Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Windows 8 W-LAN Laptop legt LAN Rechner lahm

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Plagegeister aller Art und deren Bekämpfung: Windows 8 W-LAN Laptop legt LAN Rechner lahm

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 05.02.2015, 20:14   #1
Houseman
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Hallo Experten Team.

Ich betreibe ein W-LAN/LAN Zuhause und die Verbindungen klappen alle soweit.
Alle Rechner, Smartphones, Tablets, etc. sind im gleichen Subnetz und bekommen vom Router über DHCP ihre IPs. Einige feste, andere Dynamische, z.B. Gast-Handys.

Vor einigen Monaten fragte mich meine Frau ob ich ihr die Bildordner der Kinder über das Netzwerk freigeben könne und das tat ich. Über Benutzernamen und Kennwort, gab ich ihr den Ordner mit Leseberechtigung frei und das klappte Super, mit einer Ausnahme.
Jedesmal wenn sie sich mit dem Ordner verband, wurde mein PC (i5-2500k, 16GB Ram, Raid 1) so ausgebremst, das an ein Arbeiten nicht mehr zu denken war.

Ich hob die Freigabe somit erst einmal wieder auf und bemerkte das immer wenn sie ins Internet über W-LAN ging, z.B. Facebook öffnete, mein Rechner blockierte.
Mein Rechner ist aber über Kabel an einem Gigabit Switch (nachträglich gekauft, weil ich an Datenkollisionen dachte) und der Switch am W-LAN Router (per Kabel).

Über SmartSniff sah ich dann das das Windows 8 Laptop über Multicast Adresse sogar die Firewall Regeln ausser Kraft setzte und fleißig im Netz Daten schickte.
Ein weiterer Windows 7 Rechner ist nicht am zicken, der ist auch über W-LAN drin. Auch wenn ich ins Internet gehe, oder Daten ziehe/sende, blockiert es keinen anderen Rechner.

Da ich vermute das das Win8 Laptop irgend etwas drauf hat, wäre es Nett wenn ihr da mal drauf schauen könntet, weil ich seit Monaten alles mögliche getestet, ausgetauscht und konfiguriert habe, und mit meinem Latein am Ende bin.

LG
Houseman

Alt 05.02.2015, 20:16   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 05.02.2015, 23:13   #3
Houseman
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Frst und Addition



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by Anja (administrator) on JESSICANB on 05-02-2015 23:06:54
Running from C:\Users\Anja\Desktop
Loaded Profiles: Anja (Available profiles: Anja)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\MountPoints2: {eafd6177-aadd-11e4-bf5f-b888e3d1ce52} - "E:\pushinst.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-2513446037-876431734-2113241799-1001 -> DefaultScope {312C44B3-E40B-4721-A1BB-43DC49C7DBAA} URL = 
SearchScopes: HKU\S-1-5-21-2513446037-876431734-2113241799-1001 -> {312C44B3-E40B-4721-A1BB-43DC49C7DBAA} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
S4 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
S4 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-22] (Dritek System INC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-11-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-11-21] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 FWLANUSB; C:\Windows\system32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
U5 NdisImPlatform; C:\Windows\System32\Drivers\NdisImPlatform.sys [126464 2014-11-21] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-22] (Dritek System Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-11-21] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 23:06 - 2015-02-05 23:08 - 00008418 _____ () C:\Users\Anja\Desktop\FRST.txt
2015-02-05 23:06 - 2015-02-05 23:06 - 00000000 ____D () C:\FRST
2015-02-05 23:05 - 2015-02-05 23:05 - 02131968 _____ (Farbar) C:\Users\Anja\Desktop\FRST64.exe
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieUserList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieSiteList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieBrowserModeList
2015-02-03 07:34 - 2015-02-03 07:34 - 00000020 ___SH () C:\Users\Anja\ntuser.ini
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-03 00:47 - 2015-02-03 00:47 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-03 00:27 - 2015-02-03 00:27 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-03 00:24 - 2015-02-05 23:07 - 01308777 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-03 00:21 - 2015-02-03 00:21 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-03 00:19 - 2015-02-03 07:34 - 00000000 ____D () C:\Users\Anja
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-02-03 00:19 - 2015-02-03 00:20 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Vorlagen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Startmenü
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Netzwerkumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Lokale Einstellungen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Eigene Dateien
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Druckumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Musik
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Bilder
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Verlauf
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Anwendungsdaten
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Anwendungsdaten
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-03 00:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\Program Files\Realtek
2015-02-03 00:11 - 2015-02-03 00:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-03 00:11 - 2015-02-03 00:11 - 00000000 ____D () C:\Program Files\Elantech
2015-02-03 00:08 - 2015-02-03 07:35 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-03 00:08 - 2015-02-03 00:08 - 00000000 __SHD () C:\Recovery
2015-02-03 00:07 - 2015-02-03 00:07 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00000000 ____D () C:\Windows.old
2015-02-03 00:05 - 2015-02-03 00:05 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-03 00:04 - 2015-02-03 00:04 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-03 00:02 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-03 00:02 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-02 23:34 - 2015-02-03 00:48 - 00006626 _____ () C:\WINDOWS\comsetup.log
2015-02-02 22:27 - 2015-02-02 22:27 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2015-02-02 22:22 - 2015-02-02 22:24 - 00000000 ____D () C:\Users\Anja\Downloads\smsniff-2.16_x64
2015-02-02 22:22 - 2015-02-02 22:22 - 00127443 _____ () C:\Users\Anja\Downloads\smsniff-2.16_x64.zip
2015-02-02 21:55 - 2015-02-02 22:15 - 00000000 ____D () C:\Users\Anja\Documents\smsniff-2.16_x64
2015-02-02 14:41 - 2015-02-05 23:06 - 00062254 _____ () C:\WINDOWS\avmfwlanci.log
2015-02-02 14:41 - 2015-02-03 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2015-02-02 14:41 - 2015-02-02 14:41 - 00024866 _____ () C:\WINDOWS\avmacc.log
2015-02-02 14:41 - 2015-02-02 14:41 - 00018142 _____ () C:\WINDOWS\AVMInstall.Log
2015-02-02 14:41 - 2015-02-02 14:41 - 00010145 _____ () C:\WINDOWS\avmsetup.log
2015-02-02 14:41 - 2015-02-02 14:41 - 00002358 _____ () C:\WINDOWS\avmadd32.log
2015-02-02 14:41 - 2015-02-02 14:41 - 00000000 ____D () C:\Program Files (x86)\avmwlanstick
2015-02-02 14:41 - 2015-02-02 14:41 - 00000000 ____D () C:\Program Files (x86)\AVM_update
2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\Users\Anja\AVM_Driver
2015-01-06 08:45 - 2015-02-03 00:25 - 00000000 ____D () C:\WINDOWS\system32\appraiser

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-05 23:08 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-05 23:08 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-05 23:08 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-05 23:05 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-05 23:00 - 2013-08-22 15:46 - 00286134 _____ () C:\WINDOWS\setupact.log
2015-02-05 23:00 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-04 21:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-04 21:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-03 16:30 - 2014-12-05 22:59 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-03 16:30 - 2014-11-20 19:24 - 00009764 _____ () C:\WINDOWS\PFRO.log
2015-02-03 16:30 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-03 07:51 - 2013-01-13 22:01 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2513446037-876431734-2113241799-1001
2015-02-03 07:44 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-03 07:39 - 2013-01-13 21:54 - 00000000 ____D () C:\Users\Anja\AppData\Local\Packages
2015-02-03 07:36 - 2013-01-13 21:55 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-03 00:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-03 00:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-03 00:48 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-03 00:32 - 2013-08-22 15:44 - 00362824 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-03 00:30 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-03 00:29 - 2013-11-12 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2015-02-03 00:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-03 00:29 - 2013-01-20 18:13 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
2015-02-03 00:29 - 2012-10-22 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-03 00:29 - 2012-10-22 23:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-03 00:29 - 2012-09-01 19:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-03 00:29 - 2012-09-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-03 00:29 - 2012-09-01 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-03 00:29 - 2012-09-01 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-03 00:27 - 2013-08-22 16:37 - 00005217 _____ () C:\WINDOWS\DtcInstall.log
2015-02-03 00:27 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-03 00:26 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-03 00:26 - 2014-09-23 17:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\mflpro
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-03 00:25 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-02-03 00:23 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-03 00:23 - 2013-03-02 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterActual
2015-02-03 00:23 - 2012-09-01 18:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-03 00:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-03 00:07 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-03 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-03 00:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-02 23:48 - 2013-01-13 21:54 - 01856833 _____ () C:\WINDOWS\WindowsUpdate (1).log
2015-02-02 23:31 - 2014-11-21 22:57 - 00000000 ___HD () C:\$Windows.~BT
2015-02-02 23:19 - 2014-09-23 17:17 - 00000000 ____D () C:\Program Files (x86)\Brother
2015-02-02 14:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-02 14:49 - 2013-10-14 20:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-02 14:47 - 2013-10-14 20:09 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-11-06 21:40 - 2014-11-06 21:49 - 0007597 _____ () C:\Users\Anja\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:10

