Windows\System32\Tasks\Western Digital 2014-05-01 21:22 - 2014-05-01 21:22 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Western Digital 2014-05-01 21:21 - 2014-05-01 21:21 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Western_Digital_Technolog 2014-05-01 21:21 - 2014-05-01 21:14 - 00000000 ____D () C:\ProgramData\Western Digital 2014-05-01 21:15 - 2014-05-01 21:15 - 00000000 ____D () C:\Program Files\Western Digital 2014-05-01 21:15 - 2014-05-01 21:15 - 00000000 ____D () C:\Program Files\Common Files\Western Digital 2014-05-01 21:15 - 2014-05-01 21:14 - 00014218 _____ () C:\Windows\DPINST.LOG 2014-05-01 21:15 - 2014-05-01 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital 2014-05-01 21:15 - 2014-05-01 21:14 - 00000000 ____D () C:\Program Files (x86)\Western Digital 2014-05-01 07:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-30 21:43 - 2012-12-02 23:05 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\PC Utility Kit 2014-04-30 21:43 - 2012-12-02 23:05 - 00000000 ____D () C:\ProgramData\PC Utility Kit 2014-04-29 22:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-04-29 22:15 - 2012-05-31 09:11 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-29 22:15 - 2012-05-31 09:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-29 22:15 - 2011-05-21 08:12 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-29 16:01 - 2014-05-02 23:51 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-29 15:40 - 2014-05-02 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-29 14:48 - 2014-05-02 23:51 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-29 14:34 - 2014-05-02 23:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-27 20:14 - 2014-04-27 20:14 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-04-27 16:46 - 2014-04-19 17:35 - 00000000 ____D () C:\Users\Alfred\Documents\0.PENDINGS 2014-04-27 09:26 - 2010-06-02 11:44 - 00000000 ___RD () C:\Users\Alfred\Documents\2.C O M P U T E R 2014-04-26 22:09 - 2014-04-26 22:09 - 02061824 _____ (Farbar) C:\Users\Alfred\Downloads\FRST64.exe 2014-04-23 08:11 - 2014-04-23 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLS DC10 2014-04-22 20:37 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-04-22 18:14 - 2011-06-03 18:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Just Flight 2014-04-22 18:13 - 2010-07-01 10:38 - 00000000 ____D () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wilco Publishing 2014-04-22 14:11 - 2014-04-22 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VFR Extreeme - Boise X 2014-04-22 14:11 - 2014-04-22 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boise X - Patch V1.2 2014-04-22 14:01 - 2014-04-22 14:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VFR Kaui HI01 Taxiway sign fix 2014-04-22 14:00 - 2014-04-22 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalaupapa Molokai Compatibility Patch 2014-04-22 12:11 - 2014-04-22 12:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-22 12:10 - 2014-04-22 12:11 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-22 12:10 - 2014-04-22 12:11 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-22 12:10 - 2014-04-22 12:11 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-22 12:10 - 2014-04-22 12:11 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-22 12:10 - 2010-08-26 10:16 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-21 15:07 - 2014-04-19 17:41 - 00000000 ____D () C:\Users\Alfred\Desktop\FSX F 2014-04-21 14:34 - 2014-04-19 17:38 - 00001943 _____ () C:\Users\Alfred\Desktop\eSATA inventar23.4.14.lnk 2014-04-21 13:01 - 2014-04-21 13:01 - 00000000 ____D () C:\Users\Alfred\Documents\0.0.my Documents ex PC DELL new 2014-04-19 17:39 - 2014-04-19 17:39 - 00000000 ____D () C:\Users\Alfred\Documents\1.speedtest 2014-04-19 17:33 - 2013-10-04 11:16 - 00000000 ____D () C:\Users\Alfred\Downloads\OPENZIP 2014-04-19 17:30 - 2014-04-19 17:26 - 02853583 _____ () C:\Users\Alfred\Downloads\l1011p1.zip 2014-04-18 22:03 - 2014-04-18 21:36 - 550797932 _____ () C:\Users\Alfred\Downloads\Grand_Canyon_KGCN_V2.zip 2014-04-18 21:35 - 2014-04-18 21:35 - 00599860 _____ () C:\Users\Alfred\Downloads\kgcn_jrm(1).zip 2014-04-18 21:34 - 2014-04-18 21:34 - 00599860 _____ () C:\Users\Alfred\Downloads\kgcn_jrm.zip 2014-04-18 11:44 - 2014-04-18 11:44 - 00000933 _____ () C:\Users\Alfred\Desktop\aerofly-fs.exe - Verknüpfung.lnk 2014-04-18 11:42 - 2014-04-18 11:40 - 510211567 _____ (IPACS ) C:\Users\Alfred\Downloads\aerofly-fs-update-win-v1020005.exe 2014-04-18 10:18 - 2013-06-29 14:02 - 00002471 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-04-17 09:53 - 2013-10-08 14:52 - 00001227 _____ () C:\Users\Alfred\Desktop\DESKTOP icons - Verknüpfung.lnk 2014-04-17 07:37 - 2014-04-17 07:37 - 00000691 _____ () C:\Users\Alfred\Desktop\Alfred - Verknüpfung.lnk 2014-04-16 19:20 - 2013-06-16 10:59 - 00001457 _____ () C:\Users\Alfred\Desktop\F A V O R I T E N - Verknüpfung.lnk 2014-04-16 17:32 - 2012-06-01 15:26 - 00000000 ___RD () C:\Users\Alfred\Documents\2.PC 2014-04-15 18:36 - 2014-04-15 18:36 - 00000000 ____D () C:\0.abelssoft checkdrive 100% 2014-04-14 12:55 - 2010-06-07 11:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-04-14 11:01 - 2014-04-14 06:10 - 862628484 _____ () C:\Users\Alfred\Downloads\AZ_North4West7_FSX.zip 2014-04-14 11:00 - 2014-04-14 06:09 - 881134877 _____ () C:\Users\Alfred\Downloads\AZ_North3West7_FSX.zip 2014-04-14 10:40 - 2014-04-14 05:58 - 853437347 _____ () C:\Users\Alfred\Downloads\AZ_North6West_FSX.zip 2014-04-14 10:24 - 2014-04-14 05:56 - 824296777 _____ () C:\Users\Alfred\Downloads\AZ_North6West3_FSX.zip 2014-04-14 10:15 - 2014-04-14 05:57 - 761091948 _____ () C:\Users\Alfred\Downloads\AZ_North6West2_FSX.zip 2014-04-14 09:57 - 2014-04-14 05:59 - 701746171 _____ () C:\Users\Alfred\Downloads\AZ_North6_FSX.zip 2014-04-14 01:32 - 2014-04-13 17:21 - 887973415 _____ () C:\Users\Alfred\Downloads\AZ_North5West2_FSX.zip 2014-04-14 00:50 - 2014-04-13 17:23 - 781741209 _____ () C:\Users\Alfred\Downloads\AZ_North5West3_FSX.zip 2014-04-14 00:32 - 2014-04-13 17:08 - 719635327 _____ () C:\Users\Alfred\Downloads\AZ_North5_FSX.zip 2014-04-14 00:15 - 2014-04-13 17:06 - 657504760 _____ () C:\Users\Alfred\Downloads\AZ_North5West_FSX(1).zip 2014-04-13 16:16 - 2014-04-13 16:16 - 03803978 _____ () C:\Users\Alfred\Downloads\FSUIPC4.zip 2014-04-13 15:30 - 2010-06-07 12:10 - 00000000 ____D () C:\Users\Alfred\AppData\Local\Microsoft Game Studios 2014-04-13 11:49 - 2014-04-13 11:44 - 14672866 _____ () C:\Users\Alfred\Downloads\tds_boeing_737-900er_united_airlines_n28457.zip 2014-04-13 11:48 - 2014-04-13 11:43 - 13607325 _____ () C:\Users\Alfred\Downloads\tds_boeing_737-700bbj_n111vm.zip 2014-04-13 11:29 - 2014-04-13 11:29 - 00003236 _____ () C:\Windows\System32\Tasks\{457CE8F6-C106-4511-8541-12838E9A7FCD} 2014-04-13 11:24 - 2014-04-13 11:24 - 03434022 _____ () C:\Users\Alfred\Downloads\FSUIPC.zip 2014-04-13 11:22 - 2012-08-11 21:16 - 00000000 ____D () C:\Users\Alfred\Documents\Flight Simulator Files 2014-04-13 07:38 - 2014-04-13 07:38 - 00000386 _____ () C:\Users\Alfred\Downloads\Autostart-Reparierer.zip 2014-04-13 06:03 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-04-12 23:39 - 2011-01-06 11:21 - 01594028 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-04-12 22:33 - 2012-08-13 12:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-04-12 22:27 - 2014-04-12 22:27 - 00003036 _____ () C:\Windows\System32\Tasks\{96ECFB14-EFAD-4688-B824-B03F910FC9EB} 2014-04-12 21:26 - 2014-04-12 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FS Water Configurator 2014-04-12 21:25 - 2014-04-12 21:06 - 00000000 ____D () C:\Program