![]() |
Plagegeister aller Art und deren Bekämpfung: Java lässt sich nicht neu/deinstallieren [registry?]Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
![]() |
![]() | #1 |
![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Hallo, nachdem ich mein Java für ein Browsergame (Supremacy1914) manuell updaten wollte und entsprechend ebenfalls zuerst manuell alle alten Java Versionen vom Rechner gelöscht hatte, stürzte Java speziell beim Laden des Clients in benanntem Browsergame noch immer ab. Ich benutze Windows 7 64bit und habe alle Varianten durchprobiert. Java 64bit + 32bit im 32bit Browser / Java 64bit im 64bit Browser etc. Auch auf der Java "Testseite" war es nicht möglich die Installation von Java festzustellen. Egal bei welcher Konfig - es gab immer einen Absturz von Java beim Versuch eines erneuten Ladens der Testseite. Vorerst habe ich aber nun ein anderes Problem. Nach vielen erfolglosen Versuchen habe ich nun eine Java Leiche auf dem Rechner die sich nicht deinstallieren lässt. Das Java Symbol wird in der Systemsteuerung nicht mehr angezeigt, soweit habe ich die Registry clearen können. Ebenfalls sind natürlich alle Ordner entsprechend vorher gelöscht worden. Bei einer Neuinstallation von Java kommt nun die Meldung "Java ist bereits auf Ihrem Computer installiert. Möchten Sie sie erneut installieren?" und danach der Error "Windows Installer - Diese Aktion ist nur zulässig für Produkte, die im Augenblick installiert sind." Es handelt sich hierbei um die 32bit Version von Java. Gestern war es ebenfalls nicht möglich (trotz mehreren Neustarts) die 64bit Version zu installieren. Dies ging eben ohne Probleme - ist also derzeit installiert. Anbei noch der OTL Log Code:
ATTFilter OTL logfile created on: 01.12.2013 13:37:31 - Run 1 OTL by OldTimer - Version Folder = E:\Neuer Ordner 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 5,77 Gb Available Physical Memory | 72,14% Memory free 33,94 Gb Paging File | 31,39 Gb Available in Paging File | 92,48% Paging File free Paging file location(s): c:\pagefile.sys 2000 4000e:\pagef [Binary data over 200 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74,43 Gb Total Space | 4,74 Gb Free Space | 6,37% Space Free | Partition Type: NTFS Drive D: | 100,00 Mb Total Space | 68,22 Mb Free Space | 68,22% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 75,32 Gb Free Space | 16,17% Space Free | Partition Type: NTFS Drive F: | 148,92 Gb Total Space | 30,50 Gb Free Space | 20,48% Space Free | Partition Type: NTFS Drive G: | 9,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 1397,26 Gb Total Space | 144,74 Gb Free Space | 10,36% Space Free | Partition Type: NTFS Drive J: | 9,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: STREEETZ-PC | User Name: Streeetz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - E:\Neuer Ordner\otl.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) PRC - C:\Program Files (x86)\ROCCAT\Kone Mouse\osd.exe (ROCCAT) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () ========== Services (SafeList) ========== SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation) SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (LogMeIn, Inc.) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (PDF Architect Helper Service) -- C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) SRV - (PDF Architect Service) -- C:\Program Files (x86)\PDF Architect\ConversionService.exe (pdfforge GmbH) SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (LADF_RenderOnly) -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys (Logitech) DRV:64bit: - (LADF_CaptureOnly) -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys (Logitech) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (vpcvmm) -- C:\Windows\SysNative\drivers\vpcvmm.sys (Microsoft Corporation) DRV:64bit: - (vpcbus) -- C:\Windows\SysNative\drivers\vpchbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (vpcusb) -- C:\Windows\SysNative\drivers\vpcusb.sys (Microsoft Corporation) DRV:64bit: - (vpcnfltr) -- C:\Windows\SysNative\drivers\vpcnfltr.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.) DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (KoneFltr) -- C:\Windows\SysNative\drivers\Kone.sys (ROCCAT Ltd) DRV:64bit: - (DSI_SiUSBXp_3_1) -- C:\Windows\SysNative\drivers\DSI_SiUSBXp_3_1.sys (Silicon Laboratories) DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys () DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider) DRV - (CrystalSysInfo) -- E:\Overlocking & Bench Tools\Crysal CPUID\SysInfoX64.sys () DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 1A 95 57 37 28 98 CD 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.1.0 FF - prefs.js..extensions.enabledAddons: FFPDFArchitectConverter%40pdfarchitect.com:1.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.3 FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B98a6f0dd-92f6-40b1-8466-c8e1938d66ee%7D&mid=973cb144fce347d0a8f8d15696c468f7-03b4b3fd6620badc7f79b90f9cbfacaecae34de8&ds=od011&v=" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 24.0\extensions\\Components: C:\PROGRAM FILES\WATERFOX\COMPONENTS 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Waterfox 24.0\extensions\\Plugins: C:\PROGRAM FILES\WATERFOX\PLUGINS FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013.10.01 04:38:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.11.30 20:43:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.11.30 20:43:18 | 000,000,000 | ---D | M] [2012.09.21 19:47:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Streeetz\AppData\Roaming\mozilla\Extensions [2013.11.21 11:58:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\7h1aovgv.default\extensions [2013.11.21 11:58:30 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\7h1aovgv.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012.09.21 20:32:56 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\7h1aovgv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013.09.27 13:07:36 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\7h1aovgv.default\extensions\djziggy@gmail.com [2013.09.27 13:07:36 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\7h1aovgv.default\extensions\info@djzig.com [2013.04.30 11:26:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\cbqp4x7p.default\extensions [2012.09.21 19:49:09 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\cbqp4x7p.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2012.09.21 20:13:52 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\cbqp4x7p.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2012.09.21 20:13:52 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\cbqp4x7p.default\extensions\djziggy@gmail.com [2012.09.21 20:13:52 | 000,000,000 | ---D | M] (LavaFox V2) -- C:\Users\Streeetz\AppData\Roaming\mozilla\Firefox\Profiles\cbqp4x7p.default\extensions\info@djzig.com [2012.12.12 10:31:34 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2013.10.10 13:07:25 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.10.01 13:07:23 | 000,282,570 | ---- | M] () (No name found) -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012.09.14 20:51:52 | 000,270,876 | ---- | M] () (No name found) -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\cbqp4x7p.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012.12.07 15:25:52 | 000,000,853 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\11-suche.xml [2012.12.07 15:25:52 | 000,002,209 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\englische-ergebnisse.xml [2012.12.07 15:25:52 | 000,010,506 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\gmx-suche.xml [2013.11.27 03:19:17 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-1.xml [2011.11.11 14:27:32 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-10.xml [2011.07.04 10:51:46 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-2.xml [2011.08.18 06:05:26 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-3.xml [2011.08.22 06:05:52 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-4.xml [2011.09.06 00:42:26 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-5.xml [2011.09.14 06:10:34 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-6.xml [2011.10.04 06:12:00 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-7.xml [2011.10.04 06:14:20 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-8.xml [2011.10.12 15:27:24 | 000,000,950 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin-9.xml [2011.06.22 08:18:36 | 000,001,056 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\icqplugin.xml [2012.12.07 15:25:52 | 000,002,368 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\lastminute.xml [2012.12.07 15:25:52 | 000,005,489 | ---- | M] () -- C:\Users\Streeetz\AppData\Roaming\mozilla\firefox\profiles\7h1aovgv.default\searchplugins\webde-suche.xml [2013.12.01 00:05:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.08.17 02:33:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.08.17 02:33:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.11.16 17:02:13 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.10.01 04:38:47 | 000,000,000 | ---D | M] (PDF Architect Converter For Firefox) -- C:\PROGRAM FILES (X86)\PDF ARCHITECT\FFPDFARCHITECTEXT [2012.10.01 19:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - Extension: Google Docs = C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\\ CHR - Extension: Google Wallet = C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\\ CHR - Extension: Google Mail = C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (PDF Architect Toolbar) - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH) O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [Kone] C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (ROCCAT) O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office15\EXCEL.EXE (Microsoft Corporation) O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Lync: Anruf per Mausklick - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 10.45.2) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 10.45.2) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{90DE3B2D-3960-484B-8792-9F93E66FD129}: DhcpNameServer = O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18:64bit: - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\ms-help - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18:64bit: - Protocol\Filter\text/xml {807583E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - File not found O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - File not found O20 - HKLM Winlogon: UserInit - (userinit.exe) - File not found O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - File not found O29 - HKLM SecurityProviders - (credssp.dll) - File not found O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.08.31 14:45:25 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2013.09.03 13:23:05 | 000,000,043 | R--- | M] () - G:\autorun.inf -- [ CDFS ] O32 - AutoRun File - [2013.09.03 13:23:05 | 000,000,043 | R--- | M] () - J:\autorun.inf -- [ CDFS ] O33 - MountPoints2\{39284132-5a80-11e3-80f9-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{39284132-5a80-11e3-80f9-806e6f6e6963}\Shell\AutoRun\command - "" = J:\setup.exe -- [2013.09.03 13:36:37 | 000,706,705 | R--- | M] ( ) O33 - MountPoints2\{aa80760d-5a1d-11e3-b3ca-001fd0208104}\Shell - "" = AutoRun O33 - MountPoints2\{aa80760d-5a1d-11e3-b3ca-001fd0208104}\Shell\AutoRun\command - "" = G:\setup.exe -- [2013.09.03 13:36:37 | 000,706,705 | R--- | M] ( ) O33 - MountPoints2\{bd1f8de3-09a6-11e2-baaa-001fd0208104}\Shell - "" = AutoRun O33 - MountPoints2\{bd1f8de3-09a6-11e2-baaa-001fd0208104}\Shell\AutoRun\command - "" = G:\setup.exe -- [2013.09.03 13:36:37 | 000,706,705 | R--- | M] ( ) O33 - MountPoints2\G\Shell - "" = AutoRun O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\hmh-acrev.exe O33 - MountPoints2\J\Shell - "" = AutoRun O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\setup.exe -- [2013.09.03 13:36:37 | 000,706,705 | R--- | M] ( ) O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.12.01 13:24:21 | 000,000,000 | ---D | C] -- C:\Program Files\Java [2013.12.01 02:06:46 | 000,000,000 | ---D | C] -- C:\jre1.7.0_45 [2013.12.01 00:28:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite [2013.12.01 00:27:45 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2013.12.01 00:27:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite [2013.12.01 00:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013.12.01 00:07:45 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013.11.30 23:36:11 | 000,312,744 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2013.11.30 23:36:07 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2013.11.30 23:36:07 | 000,189,352 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2013.11.30 23:36:07 | 000,108,968 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2013.11.30 23:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\Waterfox [2013.11.30 23:28:57 | 000,000,000 | ---D | C] -- C:\MATS [2013.11.30 20:43:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2013.11.30 20:43:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime [2013.11.30 14:53:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.11.26 01:01:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mp3DirectCut [2013.11.22 04:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi [2013.11.22 04:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi [2013.11.13 03:07:51 | 000,028,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEUDINIT.EXE [2013.11.13 03:03:20 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.11.13 03:03:20 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.11.13 03:03:17 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2013.11.13 03:03:17 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.11.13 03:03:17 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.11.13 03:03:17 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.11.13 03:03:17 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.11.13 03:03:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.11.13 03:03:17 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.11.13 03:03:17 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2013.11.13 03:03:16 | 001,926,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.11.13 03:03:16 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.11.13 03:03:16 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2013.11.13 03:03:16 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.11.13 03:03:16 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.11.13 03:03:16 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.11.13 03:03:16 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2013.11.13 03:03:16 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.11.13 03:03:16 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.11.13 03:03:16 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.11.13 03:03:16 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.11.13 03:03:16 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.11.13 03:03:16 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.11.13 03:03:16 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.11.13 03:03:16 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.11.13 03:03:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.11.13 03:03:16 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.11.13 03:03:16 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.11.13 03:03:16 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.11.13 03:03:16 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.11.13 03:03:16 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.11.13 03:03:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2013.11.13 03:03:16 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.11.13 03:03:16 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.11.13 03:03:16 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2013.11.13 03:03:16 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.11.13 03:03:16 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.11.13 03:03:16 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.11.13 03:03:16 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.11.13 