==================== End Of Log ============================
--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-02-2015
Ran by Anja at 2015-02-05 23:09:02
Running from C:\Users\Anja\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 clear.fi SDK - Video 2 (x32 Version: 2.1.1925 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2008 - CyberLink Corp.) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0059 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3007 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3006 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3011 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3115 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3201 - Acer Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Backup Manager v4 (x32 Version: 4.0.0.0059 - NTI Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.7.1 - Broadcom Corporation)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3108 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3108 - Acer Incorporated)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
Delicious: Emily's True Love Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
eBay Worldwide (HKLM-x32\...\{A694AF57-9891-4D62-824C-7E55A1361A14}) (Version: 2.3.0630 - OEM)
ETDWare PS/2-X64 11.6.8.001_WHQL (HKLM\...\Elantech) (Version: 11.6.8.001 - ELAN Microelectronic Corp.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3004 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
InterActual Player (HKLM-x32\...\InterActual Player) (Version:  - )
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 7.0.5 - Acer Inc.)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3004 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.35 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.24 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.24 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3200 - Acer)
Office Addin 2003 (HKLM-x32\...\{1FCC073B-CC01-4443-AD20-E559F66E6E83}) (Version: 2.01.3200 - Acer)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
SRWare Iron Version SRWare Iron 37.2000.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 37.2000.0 - SRWare)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.20 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

ATTENTION: System Restore is disabled.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {004A9BD8-EDC7-4DE8-A894-8EE41E1131B5} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {371A112A-B68F-469C-B4D9-D77530517061} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2014-11-21] (Microsoft Corporation)
Task: {400BFB4E-660E-4F32-8CA7-CEF261688561} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {66FA40D8-46CA-4894-AD0A-03BDF40FA844} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-08-30] ()
Task: {6CEDD6E2-E7EA-4233-AFDA-FFA454E894D4} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {8A8DF02A-3E72-4DF0-8EFD-ABA9072780F9} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2012-07-31] (Acer Incorporated)
Task: {99F3F7D0-8466-4793-AC28-F7A0DF12E1E1} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {9D1D7272-BF8E-44BA-9B11-A8A7E83AA8B0} - System32\Tasks\{BBCF31F8-EF78-4C24-84E2-140E7D43643E} => pcalua.exe -a C:\Users\Anja\Downloads\MFC-5890CN-inst-win8-A1.EXE
Task: {A776AB8E-5E5B-4E08-BCE2-BEE79D7C5E28} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2012-07-12] (Egis Technology Inc.)
Task: {D8F40E55-DB27-491F-B538-A91A2A9C9793} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-02] (Microsoft Corporation)
Task: {F12DF198-34A2-4126-A5C3-13FEC59BC340} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-08-22] (Acer Incorporated)

==================== Loaded Modules (whitelisted) ==============

2012-06-22 02:12 - 2012-06-22 02:12 - 01407568 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2013-01-28 14:45 - 2013-01-28 14:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 14:42 - 2013-01-28 14:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-28 14:47 - 2013-01-28 14:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-23 07:26 - 2012-08-23 07:26 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-10-22 23:29 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Registry Areas =====================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AVM WLAN Connection Service => 2
MSCONFIG\Services: BrcmCardReader => 2
MSCONFIG\Services: DsiWMIService => 2
MSCONFIG\Services: EgisTec Ticket Service => 3
MSCONFIG\Services: ETDService => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: LanmanServer => 2
MSCONFIG\Services: lmhosts => 2
MSCONFIG\Services: NTI IScheduleSvc => 2
MSCONFIG\Services: RfButtonDriverService => 2

==================== Accounts: =============================

Administrator (S-1-5-21-2513446037-876431734-2113241799-500 - Administrator - Disabled)
Anja (S-1-5-21-2513446037-876431734-2113241799-1001 - Administrator - Enabled) => C:\Users\Anja
Gast (S-1-5-21-2513446037-876431734-2113241799-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2513446037-876431734-2113241799-1005 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Broadcom NetLink (TM)-Gigabit-Ethernet
Description: Broadcom NetLink (TM)-Gigabit-Ethernet
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom Corporation
Service: k57nd60a
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2015 00:22:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2015 00:22:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2015 00:22:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Bei der Aktivierung der App „Microsoft.BingSports_8wekyb3d8bbwe!AppexSports“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2015 10:13:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2015 10:13:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2015 10:13:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Bei der Aktivierung der App „Microsoft.BingSports_8wekyb3d8bbwe!AppexSports“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2015 07:51:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Bei der Aktivierung der App „Microsoft.BingSports_8wekyb3d8bbwe!AppexSports“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2015 07:46:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2015 07:36:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (02/03/2015 07:35:19 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3468) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.


System errors:
=============
Error: (02/05/2015 11:02:55 PM) (Source: RemoteAccess) (EventID: 20106) (User: )
Description: RoutingDomainID- {00000000-0000-0000-0000-000000000000}: Die Schnittstelle "{CC40FC4F-4E18-4570-BC54-77017C9BDCD3}" kann nicht zu dem Router-Manager für das Protokoll IPV6 hinzugefügt werden. Fehler: Die Funktion kann nicht abgeschlossen werden.

Error: (02/05/2015 11:02:55 PM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Fehler beim Starten der RAS-Verbindungsverwaltung, da das Protokoll-Engine [IKEv2] nicht initialisiert wurde. Die Anforderung wird nicht unterstützt.

Error: (02/04/2015 09:08:56 PM) (Source: RemoteAccess) (EventID: 20106) (User: )
Description: RoutingDomainID- {00000000-0000-0000-0000-000000000000}: Die Schnittstelle "{CC40FC4F-4E18-4570-BC54-77017C9BDCD3}" kann nicht zu dem Router-Manager für das Protokoll IPV6 hinzugefügt werden. Fehler: Die Funktion kann nicht abgeschlossen werden.

Error: (02/04/2015 09:08:56 PM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Fehler beim Starten der RAS-Verbindungsverwaltung, da das Protokoll-Engine [IKEv2] nicht initialisiert wurde. Die Anforderung wird nicht unterstützt.

Error: (02/04/2015 09:05:44 PM) (Source: DCOM) (EventID: 10010) (User: JESSICANB)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (02/04/2015 09:05:44 PM) (Source: DCOM) (EventID: 10010) (User: JESSICANB)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (02/04/2015 08:29:19 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Routing und RAS" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%11004

Error: (02/04/2015 08:29:16 PM) (Source: RemoteAccess) (EventID: 20152) (User: )
Description: Der momentan konfigurierte Authentifizierungsanbieter konnte nicht geladen und initialisiert werden. Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden.

Error: (02/04/2015 08:21:20 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Routing und RAS" wurde mit dem folgenden dienstspezifischen Fehler beendet: 
%%11004

Error: (02/04/2015 08:21:18 PM) (Source: RemoteAccess) (EventID: 20152) (User: )
Description: Der momentan konfigurierte Authentifizierungsanbieter konnte nicht geladen und initialisiert werden. Der angeforderte Name ist gültig, es wurden jedoch keine Daten des angeforderten Typs gefunden.


Microsoft Office Sessions:
=========================
Error: (02/03/2015 00:22:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (02/03/2015 00:22:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148

Error: (02/03/2015 00:22:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148

Error: (02/03/2015 10:13:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148

Error: (02/03/2015 10:13:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927148

Error: (02/03/2015 10:13:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148

Error: (02/03/2015 07:51:50 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Microsoft.BingSports_8wekyb3d8bbwe!AppexSports-2144927148

Error: (02/03/2015 07:46:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: Microsoft.BingWeather_8wekyb3d8bbwe!App-2144927148

Error: (02/03/2015 07:36:49 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: JESSICANB)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (02/03/2015 07:35:19 AM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3468WindowsMail0:


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B960 @ 2.20GHz
Percentage of memory in use: 23%
Total physical RAM: 8005.28 MB
Available physical RAM: 6117.16 MB
Total Pagefile: 9925.28 MB
Available Pagefile: 8236.21 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:448.75 GB) (Free:383.69 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: C6DD69FB)

Partition: GPT Partition Type.

==================== End Of Log ============================
__________________
Alt 06.02.2015, 09:40   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.02.2015, 15:44   #5
Houseman
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Problem mit adwcleaner und Datenbank


Hallo Schrauber.
Danke erstmal das Du dich um mein Problem !? kümmerst.

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-02-2015
Ran by Anja at 2015-02-06 11:47:05 Run:1
Running from C:\Users\Anja\Desktop\Trojaner-Board\Erster Scan
Loaded Profiles: Anja (Available profiles: Anja)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
*****************

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value deleted successfully.

==== End of Fixlog 11:47:05 ====
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 06.02.2015
Suchlauf-Zeit: 11:53:38
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.02.06.03
Rootkit Datenbank: v2015.02.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Anja

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 350618
Verstrichene Zeit: 20 Min, 59 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
ADWCleaner konnte nicht ausgeführt werden. Bei Installationsversuch werde ich aufgefordert das Programm aufgrund von Datenbank Problemen zu löschen und und neu downzuloaden. Die Datei von Filepony scheint defekt und vom anderen Link nicht verfügbar 502 Error.