Files\FS Water Configurator 2014-04-12 21:19 - 2013-09-07 10:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-04-12 19:20 - 2014-04-12 19:20 - 03486130 _____ () C:\Users\Alfred\Downloads\fswc3.15.zip 2014-04-12 18:56 - 2014-04-12 18:56 - 00035803 _____ () C:\Users\Alfred\Downloads\wake-isl(1).zip 2014-04-12 18:52 - 2014-04-12 18:52 - 14588631 _____ () C:\Users\Alfred\Downloads\Wake-Island.zip 2014-04-11 18:19 - 2011-05-22 13:28 - 00001427 _____ () C:\Users\Alfred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-11 17:50 - 2014-04-11 17:46 - 00009961 _____ () C:\Windows\IE11_main.log 2014-04-11 17:47 - 2014-04-11 17:47 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2014-04-11 17:47 - 2014-04-11 17:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2014-04-11 17:47 - 2014-04-11 17:47 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-04-11 17:47 - 2014-04-11 17:47 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-04-11 17:47 - 2014-04-11 17:47 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-04-11 17:47 - 2014-04-11 17:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-04-11 17:47 - 2014-04-11 17:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-04-11 17:47 - 2014-04-11 17:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-04-11 17:47 - 2014-04-11 17:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-04-11 17:45 - 2011-01-06 11:21 - 00001912 _____ () C:\Windows\epplauncher.mif 2014-04-11 17:45 - 2011-01-06 11:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client 2014-04-11 17:45 - 2011-01-06 11:20 - 00002123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk 2014-04-11 17:45 - 2011-01-06 11:20 - 00000000 ____D () C:\Program Files\Microsoft Security Client 2014-04-10 21:20 - 2014-04-10 21:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-04-10 21:20 - 2010-08-28 11:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-04-10 21:19 - 2014-04-10 21:19 - 00002563 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-04-10 21:19 - 2014-04-10 21:19 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-04-10 21:19 - 2014-04-10 21:19 - 00000000 ____D () C:\Users\Default\AppData\Local\Apple 2014-04-10 21:19 - 2014-04-10 21:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\Apple 2014-04-10 21:19 - 2014-04-10 21:19 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-04-10 21:13 - 2013-04-09 16:55 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-04-10 21:13 - 2013-04-09 16:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-04-10 20:53 - 2013-08-16 11:41 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 20:51 - 2013-04-09 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-04-10 18:50 - 2013-10-11 10:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2014-04-10 18:47 - 2011-04-11 14:25 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-04-10 18:47 - 2011-04-11 14:25 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-04-10 18:44 - 2014-04-10 18:44 - 00000000 ____D () C:\Windows\Temp49BB3881-48A0-2973-C58E-D790194EC1C9-Signatures Files to move or delete: ==================== C:\Users\Alfred\Aerosoft_FlorenceX.reg C:\Users\Alfred\Cloud9_Xcity Rome.reg C:\Users\Alfred\FSDreamTeam_Geneva.reg C:\Users\Alfred\FSDreamTeam_Hawaiian Airports Volume 2.reg C:\Users\Alfred\FSDreamTeam_Honolulu.reg C:\Users\Alfred\FSDreamTeam_ZurichX.reg Some content of TEMP: ==================== C:\Users\Alfred\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-01 07:38 ==================== End Of Log ============================ --- --- --- --- --- ---
__________________ Suche nicht das Glueck - lebe es (Buddha) |
| Themen zu Aufstarten PC mit Win 7 64 dauert viel zulange |
| arten, aufgehängt, aufstarten, behebung, dauert, ewigkeit, guten, neustart, performance, recht, win, win 7, zweimal |
Baum-Darstellung