| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7: IE geht Selbstständig aufWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.09.2014, 20:45
| #1 |
 |  Windows 7: IE geht Selbstständig auf Hallo, Ich habe seit 2 Tagen das Problem, das sich mein IE selbstständig öffnet und dann Automatisch eine spiezelle URL öffnet. Ich habe AVAST und Malwarebytes berreits meinen PC durchscannen lassen, allerdings ergaben diese keine Funde und der IE ploppt immer noch unregelmäßig mit dieser einen Website auf. Außerdem habe ich zusätzlich noch das Problem das ich einige Prozesse über den Task - Manager nicht beenden kann, da mir der Zugriff verweigert wird, und die Prozesse nicht vom System stammen. Wäre um Hilfe erfreut. MfG, Ladekabel612 |
|
05.09.2014, 21:19
| #2 |
| /// TB-Ausbilder   | Windows 7: IE geht Selbstständig auf Hallo Ladekabel612
__________________ Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
 Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg. Wir "arbeiten" hier alle freiwillig und in unserer Freizeit *hust*. Daher kann es bei Antworten zu Verzögerungen kommen. Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
05.09.2014, 21:27
| #3 |
| | Windows 7: IE geht Selbstständig auf Hier einmal die FRST.txt
__________________FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02 Ran by compaq (administrator) on FATE on 05-09-2014 22:23:24 Running from C:\Users\compaq\Downloads Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apache Software Foundation) C:\xampp\apache\bin\httpd.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (Apache Software Foundation) C:\xampp\apache\bin\httpd.exe () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\xampp\mysql\bin\mysqld.exe () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe () C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBWMgr.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\FBW.exe (Dropbox, Inc.) C:\Users\compaq\AppData\Roaming\Dropbox\bin\Dropbox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe, HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION HKU\S-1-5-21-624198674-977653023-2037852723-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk ShortcutTarget: NETGEAR WNA3100M Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe () Startup: C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4CCD77966318CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=prc265 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_30_ff&cd=2XzuyEtN2Y1L1QzuyE0CyCtD0D0EyByC0EtD0A0DyC0EtB0BtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBzyyCtD0Ezy0D0EtGtC0C0EyCtGyEzztDtCtGtD0C0FzytGyByDyC0DyDyD0B0CzztByB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0AtBzzzzyE0AyBtGyDtDyB0AtGyE0EtDyEtG0AtA0EzztG0AtD0E0AyDtD0AyD0E0C0E0E2Q&cr=832457479&ir= SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_30_ff&cd=2XzuyEtN2Y1L1QzuyE0CyCtD0D0EyByC0EtD0A0DyC0EtB0BtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBzyyCtD0Ezy0D0EtGtC0C0EyCtGyEzztDtCtGtD0C0FzytGyByDyC0DyDyD0B0CzztByB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0AtBzzzzyE0AyBtGyDtDyB0AtGyE0EtDyEtG0AtA0EzztG0AtD0E0AyDtD0AyD0E0C0E0E2Q&cr=832457479&ir= BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{FCD5A3CD-F655-4E96-A281-65606862AD3C}: [NameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default FF SelectedSearchEngine: Google FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\user.js FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\sparpilot@sparpilot.com [2014-08-31] FF Extension: The Fox, Only Better - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\thefoxonlybetter@quicksaver.xpi [2014-08-23] FF Extension: Adblock Plus - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-28] FF Extension: User Agent Switcher - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2014-08-23] FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-09-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-15] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-10] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2014-03-16] (Apache Software Foundation) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-10] (AVAST Software) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [919040 2014-05-17] (AnchorFree Inc.) [File not signed] S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [78512 2014-05-17] () R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [430344 2014-05-17] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 mysql; C:\xampp\mysql\bin\mysqld.exe [10966528 2014-01-14] () [File not signed] R2 WSWNA3100M; C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [303360 2011-12-07] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-10] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-10] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-10] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-10] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-10] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-10] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-10] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-10] () R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2014-07-23] (G Data Software AG) R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2014-07-23] (G Data Software AG) R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [22016 2014-07-23] (G Data Software AG) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-05] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation ) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) R3 wna3100m; C:\Windows\System32\DRIVERS\wna3100m.sys [1094760 2011-12-30] (NETGEAR Corporation ) S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2014-09-03] () S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-05 22:23 - 2014-09-05 22:23 - 00013952 _____ () C:\Users\compaq\Downloads\FRST.txt 2014-09-05 22:23 - 2014-09-05 22:23 - 00000000 ____D () C:\FRST 2014-09-05 22:22 - 2014-09-05 22:22 - 02104832 _____ (Farbar) C:\Users\compaq\Downloads\FRST64.exe 2014-09-05 21:20 - 2014-09-05 21:20 - 00001056 _____ () C:\Users\compaq\Desktop\Dropbox.lnk 2014-09-05 21:20 - 2014-09-05 21:20 - 00000000 ___RD () C:\Users\compaq\Dropbox 2014-09-05 21:17 - 2014-09-05 21:17 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-09-05 21:12 - 2014-09-05 21:20 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dropbox 2014-09-05 21:12 - 2014-09-05 21:12 - 00323696 _____ (Dropbox, Inc.) C:\Users\compaq\Downloads\DropboxInstaller.exe 2014-09-04 14:13 - 2014-09-04 14:14 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Telegram Win (Unofficial) 2014-09-04 14:13 - 2014-09-04 14:13 - 00001069 _____ () C:\Users\compaq\Desktop\Telegram.lnk 2014-09-04 14:13 - 2014-09-04 14:13 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial) 2014-09-04 14:10 - 2014-09-04 14:10 - 01101648 _____ () C:\Users\compaq\Downloads\Telegram for Desktop Unofficial - CHIP-Installer.exe 2014-09-04 14:06 - 2014-09-05 19:59 - 00001402 _____ () C:\Windows\PFRO.log 2014-09-04 14:06 - 2014-09-05 19:59 - 00000112 _____ () C:\Windows\setupact.log 2014-09-04 14:06 - 2014-09-04 14:06 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-03 18:13 - 2014-09-03 18:13 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Paessler 2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Licenses 2014-09-03 14:52 - 2014-09-03 14:52 - 00024504 _____ () C:\Users\compaq\Documents\Log von NETGEAR DoS Attack 03.09.2014 2014-09-03 14:13 - 2014-09-03 14:13 - 00024275 _____ () C:\Users\compaq\Documents\Log von NETGEAR 2014.09.03 2014-09-03 10:02 - 2014-09-03 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\Documents\deskcalc 2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\deskcalc 2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\compaq\AppData\Local\SlimWare Utilities Inc 2014-09-01 18:26 - 2014-09-01 20:22 - 00000000 ____D () C:\Users\compaq\Desktop\rendern 2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\compaq\AppData\Local\Adobe 2014-08-31 20:56 - 2014-08-31 21:31 - 00000000 ____D () C:\Users\Public\Documents\Lightworks 2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks 2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Geevs 2014-08-31 20:55 - 2014-08-31 20:56 - 00000000 ____D () C:\Program Files (x86)\Lightworks 2014-08-31 20:03 - 2014-09-01 19:24 - 00000000 ____D () C:\Users\compaq\AppData\Local\Windows Live 2014-08-31 20:03 - 2014-08-31 20:03 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive 2014-08-31 19:54 - 2014-09-01 18:32 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\avidemux 2014-08-31 18:20 - 2014-08-31 18:20 - 00000000 ____D () C:\Users\compaq\AppData\Local\Tempa8b1a712f48233524e0c6b8833d1169e 2014-08-30 21:55 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-08-30 21:55 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-08-30 21:55 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-08-30 21:55 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-08-30 21:55 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-08-30 21:55 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2014-08-30 21:55 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2014-08-30 21:55 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-08-30 21:55 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-08-30 21:55 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-08-30 21:54 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-08-30 21:54 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-08-30 16:17 - 2014-08-30 16:17 - 00000000 ____D () C:\Users\compaq\Documents\SimCity 2014-08-30 15:02 - 2014-08-31 20:38 - 00000000 ___RD () C:\Users\compaq\Desktop\Musik 2014-08-30 14:19 - 2014-08-30 14:27 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-08-30 14:15 - 2014-09-03 00:38 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-30 14:15 - 2014-08-30 14:15 - 00000998 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-08-30 14:15 - 2014-08-30 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-08-29 23:02 - 2014-09-02 17:06 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dev-Cpp 2014-08-29 00:24 - 2014-08-29 01:31 - 3221225984 _____ () C:\Virtuell4.vhd 2014-08-28 15:44 - 2014-08-28 16:02 - 524288512 _____ () C:\Virtuell3.vhd 2014-08-28 15:24 - 2014-08-28 15:26 - 2147484160 _____ () C:\Virtuell2.vhd 2014-08-28 13:46 - 2014-08-28 14:52 - 2147484160 _____ () C:\Virtuell.vhd 2014-08-28 12:44 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 12:44 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 12:44 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-23 14:43 - 2014-08-23 14:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-08-23 14:43 - 2014-08-23 14:43 - 00002038 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-08-23 14:42 - 2014-08-23 14:42 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-08-23 14:12 - 2014-09-05 22:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-23 14:11 - 2014-08-23 14:11 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-23 14:11 - 2014-08-23 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-23 14:10 - 2014-08-23 14:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-23 14:10 - 2014-08-23 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-23 14:10 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-23 14:10 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-23 14:10 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-22 18:45 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-22 18:45 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-22 18:45 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-22 18:45 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-22 18:45 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-22 18:45 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-22 18:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-22 18:45 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-22 18:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-08-22 01:27 - 2014-08-22 01:27 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige 2014-08-22 01:01 - 2014-08-22 01:01 - 00000000 ____D () C:\Users\Jendrik\.cache 2014-08-22 00:59 - 2014-08-22 00:59 - 00000000 ____D () C:\Users\Jendrik\Documents\DIE SIEDLER - DEdK 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\Script Testserver 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\GTA San Andreas User Files 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\Abelssoft 2014-08-22 00:58 - 2014-08-21 18:32 - 02695493 _____ () C:\Users\Jendrik\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar 2014-08-22 00:57 - 2014-08-22 00:39 - 88424596 _____ () C:\Users\Jendrik\Desktop\Wichtige Documents.rar 2014-08-22 00:56 - 2014-08-22 00:56 - 00064024 _____ () C:\Users\Jendrik\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\AVAST Software 2014-08-22 00:55 - 2014-08-22 00:55 - 00001398 _____ () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-22 00:55 - 2014-08-22 00:55 - 00000020 ___SH () C:\Users\Jendrik\ntuser.ini 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Vorlagen 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Startmenü 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Netzwerkumgebung 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Lokale Einstellungen 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Eigene Dateien 