03:03:15 | 005,765,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.11.13 03:03:15 | 001,993,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.11.13 03:03:15 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.11.13 03:03:15 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.11.13 03:03:15 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2013.11.13 03:03:15 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.11.13 03:03:15 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.11.13 03:03:15 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.11.13 03:03:15 | 000,548,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.11.13 03:03:15 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.11.13 03:03:15 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.11.13 03:03:15 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.11.13 03:03:15 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.11.13 03:03:15 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.11.13 03:03:15 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.11.13 03:03:15 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.11.13 03:03:15 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.11.13 03:03:15 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.11.13 03:03:15 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.11.13 03:03:15 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.11.13 03:03:15 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.11.13 03:03:15 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.11.13 03:03:15 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.11.13 03:03:15 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.11.13 03:03:15 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.11.13 03:03:15 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.11.13 03:03:15 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.11.13 03:03:15 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2013.11.13 03:03:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.11.13 03:03:15 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.11.13 03:03:15 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.11.13 03:03:14 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.11.13 03:03:14 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.11.13 03:03:14 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.11.13 03:03:14 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2013.11.13 03:03:14 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2013.11.13 03:03:14 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.11.13 03:03:14 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2013.11.13 03:03:14 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.11.13 03:03:14 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.11.13 03:03:14 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2013.11.13 00:58:48 | 001,474,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013.11.13 00:58:44 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.11.13 00:58:44 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.11.13 00:58:44 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\credui.dll [2013.11.13 00:58:44 | 000,190,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SmartcardCredentialProvider.dll [2013.11.13 00:58:44 | 000,152,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SmartcardCredentialProvider.dll [2013.11.13 00:58:41 | 001,447,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013.11.13 00:58:41 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2013.11.13 00:58:41 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll [2013.11.13 00:58:41 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll [2013.11.13 00:58:41 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll [2013.11.13 00:58:38 | 000,404,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gdi32.dll [2013.11.13 00:58:36 | 000,830,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\nshwfp.dll [2013.11.13 00:58:36 | 000,656,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nshwfp.dll [2013.11.13 00:58:36 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\FWPUCLNT.DLL [2013.11.13 00:58:36 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\FWPUCLNT.DLL [2013.11.09 15:53:48 | 000,000,000 | ---D | C] -- C:\Users\Streeetz\AppData\Roaming\The Creative Assembly [2013.11.09 15:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Steam [2013.11.02 10:12:29 | 000,000,000 | ---D | C] -- C:\Users\Streeetz\AppData\Roaming\TeamViewer [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.12.01 13:33:04 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.12.01 13:24:22 | 000,312,744 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe [2013.12.01 13:24:22 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe [2013.12.01 13:24:22 | 000,189,352 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe [2013.12.01 13:24:22 | 000,108,968 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [2013.12.01 13:08:29 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.12.01 13:08:29 | 000,019,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.12.01 13:06:46 | 002,349,246 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.12.01 13:06:46 | 000,685,704 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat [2013.12.01 13:06:46 | 000,666,512 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.12.01 13:06:46 | 000,625,358 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.12.01 13:06:46 | 000,137,878 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat [2013.12.01 13:06:46 | 000,135,440 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.12.01 13:06:46 | 000,110,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.12.01 13:01:07 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.12.01 13:01:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.12.01 13:00:55 | 2146,148,351 | -HS- | M] () -- C:\hiberfil.sys [2013.12.01 01:16:07 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys [2013.12.01 00:11:40 | 000,048,346 | ---- | M] () -- C:\Users\Streeetz\Documents\cc_20131201_001126.reg [2013.12.01 00:07:46 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.11.30 23:45:41 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2013.11.30 23:33:57 | 000,000,882 | ---- | M] () -- C:\Users\Public\Desktop\Waterfox.lnk [2013.11.30 23:14:27 | 000,441,848 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.11.30 22:49:35 | 000,000,011 | R--- | M] () -- C:\Windows\amunres.lsl [2013.11.30 15:09:33 | 000,132,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.11.30 15:09:33 | 000,106,904 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.11.30 15:09:33 | 000,083,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.11.30 15:09:33 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.11.24 14:50:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.11.13 03:03:20 | 000,940,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.11.13 03:03:20 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.11.13 03:03:17 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll [2013.11.13 03:03:17 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.11.13 03:03:17 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.11.13 03:03:17 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.11.13 03:03:17 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.11.13 03:03:17 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.11.13 03:03:17 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.11.13 03:03:17 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll [2013.11.13 03:03:16 | 001,926,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.11.13 03:03:16 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.11.13 03:03:16 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll [2013.11.13 03:03:16 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.11.13 03:03:16 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.11.13 03:03:16 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.11.13 03:03:16 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2013.11.13 03:03:16 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.11.13 03:03:16 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.11.13 03:03:16 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.11.13 03:03:16 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.11.13 03:03:16 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.11.13 03:03:16 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.11.13 03:03:16 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.11.13 03:03:16 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.11.13 03:03:16 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.11.13 03:03:16 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.11.13 03:03:16 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.11.13 03:03:16 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.11.13 03:03:16 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.11.13 03:03:16 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.11.13 03:03:16 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll [2013.11.13 03:03:16 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.11.13 03:03:16 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.11.13 03:03:16 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2013.11.13 03:03:16 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.11.13 03:03:16 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.11.13 03:03:16 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.11.13 03:03:16 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.11.13 03:03:16 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.11.13 03:03:15 | 005,765,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.11.13 03:03:15 | 001,993,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.11.13 03:03:15 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.11.13 03:03:15 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.11.13 03:03:15 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2013.11.13 03:03:15 | 000,626,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.11.13 03:03:15 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.11.13 03:03:15 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.11.13 03:03:15 | 000,548,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.11.13 03:03:15 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.11.13 03:03:15 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.11.13 03:03:15 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.11.13 03:03:15 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.11.13 03:03:15 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.11.13 03:03:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.11.13 03:03:15 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.11.13 03:03:15 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.11.13 03:03:15 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.11.13 03:03:15 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.11.13 03:03:15 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.11.13 03:03:15 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.11.13 03:03:15 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.11.13 03:03:15 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.11.13 03:03:15 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.11.13 03:03:15 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.11.13 03:03:15 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.11.13 03:03:15 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.11.13 03:03:15 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll [2013.11.13 03:03:15 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.11.13 03:03:15 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.11.13 03:03:15 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.11.13 03:03:15 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.11.13 03:03:14 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.11.13 03:03:14 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.11.13 03:03:14 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.11.13 03:03:14 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2013.11.13 03:03:14 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll [2013.11.13 03:03:14 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.11.13 03:03:14 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2013.11.13 03:03:14 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.11.13 03:03:14 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.11.13 03:03:14 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.12.01 00:11:29 | 000,048,346 | ---- | C] () -- C:\Users\Streeetz\Documents\cc_20131201_001126.reg [2013.12.01 00:07:46 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.11.30 23:33:57 | 000,000,894 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waterfox.lnk [2013.11.30 23:33:57 | 000,000,882 | ---- | C] () -- C:\Users\Public\Desktop\Waterfox.lnk [2013.11.30 22:49:35 | 000,000,011 | R--- | C] () -- C:\Windows\amunres.lsl [2013.11.24 14:50:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.11.13 03:03:16 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.11.13 03:03:15 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.10.29 14:30:15 | 000,000,845 | ---- | C] () -- C:\Users\Streeetz\AppData\Local\recently-used.xbel [2013.02.19 17:00:32 | 002,387,068 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.01.09 07:18:32 | 000,004,149 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_NO_HIGH_SCHOOL_CUBE_AFFIALITE_ID_brandingimage_destination.png [2012.11.01 22:15:45 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012.11.01 22:15:44 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012.10.22 16:33:39 | 000,003,627 | ---- | C] () -- C:\Windows\skull.ini [2012.10.13 08:53:21 | 000,016,966 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_NO_STRETCH_INTERNET_AFFIALITE_ID_brandingimage_destination.png [2012.10.13 08:53:20 | 000,007,122 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_NO_STREAMING_MEDIA_HOSTING_AFFILIATE_ID_brandingimage_destination.png [2012.10.13 08:53:18 | 000,001,451 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_NO_SHOWCASTER_AFFILIATE_ID_brandingimage_destination.png [2012.10.13 08:53:17 | 000,003,123 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_NO_DACAST_AFFILIATE_ID_brandingimage_destination.png [2012.10.13 08:53:16 | 000,014,186 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_AFL9067099885_brandingimage_main.png [2012.10.13 08:53:16 | 000,004,755 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_NO_BAMBUSER_AFFILIATE_ID_brandingimage_destination.png [2012.10.13 08:53:15 | 000,014,543 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_AFL9067099885_brandingimage_destination.png [2012.10.13 08:53:14 | 000,014,120 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_AFL0681655000_brandingimage_destination.png [2012.10.13 08:53:14 | 000,005,028 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net_telestream_wirecast_partner_AFL0681655000_brandingimage_main.png [2012.10.11 23:40:25 | 000,067,840 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\net.telestream.wirecast.xml [2012.10.08 00:34:12 | 000,000,552 | ---- | C] () -- C:\Windows\eReg.dat [2012.09.28 20:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll [2012.09.28 20:28:56 | 020,971,660 | ---- | C] () -- C:\Users\Streeetz\HardwareMonitoring.hml [2012.09.22 02:38:21 | 000,000,533 | ---- | C] () -- C:\Users\Streeetz\AppData\Roaming\All CPU MeterV3_Settings.ini [2012.09.21 23:20:57 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys [2012.09.21 19:33:32 | 001,481,728 | ---- | C] () -- C:\Windows\SysWow64\LegitCheckControl.dll [2012.09.21 19:33:32 | 000,323,072 | ---- | C] () -- C:\Windows\SysWow64\WgaTray.exe [2012.09.21 19:33:32 | 000,190,976 | ---- | C] () -- C:\Windows\SysWow64\WgaLogon.dll [2012.09.21 19:28:15 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL [2012.09.21 19:28:15 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.07.26 03:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Files - Unicode (All) ========== [2013.11.24 20:48:46 | 105,952,601 | ---- | M] ()(C:\Windows\SysWow64\???9) -- C:\Windows\SysWow64\䁫읒9 [2013.11.24 14:48:45 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\???9) -- C:\Windows\SysWow64\䁫읒9 [2013.11.23 22:37:52 | 105,869,762 | ---- | M] ()(C:\Windows\SysWow64\???T) -- C:\Windows\SysWow64\邛T [2013.11.22 22:37:53 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\???T) -- C:\Windows\SysWow64\邛T [2013.11.22 16:37:58 | 105,660,331 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\敔瑽 [2013.11.22 10:37:52 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\敔瑽 [2013.11.22 04:37:43 | 105,618,727 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㭚 [2013.11.22 04:37:43 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\㭚 [2013.11.21 22:37:41 | 105,611,834 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ᔖ弰 [2013.11.21 16:37:52 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ᔖ弰 [2013.11.21 10:37:52 | 105,483,598 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\컚ㅙ [2013.11.19 23:44:08 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\컚ㅙ [2013.11.11 18:59:47 | 103,792,856 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ᴍ獎 [2013.11.02 18:59:07 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\ᴍ獎 [2013.10.28 12:58:42 | 103,734,365 | ---- | M] ()(C:\Windows\SysWow64\???B) -- C:\Windows\SysWow64\ꍣ䯝B [2013.10.26 12:58:34 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\???B) -- C:\Windows\SysWow64\ꍣ䯝B [2013.09.22 21:56:44 | 098,597,466 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\磼ጔ [2013.09.16 15:56:22 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\磼ጔ [2013.09.08 13:43:30 | 096,559,285 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\숷 [2013.09.02 19:43:08 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\숷 [2013.08.27 02:50:39 | 100,357,025 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\왹䗛 [2013.08.26 14:50:44 | 000,000,000 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\왹䗛 < End of report > Code:
ATTFilter OTL Extras logfile created on: 01.12.2013 13:37:31 - Run 1 OTL by OldTimer - Version Folder = E:\Neuer Ordner 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16428) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 8,00 Gb Total Physical Memory | 5,77 Gb Available Physical Memory | 72,14% Memory free 33,94 Gb Paging File | 31,39 Gb Available in Paging File | 92,48% Paging File free Paging file location(s): c:\pagefile.sys 2000 4000e:\pagef [Binary data over 200 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 74,43 Gb Total Space | 4,74 Gb Free Space | 6,37% Space Free | Partition Type: NTFS Drive D: | 100,00 Mb Total Space | 68,22 Mb Free Space | 68,22% Space Free | Partition Type: NTFS Drive E: | 465,76 Gb Total Space | 75,32 Gb Free Space | 16,17% Space Free | Partition Type: NTFS Drive F: | 148,92 Gb Total Space | 30,50 Gb Free Space | 20,48% Space Free | Partition Type: NTFS Drive G: | 9,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 1397,26 Gb Total Space | 144,74 Gb Free Space | 10,36% Space Free | Partition Type: NTFS Drive J: | 9,60 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Computer Name: STREEETZ-PC | User Name: Streeetz | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) .reg [@ = regfile] -- regedit.exe "%1" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files\Opera x64\Opera.exe (Opera Software) .reg [@ = regfile] -- regedit.exe "%1" [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- Reg Error: Value error. http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [open] -- regedit.exe "%1" regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- Reg Error: Value error. http [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files\Opera x64\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [open] -- regedit.exe "%1" regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "UacDisableNotify" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{02789913-7B35-41BC-A4B1-8EAE31F483A1}" = rport=10243 | protocol=6 | dir=out | app=system | "{056F042F-AA8B-488E-9812-BB201B02826B}" = lport=56171 | protocol=17 | dir=in | name=pando media booster | "{05C5FB24-3B17-4C18-B96B-87F12358F1B8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{07B8B3BD-3C77-44C6-B0F9-5DD18ECEE7B6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{081EF2C7-370E-4C85-918F-263860A08104}" = rport=138 | protocol=17 | dir=out | app=system | "{19BA7378-940E-43E0-A3DA-2DB2B6DFADA2}" = lport=10243 | protocol=6 | dir=in | app=system | "{26F261D7-5A6B-4879-BB9E-D0449825325D}" = lport=138 | protocol=17 | dir=in | app=system | "{28F34A67-2859-4011-B3C4-9091DF4B1F18}" = lport=25565 | protocol=6 | dir=in | name=minecraft | "{2E7516CA-A63A-4E6E-98FC-99225E7CB107}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{3246B587-1907-4452-B6B0-2533FF5EB263}" = lport=56171 | protocol=17 | dir=in | name=pando media booster | "{33FFE8F7-94FD-45BD-BF80-EF53A7978307}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | "{3CA183EA-CCF1-4965-8079-FA88C580B8DA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{41C85FC8-26B1-476D-9402-3AC3DD71C860}" = rport=7070 | protocol=17 | dir=out | name=asd | "{4F77B3AE-FC25-4E39-9812-CADEA0DB9400}" = lport=25565 | protocol=17 | dir=in | name=mineacraft 2 | "{5B8A4B68-2939-458F-B0BD-3E1C7ABD3BC8}" = lport=2869 | protocol=6 | dir=in | app=system | "{6188132E-33BB-42DD-A5B4-DDC6D3B15DFC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{68DC9556-9D12-4FBD-B44E-6A49D5A8834B}" = lport=2302 | protocol=6 | dir=in | name=arma 2 hosting | "{6B639B34-6442-42CB-BF30-973013D6D9DE}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{6E01DC86-4DCE-4D06-83B4-FD11EDC883C5}" = rport=445 | protocol=6 | dir=out | app=system | "{7D263E01-FD66-4C1D-91B1-7526F329CCB4}" = lport=56171 | protocol=6 | dir=in | name=pando media booster | "{95C549EC-DEAB-49EC-A965-A4B0232E0AA9}" = lport=137 | protocol=17 | dir=in | app=system | "{9C4B326D-1764-417B-8F6B-D1FF27D0A6E6}" = lport=2302 | protocol=17 | dir=in | name=arma 2 hosting udp | "{9F097F77-7352-41D7-B880-4E904D66C8CE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{AF3BCAE2-78D9-41A0-ADBF-751E3D6D715F}" = lport=139 | protocol=6 | dir=in | app=system | "{B392232E-4A57-4F9C-9995-12162420B614}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B548053D-3AA3-4EDE-AF75-A9BB8FB076AF}" = lport=445 | protocol=6 | dir=in | app=system | "{C1741662-D566-4F31-BE4A-A4D949A26419}" = rport=7070 | protocol=6 | dir=out | name=asdasd | "{D171DDF6-0EFC-4638-87FD-6C8E7E45995A}" = lport=56171 | protocol=6 | dir=in | name=pando media booster | "{D5554ED5-9EFA-4774-A0A6-B1E1BFDAC3CA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{DADB2C45-B47B-4243-913B-7BAAFA7E56AC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E1F3F2F8-877E-4B5D-8A76-2E00499955DA}" = rport=137 | protocol=17 | dir=out | app=system | "{E387890F-F390-4971-9879-2D2FC41AE025}" = rport=139 | protocol=6 | dir=out | app=system | "{F4894ADE-476B-4196-B0F8-4F9F56FA18E3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{F7202128-5686-432A-B142-43697F3CF049}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01894171-209F-4FCE-9286-0D3DE8F924C9}" = protocol=17 | dir=in | app=e:\installiert\battlefield\simcity\simcity\simcity.exe | "{023F240F-D98B-4BF9-8AA8-62893B8FB63F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{037723B7-A931-4353-A50F-61DCB33E8E42}" = protocol=6 | dir=in | app=f:\empire total war\total war rome ii\rome2.exe | "{04F5D636-6600-4321-8ABA-EE38C63D1509}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{07E29F37-BC94-4DBE-8DA4-16EF12A57CF1}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{0FEE5D0D-04F3-4E93-B5ED-B821356ACF5A}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | "{11A8B97D-4EF2-446C-B851-B6EC95830210}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{1315A8DB-A806-494B-8F3F-AA3274B0253D}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii public test.exe | "{19F40D19-7765-4A49-80A8-802A0AB57933}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{1EAA1AA4-9587-4000-A45C-EA394700B8E8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{21EF9A1A-9A97-42E8-A0C4-EF3F6AB24D15}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{22810660-5A30-4D3A-961D-E573F0D7091A}" = protocol=6 | dir=in | app=e:\installiert\battlefield\simcity\simcity\simcity.exe | "{246C602C-6ECA-4EAC-B303-D94F431E8304}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{2C26320E-542D-4514-BCC0-6D650B208DB1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | "{2D43542C-FBC5-4C65-BBFC-2512F60F8E69}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\starcraft ii.exe | "{2D75E2F6-9B78-4D4C-9D8E-378600E89EA9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{301CC3F9-C6A4-4ED5-BBDA-05B6BB98FE2E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{3096652E-C3D9-4E1D-8BCF-3EA500AB1CD3}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{33680099-90B0-46A2-8059-AA8E0033C1E1}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{36D17926-87BC-443D-9EC0-38488B396D07}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{370353D3-A040-48D9-A4C5-B439857E24C6}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{3BC13EC9-1451-4282-B4E1-C87D77A82786}" = protocol=17 | dir=in | app=e:\installiert\diablo iii\diablo iii\diablo iii.exe | "{3CE23435-730E-48C7-8215-13F2413C430E}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{4425E7C1-6048-4388-B337-2C538372854C}" = protocol=17 | dir=in | app=e:\installiert\uplink elite hacker\uplink.exe | "{44AABD0A-0D30-42F7-B227-50E8B3785BDC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | "{49990021-6519-4EC2-9AEA-9A9099BCC4AE}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe | "{4B56BCDE-CF71-499B-A550-E951B9838EBD}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{4D846B40-BA08-481D-93F1-46EA9E5FE597}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "{5187737F-F1F7-401B-96C6-7FAF4B7D9CA2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{53CCC017-A753-46EB-9422-3A10CD9BE83B}" = protocol=6 | dir=in | app=e:\installiert\warcraft iii\war3.exe | "{55A3DB22-DBDA-49DF-B0E4-081F6380E7E2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{588F5BD6-51E4-4857-9410-66DB8E82380B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{5EC65ACC-E6B9-4EF0-98CF-DDCAEF6998CA}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base23260\sc2.exe | "{61CFF11D-A623-47FB-A5B5-7AFA2856B37A}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | "{62FA8AE5-1C1D-4384-83E3-409BB3070CD6}" = protocol=17 | dir=in | app=f:\empire total war\total war rome ii\rome2.exe | "{65310F37-AF52-444B-9D1B-DE9386B2DF65}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{66490752-7ABE-4DA8-A49E-2C20F37212F8}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{66EBE1F7-5DF6-4DB7-B910-0DE33893A07D}" = protocol=6 | dir=out | app=system | "{69BACC7F-BBFE-447E-B71D-F94075FA316E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{6CE91525-0BA9-46CF-A5CA-FA16B1BB889B}" = protocol=17 | dir=in | app=e:\installiert\fussball manager 13\manager13.exe | "{6E5DBE2A-C5E3-4444-A56A-825A57CF3285}" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | "{70D9EB5E-CD44-4216-9114-9F6A8042BB0D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{73BC49EA-98BC-47E5-A9D4-48B7A586D6ED}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{78155E71-E32A-45A0-8AAF-4C684AB16B39}" = protocol=6 | dir=in | app=e:\hearthstone\hearthstone\hearthstone.exe | "{7CF59D5E-94A4-4066-B2DD-0C06C5D1C7A6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2328\agent.exe | "{7DB04A4B-3FC4-403A-96B4-F43AB33FB738}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7E80983C-3EA6-479E-AC6A-4ABA05D58C15}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7F94F5CA-952A-4200-A311-C6EC60FD456D}" = dir=out | app=e:\installiert\fussball manager 13\manager13.exe | "{7FA0F464-C341-40FA-8167-CB09E9F68752}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{84E39662-61B3-42E2-B412-895AF058C4AE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{8592C98E-4B74-470C-B1B0-41E1FAB4CE75}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{88672681-72EE-4F66-98B9-BE26C5852DA7}" = protocol=17 | dir=in | app=c:\program files (x86)\quicktime\quicktimeplayer.exe | "{8B3A1864-1FED-4F37-9BC1-6DA7B5B6A190}" = protocol=6 | dir=in | app=e:\installiert\fussball manager 13\manager13.exe | "{8B3E56C0-1251-499C-B97C-3AA231129950}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{8D14208B-4D24-4C72-A961-F082CCD76575}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "{90D5FB30-83D7-4363-A63D-768590AD1FA1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{92081E45-F8FE-4066-B1FA-61AA728C96E2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{962A1103-7AAD-4976-987B-E60D401C7FF3}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe | "{983BF58A-9C67-47DB-AF3F-B72C1D29A77C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe | "{9D1B7732-3D87-44F2-B54A-6E677F8F82E5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{9D58EABA-4088-43BC-ACEE-5C93243E86FA}" = protocol=6 | dir=in | app=c:\program files (x86)\quicktime\quicktimeplayer.exe | "{9E6AD567-162E-4C7A-BC5A-3819148BB183}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{A28AEDB1-7CC7-4704-A1F6-3D4FA93CC2C4}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{A3D5F7E9-996B-422E-94EE-40AE3D0C05C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A749BB9E-0745-48A9-815E-741015365F0C}" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | "{AE0903C2-F834-448F-A0AF-B2DFE36F4ECF}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe | "{B2476BB4-F515-4A1E-BDDA-536E7BF8FE83}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe | "{BAFA5E65-21C1-4F2A-87C8-63C4CA0BB9C5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{BF5A017F-6622-4B5B-87A6-E4684FE2EED4}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe | "{C0E717E7-B6EF-4012-A7E6-247A4A15872B}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "{C4477DC3-6676-4769-9105-C65FCAE7C613}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{C6C9E303-D6B4-4072-9201-9301F044D9DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{CD7A4A02-F92C-4688-B349-0602BB090022}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2293\agent.exe | "{CFECCC25-FAE0-417E-AFED-10B3BFF4D944}" = protocol=6 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | "{D0DE25AD-8A60-4471-A954-CD6D202E45C2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{D161FC02-E104-49C9-A13C-431A54ED8050}" = protocol=6 | dir=in | app=e:\hearthstone\battle.net\battle.net.exe | "{D9056897-DAED-482D-A423-694B217BFF33}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{D9283271-9411-468E-BE2A-FE673F8A15B4}" = protocol=6 | dir=in | app=e:\installiert\diablo iii\diablo iii\diablo iii.exe | "{DB674411-6945-4C50-8BF2-70F3353FD92E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2045\agent.exe | "{DF5DFEF8-7250-466C-BCEE-215A7746A471}" = protocol=17 | dir=in | app=e:\hearthstone\battle.net\battle.net.exe | "{DFF99B38-1A98-4440-8BFC-A970AE3A725C}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{E4A92053-BBB4-4BA6-9AA2-06CD0E1E9609}" = protocol=17 | dir=in | app=c:\program files (x86)\starcraft ii\versions\base24944\sc2.exe | "{EA6C8DB1-C276-4433-A997-3254DEBE1E5E}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "{F19EA46B-CA5B-419F-8EE2-FB586D08552B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{F5AD5D76-5EA5-4BA4-834C-BC24EF7DCCE2}" = protocol=6 | dir=in | app=e:\installiert\uplink elite hacker\uplink.exe | "{F7DA0AAC-3A3C-4A1C-8D0E-5B049B8383AE}" = protocol=17 | dir=in | app=e:\installiert\warcraft iii\war3.exe | "{F98ADD60-CD8A-4221-8BF1-CF22E0793CCA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FD83D254-B12D-4EC8-8573-541770AC3E2E}" = protocol=17 | dir=in | app=e:\hearthstone\hearthstone\hearthstone.exe | "TCP Query User{077AF458-2D39-4D36-A6E9-0A7881721A0C}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "TCP Query User{093491F0-B414-429B-9D70-E951F45A6522}E:\installiert\freelancer discovery mod server\discovery freelancer 4.86.0\exe\freelancer.exe" = protocol=6 | dir=in | app=e:\installiert\freelancer discovery mod server\discovery freelancer 4.86.0\exe\freelancer.exe | "TCP Query User{0B7E35BF-FC28-464B-BB7D-2E847F90AB1E}E:\installiert\warcraft