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 8.1 x64
Ran by Anja on 06.02.2015 at 12:47:16,59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.02.2015 at 12:48:25,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by Anja (administrator) on JESSICANB on 06-02-2015 12:53:07
Running from C:\Users\Anja\Desktop
Loaded Profiles: Anja (Available profiles: Anja)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\MountPoints2: {eafd6177-aadd-11e4-bf5f-b888e3d1ce52} - "E:\pushinst.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-2513446037-876431734-2113241799-1001 -> DefaultScope {312C44B3-E40B-4721-A1BB-43DC49C7DBAA} URL = 
SearchScopes: HKU\S-1-5-21-2513446037-876431734-2113241799-1001 -> {312C44B3-E40B-4721-A1BB-43DC49C7DBAA} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
S4 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2435728 2012-08-23] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
S4 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-22] (Dritek System INC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 FWLANUSB; C:\Windows\system32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
U5 NdisImPlatform; C:\Windows\System32\Drivers\NdisImPlatform.sys [126464 2014-11-21] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-22] (Dritek System Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 12:53 - 2015-02-06 12:53 - 00008680 _____ () C:\Users\Anja\Desktop\FRST.txt
2015-02-06 12:53 - 2015-02-05 23:05 - 02131968 _____ (Farbar) C:\Users\Anja\Desktop\FRST64.exe
2015-02-06 12:52 - 2015-02-06 12:52 - 00001189 _____ () C:\Users\Anja\Desktop\mbam.txt
2015-02-06 12:48 - 2015-02-06 12:48 - 00000613 _____ () C:\Users\Anja\Desktop\JRT.txt
2015-02-06 12:46 - 2015-02-06 12:47 - 01388274 _____ (Thisisu) C:\Users\Anja\Downloads\JRT.exe
2015-02-06 12:42 - 2015-02-06 12:42 - 02112512 _____ () C:\Users\Anja\Downloads\AdwCleaner_4.110.exe
2015-02-06 12:42 - 2015-02-06 12:42 - 02112512 _____ () C:\Users\Anja\Downloads\AdwCleaner_4.110 (1).exe
2015-02-06 11:53 - 2015-02-06 11:53 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-06 11:52 - 2015-02-06 11:52 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-06 11:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-06 11:52 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-06 11:52 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-06 11:50 - 2015-02-06 11:51 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Anja\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-06 11:43 - 2015-02-06 11:43 - 00002702 _____ () C:\WINDOWS\avmfwlanci.log
2015-02-06 11:41 - 2015-02-06 11:41 - 00000077 _____ () C:\WINDOWS\setupact.log
2015-02-06 11:41 - 2015-02-06 11:41 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-06 09:01 - 2015-02-06 11:54 - 00057639 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-06 08:25 - 2015-02-06 12:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-06 08:25 - 2015-02-06 08:25 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-06 08:24 - 2015-02-06 08:25 - 00000000 ____D () C:\Users\Anja\AppData\Local\Adobe
2015-02-06 07:50 - 2015-02-06 07:50 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-02-06 07:50 - 2015-02-06 07:50 - 00000838 _____ () C:\Users\Anja\Desktop\CCleaner.lnk
2015-02-06 07:50 - 2015-02-06 07:50 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-06 07:50 - 2015-02-06 07:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-06 07:48 - 2015-02-06 07:48 - 04196968 _____ (Piriform Ltd) C:\Users\Anja\Downloads\ccsetup502_slim (1).exe
2015-02-06 07:47 - 2015-02-06 07:47 - 04196968 _____ (Piriform Ltd) C:\Users\Anja\Downloads\ccsetup502_slim.exe
2015-02-05 23:26 - 2015-02-06 12:53 - 00000000 ____D () C:\Users\Anja\Desktop\Trojaner-Board
2015-02-05 23:13 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-05 23:13 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-05 23:13 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-05 23:13 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-05 23:13 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-05 23:13 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-05 23:13 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-05 23:12 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-05 23:12 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-05 23:06 - 2015-02-06 12:53 - 00000000 ____D () C:\FRST
2015-02-04 21:45 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-04 21:45 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-04 21:45 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-04 21:45 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-04 21:38 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-04 21:38 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieUserList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieSiteList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieBrowserModeList
2015-02-03 07:34 - 2015-02-03 07:34 - 00000020 ___SH () C:\Users\Anja\ntuser.ini
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-03 00:47 - 2015-02-03 00:47 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-03 00:27 - 2015-02-03 00:27 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-03 00:21 - 2015-02-03 00:21 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-03 00:19 - 2015-02-03 07:34 - 00000000 ____D () C:\Users\Anja
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-02-03 00:19 - 2015-02-03 00:20 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Vorlagen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Startmenü
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Netzwerkumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Lokale Einstellungen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Eigene Dateien
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Druckumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Musik
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Bilder
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Verlauf
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Anwendungsdaten
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Anwendungsdaten
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-03 00:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\Program Files\Realtek
2015-02-03 00:11 - 2015-02-03 00:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-03 00:11 - 2015-02-03 00:11 - 00000000 ____D () C:\Program Files\Elantech
2015-02-03 00:08 - 2015-02-06 07:59 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-03 00:08 - 2015-02-03 00:08 - 00000000 __SHD () C:\Recovery
2015-02-03 00:07 - 2015-02-03 00:07 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-03 00:04 - 2015-02-03 00:04 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-03 00:02 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-02 22:27 - 2015-02-02 22:27 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2015-02-02 22:22 - 2015-02-02 22:24 - 00000000 ____D () C:\Users\Anja\Downloads\smsniff-2.16_x64
2015-02-02 22:22 - 2015-02-02 22:22 - 00127443 _____ () C:\Users\Anja\Downloads\smsniff-2.16_x64.zip
2015-02-02 21:55 - 2015-02-02 22:15 - 00000000 ____D () C:\Users\Anja\Documents\smsniff-2.16_x64
2015-02-02 14:41 - 2015-02-03 00:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
2015-02-02 14:41 - 2015-02-02 14:41 - 00000000 ____D () C:\Program Files (x86)\avmwlanstick
2015-02-02 14:41 - 2015-02-02 14:41 - 00000000 ____D () C:\Program Files (x86)\AVM_update
2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\Users\Anja\AVM_Driver

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-06 12:52 - 2013-01-13 22:01 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2513446037-876431734-2113241799-1001
2015-02-06 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-06 11:45 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-06 11:45 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-06 11:45 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-06 11:41 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-06 09:26 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-06 08:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-06 08:56 - 2013-01-13 21:54 - 00000000 ____D () C:\Users\Anja\AppData\Local\Packages
2015-02-06 08:36 - 2013-11-12 10:28 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2015-02-06 07:59 - 2013-01-13 17:41 - 00000000 ____D () C:\Users\Anja\AppData\Local\CrashDumps
2015-02-06 07:44 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-05 23:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-04 21:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 16:30 - 2014-12-05 22:59 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-03 07:36 - 2013-01-13 21:55 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-03 00:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-03 00:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-03 00:48 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-03 00:32 - 2013-08-22 15:44 - 00362824 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-03 00:30 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-03 00:29 - 2013-11-12 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2015-02-03 00:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-03 00:29 - 2013-01-20 18:13 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
2015-02-03 00:29 - 2012-10-22 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-03 00:29 - 2012-10-22 23:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-03 00:29 - 2012-09-01 19:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-03 00:29 - 2012-09-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-03 00:29 - 2012-09-01 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-03 00:29 - 2012-09-01 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-03 00:27 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-03 00:26 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-03 00:26 - 2014-09-23 17:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\mflpro
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-03 00:25 - 2015-01-06 08:45 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-03 00:25 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-02-03 00:23 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-03 00:23 - 2013-03-02 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterActual
2015-02-03 00:23 - 2012-09-01 18:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-03 00:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-03 00:07 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-03 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-03 00:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-02 23:19 - 2014-09-23 17:17 - 00000000 ____D () C:\Program Files (x86)\Brother
2015-02-02 14:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-02 14:49 - 2013-10-14 20:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-02 14:47 - 2013-10-14 20:09 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-11-06 21:40 - 2014-11-06 21:49 - 0007597 _____ () C:\Users\Anja\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Anja\AppData\Local\Temp\Quarantine.exe
C:\Users\Anja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:10

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


So hab jetzt doch noch geschafft das Programm zum laufen zu bewegen.

Hier das File

Code:
ATTFilter
# AdwCleaner v4.110 - Bericht erstellt 06/02/2015 um 15:39:08
# Aktualisiert 05/02/2015 von Xplode
# Datenbank : 2015-02-05.2 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : Anja - JESSICANB
# Gestarted von : C:\Users\Anja\Downloads\adwcleaner_4.110.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [744 Bytes] - [06/02/2015 15:36:12]
AdwCleaner[S0].txt - [667 Bytes] - [06/02/2015 15:39:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [725  Bytes] ##########
Hattest Du den Nameserver Eintrag auf Verdacht verändert, oder war da was falsch eingestellt ?