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Druckumgebung 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Documents\Eigene Musik 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Documents\Eigene Bilder 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Local\Verlauf 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Local\Anwendungsdaten 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Anwendungsdaten 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\ATI 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\Adobe 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\VirtualStore 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\ATI 2014-08-22 00:54 - 2014-08-22 01:01 - 00000000 ____D () C:\Users\Jendrik 2014-08-22 00:54 - 2014-05-07 22:22 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\Google 2014-08-22 00:54 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-08-22 00:54 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-08-21 18:32 - 2014-08-21 18:32 - 02695493 _____ () C:\Users\compaq\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-21 16:51 - 2014-08-21 16:52 - 00000000 ___SD () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-08-19 17:03 - 2014-08-19 17:03 - 00000000 ____D () C:\Users\compaq\.cache 2014-08-17 17:39 - 2014-08-30 14:19 - 00000000 ____D () C:\Users\compaq\AppData\Local\Origin 2014-08-16 21:39 - 2014-08-16 21:39 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-16 18:14 - 2014-08-16 21:33 - 00000000 ____D () C:\Users\compaq\Documents\Script Testserver 2014-08-16 17:32 - 2014-08-16 17:32 - 00000000 _____ () C:\END 2014-08-15 16:21 - 2014-08-15 16:21 - 00001113 _____ () C:\Users\compaq\Desktop\FileZilla FTP Client.lnk 2014-08-15 15:42 - 2014-08-15 15:43 - 00000000 ____D () C:\Program Files (x86)\FileZilla-3.9.0.3 2014-08-15 00:58 - 2014-08-15 00:58 - 00000000 ____D () C:\Sonstiges 2014-08-14 22:38 - 2014-08-14 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2014-08-14 22:30 - 2014-08-14 22:40 - 00000000 ____D () C:\xampp 2014-08-14 02:53 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-14 02:53 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-14 02:53 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-14 02:53 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-14 02:53 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-14 02:53 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-14 02:53 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-14 02:53 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-13 14:40 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-13 14:40 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-13 14:40 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-13 14:40 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-13 14:40 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-13 14:40 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-13 14:40 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-13 14:40 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-13 14:40 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-13 14:40 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-13 14:40 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-13 14:40 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-13 14:40 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-13 14:40 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-13 14:40 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-13 14:40 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-13 14:40 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-13 14:40 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-13 14:40 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-13 14:40 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-13 14:40 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-13 14:40 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-13 14:40 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-13 14:40 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-13 14:40 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-13 14:40 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-13 14:40 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-13 14:40 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-13 14:40 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-13 14:40 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-13 14:40 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-13 14:40 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-13 14:40 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-13 14:40 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-13 14:40 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-13 14:40 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-13 14:40 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-13 14:40 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-13 14:40 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-13 14:40 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-13 14:40 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-13 14:40 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-13 14:40 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-13 14:40 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-13 14:40 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-13 14:40 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-13 14:40 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-13 14:40 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-13 14:40 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-13 14:40 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-13 14:40 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-13 14:40 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-13 14:40 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-13 14:40 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-13 14:40 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-13 14:40 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-13 14:40 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-13 14:40 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-13 14:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-13 14:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-13 14:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-13 14:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-13 14:40 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-13 14:40 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-13 14:40 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-13 14:40 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-13 14:40 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-13 14:40 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-13 14:40 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-13 14:40 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-13 14:40 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-13 14:40 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-13 14:40 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-13 14:40 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-13 14:40 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-13 14:38 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-13 14:38 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-13 14:38 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-13 14:38 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-08 12:56 - 2014-08-08 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-08 12:56 - 2014-08-08 12:55 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-08 12:56 - 2014-08-08 12:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-08 12:56 - 2014-08-08 12:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-08 12:56 - 2014-08-08 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-08 10:05 - 2014-08-08 10:05 - 00038960 _____ () C:\Windows\SysWOW64\RGBAcodec.dll 2014-08-08 01:24 - 2014-08-10 13:16 - 00000000 ____D () C:\Users\compaq\Documents\DIE SIEDLER - DEdK ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-05 22:23 - 2014-09-05 22:23 - 00013952 _____ () C:\Users\compaq\Downloads\FRST.txt 2014-09-05 22:23 - 2014-09-05 22:23 - 00000000 ____D () C:\FRST 2014-09-05 22:22 - 2014-09-05 22:22 - 02104832 _____ (Farbar) C:\Users\compaq\Downloads\FRST64.exe 2014-09-05 22:15 - 2014-01-23 22:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-05 22:13 - 2014-08-23 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-05 22:00 - 2014-07-24 22:55 - 00000296 _____ () C:\Windows\Tasks\Digital Sites.job 2014-09-05 21:43 - 2014-01-23 19:22 - 01783592 _____ () C:\Windows\WindowsUpdate.log 2014-09-05 21:20 - 2014-09-05 21:20 - 00001056 _____ () C:\Users\compaq\Desktop\Dropbox.lnk 2014-09-05 21:20 - 2014-09-05 21:20 - 00000000 ___RD () C:\Users\compaq\Dropbox 2014-09-05 21:20 - 2014-09-05 21:12 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dropbox 2014-09-05 21:20 - 2014-01-23 19:23 - 00000000 ____D () C:\Users\compaq 2014-09-05 21:17 - 2014-09-05 21:17 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-09-05 21:12 - 2014-09-05 21:12 - 00323696 _____ (Dropbox, Inc.) C:\Users\compaq\Downloads\DropboxInstaller.exe 2014-09-05 20:23 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-05 20:23 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-05 20:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-09-05 19:59 - 2014-09-04 14:06 - 00001402 _____ () C:\Windows\PFRO.log 2014-09-05 19:59 - 2014-09-04 14:06 - 00000112 _____ () C:\Windows\setupact.log 2014-09-05 19:59 - 2014-07-11 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-05 19:59 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-04 14:14 - 2014-09-04 14:13 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Telegram Win (Unofficial) 2014-09-04 14:13 - 2014-09-04 14:13 - 00001069 _____ () C:\Users\compaq\Desktop\Telegram.lnk 2014-09-04 14:13 - 2014-09-04 14:13 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial) 2014-09-04 14:10 - 2014-09-04 14:10 - 01101648 _____ () C:\Users\compaq\Downloads\Telegram for Desktop Unofficial - CHIP-Installer.exe 2014-09-04 14:06 - 2014-09-04 14:06 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-03 18:29 - 2014-01-29 16:25 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Notepad++ 2014-09-03 18:22 - 2014-07-22 22:08 - 00000000 ____D () C:\ProgramData\TEMP 2014-09-03 18:13 - 2014-09-03 18:13 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Paessler 2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Licenses 2014-09-03 17:44 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat 2014-09-03 17:44 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat 2014-09-03 17:44 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-03 14:52 - 2014-09-03 14:52 - 00024504 _____ () C:\Users\compaq\Documents\Log von NETGEAR DoS Attack 03.09.2014 2014-09-03 14:13 - 2014-09-03 14:13 - 00024275 _____ () C:\Users\compaq\Documents\Log von NETGEAR 2014.09.03 2014-09-03 10:02 - 2014-09-03 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-03 00:38 - 2014-08-30 14:15 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-09-03 00:38 - 2014-02-21 20:18 - 00000000 ____D () C:\ProgramData\Origin 2014-09-02 17:06 - 2014-08-29 23:02 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dev-Cpp 2014-09-01 20:22 - 2014-09-01 18:26 - 00000000 ____D () C:\Users\compaq\Desktop\rendern 2014-09-01 19:24 - 2014-08-31 20:03 - 00000000 ____D () C:\Users\compaq\AppData\Local\Windows Live 2014-09-01 19:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\Documents\deskcalc 2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\deskcalc 2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\compaq\AppData\Local\SlimWare Utilities Inc 2014-09-01 18:32 - 2014-08-31 19:54 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\avidemux 2014-09-01 16:52 - 2014-04-15 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-08-31 21:31 - 2014-08-31 20:56 - 00000000 ____D () C:\Users\Public\Documents\Lightworks 2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\compaq\AppData\Local\Adobe 2014-08-31 21:29 - 2014-01-23 20:12 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Adobe 2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks 2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Geevs 2014-08-31 20:56 - 2014-08-31 20:55 - 00000000 ____D () C:\Program Files (x86)\Lightworks 2014-08-31 20:38 - 2014-08-30 15:02 - 00000000 ___RD () C:\Users\compaq\Desktop\Musik 2014-08-31 20:31 - 2014-01-23 19:23 - 00000000 ____D () C:\Users\compaq\AppData\Local\VirtualStore 2014-08-31 20:03 - 2014-08-31 20:03 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive 2014-08-31 18:34 - 2014-01-26 15:10 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-08-31 18:20 - 2014-08-31 18:20 - 00000000 ____D () C:\Users\compaq\AppData\Local\Tempa8b1a712f48233524e0c6b8833d1169e 2014-08-31 00:27 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker 2014-08-30 16:17 - 2014-08-30 16:17 - 00000000 ____D () C:\Users\compaq\Documents\SimCity 2014-08-30 16:17 - 2014-02-21 20:18 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-08-30 14:27 - 2014-08-30 14:19 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-08-30 14:19 - 2014-08-17 17:39 - 00000000 ____D () C:\Users\compaq\AppData\Local\Origin 2014-08-30 14:15 - 2014-08-30 14:15 - 00000998 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-08-30 