iii\war3.exe" = protocol=6 | dir=in | app=e:\installiert\warcraft iii\war3.exe | "TCP Query User{18CA945E-9A0B-4E53-B2CA-1B652546F261}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | "TCP Query User{198F103B-E2BD-4712-BE13-1F3F62F59926}E:\installiert\freelancer\exe\freelancer.exe" = protocol=6 | dir=in | app=e:\installiert\freelancer\exe\freelancer.exe | "TCP Query User{2BA8DEFF-6C35-423B-ADDA-7BA18BDBD6DC}E:\installiert\need.for.speed.most.wanted.limited.edition-ali213\nfs13.exe" = protocol=6 | dir=in | app=e:\installiert\need.for.speed.most.wanted.limited.edition-ali213\nfs13.exe | "TCP Query User{3B6CD2B7-82FA-4BC9-9D59-545319B761BC}E:\tools\teamspeak server\ts3server_win64.exe" = protocol=6 | dir=in | app=e:\tools\teamspeak server\ts3server_win64.exe | "TCP Query User{77D9287F-C653-4438-BD5B-8B96EF85F022}C:\program files (x86)\telestream\wirecast\rsrc\desktop presenter.exe" = protocol=6 | dir=in | app=c:\program files (x86)\telestream\wirecast\rsrc\desktop presenter.exe | "TCP Query User{887A6D2B-D845-40CA-B38D-5607B0967D83}E:\installiert\guild wars 2\gw2.exe" = protocol=6 | dir=in | app=e:\installiert\guild wars 2\gw2.exe | "TCP Query User{924F0702-69E0-424C-B9CD-EDAD6B58185E}E:\tools\teamspeak server\ts3server_win64.exe" = protocol=6 | dir=in | app=e:\tools\teamspeak server\ts3server_win64.exe | "TCP Query User{95856ED3-75C6-4A6D-99D0-4CCD212E10C8}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "TCP Query User{A847336D-C037-4AE9-9212-0190285B77FA}E:\installiert\need for speed hot pursuit 2\nfs11.exe" = protocol=6 | dir=in | app=e:\installiert\need for speed hot pursuit 2\nfs11.exe | "TCP Query User{ACA5ECCA-373D-4D41-9038-951AB6B596C4}C:\program files (x86)\quicktime\quicktimeplayer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\quicktime\quicktimeplayer.exe | "TCP Query User{AE55861A-4BFB-42B6-812A-39181114066A}C:\program files (x86)\telestream\wirecast\wirecast.exe" = protocol=6 | dir=in | app=c:\program files (x86)\telestream\wirecast\wirecast.exe | "TCP Query User{C3914817-47FA-49AA-9284-C351CF73DEF4}E:\installiert\uplink elite hacker\uplink.exe" = protocol=6 | dir=in | app=e:\installiert\uplink elite hacker\uplink.exe | "TCP Query User{D6FA5604-74E5-4724-B20F-173BBF569DF7}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | "TCP Query User{FA91C349-1252-421B-8B4F-65061707695C}C:\program files (x86)\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe | "TCP Query User{FCE84D2B-31A1-4008-8DA0-62B87AAFE7AB}F:\empire total war\total war rome ii\rome2.exe" = protocol=6 | dir=in | app=f:\empire total war\total war rome ii\rome2.exe | "UDP Query User{104086C6-42C0-42E6-B2C6-5BF0BC05614F}C:\program files (x86)\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files (x86)\videolan\vlc\vlc.exe | "UDP Query User{1B468C0D-1C7A-4E8C-B697-0A7DE2EAC3E0}E:\installiert\uplink elite hacker\uplink.exe" = protocol=17 | dir=in | app=e:\installiert\uplink elite hacker\uplink.exe | "UDP Query User{24AE4F23-8619-4430-89B3-1B9926636AAD}E:\installiert\need for speed hot pursuit 2\nfs11.exe" = protocol=17 | dir=in | app=e:\installiert\need for speed hot pursuit 2\nfs11.exe | "UDP Query User{2FE653AA-E3CF-4EF8-B38D-C6B88E9EDA41}E:\installiert\need.for.speed.most.wanted.limited.edition-ali213\nfs13.exe" = protocol=17 | dir=in | app=e:\installiert\need.for.speed.most.wanted.limited.edition-ali213\nfs13.exe | "UDP Query User{3A9B91A0-310F-4D21-A79C-184A489066CE}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | "UDP Query User{43FAA751-DA14-46AD-A7ED-08037C0A1C60}E:\installiert\warcraft iii\war3.exe" = protocol=17 | dir=in | app=e:\installiert\warcraft iii\war3.exe | "UDP Query User{87DD0CCF-1B88-4F09-BE77-C1376E46FA8E}E:\installiert\freelancer discovery mod server\discovery freelancer 4.86.0\exe\freelancer.exe" = protocol=17 | dir=in | app=e:\installiert\freelancer discovery mod server\discovery freelancer 4.86.0\exe\freelancer.exe | "UDP Query User{901001EA-6FCE-4308-B827-8FBDCA4A435B}C:\program files (x86)\telestream\wirecast\wirecast.exe" = protocol=17 | dir=in | app=c:\program files (x86)\telestream\wirecast\wirecast.exe | "UDP Query User{90B4B271-114D-4FE0-BC12-425067F661BD}E:\installiert\freelancer\exe\freelancer.exe" = protocol=17 | dir=in | app=e:\installiert\freelancer\exe\freelancer.exe | "UDP Query User{9CBBCDF8-2EEE-46AC-A10D-D0B07525E18F}C:\program files (x86)\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\jdownloader 2\jdownloader 2.exe | "UDP Query User{B75997B3-3538-4CD6-9D00-446EBC991D2B}F:\empire total war\total war rome ii\rome2.exe" = protocol=17 | dir=in | app=f:\empire total war\total war rome ii\rome2.exe | "UDP Query User{B7B78763-47C1-4A92-8939-29213748D76B}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "UDP Query User{C2857939-EE5E-4393-BB78-2CFD5FE89524}E:\installiert\guild wars 2\gw2.exe" = protocol=17 | dir=in | app=e:\installiert\guild wars 2\gw2.exe | "UDP Query User{C9FBC90D-0D55-4313-843D-25617618E5EF}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | "UDP Query User{DAEAB44C-2F80-41E5-BFA3-14E2811A4497}C:\program files (x86)\telestream\wirecast\rsrc\desktop presenter.exe" = protocol=17 | dir=in | app=c:\program files (x86)\telestream\wirecast\rsrc\desktop presenter.exe | "UDP Query User{E9D6FB26-3666-434B-B4FC-C3F05A8EA371}E:\tools\teamspeak server\ts3server_win64.exe" = protocol=17 | dir=in | app=e:\tools\teamspeak server\ts3server_win64.exe | "UDP Query User{F0D5219B-8533-42A1-8E5A-1EBCCBA1858A}E:\tools\teamspeak server\ts3server_win64.exe" = protocol=17 | dir=in | app=e:\tools\teamspeak server\ts3server_win64.exe | "UDP Query User{F6BFDD24-C632-4497-B3AA-B9DEAFB7B5FA}C:\program files (x86)\quicktime\quicktimeplayer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\quicktime\quicktimeplayer.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes "{26A24AE4-039D-4CA4-87B4-2F86417045FF}" = Java 7 Update 45 (64-bit) "{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC (64-bit) "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013 "{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013 "{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013 "{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013 "{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013 "{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013 "{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013 "{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch "{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English "{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français "{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano "{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013 "{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013 "{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013 "{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013 "{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013 "{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013 "{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013 "{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013 "{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013 "{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013 "{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "24DA573F901348FFDFF7717497830D45BE0C362E" = Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) "49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 "CCleaner" = CCleaner "GIMP-2_is1" = GIMP 2.8.4 "Logitech Gaming Software" = Logitech Gaming Software 8.35 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Office15.PROPLUS" = Microsoft Office Professional Plus 2013 "Opera 12.16.1860" = Opera 12.16 "Waterfox 24.0 (x64 en-US)" = Waterfox 24.0 (x64 en-US) "WinRAR archiver" = WinRAR 4.20 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{064A929A-4DE8-40CF-A901-BD40C14E4D25}" = PDF Architect "{08A25478-C5DD-4EA7-B168-3D687CA987FF}" = Die Sims™ 3 Traumsuite-Accessoires "{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires "{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR "{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}" = Die Sims™ 3 Diesel Accessoires "{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC "{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45 "{3BBFD444-5FAB-49F6-98B1-A1954E831399}" = Die Sims™ 3 Showtime "{3DE92282-CB49-434F-81BF-94E5B380E889}" = Die Sims™ 3 Jahreszeiten "{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6 "{50C913B1-A091-48B8-A434-6C9670284888}" = Garmin Training Center "{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit "{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in "{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = Die Sims™ 3 Stadt-Accessoires "{80AF0300-866F-400F-A350-D53E3C3E34E0}" = FUSSBALL MANAGER 13 "{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.7.0 "{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX "{90A4562F-D4A1-4B65-906D-41F236CF6902}" = Path of Exile "{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren "{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends "{9733747E-E53D-4C17-977E-3A872AFB93E1}" = ROCCAT Kone Mouse Driver "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9B2506E3-9A3F-45B5-96BF-509CAD584650}" = Die Sims™ 3 Katy Perry Süße Welt "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Deutsch "{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser "{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime "{B7EB794A-5A36-4CB0-90D9-BD0E786972D4}" = LogMeIn Hamachi "{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3 "{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch "{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 "{CE7CB214-DB11-4B5D-A6AF-3B4ED47C68B7}" = Microsoft Game Studios Common Redistributables Pack 1 "{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}" = Adobe Shockwave Player "{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime "{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude "{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack "{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F22AD6E1-EF83-4259-8516-F97869A640B0}" = Wirecast "{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™ "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "0630-0716-3135-7887" = JDownloader 2 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Avira AntiVir Desktop" = Avira Free Antivirus "Battle.net" = Battle.net "DAEMON Tools Lite" = DAEMON Tools Lite "Der Planer 5" = Der Planer 5 (remove only) "Diablo III" = Diablo III "Dont Starvev1.79352" = Dont Starve "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.50 "Freelancer 1.0" = Freelancer "Google Chrome" = Google Chrome "Hearthstone" = Hearthstone "JDiskReport 1.4.0" = JDiskReport 1.4.0 "LogMeIn Hamachi" = LogMeIn Hamachi "MozBackup" = MozBackup 1.5.1 "Mozilla Firefox 25.0.1 (x86 de)" = Mozilla Firefox 25.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Origin" = Origin "Portrait Professional Studio 10 PREACTIVATED by .:sHaRe:._is1" = Portrait Professional Studio 10.9 "Portrait Professional Studio10" = Portrait Professional Studio "PrecisionX" = EVGA Precision X 4.2.1 "R2FtZURldlR5Y29vbnYxMzI=_is1" = Game Dev Tycoon v1.3.2 (c) Greenheart Games version 1 "RTSS" = RivaTuner Statistics Server 5.2.0 "SpeedFan" = SpeedFan (remove only) "StarCraft II" = StarCraft II "VG90YWxXYXJSb21lSUk=_is1" = Total War Rome II *GERMAN* "vis_milk.dllWinamp" = MilkDrop for Winamp 2x (remove only) "VLC media player" = VLC media player 2.0.3 "Winamp" = Winamp "WinBMA" = WinBMA ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Sponsoren Patch für den FM13" = Sponsoren Patch für den FM13 "TeamSpeak 3 Client" = TeamSpeak 3 Client "Winamp Detect" = Winamp Erkennungs-Plug-in ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 30.11.2013 17:49:19 | Computer Name = Streeetz-PC | Source = NetBalancer 6.5.2 | ID = 0 Description = System.NullReferenceException: Object reference not set to an instance of an object. at Dm.n() Error - 30.11.2013 17:49:19 | Computer Name = Streeetz-PC | Source = NetBalancer 6.5.2 | ID = 0 Description = System.NullReferenceException: Object reference not set to an instance of an object. at Dm.n() Error - 30.11.2013 17:49:19 | Computer Name = Streeetz-PC | Source = NetBalancer 6.5.2 | ID = 0 Description = System.NullReferenceException: Object reference not set to an instance of an object. at Dm.n() Error - 30.11.2013 17:49:19 | Computer Name = Streeetz-PC | Source = NetBalancer 6.5.2 | ID = 0 Description = System.NullReferenceException: Object reference not set to an instance of an object. at Dm.n() Error - 30.11.2013 17:57:51 | Computer Name = Streeetz-PC | Source = NetBalancerService | ID = 0 Description = Error - 30.11.2013 18:03:42 | Computer Name = Streeetz-PC | Source = .NET Runtime | ID = 1026 Description = Error - 30.11.2013 18:03:42 | Computer Name = Streeetz-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: 3DMark11Cmd.exe, Version:, Zeitstempel: 0x4ee5de63 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677 Ausnahmecode: 0xe0434352 Fehleroffset: 0x000000000000940d ID des fehlerhaften Prozesses: 0x104c Startzeit der fehlerhaften Anwendung: 0x01ceee1807db92a0 Pfad der fehlerhaften Anwendung: C:\Program Files\Futuremark\3DMark11\bin\x64\3DMark11Cmd.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll Berichtskennung: 45e291b1-5a0b-11e3-be5a-001fd0208104 Error - 30.11.2013 18:45:02 | Computer Name = Streeetz-PC | Source = MsiInstaller | ID = 11316 Description = Error - 30.11.2013 19:03:27 | Computer Name = Streeetz-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: jucheck.exe, Version:, Zeitstempel: 0x51d2fcc9 Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba59 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00029951 ID des fehlerhaften Prozesses: 0x1330 Startzeit der fehlerhaften Anwendung: 0x01ceee206114c95d Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe Pfad des fehlerhaften Moduls: C:\Windows\syswow64\USER32.dll Berichtskennung: 9ecab879-5a13-11e3-b8e7-001fd0208104 Error - 30.11.2013 19:35:47 | Computer Name = Streeetz-PC | Source = Office 2013 Licensing Service | ID = 0 Description = Error - 30.11.2013 20:25:36 | Computer Name = Streeetz-PC | Source = Office 2013 Licensing Service | ID = 0 Description = Error - 30.11.2013 21:13:29 | Computer Name = Streeetz-PC | Source = Windows Installer 3.1 | ID = 921877 Description = [ System Events ] Error - 18.04.2013 13:41:07 | Computer Name = Streeetz-PC | Source = PNRPSvc | ID = 102 Description = Error - 18.04.2013 13:41:07 | Computer Name = Streeetz-PC | Source = PNRPSvc | ID = 102 Description = Error - 18.04.2013 13:41:07 | Computer Name = Streeetz-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error - 18.04.2013 13:41:07 | Computer Name = Streeetz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 18.04.2013 13:41:07 | Computer Name = Streeetz-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error - 18.04.2013 13:41:07 | Computer Name = Streeetz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 18.04.2013 13:41:08 | Computer Name = Streeetz-PC | Source = PNRPSvc | ID = 102 Description = Error - 18.04.2013 13:41:08 | Computer Name = Streeetz-PC | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error - 18.04.2013 13:41:08 | Computer Name = Streeetz-PC | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error - 18.04.2013 16:06:41 | Computer Name = Streeetz-PC | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?18.?04.?2013 um 22:05:14 unerwartet heruntergefahren. < End of report > Liebe Grüße ![]() |
![]() | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Hallo und
__________________![]() Zitat:
__________________ |
![]() | #3 |
![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Hallo cosinus,
__________________Nein der Computer ist in Privatgebrauch, wurde aber mit installiertem Windows auf Ebay erworben. Vielleicht war er vorher in Gewerblicher Nutzung ? Nochmal zum Problem. Also auf der Java Testseite tut sich gar nichts :/ Verify Java Version Liebe Grüße ![]() Geändert von Java.exe (02.12.2013 um 16:52 Uhr) Grund: P |
![]() | #4 | |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?]Zitat:
Wenn nicht, hast du unsichere weil wahscheinlich gecrackte Software auf dem System.