Alt 06.02.2015, 21:36   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Zitat:
Hattest Du den Nameserver Eintrag auf Verdacht verändert, oder war da was falsch eingestellt ?
Es gibt nur einen DNS. Zwei DNS ist schon mal ungeil, und wenn einer ins Nirvana, halb rechts nebem dem Nichts führt ( 0.0.0.0 ) ist das schon komisch




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Windows 8 W-LAN Laptop legt LAN Rechner lahm

Alt 07.02.2015, 00:59   #7
Houseman
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=2d8491dcbc8b454590b02debcc84375f
# engine=22347
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-02-06 11:42:27
# local_time=2015-02-07 12:42:27 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 12758 13570466 0 0
# scanned=192215
# found=0
# cleaned=0
# scan_time=4461
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.95  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
  Java 64-bit 8 Update 31  
 Adobe Flash Player 	16.0.0.305  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-02-2015
Ran by Anja (administrator) on JESSICANB on 07-02-2015 00:55:41
Running from C:\Users\Anja\Desktop
Loaded Profiles: Anja (Available profiles: Anja)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\MountPoints2: {eafd6177-aadd-11e4-bf5f-b888e3d1ce52} - "E:\pushinst.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2513446037-876431734-2113241799-1001 -> {312C44B3-E40B-4721-A1BB-43DC49C7DBAA} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
S4 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-22] (Dritek System INC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 FWLANUSB; C:\Windows\system32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
U5 NdisImPlatform; C:\Windows\System32\Drivers\NdisImPlatform.sys [126464 2014-11-21] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-22] (Dritek System Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-07 00:55 - 2015-02-07 00:56 - 00008614 _____ () C:\Users\Anja\Desktop\FRST.txt
2015-02-07 00:49 - 2015-02-07 00:49 - 00852573 _____ () C:\Users\Anja\Desktop\SecurityCheck.exe
2015-02-06 23:23 - 2015-02-06 23:23 - 02347384 _____ (ESET) C:\Users\Anja\Downloads\esetsmartinstaller_deu.exe
2015-02-06 23:23 - 2015-02-06 23:23 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-02-06 21:29 - 2015-02-06 21:29 - 00002702 _____ () C:\WINDOWS\avmfwlanci.log
2015-02-06 21:27 - 2015-02-06 21:27 - 00000077 _____ () C:\WINDOWS\setupact.log
2015-02-06 21:27 - 2015-02-06 21:27 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-06 19:18 - 2015-02-06 23:39 - 00328874 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-06 19:17 - 2015-02-06 19:17 - 00000000 ____D () C:\Users\Anja\AppData\Local\iGware
2015-02-06 18:32 - 2015-02-06 18:32 - 00000000 ____D () C:\Users\Anja\AppData\Local\AcerCloud
2015-02-06 18:31 - 2015-02-06 18:31 - 00000000 ____D () C:\Users\Anja\AppData\Local\Doc
2015-02-06 18:29 - 2015-02-06 21:23 - 00000000 ____D () C:\Users\Anja\AppData\Local\ClearfiMedia
2015-02-06 18:28 - 2015-02-06 18:30 - 00000000 ____D () C:\Users\Anja\AppData\Local\Acer
2015-02-06 18:28 - 2015-02-06 18:28 - 00000000 ____D () C:\Users\Anja\AppData\Local\AOP SDK
2015-02-06 18:25 - 2015-02-06 18:27 - 00000000 ____D () C:\Users\Anja\AppData\Local\ClearfiPhoto
2015-02-06 15:35 - 2015-02-06 15:39 - 00000000 ____D () C:\AdwCleaner
2015-02-06 15:35 - 2015-02-06 15:35 - 02112512 _____ () C:\Users\Anja\Downloads\adwcleaner_4.110.exe
2015-02-06 14:10 - 2010-10-22 02:00 - 00480632 ____N (AVM Berlin) C:\WINDOWS\instwcli.dex
2015-02-06 12:53 - 2015-02-05 23:05 - 02131968 _____ (Farbar) C:\Users\Anja\Desktop\FRST64.exe
2015-02-06 12:46 - 2015-02-06 12:47 - 01388274 _____ (Thisisu) C:\Users\Anja\Downloads\JRT.exe
2015-02-06 12:42 - 2015-02-06 12:42 - 02112512 _____ () C:\Users\Anja\Downloads\AdwCleaner_4.110 (1).exe
2015-02-06 11:53 - 2015-02-06 11:53 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-06 11:52 - 2015-02-06 11:52 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-06 11:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-06 11:52 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-06 11:52 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-06 11:50 - 2015-02-06 11:51 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Anja\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-06 08:25 - 2015-02-07 00:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-06 08:25 - 2015-02-06 08:25 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-06 08:24 - 2015-02-06 08:25 - 00000000 ____D () C:\Users\Anja\AppData\Local\Adobe
2015-02-06 07:50 - 2015-02-06 07:50 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-02-06 07:50 - 2015-02-06 07:50 - 00000838 _____ () C:\Users\Anja\Desktop\CCleaner.lnk
2015-02-06 07:50 - 2015-02-06 07:50 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-06 07:50 - 2015-02-06 07:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-06 07:48 - 2015-02-06 07:48 - 04196968 _____ (Piriform Ltd) C:\Users\Anja\Downloads\ccsetup502_slim (1).exe
2015-02-06 07:47 - 2015-02-06 07:47 - 04196968 _____ (Piriform Ltd) C:\Users\Anja\Downloads\ccsetup502_slim.exe
2015-02-05 23:26 - 2015-02-06 12:53 - 00000000 ____D () C:\Users\Anja\Desktop\Trojaner-Board
2015-02-05 23:13 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-05 23:13 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-05 23:13 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-05 23:13 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-05 23:13 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-05 23:13 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-05 23:13 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-05 23:12 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-05 23:12 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-05 23:06 - 2015-02-07 00:55 - 00000000 ____D () C:\FRST
2015-02-04 21:45 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-04 21:45 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-04 21:45 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-04 21:45 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-04 21:38 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-04 21:38 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieUserList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieSiteList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieBrowserModeList
2015-02-03 07:34 - 2015-02-03 07:34 - 00000020 ___SH () C:\Users\Anja\ntuser.ini
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-03 00:47 - 2015-02-03 00:47 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-03 00:27 - 2015-02-03 00:27 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-03 00:21 - 2015-02-03 00:21 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-03 00:19 - 2015-02-03 07:34 - 00000000 ____D () C:\Users\Anja
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-02-03 00:19 - 2015-02-03 00:20 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Vorlagen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Startmenü
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Netzwerkumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Lokale Einstellungen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Eigene Dateien
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Druckumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Musik
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Bilder
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Verlauf
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Anwendungsdaten
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Anwendungsdaten
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-03 00:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\Program Files\Realtek
2015-02-03 00:11 - 2015-02-03 00:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-03 00:11 - 2015-02-03 00:11 - 00000000 ____D () C:\Program Files\Elantech
2015-02-03 00:08 - 2015-02-06 07:59 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-03 00:08 - 2015-02-03 00:08 - 00000000 __SHD () C:\Recovery
2015-02-03 00:07 - 2015-02-03 00:07 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-03 00:04 - 2015-02-03 00:04 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-03 00:02 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-02 22:27 - 2015-02-02 22:27 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2015-02-02 22:22 - 2015-02-02 22:24 - 00000000 ____D () C:\Users\Anja\Downloads\smsniff-2.16_x64
2015-02-02 22:22 - 2015-02-02 22:22 - 00127443 _____ () C:\Users\Anja\Downloads\smsniff-2.16_x64.zip
2015-02-02 21:55 - 2015-02-02 22:15 - 00000000 ____D () C:\Users\Anja\Documents\smsniff-2.16_x64
2015-02-02 14:41 - 2015-02-02 14:41 - 00000000 ____D () C:\Program Files (x86)\AVM_update
2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\Users\Anja\AVM_Driver

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-07 00:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-06 21:40 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-06 21:39 - 2013-01-13 22:01 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2513446037-876431734-2113241799-1001
2015-02-06 21:32 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-06 21:32 - 2014-11-21 03:45 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-06 21:32 - 2014-11-21 03:45 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-06 21:31 - 2014-11-06 21:40 - 00007597 _____ () C:\Users\Anja\AppData\Local\Resmon.ResmonCfg
2015-02-06 21:27 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-06 21:26 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-06 21:17 - 2012-09-01 19:13 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-02-06 21:16 - 2013-03-02 17:14 - 00000000 ____D () C:\Users\Anja\AppData\Local\Cyberlink
2015-02-06 21:16 - 2013-01-15 19:17 - 00000000 ____D () C:\Users\Anja\AppData\Local\clear.fi
2015-02-06 21:16 - 2012-10-22 23:51 - 00000000 ____D () C:\ProgramData\CyberLink
2015-02-06 21:16 - 2012-09-01 19:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-06 21:14 - 2012-09-01 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-06 18:36 - 2013-01-13 17:41 - 00000000 ____D () C:\Users\Anja\AppData\Local\CrashDumps
2015-02-06 18:33 - 2012-10-22 23:43 - 00000000 ____D () C:\ProgramData\OEM
2015-02-06 18:33 - 2012-09-01 19:41 - 00000000 ___HD () C:\OEM
2015-02-06 18:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-06 18:21 - 2013-01-13 21:54 - 00000000 ____D () C:\Users\Anja\AppData\Local\Packages
2015-02-06 08:36 - 2013-11-12 10:28 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-05 23:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-04 21:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 16:30 - 2014-12-05 22:59 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-03 07:36 - 2013-01-13 21:55 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-03 00:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-03 00:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-03 00:48 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-03 00:32 - 2013-08-22 15:44 - 00362824 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-03 00:30 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-03 00:29 - 2013-11-12 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2015-02-03 00:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-03 00:29 - 2013-01-20 18:13 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
2015-02-03 00:29 - 2012-10-22 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-03 00:29 - 2012-10-22 23:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-03 00:29 - 2012-09-01 19:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-03 00:29 - 2012-09-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-03 00:29 - 2012-09-01 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-03 00:27 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-03 00:26 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-03 00:26 - 2014-09-23 17:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\mflpro
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-03 00:25 - 2015-01-06 08:45 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-03 00:25 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-02-03 00:23 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-03 00:23 - 2013-03-02 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterActual
2015-02-03 00:23 - 2012-09-01 18:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-03 00:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-03 00:07 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-03 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-03 00:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-02 23:19 - 2014-09-23 17:17 - 00000000 ____D () C:\Program Files (x86)\Brother
2015-02-02 14:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-02 14:49 - 2013-10-14 20:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-02 14:47 - 2013-10-14 20:09 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-11-06 21:40 - 2015-02-06 21:31 - 0007597 _____ () C:\Users\Anja\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Anja\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Anja\AppData\Local\Temp\AcerPortalSetup.exe
C:\Users\Anja\AppData\Local\Temp\Quarantine.exe
C:\Users\Anja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:10

==================== End Of Log ============================
--- --- ---

--- --- ---


Ja, die Probleme sind noch da, leider.
Aber zumindest scheint das System sauber zu sein und ich kann mir die Sorgen schon mal beiseite stellen.
Vermute das irgendwelche Treiberleichen eventuell das Problem sein könnten, oder die Adapter sich in irgendeiner Form beißen.
Werde jetzt mal bei dem Drucker weitermachen, weil ich den damals falsch im Netz freigegeben hatte.
Vielleicht wollen alle Rechner im Netz ja immer noch über meinen an den ran ... ich weiß ansonsten auch nicht mehr weiter.