14:15 - 2014-08-30 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-08-29 01:31 - 2014-08-29 00:24 - 3221225984 _____ () C:\Virtuell4.vhd 2014-08-28 17:44 - 2009-07-14 06:45 - 00294640 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-28 17:16 - 2014-01-23 21:05 - 00064024 _____ () C:\Users\compaq\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-28 16:02 - 2014-08-28 15:44 - 524288512 _____ () C:\Virtuell3.vhd 2014-08-28 15:26 - 2014-08-28 15:24 - 2147484160 _____ () C:\Virtuell2.vhd 2014-08-28 15:16 - 2014-07-01 14:37 - 00007601 _____ () C:\Users\compaq\AppData\Local\Resmon.ResmonCfg 2014-08-28 14:52 - 2014-08-28 13:46 - 2147484160 _____ () C:\Virtuell.vhd 2014-08-26 11:34 - 2014-02-01 16:09 - 00000000 ____D () C:\ProgramData\Adobe 2014-08-26 11:32 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\CSC 2014-08-26 11:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Web 2014-08-26 01:16 - 2014-04-30 01:33 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Skype 2014-08-24 01:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-23 14:43 - 2014-08-23 14:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-08-23 14:43 - 2014-08-23 14:43 - 00002038 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-08-23 14:42 - 2014-08-23 14:42 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-08-23 14:11 - 2014-08-23 14:11 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-23 14:11 - 2014-08-23 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-23 14:11 - 2014-08-23 14:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-23 14:10 - 2014-08-23 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-23 04:07 - 2014-08-28 12:44 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 12:44 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 12:44 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-22 01:31 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-08-22 01:27 - 2014-08-22 01:27 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige 2014-08-22 01:01 - 2014-08-22 01:01 - 00000000 ____D () C:\Users\Jendrik\.cache 2014-08-22 01:01 - 2014-08-22 00:54 - 00000000 ____D () C:\Users\Jendrik 2014-08-22 00:59 - 2014-08-22 00:59 - 00000000 ____D () C:\Users\Jendrik\Documents\DIE SIEDLER - DEdK 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\Script Testserver 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\GTA San Andreas User Files 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\Abelssoft 2014-08-22 00:56 - 2014-08-22 00:56 - 00064024 _____ () C:\Users\Jendrik\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\AVAST Software 2014-08-22 00:55 - 2014-08-22 00:55 - 00001398 _____ () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-22 00:55 - 2014-08-22 00:55 - 00000020 ___SH () C:\Users\Jendrik\ntuser.ini 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Vorlagen 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Startmenü 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Netzwerkumgebung 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Lokale Einstellungen 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Eigene Dateien 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Druckumgebung 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Documents\Eigene Musik 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Documents\Eigene Bilder 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Local\Verlauf 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Local\Anwendungsdaten 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Anwendungsdaten 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\ATI 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\Adobe 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\VirtualStore 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\ATI 2014-08-22 00:39 - 2014-08-22 00:57 - 88424596 _____ () C:\Users\Jendrik\Desktop\Wichtige Documents.rar 2014-08-21 18:32 - 2014-08-22 00:58 - 02695493 _____ () C:\Users\Jendrik\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar 2014-08-21 18:32 - 2014-08-21 18:32 - 02695493 _____ () C:\Users\compaq\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-21 18:31 - 2014-02-18 16:06 - 00000000 ____D () C:\Program Files\WinRAR 2014-08-21 18:21 - 2014-07-25 03:06 - 00000000 ____D () C:\Users\Testkonto 2014-08-21 17:54 - 2014-01-27 16:30 - 00000000 ____D () C:\Users\compaq\AppData\Local\Google 2014-08-21 17:19 - 2014-06-06 15:12 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-08-21 16:52 - 2014-08-21 16:51 - 00000000 ___SD () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-08-21 16:52 - 2014-02-10 23:51 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-08-21 03:11 - 2014-02-07 16:58 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\FileZilla 2014-08-19 17:03 - 2014-08-19 17:03 - 00000000 ____D () C:\Users\compaq\.cache 2014-08-16 21:39 - 2014-08-16 21:39 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-16 21:33 - 2014-08-16 18:14 - 00000000 ____D () C:\Users\compaq\Documents\Script Testserver 2014-08-16 17:45 - 2014-07-02 20:32 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2014-08-16 17:32 - 2014-08-16 17:32 - 00000000 _____ () C:\END 2014-08-15 16:21 - 2014-08-15 16:21 - 00001113 _____ () C:\Users\compaq\Desktop\FileZilla FTP Client.lnk 2014-08-15 15:43 - 2014-08-15 15:42 - 00000000 ____D () C:\Program Files (x86)\FileZilla-3.9.0.3 2014-08-15 00:58 - 2014-08-15 00:58 - 00000000 ____D () C:\Sonstiges 2014-08-15 00:56 - 2014-01-09 11:06 - 00661448 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll 2014-08-14 22:40 - 2014-08-14 22:30 - 00000000 ____D () C:\xampp 2014-08-14 22:39 - 2014-01-23 22:38 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-14 22:39 - 2014-01-23 22:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-14 22:39 - 2014-01-23 22:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-14 22:38 - 2014-08-14 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2014-08-14 13:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-14 02:59 - 2014-01-23 20:41 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-14 02:57 - 2014-01-23 20:41 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-14 02:52 - 2014-05-04 01:26 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-13 00:12 - 2014-04-30 01:33 - 00000000 ____D () C:\ProgramData\Skype 2014-08-10 13:16 - 2014-08-08 01:24 - 00000000 ____D () C:\Users\compaq\Documents\DIE SIEDLER - DEdK 2014-08-10 12:17 - 2014-01-26 14:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-08 12:56 - 2014-08-08 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-08 12:56 - 2014-03-16 22:24 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-08 12:55 - 2014-08-08 12:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-08 12:55 - 2014-08-08 12:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-08 12:55 - 2014-08-08 12:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-08 12:55 - 2014-08-08 12:56 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-08 10:05 - 2014-08-08 10:05 - 00038960 _____ () C:\Windows\SysWOW64\RGBAcodec.dll 2014-08-07 04:06 - 2014-08-13 14:38 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-13 14:38 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll Files to move or delete: ==================== C:\Users\compaq\jagex_cl_runescape_LIVE.dat C:\Users\compaq\random.dat Some content of TEMP: ==================== C:\Users\compaq\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj3cuh5.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-28 11:10 ==================== End Of Log ============================ --- --- --- --- --- --- Und die Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014 02
Ran by compaq at 2014-09-05 22:24:22
Running from C:\Users\compaq\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7art Fluorescent Clock © 7art-screensavers.com (HKLM-x32\...\7art Fluorescent Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com)
7art Radiating Clock © 7art-screensavers.com (HKLM-x32\...\7art Radiating Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.30429 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80430.0002 - Advanced Micro Devices, Inc.) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0429.2313.39747 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0429.2312.39747 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0429.2313.39747 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.29 - Dropbox, Inc.)
Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 11.5.2.0 - Lightworks)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 32.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 de)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
NETGEAR WNA3100M N300 Wireless USB Adapter (HKLM-x32\...\{D3580358-0F78-402A-BE53-2E9D06383E04}) (Version: 1.0.0.10 - NETGEAR)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5910 - Realtek Semiconductor Corp.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Telegram Win (Unofficial) version 0.5.15 (HKCU\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.5.15 - Telegram (Unofficial))
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.2 - Abelssoft)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0BF80ADA-CD81-4621-8966-114F21F5A49A} - System32\Tasks\Digital Sites => C:\Users\compaq\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {1780E9B1-8B9C-457B-8D39-542DE815DD96} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-10] (AVAST Software)
Task: {2EC11773-AB91-43B8-A583-6701160A5685} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {8DDBE902-1A55-49DD-A664-2359B76E9644} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-14] (Adobe Systems Incorporated)
Task: {95AE50EB-80FD-4545-B439-F4CF6C25C82F} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
Task: {BA2C508F-6433-4B05-A9A7-37D201745D6F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\compaq\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-05-17 00:34 - 2014-05-17 00:34 - 00430344 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2014-08-14 22:32 - 2014-01-14 17:54 - 10966528 _____ () C:\xampp\mysql\bin\mysqld.exe
2014-01-26 14:50 - 2011-12-07 19:31 - 00303360 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe
2014-01-26 14:50 - 2011-12-06 19:16 - 08364288 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe
2013-06-18 16:49 - 2013-06-18 16:49 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-04-30 00:08 - 2013-04-30 00:08 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-07-10 01:50 - 2014-07-10 01:50 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-04 18:32 - 2014-09-04 18:32 - 02844672 _____ () C:\Program Files\AVAST Software\Avast\defs\14090400\algo.dll
2014-09-05 20:02 - 2014-09-05 20:02 - 02845184 _____ () C:\Program Files\AVAST Software\Avast\defs\14090502\algo.dll
2014-08-14 22:31 - 2014-03-11 22:01 - 00217600 _____ () C:\xampp\apache\bin\pcre.dll
2014-08-14 22:33 - 2014-04-09 01:21 - 00128512 _____ () C:\xampp\php\libpq.dll
2014-05-17 02:11 - 2014-05-17 02:11 - 00908584 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2014-05-17 02:37 - 2014-05-17 02:37 - 00506664 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.dll
2014-01-26 14:50 - 2011-11-25 15:38 - 00409600 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiLib.dll
2014-01-26 14:50 - 2011-09-13 17:57 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll
2014-07-10 01:50 - 2014-07-10 01:51 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-09-03 10:02 - 2014-09-03 10:02 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-05 21:17 - 2014-09-05 21:17 - 00043008 _____ () c:\users\compaq\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj3cuh5.dll
2014-09-05 21:16 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\compaq\AppData\Roaming\Dropbox\bin\libcef.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\compaq\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\compaq\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\compaq\AppData\Roaming:NT
AlternateDataStreams: C:\Users\compaq\AppData\Roaming:NT2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Uninstall C: =>
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/05/2014 09:02:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CCleaner64.exe, Version 4.12.0.4657 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 138
Startzeit: 01cfc93933c3c306
Endzeit: 1436
Anwendungspfad: C:\Program Files\CCleaner\CCleaner64.exe
Berichts-ID: 27e6866c-352f-11e4-95ed-002421b1efb7
Error: (09/05/2014 08:00:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 02:07:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 02:07:21 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/04/2014 02:07:21 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/04/2014 02:07:21 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/04/2014 02:07:21 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (09/04/2014 02:07:20 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/04/2014 02:07:20 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (09/04/2014 02:07:20 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (09/05/2014 08:27:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.183.1682.0)
Error: (09/05/2014 08:07:41 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (09/05/2014 08:04:30 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Defender" wurde nicht richtig gestartet.