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #5 |
![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Guten morgen cosinus, nein habe leider nichts derartiges bekommen. Super von einem Problem auf ins nächste. ![]() Das heißt ein neues Windows installieren ? Habe noch ein altes Vista von dem vorherigen Pc, da ist auch so ein Aufkleber auf dem Pc drauf. Das Problem mit Java lässt sich dann nicht lösen ? Liebe Grüße nochmals |
![]() | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Lass uns erstmal weitersehen, es war nur eine Befürchtung. Tatsählich muss deine Software nicht gecrackt sein. Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
![]() Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> Java lässt sich nicht neu/deinstallieren [registry?] |
![]() | #7 | |
![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Hallo cosinus, Zitat:
Ansonsten habe ich gerade die Logs von AntiVir durchgeschaut, da ist lediglich von einem Audio Snipping Tool adware gefunden worden. Das war aber nicht das Problem, ansonsten alles ruhig die ganze Zeit/letzten Wochen. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013 02 Ran by Streeetz (administrator) on STREEETZ-PC on 03-12-2013 22:52:00 Running from C:\Users\Streeetz\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (ROCCAT) C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ROCCAT) C:\Program Files (x86)\ROCCAT\Kone Mouse\OSD.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Microsoft Corporation) C:\Windows\System32\calc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avconfig.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [6900024 2012-07-24] (Logitech Inc.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) MountPoints2: G - G:\hmh-acrev.exe MountPoints2: J - J:\setup.exe MountPoints2: {39284132-5a80-11e3-80f9-806e6f6e6963} - J:\setup.exe MountPoints2: {aa80760d-5a1d-11e3-b3ca-001fd0208104} - G:\setup.exe MountPoints2: {bd1f8de3-09a6-11e2-baaa-001fd0208104} - G:\setup.exe HKLM-x32\...\Run: [Kone] - C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE [1666560 2011-02-18] (ROCCAT) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1A9557372898CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File FireFox: ======== FF ProfilePath: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF DefaultSearchEngine: AVG Secure Search FF Homepage: hxxp://www.google.de/ FF Keyword.URL: hxxp://isearch.avg.com/search?cid=%7B98a6f0dd-92f6-40b1-8466-c8e1938d66ee%7D&mid=973cb144fce347d0a8f8d15696c468f7-03b4b3fd6620badc7f79b90f9cbfacaecae34de8&ds=od011&v= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\11-suche.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-1.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-10.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-2.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-3.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-4.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-5.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-6.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-7.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-8.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-9.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\searchplugins-backup FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: LavaFox V2-Blue - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\djziggy@gmail.com FF Extension: LavaFox V2 - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\info@djzig.com FF Extension: Garmin Communicator - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} FF Extension: ICQ Toolbar - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{800b5000-a755-47e1-992b-48a1c1357f07} FF Extension: DVDVideoSoft Menu - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi FF Extension: Adblock Plus - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: greasemonkey - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\ CHR Extension: (Google Wallet) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\ CHR Extension: (Gmail) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-30] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-30] (Avira Operations GmbH & Co. KG) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-11-02] () ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-30] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG) S3 CrystalSysInfo; E:\Overlocking & Bench Tools\Crysal CPUID\SysInfoX64.sys [18128 2010-01-09] () S3 DSI_SiUSBXp_3_1; C:\Windows\System32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Silicon Laboratories) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-01] (Disc Soft Ltd) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-09-21] () R3 KoneFltr; C:\Windows\System32\drivers\Kone.sys [15488 2008-12-11] (ROCCAT Ltd) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-04-12] (Oracle Corporation) S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] S3 WinRing0_1_2_0; \??\C:\Users\Streeetz\AppData\Local\Temp\tmp4F97.tmp [x] S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-03 22:52 - 2013-12-03 22:52 - 00015989 _____ C:\Users\Streeetz\Desktop\FRST.txt 2013-12-03 22:51 - 2013-12-03 22:51 - 00000000 ____D C:\FRST 2013-12-03 22:50 - 2013-12-03 22:50 - 01959614 _____ (Farbar) C:\Users\Streeetz\Desktop\FRST64.exe 2013-12-02 17:29 - 2013-12-02 17:29 - 00000000 ____D C:\Program Files (x86)\Java 2013-12-02 17:22 - 2013-12-02 17:22 - 00000023 _____ C:\Users\Streeetz\Desktop\execcmd.log 2013-12-01 14:14 - 2013-12-01 14:23 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\FreeOrion 2013-12-01 14:12 - 2013-12-01 14:12 - 00001023 _____ C:\Users\Public\Desktop\FreeOrion.lnk 2013-12-01 14:12 - 2013-12-01 14:12 - 00000000 ____D C:\Program Files (x86)\FreeOrion 2013-12-01 13:25 - 2013-12-01 14:19 - 00001488 _____ C:\Users\Streeetz\Desktop\Neues Textdokument.txt 2013-12-01 13:24 - 2013-12-01 13:24 - 00000000 ____D C:\Program Files\Java 2013-12-01 02:13 - 2013-12-01 02:13 - 00000780 _____ C:\Windows\KB893803v2.log 2013-12-01 02:06 - 2013-12-01 02:06 - 00000000 ____D C:\jre1.7.0_45 2013-12-01 01:17 - 2013-12-03 21:43 - 00165356 _____ C:\Windows\WindowsUpdate.log 2013-12-01 01:15 - 2013-12-02 08:52 - 00000168 _____ C:\Windows\setupact.log 2013-12-01 01:15 - 2013-12-01 01:15 - 00000000 _____ C:\Windows\setuperr.log 2013-12-01 00:27 - 2013-12-01 01:16 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2013-12-01 00:27 - 2013-12-01 00:27 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2013-12-01 00:11 - 2013-12-01 00:11 - 00048346 _____ C:\Users\Streeetz\Documents\cc_20131201_001126.reg 2013-12-01 00:07 - 2013-12-01 00:07 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-12-01 00:07 - 2013-12-01 00:07 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-12-01 00:07 - 2013-12-01 00:07 - 00000000 ____D C:\Program Files\CCleaner 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN52A5.tmp 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN5295.tmp 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN5294.tmp 2013-11-30 23:36 - 2013-12-01 13:24 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-11-30 23:36 - 2013-12-01 13:24 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-11-30 23:36 - 2013-12-01 13:24 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-11-30 23:36 - 2013-12-01 13:24 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-11-30 23:33 - 2013-11-30 23:33 - 00000882 _____ C:\Users\Public\Desktop\Waterfox.lnk 2013-11-30 23:33 - 2013-11-30 23:33 - 00000000 ____D C:\Program Files\Waterfox 2013-11-30 23:28 - 2013-12-02 17:30 - 00000000 ____D C:\MATS 2013-11-30 22:49 - 2013-11-30 22:49 - 00000011 ____R C:\Windows\amunres.lsl 2013-11-30 20:43 - 2013-11-30 20:43 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-11-30 15:20 - 2013-11-30 15:20 - 00001162 _____ C:\Users\UpdatusUser.Streeetz-PC\Desktop\Continue Zip Opener Installation.lnk 2013-11-26 01:01 - 2013-11-26 01:37 - 00000000 ____D C:\Program Files (x86)\mp3DirectCut 2013-11-24 14:50 - 2013-11-24 14:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2013-11-24 14:48 - 2013-11-24 20:48 - 105952601 _____ C:\Windows\SysWOW64\䁫읒9 2013-11-22 22:37 - 2013-11-23 22:37 - 105869762 _____ C:\Windows\SysWOW64\邛T 2013-11-22 10:37 - 2013-11-22 16:37 - 105660331 _____ C:\Windows\SysWOW64\敔瑽 2013-11-22 04:37 - 2013-11-22 04:37 - 105618727 _____ C:\Windows\SysWOW64\㭚 2013-11-22 04:31 - 2013-11-22 04:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-11-21 16:37 - 2013-11-21 22:37 - 105611834 _____ C:\Windows\SysWOW64\ᔖ弰 2013-11-19 23:44 - 2013-11-21 10:37 - 105483598 _____ C:\Windows\SysWOW64\컚ㅙ 2013-11-13 03:07 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-11-13 03:03 - 2013-11-13 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-13 03:03 - 2013-11-13 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-13 03:03 - 2013-11-13 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-13 03:03 - 2013-11-13 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-13 03:03 - 2013-11-13 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-13 03:03 - 2013-11-13 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-13 03:03 - 2013-11-13 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-13 03:03 - 2013-11-13 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-13 00:58 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 00:58 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 00:58 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 00:58 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 00:58 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-13 00:58 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 00:58 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 00:58 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 00:58 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 00:58 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 00:58 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 00:58 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 00:58 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 00:58 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 00:58 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-13 00:58 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 00:58 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 00:58 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 00:58 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 00:58 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 00:58 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 00:58 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 00:58 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 00:58 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 00:58 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 00:58 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 00:58 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 00:58 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 00:58 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-13 00:58 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-09 15:53 - 2013-11-09 15:53 - 00000000 ____D C:\ProgramData\Steam ==================== One Month Modified Files and Folders ======= 2013-12-03 22:52 - 2013-12-03 22:52 - 00015989 _____ C:\Users\Streeetz\Desktop\FRST.txt 2013-12-03 22:51 - 2013-12-03 22:51 - 00000000 ____D C:\FRST 2013-12-03 22:50 - 2013-12-03 22:50 - 01959614 _____ (Farbar) C:\Users\Streeetz\Desktop\FRST64.exe 2013-12-03 22:33 - 2013-02-23 17:03 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-03 21:43 - 2013-12-01 01:17 - 00165356 _____ C:\Windows\WindowsUpdate.log 2013-12-03 14:57 - 2013-03-28 18:17 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-12-03 14:27 - 2012-09-21 20:47 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{57677CF5-EABA-468E-BD52-03DBFABB15A8} 2013-12-03 08:14 - 2009-07-14 05:45 - 00019792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-03 08:14 - 2009-07-14 05:45 - 00019792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-03 05:33 - 2013-02-23 17:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-02 17:30 - 2013-11-30 23:28 - 00000000 ____D C:\MATS 2013-12-02 17:29 - 2013-12-02 17:29 - 00000000 ____D C:\Program Files (x86)\Java 2013-12-02 17:22 - 2013-12-02 17:22 - 00000023 _____ C:\Users\Streeetz\Desktop\execcmd.log 2013-12-02 09:06 - 2009-09-04 19:43 - 00666512 _____ C:\Windows\system32\perfh007.dat 2013-12-02 09:06 - 2009-09-04 19:43 - 00135440 _____ C:\Windows\system32\perfc007.dat 2013-12-02 09:06 - 2009-08-16 10:50 - 00685704 _____ C:\Windows\system32\perfh019.dat 2013-12-02 09:06 - 2009-08-16 10:50 - 00137878 _____ C:\Windows\system32\perfc019.dat 2013-12-02 09:06 - 2009-07-14 06:13 - 02349246 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-02 08:53 - 2013-05-11 09:19 - 00003034 _____ C:\Windows\System32\Tasks\EVGAPrecision 2013-12-02 08:52 - 2013-12-01 01:15 - 00000168 _____ C:\Windows\setupact.log 2013-12-02 08:52 - 2013-07-03 01:36 - 00000000 ____D C:\Users\Streeetz\AppData\Local\LogMeIn Hamachi 2013-12-02 08:52 - 2012-09-21 19:47 - 00000000 ____D C:\ProgramData\NVIDIA 2013-12-02 08:52 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-12-02 08:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-01 14:23 - 2013-12-01 14:14 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\FreeOrion 2013-12-01 14:19 - 2013-12-01 13:25 - 00001488 _____ C:\Users\Streeetz\Desktop\Neues Textdokument.txt 2013-12-01 14:12 - 2013-12-01 14:12 - 00001023 _____ C:\Users\Public\Desktop\FreeOrion.lnk 2013-12-01 14:12 - 2013-12-01 14:12 - 00000000 ____D C:\Program Files (x86)\FreeOrion 2013-12-01 13:24 - 2013-12-01 13:24 - 00000000 ____D C:\Program Files\Java 2013-12-01 13:24 - 2013-11-30 23:36 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-12-01 13:24 - 2013-11-30 23:36 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-12-01 13:24 - 2013-11-30 23:36 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-12-01 13:24 - 2013-11-30 23:36 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-12-01 13:24 - 2013-10-28 16:36 - 00000000 ____D C:\ProgramData\Oracle 2013-12-01 02:13 - 2013-12-01 02:13 - 00000780 _____ C:\Windows\KB893803v2.log 