Vielen Dank Schrauber, wie immer Kompetent und zuverlässig !!
1A
Geändert von Houseman (07.02.2015 um 01:05 Uhr)

Alt 07.02.2015, 12:50   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Der DNS ist immer noch da.

  • Lade Dir bitte Windows Repair - All in one von tweaking.com hier herunter und installiere es.
  • Deaktiviere bitte (wenn möglich) Dein Antivirusprogramm.
  • Bedenke, dass die einzelnen Reparaturen einige Zeit benötigen. Starte keine anderen Anwendungen in dieser Zeit.
  • Starte das Programm und führe die Punkte 1-5 durch. (Siehe Bildanleitung)
  • Achte darauf, dass bei Dir die Häkchen so gesetzt sind wie unter Punkt 4.
  • Setze auch ein Häkchen bei "Restart/Shutdown System" und klicke "Restart System" an bevor Du Punkt 5 durchführst.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.02.2015, 19:44   #9
Houseman
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows Repair Version leicht abweichend


Hallo Schrauber.
Das Tweaking Tool Windows Repair ist bei Version 2.10.4 und weicht leicht von Deiner bebilderten Darstellung ab.
Ich habe es dennoch nach Deinen Vorgaben durchgeführt und es läuft grade der Schritt 5.

Eine Integritätsverletzung nach Schritt 2 wurde nicht festgestellt und es wird auch nicht auf ein Backup hingewiesen, oder durchgeführt.
Da das Laptop keine wichtigen Daten beinhaltet, habe ich auf eigene Verantwortung, ohne Backup, weiter gemacht.

<-- Schrauber ... Houseman Weiß ich ...

Hab aber echt die Nase voll von diesem Acer

Brauchst Du danach wieder ein frisches FRST ?

LG
Houseman

So hier ein frisches FRST Log.
Problem ist immer noch da


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by Anja (administrator) on JESSICANB on 07-02-2015 19:33:17
Running from C:\Users\Anja\Desktop
Loaded Profiles: Anja (Available profiles: Anja)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
Failed to access process -> MsMpEng.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\MountPoints2: {eafd6177-aadd-11e4-bf5f-b888e3d1ce52} - "E:\pushinst.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2513446037-876431734-2113241799-1001 -> {312C44B3-E40B-4721-A1BB-43DC49C7DBAA} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
S4 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-22] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 FWLANUSB; C:\Windows\system32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
U5 NdisImPlatform; C:\Windows\System32\Drivers\NdisImPlatform.sys [126464 2014-11-21] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-22] (Dritek System Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-07 19:33 - 2015-02-07 19:33 - 00008766 _____ () C:\Users\Anja\Desktop\FRST.txt
2015-02-07 19:33 - 2015-02-07 19:33 - 00000000 ____D () C:\Users\Anja\Desktop\FRST-OlderVersion
2015-02-07 17:49 - 2015-02-07 17:49 - 00000354 _____ () C:\WINDOWS\PFRO.log
2015-02-07 15:39 - 2015-02-07 15:39 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-JESSICANB-Windows-8.1-(64-bit).dat
2015-02-07 15:39 - 2015-02-07 15:39 - 00000000 ____D () C:\RegBackup
2015-02-07 14:56 - 2015-02-07 14:56 - 00002179 _____ () C:\Users\Anja\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2015-02-07 14:55 - 2015-02-07 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-02-07 14:55 - 2015-02-07 14:55 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-02-07 14:54 - 2015-02-07 19:22 - 00496251 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-07 14:54 - 2015-02-07 19:22 - 00016260 _____ () C:\WINDOWS\avmfwlanci.log
2015-02-07 14:54 - 2015-02-07 14:54 - 10318832 _____ () C:\Users\Anja\Downloads\tweaking.com_windows_repair_aio_setup.exe
2015-02-07 14:53 - 2015-02-07 17:50 - 00000308 _____ () C:\WINDOWS\setupact.log
2015-02-07 14:53 - 2015-02-07 14:53 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-07 00:56 - 2015-02-07 00:57 - 00029204 _____ () C:\Users\Anja\Desktop\Addition.txt
2015-02-07 00:49 - 2015-02-07 00:49 - 00852573 _____ () C:\Users\Anja\Desktop\SecurityCheck.exe
2015-02-06 23:23 - 2015-02-06 23:23 - 02347384 _____ (ESET) C:\Users\Anja\Downloads\esetsmartinstaller_deu.exe
2015-02-06 19:17 - 2015-02-06 19:17 - 00000000 ____D () C:\Users\Anja\AppData\Local\iGware
2015-02-06 18:32 - 2015-02-06 18:32 - 00000000 ____D () C:\Users\Anja\AppData\Local\AcerCloud
2015-02-06 18:31 - 2015-02-06 18:31 - 00000000 ____D () C:\Users\Anja\AppData\Local\Doc
2015-02-06 18:29 - 2015-02-06 21:23 - 00000000 ____D () C:\Users\Anja\AppData\Local\ClearfiMedia
2015-02-06 18:28 - 2015-02-06 18:30 - 00000000 ____D () C:\Users\Anja\AppData\Local\Acer
2015-02-06 18:28 - 2015-02-06 18:28 - 00000000 ____D () C:\Users\Anja\AppData\Local\AOP SDK
2015-02-06 18:25 - 2015-02-06 18:27 - 00000000 ____D () C:\Users\Anja\AppData\Local\ClearfiPhoto
2015-02-06 15:35 - 2015-02-06 15:39 - 00000000 ____D () C:\AdwCleaner
2015-02-06 15:35 - 2015-02-06 15:35 - 02112512 _____ () C:\Users\Anja\Downloads\adwcleaner_4.110.exe
2015-02-06 14:10 - 2010-10-22 02:00 - 00480632 ____N (AVM Berlin) C:\WINDOWS\instwcli.dex
2015-02-06 12:53 - 2015-02-07 19:33 - 02132992 _____ (Farbar) C:\Users\Anja\Desktop\FRST64.exe
2015-02-06 12:46 - 2015-02-06 12:47 - 01388274 _____ (Thisisu) C:\Users\Anja\Downloads\JRT.exe
2015-02-06 12:42 - 2015-02-06 12:42 - 02112512 _____ () C:\Users\Anja\Downloads\AdwCleaner_4.110 (1).exe
2015-02-06 11:53 - 2015-02-06 11:53 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-06 11:52 - 2015-02-06 11:52 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-06 11:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-06 11:52 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-06 11:52 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-06 11:50 - 2015-02-06 11:51 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Anja\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-06 08:25 - 2015-02-07 19:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-06 08:25 - 2015-02-06 08:25 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-06 08:24 - 2015-02-06 08:25 - 00000000 ____D () C:\Users\Anja\AppData\Local\Adobe
2015-02-06 07:50 - 2015-02-06 07:50 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-02-06 07:50 - 2015-02-06 07:50 - 00000838 _____ () C:\Users\Anja\Desktop\CCleaner.lnk
2015-02-06 07:50 - 2015-02-06 07:50 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-06 07:50 - 2015-02-06 07:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-06 07:48 - 2015-02-06 07:48 - 04196968 _____ (Piriform Ltd) C:\Users\Anja\Downloads\ccsetup502_slim (1).exe
2015-02-06 07:47 - 2015-02-06 07:47 - 04196968 _____ (Piriform Ltd) C:\Users\Anja\Downloads\ccsetup502_slim.exe
2015-02-05 23:26 - 2015-02-06 12:53 - 00000000 ____D () C:\Users\Anja\Desktop\Trojaner-Board
2015-02-05 23:13 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-05 23:13 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-05 23:13 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-05 23:13 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-05 23:13 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-05 23:13 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-05 23:13 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-05 23:12 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-05 23:12 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-05 23:06 - 2015-02-07 19:33 - 00000000 ____D () C:\FRST
2015-02-04 21:45 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-04 21:45 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-04 21:45 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-04 21:45 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-04 21:38 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-04 21:38 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieUserList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieSiteList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieBrowserModeList
2015-02-03 07:34 - 2015-02-03 07:34 - 00000020 ___SH () C:\Users\Anja\ntuser.ini
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-03 00:47 - 2015-02-03 00:47 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-03 00:27 - 2015-02-03 00:27 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-03 00:21 - 2015-02-03 00:21 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-03 00:19 - 2015-02-03 07:34 - 00000000 ____D () C:\Users\Anja
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-02-03 00:19 - 2015-02-03 00:20 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Vorlagen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Startmenü
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Netzwerkumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Lokale Einstellungen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Eigene Dateien
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Druckumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Musik
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Bilder
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Verlauf
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Anwendungsdaten
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Anwendungsdaten
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-03 00:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\Program Files\Realtek
2015-02-03 00:11 - 2015-02-03 00:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-03 00:11 - 2015-02-03 00:11 - 00000000 ____D () C:\Program Files\Elantech
2015-02-03 00:08 - 2015-02-06 07:59 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-03 00:08 - 2015-02-03 00:08 - 00000000 __SHD () C:\Recovery
2015-02-03 00:07 - 2015-02-03 00:07 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-03 00:04 - 2015-02-03 00:04 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-03 00:02 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-02 22:27 - 2015-02-02 22:27 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2015-02-02 22:22 - 2015-02-02 22:24 - 00000000 ____D () C:\Users\Anja\Downloads\smsniff-2.16_x64
2015-02-02 22:22 - 2015-02-02 22:22 - 00127443 _____ () C:\Users\Anja\Downloads\smsniff-2.16_x64.zip
2015-02-02 21:55 - 2015-02-02 22:15 - 00000000 ____D () C:\Users\Anja\Documents\smsniff-2.16_x64
2015-02-02 14:41 - 2015-02-02 14:41 - 00000000 ____D () C:\Program Files (x86)\AVM_update
2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\Users\Anja\AVM_Driver