Error: (09/04/2014 02:07:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/04/2014 02:07:21 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.
Error: (09/03/2014 06:21:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "PRTG Probe Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/31/2014 08:57:23 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR14 gefunden.
Error: (08/31/2014 08:57:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR14 gefunden.
Error: (08/31/2014 08:57:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR14 gefunden.
Error: (08/31/2014 07:16:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (09/05/2014 09:02:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CCleaner64.exe4.12.0.465713801cfc93933c3c3061436C:\Program Files\CCleaner\CCleaner64.exe27e6866c-352f-11e4-95ed-002421b1efb7
Error: (09/05/2014 08:00:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 02:07:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/04/2014 02:07:21 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/04/2014 02:07:21 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/04/2014 02:07:21 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (09/04/2014 02:07:21 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer
Error: (09/04/2014 02:07:20 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore
Error: (09/04/2014 02:07:20 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (09/04/2014 02:07:20 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU E5200 @ 2.50GHz
Percentage of memory in use: 70%
Total physical RAM: 2046.18 MB
Available physical RAM: 598.57 MB
Total Pagefile: 4092.36 MB
Available Pagefile: 1243.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Lokaler Datenträger) (Fixed) (Total:273.34 GB) (Free:175.24 GB) NTFS
Drive u: (Volume) (Fixed) (Total:48.83 GB) (Free:48.67 GB) NTFS
Drive z: (Volume) (Fixed) (Total:75.13 GB) (Free:59.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 933BC6BB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=273.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=117.2 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=75.1 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Kleine Anmerkung noch: Ich habe neben meinem Windows 7 Betriebssystem auch noch Ubuntu 14.04 nebenbei installiert. Falls das irgendwie weiterhilft Geändert von Ladekabel612 (05.09.2014 um 21:46 Uhr) Grund: Anmerkung hinzugefügt |
|
05.09.2014, 21:49
| #4 | |
| /// TB-Ausbilder | Windows 7: IE geht Selbstständig auf Kurze Frage: Zitat:
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
05.09.2014, 21:50
| #5 |
| | Windows 7: IE geht Selbstständig auf Hotspot Shield 3.42 (HKLM-x32\...\HotspotShield) (Version: 3.42 - AnchorFree Inc.) ist gewollt installiert und hat bisher auch keine Probleme gemacht. |
|
05.09.2014, 22:00
| #6 |
| /// TB-Ausbilder | Windows 7: IE geht Selbstständig auf Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter cmd: netstat -b -n
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ --> Windows 7: IE geht Selbstständig auf |
|
05.09.2014, 22:04
| #7 |
| | Windows 7: IE geht Selbstständig auf Normal das wenn ich den Fix starte sämtliche meiner Programme geschlossen werden? Hier der log: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02
Ran by compaq at 2014-09-05 23:03:14 Run:1
Running from C:\Users\compaq\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
cmd: netstat -b -n
*****************
========= netstat -b -n =========
Aktive Verbindungen
Proto Lokale Adresse Remoteadresse Status
TCP 127.0.0.1:896 127.0.0.1:53049 HERGESTELLT
[cmw_srv.exe]
TCP 127.0.0.1:19872 127.0.0.1:53264 HERGESTELLT
[Dropbox.exe]
TCP 127.0.0.1:20371 127.0.0.1:49362 HERGESTELLT
[cmw_srv.exe]
TCP 127.0.0.1:49362 127.0.0.1:20371 HERGESTELLT
[hsscp.exe]
TCP 127.0.0.1:53049 127.0.0.1:896 HERGESTELLT
[fbwmgr.exe]
TCP 127.0.0.1:53050 127.0.0.1:53061 HERGESTELLT
[fbwmgr.exe]
TCP 127.0.0.1:53050 127.0.0.1:53062 HERGESTELLT
[fbwmgr.exe]
TCP 127.0.0.1:53050 127.0.0.1:53063 HERGESTELLT
[fbwmgr.exe]
TCP 127.0.0.1:53061 127.0.0.1:53050 HERGESTELLT
[fbw.exe]
TCP 127.0.0.1:53062 127.0.0.1:53050 HERGESTELLT
[fbw.exe]
TCP 127.0.0.1:53063 127.0.0.1:53050 HERGESTELLT
[fbw.exe]
TCP 127.0.0.1:53264 127.0.0.1:19872 HERGESTELLT
[Dropbox.exe]
TCP 127.0.0.1:56693 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56694 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56695 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56696 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56697 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56698 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56699 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56700 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56701 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56702 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56703 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56704 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56705 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56706 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56707 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56708 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56709 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56710 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56711 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56712 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56713 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56714 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56715 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56716 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56717 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56718 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56719 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56720 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56721 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56722 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56723 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56724 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56725 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56726 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56727 127.0.0.1:895 WARTEND
TCP 127.0.0.1:56728 127.0.0.1:895 WARTEND
TCP 192.168.1.222:49175 77.234.41.64:80 HERGESTELLT
[AvastSvc.exe]
TCP 192.168.1.222:53283 108.160.167.166:80 HERGESTELLT
[Dropbox.exe]
TCP 192.168.1.222:55965 173.194.113.165:443 HERGESTELLT
[firefox.exe]
TCP 192.168.1.222:56361 173.194.113.135:80 HERGESTELLT
[firefox.exe]
TCP 192.168.1.222:56417 74.125.136.95:80 HERGESTELLT
[firefox.exe]
TCP 192.168.1.222:56419 74.125.136.95:80 HERGESTELLT
[firefox.exe]
TCP 192.168.1.222:56423 173.194.113.153:80 HERGESTELLT
[firefox.exe]
TCP 192.168.1.222:56425 173.194.113.152:80 HERGESTELLT
[firefox.exe]
TCP 192.168.1.222:56578 173.194.113.167:443 HERGESTELLT
[firefox.exe]
TCP 192.168.1.222:56692 188.138.96.24:80 WARTEND
TCP 192.168.1.222:56729 208.43.120.24:80 HERGESTELLT
[FRST64.exe]
========= End of CMD: =========
==== End of Fixlog ====
|
|
05.09.2014, 22:09
| #8 | |
| /// TB-Ausbilder | Windows 7: IE geht Selbstständig auf Hmm ok. Sagen dir die 2 Proxy Server etwas ? Sind die gewollt ? Zitat:
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
05.09.2014, 22:10
| #9 |
| | Windows 7: IE geht Selbstständig auf Sofern die nicht mit Hotspot Shield zusammenhängen sind die nicht gewollt |
|
05.09.2014, 22:13
| #10 |
| /// TB-Ausbilder | Windows 7: IE geht Selbstständig auf Ich denke nicht, das ist ja nen VPN. Ach, hattest du mal G Data installiert als Virenschutz ? Teile davon laufen noch als Dienst bzw. als Treiber.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
05.09.2014, 22:14
| #11 |
| | Windows 7: IE geht Selbstständig auf Ja, ich hatte mal G Data installiert, allerdings habe ich das mit dem Tool von G Data auch wieder entfernt.. o.o Also das ist mir ein rätsel warum die noch laufen |
|
05.09.2014, 22:16
| #12 |
| /// TB-Ausbilder | Windows 7: IE geht Selbstständig auf Alles klar ! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-624198674-977653023-2037852723-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_30_ff&cd=2XzuyEtN2Y1L1QzuyE0CyCtD0D0EyByC0EtD0A0DyC0EtB0BtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBzyyCtD0Ezy0D0EtGtC0C0EyCtGyEzztDtCtGtD0C0FzytGyByDyC0DyDyD0B0CzztByB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0AtBzzzzyE0AyBtGyDtDyB0AtGyE0EtDyEtG0AtA0EzztG0AtD0E0AyDtD0AyD0E0C0E0E2Q&cr=832457479&ir=
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_30_ff&cd=2XzuyEtN2Y1L1QzuyE0CyCtD0D0EyByC0EtD0A0DyC0EtB0BtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBzyyCtD0Ezy0D0EtGtC0C0EyCtGyEzztDtCtGtD0C0FzytGyByDyC0DyDyD0B0CzztByB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0AtBzzzzyE0AyBtGyDtDyB0AtGyE0EtDyEtG0AtA0EzztG0AtD0E0AyDtD0AyD0E0C0E0E2Q&cr=832457479&ir=
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2014-07-23] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2014-07-23] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [22016 2014-07-23] (G Data Software AG)
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\compaq\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {0BF80ADA-CD81-4621-8966-114F21F5A49A} - System32\Tasks\Digital Sites => C:\Users\compaq\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\compaq\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\compaq\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\compaq\AppData\Roaming:NT
AlternateDataStreams: C:\Users\compaq\AppData\Roaming:NT2
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Downloade Dir bitte  Malwarebytes Anti-Malware
Starte noch einmal FRST.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
05.09.2014, 23:38
| #13 |
| | Windows 7: IE geht Selbstständig auf Nach dem ich die anwendungen durchlaufen lies, merkte ich das meine Tastatur bei Windows 7 nicht mehr ging, dem nach ging ich in den Geräte Manager und da stand folgendes: Dieses Hardwaregerät kann nicht gestartet werden, da dessen Konfigurationsinformationen (in der Registrierung) unvollständig oder beschädigt sind. (Code 19). Wie behebe ich diesen Fehler ohne eine Neuinstallation von Windows? (Schreibe den Text grade über Linux) fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02
Ran by compaq at 2014-09-05 23:18:21 Run:2
Running from C:\Users\compaq\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\.DEFAULT\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-21-624198674-977653023-2037852723-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION
ProxyServer: http=127.0.0.1:8555;https=127.0.0.1:8555