2013-12-01 02:06 - 2013-12-01 02:06 - 00000000 ____D C:\jre1.7.0_45 2013-12-01 01:16 - 2013-12-01 00:27 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2013-12-01 01:15 - 2013-12-01 01:15 - 00000000 _____ C:\Windows\setuperr.log 2013-12-01 01:15 - 2012-09-21 19:36 - 00000000 ____D C:\Users\Streeetz 2013-12-01 01:14 - 2013-10-01 14:34 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2013-12-01 01:14 - 2013-05-11 00:07 - 00000000 ____D C:\Users\UpdatusUser.Streeetz-PC 2013-12-01 01:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2013-12-01 00:27 - 2013-12-01 00:27 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2013-12-01 00:19 - 2013-10-29 14:31 - 00000000 ____D C:\Program Files (x86)\Steam 2013-12-01 00:19 - 2013-10-01 04:38 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-12-01 00:19 - 2012-09-28 22:48 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\DAEMON Tools Lite 2013-12-01 00:19 - 2012-09-22 10:16 - 00000000 ____D C:\Windows\Minidump 2013-12-01 00:19 - 2012-09-22 05:25 - 00000000 ____D C:\Windows\Panther 2013-12-01 00:19 - 2012-09-21 23:33 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\Media Player Classic 2013-12-01 00:19 - 2012-09-21 20:16 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\Winamp 2013-12-01 00:11 - 2013-12-01 00:11 - 00048346 _____ C:\Users\Streeetz\Documents\cc_20131201_001126.reg 2013-12-01 00:07 - 2013-12-01 00:07 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-12-01 00:07 - 2013-12-01 00:07 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-12-01 00:07 - 2013-12-01 00:07 - 00000000 ____D C:\Program Files\CCleaner 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN52A5.tmp 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN5295.tmp 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN5294.tmp 2013-11-30 23:45 - 2013-10-28 16:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-30 23:33 - 2013-11-30 23:33 - 00000882 _____ C:\Users\Public\Desktop\Waterfox.lnk 2013-11-30 23:33 - 2013-11-30 23:33 - 00000000 ____D C:\Program Files\Waterfox 2013-11-30 23:14 - 2009-07-14 05:45 - 00441848 _____ C:\Windows\system32\FNTCACHE.DAT 2013-11-30 23:05 - 2012-12-09 13:20 - 00000000 ____D C:\Users\Streeetz\KAG 2013-11-30 23:03 - 2012-09-21 22:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-30 23:02 - 2013-03-04 21:54 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3 2013-11-30 23:02 - 2012-09-21 23:11 - 00111520 _____ C:\Users\Streeetz\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-30 22:49 - 2013-11-30 22:49 - 00000011 ____R C:\Windows\amunres.lsl 2013-11-30 22:18 - 2013-09-11 23:17 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Overwolf 2013-11-30 21:15 - 2012-10-23 17:02 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Apple Computer 2013-11-30 20:52 - 2012-09-28 23:23 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\vlc 2013-11-30 20:43 - 2013-11-30 20:43 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-11-30 19:03 - 2013-04-30 18:41 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Game Dev Tycoon 2013-11-30 15:24 - 2013-07-14 15:01 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2013-11-30 15:20 - 2013-11-30 15:20 - 00001162 _____ C:\Users\UpdatusUser.Streeetz-PC\Desktop\Continue Zip Opener Installation.lnk 2013-11-30 15:09 - 2013-05-02 09:45 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-11-30 15:09 - 2013-03-28 18:17 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-11-30 15:09 - 2013-03-28 18:17 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-11-30 14:53 - 2013-02-23 17:03 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Google 2013-11-30 14:52 - 2013-02-23 17:03 - 00000000 ____D C:\Program Files (x86)\Google 2013-11-30 14:42 - 2012-09-28 19:51 - 00000000 ____D C:\Users\Streeetz\AppData\Local\PMB Files 2013-11-30 14:42 - 2012-09-28 19:51 - 00000000 ____D C:\ProgramData\PMB Files 2013-11-29 05:28 - 2013-02-23 17:03 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-11-29 05:28 - 2013-02-23 17:03 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-11-27 14:31 - 2013-04-03 13:56 - 00629760 ___SH C:\Users\Streeetz\Desktop\Thumbs.db 2013-11-27 13:37 - 2013-10-01 14:31 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-26 01:37 - 2013-11-26 01:01 - 00000000 ____D C:\Program Files (x86)\mp3DirectCut 2013-11-24 20:48 - 2013-11-24 14:48 - 105952601 _____ C:\Windows\SysWOW64\䁫읒9 2013-11-24 14:50 - 2013-11-24 14:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2013-11-23 22:37 - 2013-11-22 22:37 - 105869762 _____ C:\Windows\SysWOW64\邛T 2013-11-22 16:37 - 2013-11-22 10:37 - 105660331 _____ C:\Windows\SysWOW64\敔瑽 2013-11-22 04:37 - 2013-11-22 04:37 - 105618727 _____ C:\Windows\SysWOW64\㭚 2013-11-22 04:31 - 2013-11-22 04:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-11-21 22:37 - 2013-11-21 16:37 - 105611834 _____ C:\Windows\SysWOW64\ᔖ弰 2013-11-21 11:58 - 2013-08-17 02:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-21 11:58 - 2012-09-21 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-21 10:37 - 2013-11-19 23:44 - 105483598 _____ C:\Windows\SysWOW64\컚ㅙ 2013-11-14 23:20 - 2013-10-01 04:32 - 00000000 ____D C:\Users\Streeetz\Desktop\Bewerbung 2013-11-13 03:25 - 2012-09-21 19:37 - 00001425 _____ C:\Users\Streeetz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-13 03:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-11-13 03:03 - 2013-11-13 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-13 03:03 - 2013-11-13 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-13 03:03 - 2013-11-13 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-13 03:03 - 2013-11-13 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-13 03:03 - 2013-11-13 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-13 03:03 - 2013-11-13 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-13 03:03 - 2013-11-13 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-13 03:03 - 2013-11-13 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-13 03:02 - 2013-07-26 02:00 - 00000000 ____D C:\Windows\system32\MRT 2013-11-13 03:00 - 2012-09-21 20:31 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-11 18:59 - 2013-11-02 18:59 - 103792856 _____ C:\Windows\SysWOW64\ᴍ獎 2013-11-09 15:53 - 2013-11-09 15:53 - 00000000 ____D C:\ProgramData\Steam 2013-11-09 14:34 - 2013-10-23 01:59 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Battle.net 2013-11-04 17:42 - 2012-09-21 23:08 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\Skype Some content of TEMP: ==================== C:\Users\Streeetz\AppData\Local\Temp\avgnt.exe C:\Users\Streeetz\AppData\Local\Temp\DTLite4481-0347.exe C:\Users\Streeetz\AppData\Local\Temp\java-installer.exe C:\Users\Streeetz\AppData\Local\Temp\jre_setup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-30 15:46 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2013 02 Ran by Streeetz at 2013-12-03 22:52:37 Running from C:\Users\Streeetz\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C} AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe AIR (x32 Version: Adobe Flash Player 11 ActiveX (x32 Version: 11.3.300.265) Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117) Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05) Adobe Shockwave Player (x32 Version: Apple Application Support (x32 Version: 2.3.4) Apple Mobile Device Support (Version: Apple Software Update (x32 Version: Avira Free Antivirus (x32 Version: Battle.net (x32) Bonjour (Version: CCleaner (Version: 4.08) DAEMON Tools Lite (x32 Version: Diablo III (x32) Die Sims™ 3 (x32 Version: 1.50.56) Die Sims™ 3 Design-Garten-Accessoires (x32 Version: 7.0.55) Die Sims™ 3 Diesel Accessoires (x32 Version: 14.0.48) Die Sims™ 3 Einfach tierisch (x32 Version: 10.0.96) Die Sims™ 3 Gib Gas-Accessoires (x32 Version: 5.0.44) Die Sims™ 3 Jahreszeiten (x32 Version: 16.0.136) Die Sims™ 3 Katy Perry Süße Welt (x32 Version: 13.0.62) Die Sims™ 3 Late Night (x32 Version: 6.0.81) Die Sims™ 3 Lebensfreude (x32 Version: 8.0.152) Die Sims™ 3 Luxus-Accessoires (x32 Version: 3.0.38) Die Sims™ 3 Reiseabenteuer (x32 Version: 2.0.86) Die Sims™ 3 Showtime (x32 Version: 12.0.273) Die Sims™ 3 Stadt-Accessoires (x32 Version: 9.0.73) Die Sims™ 3 Traumkarrieren (x32 Version: 4.0.87) Die Sims™ 3 Traumsuite-Accessoires (x32 Version: 11.0.84) EVGA Precision X 4.2.1 (x32 Version: 4.2.1) FreeOrion 0.4.2 (x32 Version: 0.4.2)0) Game Dev Tycoon v1.3.2 (c) Greenheart Games version 1 (x32 Version: 1) Garmin Training Center (x32 Version: 3.6.5) Garmin USB Drivers (x32 Version: GIMP 2.8.4 (Version: 2.8.4) Google Chrome (x32 Version: 31.0.1650.57) Google Earth Plug-in (x32 Version: Google Update Helper (x32 Version: Hearthstone (x32) iTunes (Version: Java 7 Update 45 (64-bit) (Version: 7.0.450) Java 7 Update 45 (x32 Version: 7.0.450) Java Auto Updater (x32 Version: JDiskReport 1.4.0 (x32 Version: 1.4.0 (2012-01-20 11:38:43)) League of Legends (x32 Version: 1.3) Logitech Gaming Software (Version: 8.35.18) Logitech Gaming Software 8.35 (Version: 8.35.18) LogMeIn Hamachi (x32 Version: Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322) Microsoft .NET Framework 1.1 German Language Pack (x32 Version: 1.1.4322) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Game Studios Common Redistributables Pack 1 (x32 Version: 1.0.0) Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017) Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017) Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017) Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017) Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017) Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017) Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017) Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0) Microsoft XML Parser (x32 Version: 8.20.8730.4) MilkDrop for Winamp 2x (remove only) (x32) MozBackup 1.5.1 (x32) Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1) Mozilla Maintenance Service (x32 Version: 25.0.1) MPC-HC (64-bit) (Version: MPC-HC (x32 Version: NVIDIA 3D Vision Controller-Treiber 314.22 (Version: 314.22) NVIDIA 3D Vision Treiber 314.22 (Version: 314.22) NVIDIA Grafiktreiber 314.22 (Version: 314.22) NVIDIA HD-Audiotreiber (Version: NVIDIA Install Application (Version: 2.1002.115.743) NVIDIA PhysX (x32 Version: 9.12.1031) NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031) NVIDIA Stereoscopic 3D Driver (x32 Version: NVIDIA Systemsteuerung 314.22 (Version: 314.22) NVIDIA Update 1.12.12 (Version: 1.12.12) NVIDIA Update Components (Version: 1.12.12) Opera 12.16 (Version: 12.16.1860) Origin (x32 Version: Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017) Pando Media Booster (x32 Version: Path of Exile (x32 Version: PDF Architect (x32 Version: PDF24 Creator 5.7.0 (x32) PDFCreator (x32 Version: 1.7.1) Portrait Professional Studio (x32 Version: 10) Portrait Professional Studio 10.9 (x32 Version: 10.9) QuickTime (x32 Version: Realtek High Definition Audio Driver (x32 Version: RivaTuner Statistics Server 5.2.0 (x32 Version: 5.2.0) ROCCAT Kone Mouse Driver (x32 Version: 1.0) SimCity™ (x32 Version: Skype™ 6.6 (x32 Version: 6.6.106) SpeedFan (remove only) (x32) StarCraft II (x32) Steam (x32 Version: TeamSpeak 3 Client (HKCU Version: 3.0.13) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) VLC media player 2.0.3 (x32 Version: 2.0.3) VoiceOver Kit (x32 Version: Waterfox 24.0 (x64 en-US) (Version: 24.0) Winamp (x32 Version: 5.63 ) Winamp Erkennungs-Plug-in (HKCU Version: WinBMA (x32 Version: 2.0.4713.34518) Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) (Version: 07/07/2009 1.12.2) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 (Version: 06/03/2009 WinRAR 4.20 (64-Bit) (Version: 4.20.0) ==================== Restore Points ========================= 02-12-2013 16:30:39 Wiederherstellungspunkt vor Der Name ist nicht verfügbar. wurde mithilfe der Problembehandlung für die Programminstallation und -deinstallation entfernt. ==================== Hosts content: ========================== 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {088482FA-65B8-4E17-9ABF-1DCD48E8D373} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict1 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem Task: {09F06BFE-A3C8-40E3-846A-6E6F4000C238} - System32\Tasks\Microsoft\Windows\Tcpip\IpAddressConflict2 => Rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem Task: {20489E52-DC95-4A99-8048-FC1178680769} - System32\Tasks\WPD\SqmUpload_S-1-5-21-3211016966-3914280461-1692422699-1001 => Rundll32.exe portabledeviceapi.dll,#1 Task: {336ED0BB-0B88-446F-A470-CA508B5B947B} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticDataCollector => Rundll32.exe dfdts.dll,DfdGetDefaultPolicyAndSMART Task: {5E4EFA73-D9EB-44BE-AB67-CB4506042ED8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23] (Google Inc.) Task: {6046126B-65A3-4B94-A886-4AEF0EB83BDD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-16] (Adobe Systems Incorporated) Task: {7B281769-9D0C-428B-BD2B-DD31D7322684} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd) Task: {82CBB0AE-4DC7-4721-9EF1-92E64970D3A0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => Rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation Task: {A4904A90-2DC6-4885-B3C9-CD1A563BF6D7} - System32\Tasks\PCMeter\Startup => E:\Neuer Ordner\PCMeter\PCMeter\PCMeterV0.3.exe Task: {A7C73732-9F11-4281-8D19-764D4EC9D94D} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe aepdu.dll,AePduRunUpdate Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe Task: {D68C3272-B3A5-4D38-9DE4-3BAC669ADD30} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23] (Google Inc.) Task: {D7B6E81D-3CF4-432C-84D2-24213F4316E6} - System32\Tasks\Microsoft\Windows\Autochk\Proxy => Rundll32.exe /d acproxy.dll,PerformAutochkOperations Task: {E22A8667-F75B-4BA9-BA46-067ED4429DE8} - System32\Tasks\Microsoft\Windows\Windows Filtering Platform\BfeOnServiceStartTypeChange => Rundll32.exe bfe.dll,BfeOnServiceStartTypeChange Task: {E3163C33-301D-4730-A266-5518C5ED3967} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe Task: {EDA2EB92-3008-4407-A488-FB45941D3CF9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {F1665D87-9B02-4632-9658-B17BC3C4D1EC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {F6407B3D-C341-4C99-B651-0F3B0C6AD09C} - System32\Tasks\EVGAPrecision => C:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2013-07-18] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-08-17 02:33 - 2013-11-16 17:02 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-10-16 22:44 - 2013-10-16 22:44 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll 2013-03-23 21:06 - 2013-03-23 21:05 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll 2013-03-23 21:06 - 2013-03-23 21:05 - 00397704 _____ () C:\program files (x86)\avira\antivir desktop\sqlite3.