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-07 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-07 17:54 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-07 17:54 - 2014-11-21 03:45 - 00751874 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-07 17:54 - 2014-11-21 03:45 - 00155350 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-07 17:50 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-07 17:50 - 2013-08-22 15:44 - 00362824 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-07 17:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-07 17:29 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-07 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-07 15:52 - 2012-07-26 06:26 - 00000160 _____ () C:\WINDOWS\win.ini
2015-02-07 15:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-07 15:27 - 2013-01-13 22:01 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2513446037-876431734-2113241799-1001
2015-02-06 21:31 - 2014-11-06 21:40 - 00007597 _____ () C:\Users\Anja\AppData\Local\Resmon.ResmonCfg
2015-02-06 21:17 - 2012-09-01 19:13 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-02-06 21:16 - 2013-03-02 17:14 - 00000000 ____D () C:\Users\Anja\AppData\Local\Cyberlink
2015-02-06 21:16 - 2013-01-15 19:17 - 00000000 ____D () C:\Users\Anja\AppData\Local\clear.fi
2015-02-06 21:16 - 2012-10-22 23:51 - 00000000 ____D () C:\ProgramData\CyberLink
2015-02-06 21:16 - 2012-09-01 19:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-06 21:14 - 2012-09-01 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-06 18:36 - 2013-01-13 17:41 - 00000000 ____D () C:\Users\Anja\AppData\Local\CrashDumps
2015-02-06 18:33 - 2012-10-22 23:43 - 00000000 ____D () C:\ProgramData\OEM
2015-02-06 18:33 - 2012-09-01 19:41 - 00000000 ___HD () C:\OEM
2015-02-06 18:21 - 2013-01-13 21:54 - 00000000 ____D () C:\Users\Anja\AppData\Local\Packages
2015-02-06 08:36 - 2013-11-12 10:28 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-05 23:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-04 21:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 16:30 - 2014-12-05 22:59 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-03 07:36 - 2013-01-13 21:55 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-03 00:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-03 00:48 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-03 00:30 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-03 00:29 - 2013-11-12 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2015-02-03 00:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-03 00:29 - 2013-01-20 18:13 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
2015-02-03 00:29 - 2012-10-22 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-03 00:29 - 2012-10-22 23:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-03 00:29 - 2012-09-01 19:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-03 00:29 - 2012-09-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-03 00:29 - 2012-09-01 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-03 00:27 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-03 00:26 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-03 00:26 - 2014-09-23 17:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\mflpro
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-03 00:25 - 2015-01-06 08:45 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-03 00:25 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-02-03 00:23 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-03 00:23 - 2013-03-02 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterActual
2015-02-03 00:23 - 2012-09-01 18:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-03 00:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-03 00:07 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-03 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-03 00:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-02 23:19 - 2014-09-23 17:17 - 00000000 ____D () C:\Program Files (x86)\Brother
2015-02-02 14:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-02 14:49 - 2013-10-14 20:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-02 14:47 - 2013-10-14 20:09 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-11-06 21:40 - 2015-02-06 21:31 - 0007597 _____ () C:\Users\Anja\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Anja\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Anja\AppData\Local\Temp\AcerPortalSetup.exe
C:\Users\Anja\AppData\Local\Temp\Quarantine.exe
C:\Users\Anja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:10

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Ich lasse grade das Repair Tool auf meinem Rechner scannen. Vielleicht ist der ja das Problem ...

Nachtrag: Alles ok. Auch das System ist heile.
Problem besteht weiterhin.
Gruß
Houseman
Geändert von Houseman (07.02.2015 um 19:59 Uhr)

Alt 08.02.2015, 11:29   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Zitat:
<-- Schrauber ... Houseman Weiß ich ...
häh?

Setz bitte mal den Router auf Werkseinstellungen zurück.

Dann:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
cmd: ipconfig /flushdns

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Dann bitte nochmal ein frisches FRST log. Was besteht jetzt im Einzelnen noch an Problemen?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.02.2015, 12:48   #11
Houseman
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2015
Ran by Anja at 2015-02-08 12:00:35 Run:2
Running from C:\Users\Anja\Desktop
Loaded Profiles: Anja (Available profiles: Anja)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
cmd: ipconfig /flushdns
*****************