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_30_ff&cd=2XzuyEtN2Y1L1QzuyE0CyCtD0D0EyByC0EtD0A0DyC0EtB0BtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBzyyCtD0Ezy0D0EtGtC0C0EyCtGyEzztDtCtGtD0C0FzytGyByDyC0DyDyD0B0CzztByB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0AtBzzzzyE0AyBtGyDtDyB0AtGyE0EtDyEtG0AtA0EzztG0AtD0E0AyDtD0AyD0E0C0E0E2Q&cr=832457479&ir=
SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites05_14_30_ff&cd=2XzuyEtN2Y1L1QzuyE0CyCtD0D0EyByC0EtD0A0DyC0EtB0BtN0D0Tzu0SzytAyCtN1L2XzutAtFtDtFtBtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StBzyyCtD0Ezy0D0EtGtC0C0EyCtGyEzztDtCtGtD0C0FzytGyByDyC0DyDyD0B0CzztByB0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0AtBzzzzyE0AyBtGyDtDyB0AtGyE0EtDyEtG0AtA0EzztG0AtD0E0AyDtD0AyD0E0C0E0E2Q&cr=832457479&ir=
R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2014-07-23] (G Data Software AG)
R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2014-07-23] (G Data Software AG)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [22016 2014-07-23] (G Data Software AG)
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\compaq\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {0BF80ADA-CD81-4621-8966-114F21F5A49A} - System32\Tasks\Digital Sites => C:\Users\compaq\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
AlternateDataStreams: C:\ProgramData:NT
AlternateDataStreams: C:\ProgramData:NT2
AlternateDataStreams: C:\Users\All Users:NT
AlternateDataStreams: C:\Users\All Users:NT2
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:NT2
AlternateDataStreams: C:\ProgramData\Application Data:NT
AlternateDataStreams: C:\ProgramData\Application Data:NT2
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT
AlternateDataStreams: C:\ProgramData\MTA San Andreas All:NT2
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\Users\compaq\Anwendungsdaten:NT
AlternateDataStreams: C:\Users\compaq\Anwendungsdaten:NT2
AlternateDataStreams: C:\Users\compaq\AppData\Roaming:NT
AlternateDataStreams: C:\Users\compaq\AppData\Roaming:NT2
*****************
HKU\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-21-624198674-977653023-2037852723-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => Key deleted successfully.
"HKCR\CLSID\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}" => Key not found.
gddcd => Unable to stop service
gddcd => Error deleting Service
gddcv => Unable to stop service
gddcv => Error deleting Service
GDKBFlt => Unable to stop service
GDKBFlt => Service deleted successfully.
C:\Windows\Tasks\Digital Sites.job => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BF80ADA-CD81-4621-8966-114F21F5A49A}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BF80ADA-CD81-4621-8966-114F21F5A49A}" => Key deleted successfully.
C:\Windows\System32\Tasks\Digital Sites => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Digital Sites" => Key deleted successfully.
C:\ProgramData => ":NT" ADS removed successfully.
C:\ProgramData => ":NT2" ADS removed successfully.
"C:\Users\All Users" => ":NT" ADS not found.
"C:\Users\All Users" => ":NT2" ADS not found.
"C:\ProgramData\Anwendungsdaten" => ":NT" ADS not found.
"C:\ProgramData\Anwendungsdaten" => ":NT2" ADS not found.
"C:\ProgramData\Application Data" => ":NT" ADS not found.
"C:\ProgramData\Application Data" => ":NT2" ADS not found.
C:\ProgramData\MTA San Andreas All => ":NT" ADS removed successfully.
C:\ProgramData\MTA San Andreas All => ":NT2" ADS removed successfully.
C:\ProgramData\TEMP => ":9A870F8B" ADS removed successfully.
"C:\Users\compaq\Anwendungsdaten" => ":NT" ADS not found.
"C:\Users\compaq\Anwendungsdaten" => ":NT2" ADS not found.
C:\Users\compaq\AppData\Roaming => ":NT" ADS removed successfully.
C:\Users\compaq\AppData\Roaming => ":NT2" ADS removed successfully.
The system needed a reboot.
==== End of Fixlog ====
Code:
ATTFilter # AdwCleaner v3.309 - Bericht erstellt am 05/09/2014 um 23:27:30
# Aktualisiert 02/09/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : compaq - FATE
# Gestartet von : C:\Users\compaq\Downloads\adwcleaner_3.309.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : hshld
[#] Dienst Gelöscht : hsstrayservice
Dienst Gelöscht : hsswd
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\hotspot shield
Ordner Gelöscht : C:\ProgramData\Windows Genuine Advantage
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield
Ordner Gelöscht : C:\Program Files (x86)\hotspot shield
Ordner Gelöscht : C:\Windows\SysWOW64\hotspot shield
[/!\] Nicht Gelöscht ( Junction ) : C:\Program Files\Gemeinsame Dateien
Ordner Gelöscht : C:\Users\compaq\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\compaq\AppData\Roaming\hotspot shield
Ordner Gelöscht : C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\sparpilot@sparpilot.com
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\user.js
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKCU\Software\anchorfree
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Rocket Browser
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\hotspotshield
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v32.0 (x86 de)
[ Datei : C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [2479 octets] - [05/09/2014 23:24:33]
AdwCleaner[S0].txt - [2148 octets] - [05/09/2014 23:27:30]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2208 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by compaq on 06.09.2014 at 0:07:00,76
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\compaq\AppData\Roaming\mozilla\firefox\profiles\9qouo72v.default\minidumps [16 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.09.2014 at 0:19:36,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 06.09.2014 Suchlauf-Zeit: 00:20:41 Logdatei: suchlauf protokoll.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.09.05.09 Rootkit Datenbank: v2014.08.21.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: compaq Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 358783 Verstrichene Zeit: 11 Min, 9 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02 Ran by compaq (administrator) on FATE on 06-09-2014 00:33:08 Running from C:\Users\compaq\Downloads Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe () C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apache Software Foundation) C:\xampp\apache\bin\httpd.exe (Dropbox, Inc.) C:\Users\compaq\AppData\Roaming\Dropbox\bin\Dropbox.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\xampp\mysql\bin\mysqld.exe () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Apache Software Foundation) C:\xampp\apache\bin\httpd.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\osk.exe (Microsoft Corporation) C:\Windows\System32\dinotify.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\AntiVirus\AVKTray\AVKTray.exe,C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe, Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100M Genie.lnk ShortcutTarget: NETGEAR WNA3100M Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe () Startup: C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\compaq\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4CCD77966318CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com?fr=hp-avast&type=prc265 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?type=prc265&hspart=avast&hsimp=yhs-001&p={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{FCD5A3CD-F655-4E96-A281-65606862AD3C}: [NameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default FF SelectedSearchEngine: Google FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: The Fox, Only Better - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\thefoxonlybetter@quicksaver.xpi [2014-08-23] FF Extension: Adblock Plus - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-28] FF Extension: User Agent Switcher - C:\Users\compaq\AppData\Roaming\Mozilla\Firefox\Profiles\9qouo72v.default\Extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}.xpi [2014-08-23] FF Extension: Hotspot Shield Extension - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\afproxy@anchorfree.com [2014-09-03] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-15] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-10] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2014-03-16] (Apache Software Foundation) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-10] (AVAST Software) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 mysql; C:\xampp\mysql\bin\mysqld.exe [10966528 2014-01-14] () [File not signed] R2 WSWNA3100M; C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe [303360 2011-12-07] () ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-10] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-10] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-10] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-10] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-10] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-10] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-10] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-10] () R3 gddcd; C:\Windows\system32\drivers\gddcd64.sys [78848 2014-07-23] (G Data Software AG) R1 gddcv; C:\Windows\system32\drivers\gddcv64.sys [58880 2014-07-23] (G Data Software AG) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-06] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation ) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) R3 wna3100m; C:\Windows\System32\DRIVERS\wna3100m.sys [1094760 2011-12-30] (NETGEAR Corporation ) S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2014-09-03] () S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-06 00:32 - 2014-09-06 00:32 - 00001171 _____ () C:\Users\compaq\Desktop\suchlauf protokoll.txt 2014-09-06 00:19 - 2014-09-06 00:19 - 00000889 _____ () C:\Users\compaq\Desktop\JRT.txt 2014-09-05 23:58 - 2014-09-05 23:58 - 00000360 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job 2014-09-05 23:52 - 2014-09-05 23:52 - 02396224 _____ (Megaify Software ) C:\Users\compaq\Downloads\driver_setup.exe 2014-09-05 23:52 - 2014-09-05 23:52 - 00001086 _____ () C:\Users\Public\Desktop\DriverToolkit.lnk 2014-09-05 23:52 - 2014-09-05 23:52 - 00000000 ____D () C:\Users\compaq\AppData\Local\DriverToolkit 2014-09-05 23:52 - 2014-09-05 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit 2014-09-05 23:52 - 2014-09-05 23:52 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit 2014-09-05 23:36 - 2014-09-05 23:36 - 00000000 ____D () C:\Windows\ERUNT 2014-09-05 23:29 - 2014-09-05 23:29 - 00002288 _____ () C:\Users\compaq\Desktop\AdwCleaner[S0].txt 2014-09-05 23:24 - 2014-09-05 23:27 - 00000000 ____D () C:\AdwCleaner 2014-09-05 23:23 - 2014-09-05 23:23 - 01370483 _____ () C:\Users\compaq\Downloads\adwcleaner_3.309.exe 