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/03/2013 07:44:57 AM) (Source: Office 2013 Licensing Service) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/02/2013 05:32:38 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514, Zeitstempel: 0x4ce792c4 Name des fehlerhaften Moduls: MSI19B4.tmp, Version: 7.0.450.18, Zeitstempel: 0x52541f1a Ausnahmecode: 0xc0000417 Fehleroffset: 0x000172ee ID des fehlerhaften Prozesses: 0x13c4 Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0 Pfad der fehlerhaften Anwendung: MsiExec.exe1 Pfad des fehlerhaften Moduls: MsiExec.exe2 Berichtskennung: MsiExec.exe3 Error: (12/02/2013 05:30:39 PM) (Source: VSS) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {529af9de-40da-42f9-ac05-97b23cfc1805} Error: (12/02/2013 05:30:39 PM) (Source: MsiInstaller) (User: Streeetz-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList". Error: (12/02/2013 05:29:10 PM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.7601.17514, Zeitstempel: 0x4ce792c4 Name des fehlerhaften Moduls: MSIEC20.tmp, Version: 7.0.450.18, Zeitstempel: 0x52541f1a Ausnahmecode: 0xc0000417 Fehleroffset: 0x000172ee ID des fehlerhaften Prozesses: 0xa90 Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0 Pfad der fehlerhaften Anwendung: MsiExec.exe1 Pfad des fehlerhaften Moduls: MsiExec.exe2 Berichtskennung: MsiExec.exe3 Error: (12/02/2013 09:02:52 AM) (Source: Office 2013 Licensing Service) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/01/2013 02:13:29 AM) (Source: Windows Installer 3.1) (User: ) Description: WindowsFür diesen Befehl ist nicht genügend Speicher verfügbar. Error: (12/01/2013 01:25:36 AM) (Source: Office 2013 Licensing Service) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/01/2013 00:35:47 AM) (Source: Office 2013 Licensing Service) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/01/2013 00:03:27 AM) (Source: Application Error) (User: ) Description: Name der fehlerhaften Anwendung: jucheck.exe, Version:, Zeitstempel: 0x51d2fcc9 Name des fehlerhaften Moduls: USER32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba59 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00029951 ID des fehlerhaften Prozesses: 0x1330 Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0 Pfad der fehlerhaften Anwendung: jucheck.exe1 Pfad des fehlerhaften Moduls: jucheck.exe2 Berichtskennung: jucheck.exe3 System errors: ============= Error: (12/02/2013 08:53:30 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (12/02/2013 08:53:30 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (12/02/2013 08:53:30 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (12/02/2013 08:53:30 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (12/02/2013 08:53:30 AM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (12/02/2013 08:53:30 AM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (12/02/2013 08:53:15 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: %%-2140993535 Error: (12/02/2013 08:53:15 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2140993535 Error: (12/02/2013 08:53:15 AM) (Source: PNRPSvc) (User: ) Description: 0x80630801 Error: (12/02/2013 08:52:50 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "PDF Architect Service" wurde mit folgendem Fehler beendet: %%-2147467259 Microsoft Office Sessions: ========================= Error: (12/03/2013 07:44:57 AM) (Source: Office 2013 Licensing Service)(User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/02/2013 05:32:38 PM) (Source: Application Error)(User: ) Description: MsiExec.exe5.0.7601.175144ce792c4MSI19B4.tmp7.0.450.1852541f1ac0000417000172ee13c401ceef7c1d08d66fC:\Windows\syswow64\MsiExec.exeC:\Windows\Installer\MSI19B4.tmp5abd21ee-5b6f-11e3-a4d2-001fd0208104 Error: (12/02/2013 05:30:39 PM) (Source: VSS)(User: ) Description: 0x80070005, Zugriff verweigert Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {529af9de-40da-42f9-ac05-97b23cfc1805} Error: (12/02/2013 05:30:39 PM) (Source: MsiInstaller)(User: Streeetz-PC) Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL) Error: (12/02/2013 05:29:10 PM) (Source: Application Error)(User: ) Description: MsiExec.exe5.0.7601.175144ce792c4MSIEC20.tmp7.0.450.1852541f1ac0000417000172eea9001ceef7ba0e52193C:\Windows\syswow64\MsiExec.exeC:\Windows\Installer\MSIEC20.tmpdea17902-5b6e-11e3-a4d2-001fd0208104 Error: (12/02/2013 09:02:52 AM) (Source: Office 2013 Licensing Service)(User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/01/2013 02:13:29 AM) (Source: Windows Installer 3.1)(User: ) Description: WindowsFür diesen Befehl ist nicht genügend Speicher verfügbar. Error: (12/01/2013 01:25:36 AM) (Source: Office 2013 Licensing Service)(User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/01/2013 00:35:47 AM) (Source: Office 2013 Licensing Service)(User: ) Description: Subscription licensing service failed: -1073418154 Error: (12/01/2013 00:03:27 AM) (Source: Application Error)(User: ) Description: jucheck.exe2.1.9.851d2fcc9USER32.dll6.1.7601.175144ce7ba59c000000500029951133001ceee206114c95dC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Windows\syswow64\USER32.dll9ecab879-5a13-11e3-b8e7-001fd0208104 ==================== Memory info =========================== Percentage of memory in use: 29% Total physical RAM: 8190.3 MB Available physical RAM: 5785.77 MB Total Pagefile: 34759.4 MB Available Pagefile: 31940.84 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:74.43 GB) (Free:4.64 GB) NTFS Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (Spiele / Overclocking) (Fixed) (Total:465.76 GB) (Free:88.12 GB) NTFS Drive f: (Musik / Bilder) (Fixed) (Total:148.92 GB) (Free:30.5 GB) NTFS Drive g: (Downloads / Trash) (Fixed) (Total:1397.26 GB) (Free:1035.38 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 75 GB) (Disk ID: D31FC03B) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=74 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 149 GB) (Disk ID: 976E976E) Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1397 GB) (Disk ID: 0A7C5575) Partition 1: (Active) - (Size=-698723860480) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 466 GB) (Disk ID: 4CC8960C) Partition 1: (Active) - (Size=466 GB) - (Type=42) Partition 2: (Not Active) - (Size=2008 KB) - (Type=42) ==================== End Of Log ============================ Wie gesagt, ich habe ja bereits ein paar Mal Java neuinstalliert, da besagtes Browsergame nicht funktionierte (Java nicht erkannt hat, ich schätze die 32bit Version im 32bit Browser). Aufgrunddessen wollte ich versuchen Java komplett mit JavRa zu deinstallieren und auch in der Registry zu entfernen um eine saubere Neuinstallation vorzunehmen. Da es hiernach allerdings auch nicht funktionierte, habe ich wohl nach vielen weiteren Inst und Deinstallation evt. einen Registry-Eintrag des 32bit Javas gelöscht ? Vorher war es noch kein Problem Java zu deinstallieren und das 64bit Java lässt sich nach wie vor runter und wieder draufschmeißen ohne Probleme. Liebe Grüße und gute Nacht |
![]() | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte ![]()
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #9 |
![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Bin nochmals da und habe dir die Logfile mitgebracht ![]() Keine Funde soweit. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA www.malwarebytes.org Database version: v2013.12.03.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Streeetz :: STREEETZ-PC [administrator] 03.12.2013 23:41:19 mbar-log-2013-12-03 (23-41-19).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 279664 Time elapsed: 6 minute(s), 5 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
![]() | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte ![]()
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: ![]() (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #11 |
![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] So cosinus, hier gehts dann weiter mit der Geschichte ![]() Code:
ATTFilter # AdwCleaner v3.014 - Bericht erstellt am 05/12/2013 um 00:05:47 # Updated 01/12/2013 von Xplode # Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits) # Benutzername : Streeetz - STREEETZ-PC # Gestartet von : E:\Neuer Ordner\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\boost_interprocess Ordner Gelöscht : C:\Users\Streeetz\AppData\Roaming\pdfforge Ordner Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\ICQToolbarData Ordner Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\ICQToolbarData Ordner Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07} Ordner Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07} Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\11-suche.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-1.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-1.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-10.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-10.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-2.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-2.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-3.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-3.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-4.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-4.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-5.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-5.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-6.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-6.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-7.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-7.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-8.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-8.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\icqplugin-9.xml Datei Gelöscht : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\cbqp4x7p.default\searchplugins\icqplugin-9.xml ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F} Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}] Schlüssel Gelöscht : HKCU\Software\APN PIP Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKLM\Software\PIP ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v25.0.1 (de) [ Datei : C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\prefs.js ] Zeile gelöscht : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Zeile gelöscht : user_pref("icqtoolbar.allowSendURL", false); Zeile gelöscht : user_pref("icqtoolbar.engineVerified", false); Zeile gelöscht : user_pref("icqtoolbar.geolastmodified", 1320935919); Zeile gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options"); Zeile gelöscht : user_pref("icqtoolbar.history", "vvideos||deutsche%20bundeswehr||duke%20nukem||stromanschl%C3%BCsse%20grafikkarte||beihausen||cafeteria||fifa%2012%20zweikampf%20tipps||superkompensation||%20site%3Aeuw[...] Zeile gelöscht : user_pref("icqtoolbar.icqgeo", 49); Zeile gelöscht : user_pref("icqtoolbar.installTime", "1320732901"); Zeile gelöscht : user_pref("icqtoolbar.installsource", "1"); Zeile gelöscht : user_pref("icqtoolbar.newtab_state", "1"); Zeile gelöscht : user_pref("icqtoolbar.numberOfSearches", 0); Zeile gelöscht : user_pref("icqtoolbar.previousFFVersion", "7.0.1"); Zeile gelöscht : user_pref("icqtoolbar.skip_default_search", "no"); Zeile gelöscht : user_pref("icqtoolbar.suggestions", false); Zeile gelöscht : user_pref("icqtoolbar.uniqueID", "130741059913074104791308157818630"); Zeile gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1321022323); Zeile gelöscht : user_pref("icqtoolbar.version", "1.3.6"); Zeile gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0); Zeile gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0); Zeile gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0); Zeile gelöscht : user_pref("icqtoolbar.voucherWasShown", 0); Zeile gelöscht : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false); Zeile gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false); Zeile gelöscht : user_pref("icqtoolbar.xmlLanguage", "de"); Zeile gelöscht : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7B98a6f0dd-92f6-40b1-8466-c8e1938d66ee%7D&mid=973cb144fce347d0a8f8d15696c468f7-03b4b3fd6620badc7f79b90f9cbfacaecae34de8&ds=od011&v=[...] -\\ Google Chrome v31.0.1650.63 [ Datei : C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [7198 octets] - [05/12/2013 00:03:23] AdwCleaner[S0].txt - [7031 octets] - [05/12/2013 00:05:47] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7091 octets] ########## FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-12-2013 Ran by Streeetz (administrator) on STREEETZ-PC on 05-12-2013 00:34:26 Running from C:\Users\Streeetz\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (ROCCAT) C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (ROCCAT) C:\Program Files (x86)\ROCCAT\Kone Mouse\OSD.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [6900024 2012-07-24] (Logitech Inc.) HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd) MountPoints2: G - G:\hmh-acrev.exe MountPoints2: J - J:\setup.exe MountPoints2: {39284132-5a80-11e3-80f9-806e6f6e6963} - J:\setup.exe MountPoints2: {aa80760d-5a1d-11e3-b3ca-001fd0208104} - G:\setup.exe MountPoints2: {bd1f8de3-09a6-11e2-baaa-001fd0208104} - G:\setup.exe HKLM-x32\...