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= End of CMD: =========


==== End of Fixlog 12:00:35 ====

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-02-2015
Ran by Anja (administrator) on JESSICANB on 08-02-2015 12:02:06
Running from C:\Users\Anja\Desktop
Loaded Profiles: Anja (Available profiles: Anja)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
Failed to access process -> MsMpEng.exe
Failed to access process -> NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
Failed to access process -> csrss.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
Failed to access process -> svchost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(SRWare) C:\Program Files (x86)\SRWare Iron\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM-x32\...\Run: [LManager] => [X]
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Atheros Communications))
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x95000000
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\...\MountPoints2: {eafd6177-aadd-11e4-bf5f-b888e3d1ce52} - "E:\pushinst.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2513446037-876431734-2113241799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2513446037-876431734-2113241799-1001 -> {312C44B3-E40B-4721-A1BB-43DC49C7DBAA} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
S4 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [468624 2012-08-23] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S4 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-08-23] (NTI Corporation)
S4 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-10-22] (Dritek System INC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 FWLANUSB; C:\Windows\system32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
U5 NdisImPlatform; C:\Windows\System32\Drivers\NdisImPlatform.sys [126464 2014-11-21] (Microsoft Corporation)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-10-22] (Dritek System Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 11:59 - 2015-02-08 11:59 - 00000023 _____ () C:\Users\Anja\Documents\fixlist.txt
2015-02-07 19:33 - 2015-02-08 12:02 - 00009064 _____ () C:\Users\Anja\Desktop\FRST.txt
2015-02-07 19:33 - 2015-02-07 19:33 - 00000000 ____D () C:\Users\Anja\Desktop\FRST-OlderVersion
2015-02-07 17:49 - 2015-02-07 17:49 - 00000354 _____ () C:\WINDOWS\PFRO.log
2015-02-07 15:39 - 2015-02-07 15:39 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-JESSICANB-Windows-8.1-(64-bit).dat
2015-02-07 15:39 - 2015-02-07 15:39 - 00000000 ____D () C:\RegBackup
2015-02-07 14:56 - 2015-02-07 14:56 - 00002179 _____ () C:\Users\Anja\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2015-02-07 14:55 - 2015-02-07 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-02-07 14:55 - 2015-02-07 14:55 - 00000000 ____D () C:\Program Files (x86)\Tweaking.com
2015-02-07 14:54 - 2015-02-08 11:56 - 00018962 _____ () C:\WINDOWS\avmfwlanci.log
2015-02-07 14:54 - 2015-02-07 19:33 - 00524065 _____ () C:\WINDOWS\WindowsUpdate.log
2015-02-07 14:54 - 2015-02-07 14:54 - 10318832 _____ () C:\Users\Anja\Downloads\tweaking.com_windows_repair_aio_setup.exe
2015-02-07 14:53 - 2015-02-07 20:11 - 00000385 _____ () C:\WINDOWS\setupact.log
2015-02-07 14:53 - 2015-02-07 14:53 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-02-07 00:56 - 2015-02-07 00:57 - 00029204 _____ () C:\Users\Anja\Desktop\Addition.txt
2015-02-07 00:49 - 2015-02-07 00:49 - 00852573 _____ () C:\Users\Anja\Desktop\SecurityCheck.exe
2015-02-06 23:23 - 2015-02-06 23:23 - 02347384 _____ (ESET) C:\Users\Anja\Downloads\esetsmartinstaller_deu.exe
2015-02-06 19:17 - 2015-02-06 19:17 - 00000000 ____D () C:\Users\Anja\AppData\Local\iGware
2015-02-06 18:32 - 2015-02-06 18:32 - 00000000 ____D () C:\Users\Anja\AppData\Local\AcerCloud
2015-02-06 18:31 - 2015-02-06 18:31 - 00000000 ____D () C:\Users\Anja\AppData\Local\Doc
2015-02-06 18:29 - 2015-02-06 21:23 - 00000000 ____D () C:\Users\Anja\AppData\Local\ClearfiMedia
2015-02-06 18:28 - 2015-02-06 18:30 - 00000000 ____D () C:\Users\Anja\AppData\Local\Acer
2015-02-06 18:28 - 2015-02-06 18:28 - 00000000 ____D () C:\Users\Anja\AppData\Local\AOP SDK
2015-02-06 18:25 - 2015-02-06 18:27 - 00000000 ____D () C:\Users\Anja\AppData\Local\ClearfiPhoto
2015-02-06 15:35 - 2015-02-06 15:39 - 00000000 ____D () C:\AdwCleaner
2015-02-06 15:35 - 2015-02-06 15:35 - 02112512 _____ () C:\Users\Anja\Downloads\adwcleaner_4.110.exe
2015-02-06 14:10 - 2010-10-22 02:00 - 00480632 ____N (AVM Berlin) C:\WINDOWS\instwcli.dex
2015-02-06 12:53 - 2015-02-07 19:33 - 02132992 _____ (Farbar) C:\Users\Anja\Desktop\FRST64.exe
2015-02-06 12:46 - 2015-02-06 12:47 - 01388274 _____ (Thisisu) C:\Users\Anja\Downloads\JRT.exe
2015-02-06 12:42 - 2015-02-06 12:42 - 02112512 _____ () C:\Users\Anja\Downloads\AdwCleaner_4.110 (1).exe
2015-02-06 11:53 - 2015-02-06 11:53 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-02-06 11:52 - 2015-02-06 11:52 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-06 11:52 - 2015-02-06 11:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-02-06 11:52 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-02-06 11:52 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-02-06 11:52 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-02-06 11:50 - 2015-02-06 11:51 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Anja\Downloads\mbam-setup-2.0.4.1028.exe
2015-02-06 08:25 - 2015-02-07 19:25 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-02-06 08:25 - 2015-02-06 08:25 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-02-06 08:24 - 2015-02-06 08:25 - 00000000 ____D () C:\Users\Anja\AppData\Local\Adobe
2015-02-06 07:50 - 2015-02-06 07:50 - 00002770 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-02-06 07:50 - 2015-02-06 07:50 - 00000838 _____ () C:\Users\Anja\Desktop\CCleaner.lnk
2015-02-06 07:50 - 2015-02-06 07:50 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-06 07:50 - 2015-02-06 07:50 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-06 07:48 - 2015-02-06 07:48 - 04196968 _____ (Piriform Ltd) C:\Users\Anja\Downloads\ccsetup502_slim (1).exe
2015-02-06 07:47 - 2015-02-06 07:47 - 04196968 _____ (Piriform Ltd) C:\Users\Anja\Downloads\ccsetup502_slim.exe
2015-02-05 23:26 - 2015-02-06 12:53 - 00000000 ____D () C:\Users\Anja\Desktop\Trojaner-Board
2015-02-05 23:13 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-02-05 23:13 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-02-05 23:13 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-02-05 23:13 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-02-05 23:13 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-02-05 23:13 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-02-05 23:13 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-02-05 23:12 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2015-02-05 23:12 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2015-02-05 23:06 - 2015-02-08 12:02 - 00000000 ____D () C:\FRST
2015-02-04 21:45 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-02-04 21:45 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-02-04 21:45 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-02-04 21:45 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-02-04 21:38 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-02-04 21:38 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieUserList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieSiteList
2015-02-03 12:24 - 2015-02-03 12:24 - 00000000 __SHD () C:\Users\Anja\AppData\Local\EmieBrowserModeList
2015-02-03 07:34 - 2015-02-03 07:34 - 00000020 ___SH () C:\Users\Anja\ntuser.ini
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-02-03 00:48 - 2015-02-03 00:48 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-02-03 00:47 - 2015-02-03 00:47 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-02-03 00:27 - 2015-02-03 00:27 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-02-03 00:21 - 2015-02-03 00:21 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-02-03 00:19 - 2015-02-03 07:34 - 00000000 ____D () C:\Users\Anja
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2015-02-03 00:19 - 2015-02-03 00:48 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2015-02-03 00:19 - 2015-02-03 00:20 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Vorlagen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Startmenü
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Netzwerkumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Lokale Einstellungen
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Eigene Dateien
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Druckumgebung
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Musik
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Documents\Eigene Bilder
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Verlauf
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\AppData\Local\Anwendungsdaten
2015-02-03 00:19 - 2015-02-03 00:19 - 00000000 _SHDL () C:\Users\Anja\Anwendungsdaten
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-02-03 00:19 - 2014-11-21 11:52 - 00000000 ___RD () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-02-03 00:19 - 2014-11-21 04:42 - 00000369 _____ () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-02-03 00:19 - 2013-08-22 16:36 - 00000000 ____D () C:\Users\Anja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-02-03 00:12 - 2015-02-03 00:12 - 00000000 ____D () C:\Program Files\Realtek
2015-02-03 00:11 - 2015-02-03 00:22 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-02-03 00:11 - 2015-02-03 00:11 - 00000000 ____D () C:\Program Files\Elantech
2015-02-03 00:08 - 2015-02-06 07:59 - 00000000 ___DC () C:\WINDOWS\Panther
2015-02-03 00:08 - 2015-02-03 00:08 - 00000000 __SHD () C:\Recovery
2015-02-03 00:07 - 2015-02-03 00:07 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-02-03 00:07 - 2015-02-03 00:07 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-02-03 00:07 - 2015-02-03 00:07 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-02-03 00:07 - 2015-02-03 00:07 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-02-03 00:07 - 2015-02-03 00:07 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-02-03 00:05 - 2015-02-03 00:05 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-02-03 00:05 - 2015-02-03 00:05 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-02-03 00:05 - 2015-02-03 00:05 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-02-03 00:04 - 2015-02-03 00:04 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files\MSBuild
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-02-03 00:02 - 2015-02-03 00:02 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-02-03 00:02 - 2013-08-03 05:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-02-03 00:02 - 2013-08-03 05:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-02-02 22:27 - 2015-02-02 22:27 - 00002259 _____ () C:\WINDOWS\epplauncher.mif
2015-02-02 22:22 - 2015-02-02 22:24 - 00000000 ____D () C:\Users\Anja\Downloads\smsniff-2.16_x64
2015-02-02 22:22 - 2015-02-02 22:22 - 00127443 _____ () C:\Users\Anja\Downloads\smsniff-2.16_x64.zip
2015-02-02 21:55 - 2015-02-02 22:15 - 00000000 ____D () C:\Users\Anja\Documents\smsniff-2.16_x64
2015-02-02 14:41 - 2015-02-02 14:41 - 00000000 ____D () C:\Program Files (x86)\AVM_update
2015-02-02 14:39 - 2015-02-02 14:39 - 00000000 ____D () C:\Users\Anja\AVM_Driver

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-08 12:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-02-07 20:15 - 2014-11-21 04:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-02-07 20:15 - 2014-11-21 03:45 - 00751874 _____ () C:\WINDOWS\system32\perfh007.dat
2015-02-07 20:15 - 2014-11-21 03:45 - 00155350 _____ () C:\WINDOWS\system32\perfc007.dat
2015-02-07 20:11 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-02-07 20:06 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-02-07 17:50 - 2013-08-22 15:44 - 00362824 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-02-07 17:49 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-02-07 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-02-07 15:52 - 2012-07-26 06:26 - 00000160 _____ () C:\WINDOWS\win.ini
2015-02-07 15:34 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-02-07 15:27 - 2013-01-13 22:01 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2513446037-876431734-2113241799-1001
2015-02-06 21:31 - 2014-11-06 21:40 - 00007597 _____ () C:\Users\Anja\AppData\Local\Resmon.ResmonCfg
2015-02-06 21:17 - 2012-09-01 19:13 - 00000000 ____D () C:\Program Files (x86)\Acer
2015-02-06 21:16 - 2013-03-02 17:14 - 00000000 ____D () C:\Users\Anja\AppData\Local\Cyberlink
2015-02-06 21:16 - 2013-01-15 19:17 - 00000000 ____D () C:\Users\Anja\AppData\Local\clear.fi
2015-02-06 21:16 - 2012-10-22 23:51 - 00000000 ____D () C:\ProgramData\CyberLink
2015-02-06 21:16 - 2012-09-01 19:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-06 21:14 - 2012-09-01 19:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-02-06 18:36 - 2013-01-13 17:41 - 00000000 ____D () C:\Users\Anja\AppData\Local\CrashDumps
2015-02-06 18:33 - 2012-10-22 23:43 - 00000000 ____D () C:\ProgramData\OEM
2015-02-06 18:33 - 2012-09-01 19:41 - 00000000 ___HD () C:\OEM
2015-02-06 18:21 - 2013-01-13 21:54 - 00000000 ____D () C:\Users\Anja\AppData\Local\Packages
2015-02-06 08:36 - 2013-11-12 10:28 - 00000000 ____D () C:\Program Files (x86)\SRWare Iron
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-02-05 23:45 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-02-05 23:32 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-02-04 21:01 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-02-03 20:31 - 2014-11-21 12:01 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-02-03 20:31 - 2014-11-21 12:01 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-03 16:30 - 2014-12-05 22:59 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2015-02-03 07:36 - 2013-01-13 21:55 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-02-03 00:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Registration
2015-02-03 00:48 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-02-03 00:48 - 2013-08-22 14:36 - 00000000 __RHD () C:\Users\Default
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-02-03 00:43 - 2013-08-22 16:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-03 00:30 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-02-03 00:29 - 2013-11-12 10:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SRWare Iron
2015-02-03 00:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Help
2015-02-03 00:29 - 2013-01-20 18:13 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
2015-02-03 00:29 - 2012-10-22 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NTI Media Maker 9
2015-02-03 00:29 - 2012-10-22 23:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-02-03 00:29 - 2012-09-01 19:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink MediaEspresso 6.5
2015-02-03 00:29 - 2012-09-01 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EgisTec
2015-02-03 00:29 - 2012-09-01 19:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-02-03 00:27 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2015-02-03 00:26 - 2014-11-21 11:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-02-03 00:26 - 2014-11-21 03:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-02-03 00:26 - 2014-09-23 17:15 - 00000000 ____D () C:\WINDOWS\SysWOW64\mflpro
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-02-03 00:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-02-03 00:26 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-02-03 00:25 - 2015-01-06 08:45 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-02-03 00:25 - 2013-08-22 16:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\IME
2015-02-03 00:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-02-03 00:23 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-02-03 00:23 - 2013-03-02 16:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InterActual
2015-02-03 00:23 - 2012-09-01 18:58 - 00000000 ____D () C:\ProgramData\PRICache
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-02-03 00:22 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-02-03 00:21 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-02-03 00:07 - 2013-08-22 16:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-02-03 00:07 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-02-03 00:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-02-03 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-02-02 23:19 - 2014-09-23 17:17 - 00000000 ____D () C:\Program Files (x86)\Brother
2015-02-02 14:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-02-02 14:49 - 2013-10-14 20:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-02-02 14:47 - 2013-10-14 20:09 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-11-06 21:40 - 2015-02-06 21:31 - 0007597 _____ () C:\Users\Anja\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Anja\AppData\Local\Temp\AcerDocsSetup.exe
C:\Users\Anja\AppData\Local\Temp\AcerPortalSetup.exe
C:\Users\Anja\AppData\Local\Temp\Quarantine.exe
C:\Users\Anja\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-03 00:10