2014-09-05 23:23 - 2014-09-05 23:23 - 01016261 _____ (Thisisu) C:\Users\compaq\Desktop\JRT.exe 2014-09-05 22:24 - 2014-09-05 22:25 - 00027415 _____ () C:\Users\compaq\Downloads\Addition.txt 2014-09-05 22:23 - 2014-09-06 00:33 - 00011124 _____ () C:\Users\compaq\Downloads\FRST.txt 2014-09-05 22:23 - 2014-09-06 00:33 - 00000000 ____D () C:\FRST 2014-09-05 22:22 - 2014-09-05 22:22 - 02104832 _____ (Farbar) C:\Users\compaq\Downloads\FRST64.exe 2014-09-05 21:20 - 2014-09-06 00:00 - 00000000 ___RD () C:\Users\compaq\Dropbox 2014-09-05 21:20 - 2014-09-05 21:20 - 00001056 _____ () C:\Users\compaq\Desktop\Dropbox.lnk 2014-09-05 21:17 - 2014-09-05 21:17 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-09-05 21:12 - 2014-09-06 00:00 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dropbox 2014-09-05 21:12 - 2014-09-05 21:12 - 00323696 _____ (Dropbox, Inc.) C:\Users\compaq\Downloads\DropboxInstaller.exe 2014-09-04 14:13 - 2014-09-04 14:14 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Telegram Win (Unofficial) 2014-09-04 14:13 - 2014-09-04 14:13 - 00001069 _____ () C:\Users\compaq\Desktop\Telegram.lnk 2014-09-04 14:13 - 2014-09-04 14:13 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial) 2014-09-04 14:10 - 2014-09-04 14:10 - 01101648 _____ () C:\Users\compaq\Downloads\Telegram for Desktop Unofficial - CHIP-Installer.exe 2014-09-04 14:06 - 2014-09-06 00:00 - 00000280 _____ () C:\Windows\setupact.log 2014-09-04 14:06 - 2014-09-05 23:28 - 00002530 _____ () C:\Windows\PFRO.log 2014-09-04 14:06 - 2014-09-04 14:06 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-03 18:13 - 2014-09-03 18:13 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Paessler 2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Licenses 2014-09-03 14:52 - 2014-09-03 14:52 - 00024504 _____ () C:\Users\compaq\Documents\Log von NETGEAR DoS Attack 03.09.2014 2014-09-03 14:13 - 2014-09-03 14:13 - 00024275 _____ () C:\Users\compaq\Documents\Log von NETGEAR 2014.09.03 2014-09-03 10:02 - 2014-09-03 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\Documents\deskcalc 2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\deskcalc 2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\compaq\AppData\Local\SlimWare Utilities Inc 2014-09-01 18:26 - 2014-09-01 20:22 - 00000000 ____D () C:\Users\compaq\Desktop\rendern 2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\compaq\AppData\Local\Adobe 2014-08-31 20:56 - 2014-08-31 21:31 - 00000000 ____D () C:\Users\Public\Documents\Lightworks 2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks 2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Geevs 2014-08-31 20:55 - 2014-08-31 20:56 - 00000000 ____D () C:\Program Files (x86)\Lightworks 2014-08-31 20:03 - 2014-09-01 19:24 - 00000000 ____D () C:\Users\compaq\AppData\Local\Windows Live 2014-08-31 20:03 - 2014-08-31 20:03 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive 2014-08-31 19:54 - 2014-09-01 18:32 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\avidemux 2014-08-31 18:20 - 2014-08-31 18:20 - 00000000 ____D () C:\Users\compaq\AppData\Local\Tempa8b1a712f48233524e0c6b8833d1169e 2014-08-30 21:55 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll 2014-08-30 21:55 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll 2014-08-30 21:55 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll 2014-08-30 21:55 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll 2014-08-30 21:55 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll 2014-08-30 21:55 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll 2014-08-30 21:55 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll 2014-08-30 21:55 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll 2014-08-30 21:55 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll 2014-08-30 21:55 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll 2014-08-30 21:55 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll 2014-08-30 21:55 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll 2014-08-30 21:54 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll 2014-08-30 21:54 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll 2014-08-30 21:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll 2014-08-30 16:17 - 2014-08-30 16:17 - 00000000 ____D () C:\Users\compaq\Documents\SimCity 2014-08-30 15:02 - 2014-08-31 20:38 - 00000000 ___RD () C:\Users\compaq\Desktop\Musik 2014-08-30 14:19 - 2014-08-30 14:27 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-08-30 14:15 - 2014-09-03 00:38 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-08-30 14:15 - 2014-08-30 14:15 - 00000998 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-08-30 14:15 - 2014-08-30 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-08-29 23:02 - 2014-09-02 17:06 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dev-Cpp 2014-08-29 00:24 - 2014-08-29 01:31 - 3221225984 _____ () C:\Virtuell4.vhd 2014-08-28 15:44 - 2014-08-28 16:02 - 524288512 _____ () C:\Virtuell3.vhd 2014-08-28 15:24 - 2014-08-28 15:26 - 2147484160 _____ () C:\Virtuell2.vhd 2014-08-28 13:46 - 2014-08-28 14:52 - 2147484160 _____ () C:\Virtuell.vhd 2014-08-28 12:44 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-28 12:44 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-28 12:44 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-23 14:43 - 2014-08-23 14:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-08-23 14:43 - 2014-08-23 14:43 - 00002038 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-08-23 14:42 - 2014-08-23 14:42 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-08-23 14:12 - 2014-09-06 00:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-23 14:11 - 2014-08-23 14:11 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-23 14:11 - 2014-08-23 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-23 14:10 - 2014-08-23 14:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-23 14:10 - 2014-08-23 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-23 14:10 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-23 14:10 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-23 14:10 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-22 18:45 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-08-22 18:45 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-08-22 18:45 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-08-22 18:45 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-08-22 18:45 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-08-22 18:45 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-08-22 18:45 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-08-22 18:45 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-08-22 18:45 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-08-22 18:45 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-08-22 01:27 - 2014-08-22 01:27 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige 2014-08-22 01:01 - 2014-08-22 01:01 - 00000000 ____D () C:\Users\Jendrik\.cache 2014-08-22 00:59 - 2014-08-22 00:59 - 00000000 ____D () C:\Users\Jendrik\Documents\DIE SIEDLER - DEdK 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\Script Testserver 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\GTA San Andreas User Files 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\Abelssoft 2014-08-22 00:58 - 2014-08-21 18:32 - 02695493 _____ () C:\Users\Jendrik\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar 2014-08-22 00:57 - 2014-08-22 00:39 - 88424596 _____ () C:\Users\Jendrik\Desktop\Wichtige Documents.rar 2014-08-22 00:56 - 2014-08-22 00:56 - 00064024 _____ () C:\Users\Jendrik\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\AVAST Software 2014-08-22 00:55 - 2014-08-22 00:55 - 00001398 _____ () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-22 00:55 - 2014-08-22 00:55 - 00000020 ___SH () C:\Users\Jendrik\ntuser.ini 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Vorlagen 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Startmenü 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Netzwerkumgebung 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Lokale Einstellungen 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Eigene Dateien 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Druckumgebung 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Documents\Eigene Musik 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Documents\Eigene Bilder 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Local\Verlauf 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Local\Anwendungsdaten 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Anwendungsdaten 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\ATI 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\Adobe 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\VirtualStore 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\ATI 2014-08-22 00:54 - 2014-08-22 01:01 - 00000000 ____D () C:\Users\Jendrik 2014-08-22 00:54 - 2014-05-07 22:22 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\Google 2014-08-22 00:54 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-08-22 00:54 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-08-21 18:32 - 2014-08-21 18:32 - 02695493 _____ () C:\Users\compaq\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-21 16:51 - 2014-08-21 16:52 - 00000000 ___SD () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-08-19 17:03 - 2014-08-19 17:03 - 00000000 ____D () C:\Users\compaq\.cache 2014-08-17 17:39 - 2014-08-30 14:19 - 00000000 ____D () C:\Users\compaq\AppData\Local\Origin 2014-08-16 21:39 - 2014-08-16 21:39 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-16 18:14 - 2014-08-16 21:33 - 00000000 ____D () C:\Users\compaq\Documents\Script Testserver 2014-08-15 16:21 - 2014-08-15 16:21 - 00001113 _____ () C:\Users\compaq\Desktop\FileZilla FTP Client.lnk 2014-08-15 15:42 - 2014-08-15 15:43 - 00000000 ____D () C:\Program Files (x86)\FileZilla-3.9.0.3 2014-08-15 00:58 - 2014-08-15 00:58 - 00000000 ____D () C:\Sonstiges 2014-08-14 22:38 - 2014-08-14 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2014-08-14 22:30 - 2014-08-14 22:40 - 00000000 ____D () C:\xampp 2014-08-14 02:53 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-14 02:53 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-14 02:53 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-14 02:53 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-14 02:53 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-14 02:53 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-14 02:53 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-14 02:53 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-13 14:40 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-13 14:40 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-13 14:40 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-13 14:40 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-13 14:40 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-13 14:40 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-13 14:40 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-13 14:40 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-13 14:40 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-13 14:40 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-13 14:40 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-13 14:40 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-13 14:40 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-13 14:40 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-13 14:40 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-13 14:40 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-13 14:40 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-13 14:40 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-13 14:40 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-13 14:40 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-13 14:40 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-13 14:40 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-13 14:40 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-13 14:40 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-13 14:40 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-13 14:40 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-13 14:40 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-13 14:40 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-13 14:40 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-13 14:40 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-13 14:40 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-13 14:40 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-13 14:40 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-13 14:40 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-13 14:40 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-13 14:40 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-13 14:40 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-13 14:40 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-13 14:40 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-13 14:40 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-13 14:40 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-13 14:40 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-13 14:40 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-13 14:40 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-13 14:40 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-13 14:40 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-13 14:40 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-13 14:40 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-13 14:40 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-13 14:40 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-13 14:40 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-13 14:40 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-13 14:40 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-13 14:40 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-13 14:40 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-13 14:40 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-13 14:40 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-13 14:40 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-13 14:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-13 14:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-13 14:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-13 14:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-13 14:40 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-13 14:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-13 14:40 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-13 14:40 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-13 14:40 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-13 14:40 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-13 14:40 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-13 14:40 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-13 14:40 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-13 14:40 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-13 14:40 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-13 14:40 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-13 14:40 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-13 14:40 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-13 14:38 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-13 14:38 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-08-13 14:38 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-13 14:38 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-08 12:56 - 2014-08-08 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-08 12:56 - 2014-08-08 12:55 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-08 12:56 - 2014-08-08 12:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-08 12:56 - 2014-08-08 12:55 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-08 12:56 - 2014-08-08 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-08 10:05 - 2014-08-08 10:05 - 00038960 _____ () C:\Windows\SysWOW64\RGBAcodec.dll 2014-08-08 01:24 - 2014-08-10 13:16 - 00000000 ____D () C:\Users\compaq\Documents\DIE SIEDLER - DEdK ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-06 00:33 - 2014-09-05 22:23 - 00011124 _____ () C:\Users\compaq\Downloads\FRST.txt 2014-09-06 00:33 - 2014-09-05 22:23 - 00000000 ____D () C:\FRST 2014-09-06 00:32 - 2014-09-06 00:32 - 00001171 _____ () C:\Users\compaq\Desktop\suchlauf protokoll.txt 2014-09-06 00:19 - 2014-09-06 00:19 - 00000889 _____ () C:\Users\compaq\Desktop\JRT.txt 2014-09-06 00:15 - 2014-01-23 22:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-06 00:07 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-09-06 00:07 - 2009-07-14 06:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-09-06 00:06 - 2014-01-23 19:22 - 01829334 _____ () C:\Windows\WindowsUpdate.log 2014-09-06 00:01 - 2014-08-23 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-09-06 00:00 - 2014-09-05 21:20 - 00000000 ___RD () C:\Users\compaq\Dropbox 2014-09-06 00:00 - 2014-09-05 21:12 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dropbox 2014-09-06 00:00 - 2014-09-04 14:06 - 00000280 _____ () C:\Windows\setupact.log 2014-09-06 00:00 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-09-05 23:58 - 2014-09-05 23:58 - 00000360 _____ () C:\Windows\Tasks\DriverToolkit Autorun.job 2014-09-05 23:52 - 2014-09-05 23:52 - 02396224 _____ (Megaify Software ) C:\Users\compaq\Downloads\driver_setup.exe 2014-09-05 23:52 - 2014-09-05 23:52 - 00001086 _____ () C:\Users\Public\Desktop\DriverToolkit.lnk 2014-09-05 23:52 - 2014-09-05 23:52 - 00000000 ____D () C:\Users\compaq\AppData\Local\DriverToolkit 2014-09-05 23:52 - 2014-09-05 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverToolkit 2014-09-05 23:52 - 2014-09-05 23:52 - 00000000 ____D () C:\Program Files (x86)\DriverToolkit 2014-09-05 23:36 - 2014-09-05 23:36 - 00000000 ____D () C:\Windows\ERUNT 2014-09-05 23:29 - 2014-09-05 23:29 - 00002288 _____ () C:\Users\compaq\Desktop\AdwCleaner[S0].txt 2014-09-05 23:28 - 2014-09-04 14:06 - 00002530 _____ () C:\Windows\PFRO.log 2014-09-05 23:27 - 2014-09-05 23:24 - 00000000 ____D () C:\AdwCleaner 2014-09-05 23:23 - 2014-09-05 23:23 - 01370483 _____ () C:\Users\compaq\Downloads\adwcleaner_3.309.exe 2014-09-05 23:23 - 2014-09-05 23:23 - 01016261 _____ (Thisisu) C:\Users\compaq\Desktop\JRT.exe 2014-09-05 23:21 - 2014-04-15 00:16 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-09-05 22:25 - 2014-09-05 22:24 - 00027415 _____ () C:\Users\compaq\Downloads\Addition.txt 2014-09-05 22:22 - 2014-09-05 22:22 - 02104832 _____ (Farbar) C:\Users\compaq\Downloads\FRST64.exe 2014-09-05 21:20 - 2014-09-05 21:20 - 00001056 _____ () C:\Users\compaq\Desktop\Dropbox.lnk 2014-09-05 21:20 - 2014-01-23 19:23 - 00000000 ____D () C:\Users\compaq 2014-09-05 21:17 - 2014-09-05 21:17 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-09-05 21:12 - 2014-09-05 21:12 - 00323696 _____ (Dropbox, Inc.) C:\Users\compaq\Downloads\DropboxInstaller.exe 2014-09-05 20:14 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-09-05 19:59 - 2014-07-11 15:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-04 14:14 - 2014-09-04 14:13 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Telegram Win (Unofficial) 2014-09-04 14:13 - 2014-09-04 14:13 - 00001069 _____ () C:\Users\compaq\Desktop\Telegram.lnk 2014-09-04 14:13 - 2014-09-04 14:13 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Telegram Win (Unofficial) 2014-09-04 14:10 - 2014-09-04 14:10 - 01101648 _____ () C:\Users\compaq\Downloads\Telegram for Desktop Unofficial - CHIP-Installer.exe 2014-09-04 14:06 - 2014-09-04 14:06 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-03 18:29 - 2014-01-29 16:25 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Notepad++ 2014-09-03 18:22 - 2014-07-22 22:08 - 00000000 ____D () C:\ProgramData\TEMP 2014-09-03 18:13 - 2014-09-03 18:13 - 00035344 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys 2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Paessler 2014-09-03 18:03 - 2014-09-03 18:03 - 00000000 ____D () C:\ProgramData\Licenses 2014-09-03 17:44 - 2011-04-12 09:43 - 00698688 _____ () C:\Windows\system32\perfh007.dat 2014-09-03 17:44 - 2011-04-12 09:43 - 00148828 _____ () C:\Windows\system32\perfc007.dat 2014-09-03 17:44 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-03 14:52 - 2014-09-03 14:52 - 00024504 _____ () C:\Users\compaq\Documents\Log von NETGEAR DoS Attack 03.09.2014 2014-09-03 14:13 - 2014-09-03 14:13 - 00024275 _____ () C:\Users\compaq\Documents\Log von NETGEAR 2014.09.03 2014-09-03 10:02 - 2014-09-03 10:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-03 00:38 - 2014-08-30 14:15 - 00000000 ____D () C:\Program Files (x86)\Origin 2014-09-03 00:38 - 2014-02-21 20:18 - 00000000 ____D () C:\ProgramData\Origin 2014-09-02 17:06 - 2014-08-29 23:02 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Dev-Cpp 2014-09-01 20:22 - 2014-09-01 18:26 - 00000000 ____D () C:\Users\compaq\Desktop\rendern 2014-09-01 19:24 - 2014-08-31 20:03 - 00000000 ____D () C:\Users\compaq\AppData\Local\Windows Live 2014-09-01 19:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\Documents\deskcalc 2014-09-01 18:56 - 2014-09-01 18:56 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\deskcalc 