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Das Problem werde ich nach dem Mittagessen noch einmal testen.
Das Laptop legt meinem Hauptrechner, welcher über Kabel am Router hängt, lahm, sobald der im Netz z.B. downloads tätigt.
Das macht sich bemerkbar das ich z.B. die Maus nicht mehr bedienen kann, sich das System verhält als wenn es auf 120% Volllast läuft.

Der Router ist erst ein paar Tage alt, und das Problem bestand schon seit Monaten mit dem alten Router, trotz Werkseinstellungen etc.
Ich sag ja. Ich werde hier verrückt mit dem W-LAN Lappy

Test durchgeführt. Ich habe auf dem Hauptrechner auch mal den dns-Speicher geleert.

Kein Erfolg.
Starte ich auf dem Laptop z.B den speedtest, verwandelt sich der i5 in ein nicht zu nutzendes Gerät. Andersherum funktioniert alles Tadelos.

Die Aussage <--- Schrauber -----> Houseman bezog sich auf die Smileys und das nicht gemachte Backup ^^

Was ich einfach nicht verstehe ist, warum mein Rechner in die Knie geht, wenn das W-Lan Gerät nur ins Netz geht. Ich bemerk ja schon den Leistungsverlust wenn nur eine Webseite aufgemacht wird, welche Daten wie Bilder aktualisiert. Also im Grunde mini Downloads macht.
Wieso also blockiert der Rechner meinen, wenn er nicht einmal Berechtigungen im Netz hat auf ihn zuzugreifen.
Unter SmartSniff sieht man auch, das das Lappy regelrecht nach meinem sucht, auch wenn der nicht an ist !?

Ich wünsche Dir erst einmal einen schönen Sonntag, geniesse das Wetter. Frische Luft und die Familie sind wichtig !
Geändert von Houseman (08.02.2015 um 13:08 Uhr)

Alt 08.02.2015, 18:06   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Merkwürdig.

Treiber hast DU mal erneuert?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.02.2015, 19:14   #13
Houseman
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Zitat:
Zitat von schrauber Beitrag anzeigen
Merkwürdig.

Treiber hast DU mal erneuert?
Sind alle auf dem neuesten Stand.
Vielleicht ist es ja mein Rechner. Vista 64 bit drauf.
Du hattest diesen Rechner hier mal im Oktober 2013 überprüft, weil ich genau die selben Probleme hatte. Ca. 4 Wochen davor hat meine Frau ihr Laptop bekommen ...
Ich warte eigentlich nur noch auf Windows 10 um mich hier von Vista zu verabschieden. Schade eigentlich, war ein treues System, wird aber leider nicht mehr vernünftig Supported. AMD hat schon Dezember 2013 den Support für meine 5870 eingestellt.

Eigentlich auch ne Frechheit, wo das System von MS genauso wie Win7 bis 2017 im Support steht. Von Seiten AMDs kam ... "entweder neue Grafikkarte kaufen, oder auf Win7 umsteigen ..."

Ich glaube ich werde mal eine externe LAN Karte für den Rechner besorgen und schauen ob nicht der Onboard-Chipsatz kaputt ist.
Etwas anderes fällt mir nach Monaten der Suche echt nicht mehr ein

Falls Dir noch etwas einfällt, oder Du noch etwas von dem Vistarechner gelogt haben möchtest, sag mir kurz Bescheid. Ich Danke Dir erstmal für Deine Mühe.

Gruß
Houseman

Alt 09.02.2015, 06:38   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Ein WLAN Stick sollte es zum Test auch tun.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.02.2015, 13:29   #15
Houseman
 
Windows 8 W-LAN Laptop legt LAN Rechner lahm - Standard

Windows 8 W-LAN Laptop legt LAN Rechner lahm


Zitat:
Zitat von schrauber Beitrag anzeigen
Ein WLAN Stick sollte es zum Test auch tun.
Damit teste ich aber nur das W-LAN. Mein Rechner darf aber nicht ins Funknetz
Ich muss ja den LAN Adapter ausschließen können.
Hab bestimmt noch irgendwo eine 100MBit im Keller liegen ^^

Halte Dich auf dem laufenden.

Antwort
Seite 1 von 2 1 2

Themen zu Windows 8 W-LAN Laptop legt LAN Rechner lahm
adresse, anderen, arbeiten, benutzer, experten, firewall, gekauft, gen, internet, kabel, kennwort, kinder, lahm, laptop, netzwerk, nicht mehr, ram, rechner, regeln, router, sniff, super, verbindungen, virus, w-lan, windows, windows 7


« Windows 7 pro 64 - beim Öffnen von PDF-Dateien werden neue Tabs geöffnet - bereits mit Emisoft gescannt | Windows 7 Fehlermeldung bei Start: Problem beim Starten von C:\PROGRA~3\01D3D0D9B.cpp »

Ähnliche Themen: Windows 8 W-LAN Laptop legt LAN Rechner lahm


  1. Bundespolizei Virus legt laptop lahm.
    Log-Analyse und Auswertung - 24.01.2014 (1)
  2. Skype legt Rechner lahm
    Plagegeister aller Art und deren Bekämpfung - 10.04.2013 (0)
  3. AVA Soft Malware legt rechner lahm
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (3)
  4. Ava Soft Malware legt Rechner lahm
    Plagegeister aller Art und deren Bekämpfung - 22.03.2013 (3)
  5. Kaspersky-Update legt XP-Rechner lahm
    Nachrichten - 06.02.2013 (0)
  6. Avira-Update legt Rechner lahm
    Nachrichten - 15.05.2012 (1)
  7. Bundeskriminalamt-Virus legt meinen Laptop lahm
    Plagegeister aller Art und deren Bekämpfung - 19.01.2012 (41)
  8. GEMA Trojaner legt Laptop lahm
    Plagegeister aller Art und deren Bekämpfung - 24.12.2011 (4)
  9. GEMA Trojaner legt Laptop lahm
    Alles rund um Windows - 23.12.2011 (1)
  10. AVG-Update legt 64-Bit-Rechner lahm
    Nachrichten - 03.12.2010 (0)
  11. Antiviren Programm legt Laptop lahm
    Antiviren-, Firewall- und andere Schutzprogramme - 16.11.2010 (5)
  12. Bitdefender-Update legt Windows-Rechner lahm [Update]
    Nachrichten - 22.03.2010 (0)
  13. Bitdefender-Update legt Windows-Rechner lahm
    Nachrichten - 21.03.2010 (0)
  14. wormwin32netbooster legt Rechner lahm
    Plagegeister aller Art und deren Bekämpfung - 08.10.2008 (3)
  15. svchost.exe legt Rechner lahm
    Log-Analyse und Auswertung - 16.03.2007 (7)
  16. Hitze legt rechner lahm?
    Netzwerk und Hardware - 01.04.2006 (8)
  17. system2 legt den rechner lahm
    Plagegeister aller Art und deren Bekämpfung - 19.03.2005 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 8 W-LAN Laptop legt LAN Rechner lahm - Hallo Experten Team. Ich betreibe ein W-LAN/LAN Zuhause und die Verbindungen klappen alle soweit. Alle Rechner, Smartphones, Tablets, etc. sind im gleichen Subnetz und bekommen vom Router über DHCP ihre - Windows 8 W-LAN Laptop legt LAN Rechner lahm...
Archiv
Du betrachtest: Windows 8 W-LAN Laptop legt LAN Rechner lahm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129