2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers 2014-09-01 18:49 - 2014-09-01 18:49 - 00000000 ____D () C:\Users\compaq\AppData\Local\SlimWare Utilities Inc 2014-09-01 18:32 - 2014-08-31 19:54 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\avidemux 2014-08-31 21:31 - 2014-08-31 20:56 - 00000000 ____D () C:\Users\Public\Documents\Lightworks 2014-08-31 21:29 - 2014-08-31 21:29 - 00000000 ____D () C:\Users\compaq\AppData\Local\Adobe 2014-08-31 21:29 - 2014-01-23 20:12 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Adobe 2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks 2014-08-31 20:56 - 2014-08-31 20:56 - 00000000 ____D () C:\ProgramData\Geevs 2014-08-31 20:56 - 2014-08-31 20:55 - 00000000 ____D () C:\Program Files (x86)\Lightworks 2014-08-31 20:38 - 2014-08-30 15:02 - 00000000 ___RD () C:\Users\compaq\Desktop\Musik 2014-08-31 20:31 - 2014-01-23 19:23 - 00000000 ____D () C:\Users\compaq\AppData\Local\VirtualStore 2014-08-31 20:03 - 2014-08-31 20:03 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive 2014-08-31 18:34 - 2014-01-26 15:10 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-08-31 18:20 - 2014-08-31 18:20 - 00000000 ____D () C:\Users\compaq\AppData\Local\Tempa8b1a712f48233524e0c6b8833d1169e 2014-08-31 00:27 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker 2014-08-30 16:17 - 2014-08-30 16:17 - 00000000 ____D () C:\Users\compaq\Documents\SimCity 2014-08-30 16:17 - 2014-02-21 20:18 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-08-30 14:27 - 2014-08-30 14:19 - 00000000 ____D () C:\Program Files (x86)\Origin Games 2014-08-30 14:19 - 2014-08-17 17:39 - 00000000 ____D () C:\Users\compaq\AppData\Local\Origin 2014-08-30 14:15 - 2014-08-30 14:15 - 00000998 _____ () C:\Users\Public\Desktop\Origin.lnk 2014-08-30 14:15 - 2014-08-30 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin 2014-08-29 01:31 - 2014-08-29 00:24 - 3221225984 _____ () C:\Virtuell4.vhd 2014-08-28 17:44 - 2009-07-14 06:45 - 00294640 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-28 17:16 - 2014-01-23 21:05 - 00064024 _____ () C:\Users\compaq\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-28 16:02 - 2014-08-28 15:44 - 524288512 _____ () C:\Virtuell3.vhd 2014-08-28 15:26 - 2014-08-28 15:24 - 2147484160 _____ () C:\Virtuell2.vhd 2014-08-28 15:16 - 2014-07-01 14:37 - 00007601 _____ () C:\Users\compaq\AppData\Local\Resmon.ResmonCfg 2014-08-28 14:52 - 2014-08-28 13:46 - 2147484160 _____ () C:\Virtuell.vhd 2014-08-26 11:34 - 2014-02-01 16:09 - 00000000 ____D () C:\ProgramData\Adobe 2014-08-26 11:32 - 2011-04-12 09:54 - 00000000 ____D () C:\Windows\CSC 2014-08-26 11:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Web 2014-08-26 01:16 - 2014-04-30 01:33 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Skype 2014-08-24 01:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-23 14:43 - 2014-08-23 14:43 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-08-23 14:43 - 2014-08-23 14:43 - 00002038 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-08-23 14:42 - 2014-08-23 14:42 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-08-23 14:11 - 2014-08-23 14:11 - 00001121 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-23 14:11 - 2014-08-23 14:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-23 14:11 - 2014-08-23 14:10 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-23 14:10 - 2014-08-23 14:10 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-23 04:07 - 2014-08-28 12:44 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-23 03:45 - 2014-08-28 12:44 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-23 02:59 - 2014-08-28 12:44 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-22 01:31 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD 2014-08-22 01:27 - 2014-08-22 01:27 - 00000000 ____D () C:\Windows\System32\Tasks\Aufgaben der Ereignisanzeige 2014-08-22 01:01 - 2014-08-22 01:01 - 00000000 ____D () C:\Users\Jendrik\.cache 2014-08-22 01:01 - 2014-08-22 00:54 - 00000000 ____D () C:\Users\Jendrik 2014-08-22 00:59 - 2014-08-22 00:59 - 00000000 ____D () C:\Users\Jendrik\Documents\DIE SIEDLER - DEdK 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\Script Testserver 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\GTA San Andreas User Files 2014-08-22 00:58 - 2014-08-22 00:58 - 00000000 ____D () C:\Users\Jendrik\Documents\Abelssoft 2014-08-22 00:56 - 2014-08-22 00:56 - 00064024 _____ () C:\Users\Jendrik\AppData\Local\GDIPFONTCACHEV1.DAT 2014-08-22 00:56 - 2014-08-22 00:56 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\AVAST Software 2014-08-22 00:55 - 2014-08-22 00:55 - 00001398 _____ () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-08-22 00:55 - 2014-08-22 00:55 - 00000020 ___SH () C:\Users\Jendrik\ntuser.ini 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Vorlagen 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Startmenü 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Netzwerkumgebung 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Lokale Einstellungen 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Eigene Dateien 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Druckumgebung 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Documents\Eigene Musik 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Documents\Eigene Bilder 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Local\Verlauf 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\AppData\Local\Anwendungsdaten 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 _SHDL () C:\Users\Jendrik\Anwendungsdaten 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\ATI 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Roaming\Adobe 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\VirtualStore 2014-08-22 00:55 - 2014-08-22 00:55 - 00000000 ____D () C:\Users\Jendrik\AppData\Local\ATI 2014-08-22 00:39 - 2014-08-22 00:57 - 88424596 _____ () C:\Users\Jendrik\Desktop\Wichtige Documents.rar 2014-08-21 18:32 - 2014-08-22 00:58 - 02695493 _____ () C:\Users\Jendrik\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar 2014-08-21 18:32 - 2014-08-21 18:32 - 02695493 _____ () C:\Users\compaq\Documents\WNR2000 Firmware Version 1.2.3.7 (WW).rar 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-21 18:31 - 2014-08-21 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-08-21 18:31 - 2014-02-18 16:06 - 00000000 ____D () C:\Program Files\WinRAR 2014-08-21 18:21 - 2014-07-25 03:06 - 00000000 ____D () C:\Users\Testkonto 2014-08-21 17:54 - 2014-01-27 16:30 - 00000000 ____D () C:\Users\compaq\AppData\Local\Google 2014-08-21 17:19 - 2014-06-06 15:12 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-08-21 16:52 - 2014-08-21 16:51 - 00000000 ___SD () C:\Users\compaq\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.0 2014-08-21 16:52 - 2014-02-10 23:51 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-08-21 03:11 - 2014-02-07 16:58 - 00000000 ____D () C:\Users\compaq\AppData\Roaming\FileZilla 2014-08-19 17:03 - 2014-08-19 17:03 - 00000000 ____D () C:\Users\compaq\.cache 2014-08-16 21:39 - 2014-08-16 21:39 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-16 21:33 - 2014-08-16 18:14 - 00000000 ____D () C:\Users\compaq\Documents\Script Testserver 2014-08-16 17:45 - 2014-07-02 20:32 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games 2014-08-15 16:21 - 2014-08-15 16:21 - 00001113 _____ () C:\Users\compaq\Desktop\FileZilla FTP Client.lnk 2014-08-15 15:43 - 2014-08-15 15:42 - 00000000 ____D () C:\Program Files (x86)\FileZilla-3.9.0.3 2014-08-15 00:58 - 2014-08-15 00:58 - 00000000 ____D () C:\Sonstiges 2014-08-15 00:56 - 2014-01-09 11:06 - 00661448 _____ (Microsoft Corporation) C:\Windows\system32\msvcp110.dll 2014-08-14 22:40 - 2014-08-14 22:30 - 00000000 ____D () C:\xampp 2014-08-14 22:39 - 2014-01-23 22:38 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-14 22:39 - 2014-01-23 22:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-14 22:39 - 2014-01-23 22:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-14 22:38 - 2014-08-14 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP 2014-08-14 13:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-14 02:59 - 2014-01-23 20:41 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-14 02:57 - 2014-01-23 20:41 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-14 02:52 - 2014-05-04 01:26 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-08-13 00:12 - 2014-04-30 01:33 - 00000000 ____D () C:\ProgramData\Skype 2014-08-10 13:16 - 2014-08-08 01:24 - 00000000 ____D () C:\Users\compaq\Documents\DIE SIEDLER - DEdK 2014-08-10 12:17 - 2014-01-26 14:50 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-08 12:56 - 2014-08-08 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-08 12:56 - 2014-03-16 22:24 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-08 12:55 - 2014-08-08 12:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-08 12:55 - 2014-08-08 12:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-08 12:55 - 2014-08-08 12:56 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-08 12:55 - 2014-08-08 12:56 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-08 10:05 - 2014-08-08 10:05 - 00038960 _____ () C:\Windows\SysWOW64\RGBAcodec.dll 2014-08-07 04:06 - 2014-08-13 14:38 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-08-07 04:01 - 2014-08-13 14:38 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll Files to move or delete: ==================== C:\Users\compaq\jagex_cl_runescape_LIVE.dat C:\Users\compaq\random.dat Some content of TEMP: ==================== C:\Users\compaq\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps3bnzj.dll C:\Users\compaq\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-28 11:10 ==================== End Of Log ============================ --- --- --- --- --- --- Geändert von Ladekabel612 (06.09.2014 um 00:10 Uhr) Grund: Text überarbeitet |
|
07.09.2014, 11:40
| #14 |
| /// TB-Ausbilder | Windows 7: IE geht Selbstständig auf Und nach Rechnerneustart ? Immer noch keine Tastatur ?
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
07.09.2014, 12:13
| #15 | ||
| | Windows 7: IE geht Selbstständig aufZitat:
Die Code 10 Fehlermeldung lautet: Zitat:
Windows Updates macht Windows übringens auch nicht mehr, spuckt er mir ebenfalls eine Fehlermeldung aus. Geändert von Ladekabel612 (07.09.2014 um 12:18 Uhr) |
|
| Themen zu Windows 7: IE geht Selbstständig auf |
| automatisch, avast, beenden, funde, hilfe, keine funde, malwarebytes, manager, ploppt, problem, prozesse, regelmäßig, selbstständig, system, tagen, unregelmäßig, verweigert, website, windows, windows 7, zugriff, zugriff verweigert, zusätzlich, öffnet |
Linear-Darstellung