\Run: [Kone] - C:\Program Files (x86)\ROCCAT\Kone Mouse\KoneHID.EXE [1666560 2011-02-18] (ROCCAT) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-30] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1A9557372898CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll No File Tcpip\Parameters: [DhcpNameServer] FireFox: ======== FF ProfilePath: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF Homepage: hxxp://www.google.de/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\searchplugins-backup FF SearchPlugin: C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: LavaFox V2-Blue - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\djziggy@gmail.com FF Extension: LavaFox V2 - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\info@djzig.com FF Extension: Garmin Communicator - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} FF Extension: DVDVideoSoft Menu - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi FF Extension: Adblock Plus - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi FF Extension: greasemonkey - C:\Users\Streeetz\AppData\Roaming\Mozilla\Firefox\Profiles\7h1aovgv.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 CHR Extension: (Google Drive) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 CHR Extension: (YouTube) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 CHR Extension: (Google Search) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\ CHR Extension: (Google Wallet) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\ CHR Extension: (Gmail) - C:\Users\Streeetz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-30] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-30] (Avira Operations GmbH & Co. KG) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2012-11-02] () ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-30] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG) S3 CrystalSysInfo; E:\Overlocking & Bench Tools\Crysal CPUID\SysInfoX64.sys [18128 2010-01-09] () S3 DSI_SiUSBXp_3_1; C:\Windows\System32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Silicon Laboratories) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-12-01] (Disc Soft Ltd) S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-09-21] () R3 KoneFltr; C:\Windows\System32\drivers\Kone.sys [15488 2008-12-11] (ROCCAT Ltd) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-04-12] (Oracle Corporation) S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x] S3 tsusbhub; system32\drivers\tsusbhub.sys [x] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [x] S3 VGPU; System32\drivers\rdvgkmd.sys [x] S3 WinRing0_1_2_0; \??\C:\Users\Streeetz\AppData\Local\Temp\tmp4F97.tmp [x] S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-05 00:34 - 2013-12-05 00:34 - 01959766 _____ (Farbar) C:\Users\Streeetz\Desktop\FRST64.exe 2013-12-05 00:32 - 2013-12-05 00:32 - 01034531 _____ (Thisisu) C:\Users\Streeetz\Desktop\JRT.exe 2013-12-05 00:02 - 2013-12-05 00:05 - 00000000 ____D C:\AdwCleaner 2013-12-03 23:36 - 2013-12-04 00:11 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-12-03 23:36 - 2013-12-03 23:41 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2013-12-03 23:36 - 2013-12-03 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-03 23:34 - 2013-12-04 00:11 - 00000000 ____D C:\Users\Streeetz\Desktop\mbar 2013-12-03 23:34 - 2013-12-03 23:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-12-03 23:33 - 2013-12-03 23:33 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Streeetz\Desktop\mbar- 2013-12-03 22:52 - 2013-12-05 00:34 - 00013761 _____ C:\Users\Streeetz\Desktop\FRST.txt 2013-12-03 22:52 - 2013-12-03 23:13 - 00022154 _____ C:\Users\Streeetz\Desktop\Addition.txt 2013-12-03 22:51 - 2013-12-03 22:51 - 00000000 ____D C:\FRST 2013-12-02 17:29 - 2013-12-02 17:29 - 00000000 ____D C:\Program Files (x86)\Java 2013-12-01 14:14 - 2013-12-01 14:23 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\FreeOrion 2013-12-01 14:12 - 2013-12-01 14:12 - 00001023 _____ C:\Users\Public\Desktop\FreeOrion.lnk 2013-12-01 14:12 - 2013-12-01 14:12 - 00000000 ____D C:\Program Files (x86)\FreeOrion 2013-12-01 13:25 - 2013-12-01 14:19 - 00001488 _____ C:\Users\Streeetz\Desktop\Neues Textdokument.txt 2013-12-01 13:24 - 2013-12-01 13:24 - 00000000 ____D C:\Program Files\Java 2013-12-01 02:13 - 2013-12-01 02:13 - 00000780 _____ C:\Windows\KB893803v2.log 2013-12-01 02:06 - 2013-12-01 02:06 - 00000000 ____D C:\jre1.7.0_45 2013-12-01 01:17 - 2013-12-05 00:10 - 00243845 _____ C:\Windows\WindowsUpdate.log 2013-12-01 01:15 - 2013-12-05 00:07 - 00000280 _____ C:\Windows\setupact.log 2013-12-01 01:15 - 2013-12-01 01:15 - 00000000 _____ C:\Windows\setuperr.log 2013-12-01 00:27 - 2013-12-01 01:16 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2013-12-01 00:27 - 2013-12-01 00:27 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2013-12-01 00:11 - 2013-12-01 00:11 - 00048346 _____ C:\Users\Streeetz\Documents\cc_20131201_001126.reg 2013-12-01 00:07 - 2013-12-01 00:07 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-12-01 00:07 - 2013-12-01 00:07 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-12-01 00:07 - 2013-12-01 00:07 - 00000000 ____D C:\Program Files\CCleaner 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN52A5.tmp 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN5295.tmp 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN5294.tmp 2013-11-30 23:36 - 2013-12-01 13:24 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-11-30 23:36 - 2013-12-01 13:24 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-11-30 23:36 - 2013-12-01 13:24 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-11-30 23:36 - 2013-12-01 13:24 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-11-30 23:33 - 2013-11-30 23:33 - 00000882 _____ C:\Users\Public\Desktop\Waterfox.lnk 2013-11-30 23:33 - 2013-11-30 23:33 - 00000000 ____D C:\Program Files\Waterfox 2013-11-30 23:28 - 2013-12-02 17:30 - 00000000 ____D C:\MATS 2013-11-30 22:49 - 2013-11-30 22:49 - 00000011 ____R C:\Windows\amunres.lsl 2013-11-30 20:43 - 2013-11-30 20:43 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-11-30 15:20 - 2013-11-30 15:20 - 00001162 _____ C:\Users\UpdatusUser.Streeetz-PC\Desktop\Continue Zip Opener Installation.lnk 2013-11-26 01:01 - 2013-11-26 01:37 - 00000000 ____D C:\Program Files (x86)\mp3DirectCut 2013-11-24 14:50 - 2013-11-24 14:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2013-11-24 14:48 - 2013-11-24 20:48 - 105952601 _____ C:\Windows\SysWOW64\䁫읒9 2013-11-22 22:37 - 2013-11-23 22:37 - 105869762 _____ C:\Windows\SysWOW64\邛T 2013-11-22 10:37 - 2013-11-22 16:37 - 105660331 _____ C:\Windows\SysWOW64\敔瑽 2013-11-22 04:37 - 2013-11-22 04:37 - 105618727 _____ C:\Windows\SysWOW64\㭚 2013-11-22 04:31 - 2013-11-22 04:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-11-21 16:37 - 2013-11-21 22:37 - 105611834 _____ C:\Windows\SysWOW64\ᔖ弰 2013-11-19 23:44 - 2013-11-21 10:37 - 105483598 _____ C:\Windows\SysWOW64\컚ㅙ 2013-11-13 03:07 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-11-13 03:03 - 2013-11-13 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-13 03:03 - 2013-11-13 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-13 03:03 - 2013-11-13 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-13 03:03 - 2013-11-13 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-13 03:03 - 2013-11-13 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-13 03:03 - 2013-11-13 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-13 03:03 - 2013-11-13 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-13 03:03 - 2013-11-13 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-13 00:58 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 00:58 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 00:58 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 00:58 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 00:58 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2013-11-13 00:58 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 00:58 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 00:58 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 00:58 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 00:58 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 00:58 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 00:58 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 00:58 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 00:58 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 00:58 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-13 00:58 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 00:58 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 00:58 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 00:58 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 00:58 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 00:58 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 00:58 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 00:58 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 00:58 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 00:58 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 00:58 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 00:58 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 00:58 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 00:58 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-13 00:58 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-09 15:53 - 2013-11-09 15:53 - 00000000 ____D C:\ProgramData\Steam ==================== One Month Modified Files and Folders ======= 2013-12-05 00:34 - 2013-12-05 00:34 - 01959766 _____ (Farbar) C:\Users\Streeetz\Desktop\FRST64.exe 2013-12-05 00:34 - 2013-12-03 22:52 - 00013761 _____ C:\Users\Streeetz\Desktop\FRST.txt 2013-12-05 00:33 - 2013-02-23 17:03 - 00001114 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2013-12-05 00:32 - 2013-12-05 00:32 - 01034531 _____ (Thisisu) C:\Users\Streeetz\Desktop\JRT.exe 2013-12-05 00:28 - 2013-07-03 01:36 - 00000000 ____D C:\Users\Streeetz\AppData\Local\LogMeIn Hamachi 2013-12-05 00:14 - 2009-07-14 05:45 - 00019792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-05 00:14 - 2009-07-14 05:45 - 00019792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-05 00:11 - 2013-12-01 01:17 - 00243845 _____ C:\Windows\WindowsUpdate.log 2013-12-05 00:11 - 2009-09-04 19:43 - 00666512 _____ C:\Windows\system32\perfh007.dat 2013-12-05 00:11 - 2009-09-04 19:43 - 00135440 _____ C:\Windows\system32\perfc007.dat 2013-12-05 00:11 - 2009-08-16 10:50 - 00685704 _____ C:\Windows\system32\perfh019.dat 2013-12-05 00:11 - 2009-08-16 10:50 - 00137878 _____ C:\Windows\system32\perfc019.dat 2013-12-05 00:11 - 2009-07-14 06:13 - 02349246 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-05 00:07 - 2013-12-01 01:15 - 00000280 _____ C:\Windows\setupact.log 2013-12-05 00:07 - 2013-05-11 09:19 - 00003034 _____ C:\Windows\System32\Tasks\EVGAPrecision 2013-12-05 00:07 - 2013-02-23 17:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2013-12-05 00:07 - 2012-09-21 19:47 - 00000000 ____D C:\ProgramData\NVIDIA 2013-12-05 00:07 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-05 00:05 - 2013-12-05 00:02 - 00000000 ____D C:\AdwCleaner 2013-12-04 15:08 - 2012-09-21 20:47 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{57677CF5-EABA-468E-BD52-03DBFABB15A8} 2013-12-04 00:11 - 2013-12-03 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-12-04 00:11 - 2013-12-03 23:34 - 00000000 ____D C:\Users\Streeetz\Desktop\mbar 2013-12-03 23:41 - 2013-12-03 23:36 - 00116440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2013-12-03 23:39 - 2013-12-03 23:34 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-12-03 23:36 - 2013-12-03 23:36 - 00000000 ____D C:\ProgramData\Malwarebytes 2013-12-03 23:33 - 2013-12-03 23:33 - 12576792 _____ (Malwarebytes Corp.) C:\Users\Streeetz\Desktop\mbar- 2013-12-03 23:13 - 2013-12-03 22:52 - 00022154 _____ C:\Users\Streeetz\Desktop\Addition.txt 2013-12-03 22:51 - 2013-12-03 22:51 - 00000000 ____D C:\FRST 2013-12-03 14:57 - 2013-03-28 18:17 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2013-12-02 17:30 - 2013-11-30 23:28 - 00000000 ____D C:\MATS 2013-12-02 17:29 - 2013-12-02 17:29 - 00000000 ____D C:\Program Files (x86)\Java 2013-12-02 08:52 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2013-12-01 14:23 - 2013-12-01 14:14 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\FreeOrion 2013-12-01 14:19 - 2013-12-01 13:25 - 00001488 _____ C:\Users\Streeetz\Desktop\Neues Textdokument.txt 2013-12-01 14:12 - 2013-12-01 14:12 - 00001023 _____ C:\Users\Public\Desktop\FreeOrion.lnk 2013-12-01 14:12 - 2013-12-01 14:12 - 00000000 ____D C:\Program Files (x86)\FreeOrion 2013-12-01 13:24 - 2013-12-01 13:24 - 00000000 ____D C:\Program Files\Java 2013-12-01 13:24 - 2013-11-30 23:36 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2013-12-01 13:24 - 2013-11-30 23:36 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2013-12-01 13:24 - 2013-11-30 23:36 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2013-12-01 13:24 - 2013-11-30 23:36 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2013-12-01 13:24 - 2013-10-28 16:36 - 00000000 ____D C:\ProgramData\Oracle 2013-12-01 02:13 - 2013-12-01 02:13 - 00000780 _____ C:\Windows\KB893803v2.log 2013-12-01 02:06 - 2013-12-01 02:06 - 00000000 ____D C:\jre1.7.0_45 2013-12-01 01:16 - 2013-12-01 00:27 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2013-12-01 01:15 - 2013-12-01 01:15 - 00000000 _____ C:\Windows\setuperr.log 2013-12-01 01:15 - 2012-09-21 19:36 - 00000000 ____D C:\Users\Streeetz 2013-12-01 01:14 - 2013-10-01 14:34 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform 2013-12-01 01:14 - 2013-05-11 00:07 - 00000000 ____D C:\Users\UpdatusUser.Streeetz-PC 2013-12-01 01:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration 2013-12-01 00:27 - 2013-12-01 00:27 - 00000000 ____D C:\Program Files (x86)\DAEMON Tools Lite 2013-12-01 00:19 - 2013-10-29 14:31 - 00000000 ____D C:\Program Files (x86)\Steam 2013-12-01 00:19 - 2013-10-01 04:38 - 00000000 ____D C:\Program Files (x86)\PDFCreator 2013-12-01 00:19 - 2012-09-28 22:48 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\DAEMON Tools Lite 2013-12-01 00:19 - 2012-09-22 10:16 - 00000000 ____D C:\Windows\Minidump 2013-12-01 00:19 - 2012-09-22 05:25 - 00000000 ____D C:\Windows\Panther 2013-12-01 00:19 - 2012-09-21 23:33 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\Media Player Classic 2013-12-01 00:19 - 2012-09-21 20:16 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\Winamp 2013-12-01 00:11 - 2013-12-01 00:11 - 00048346 _____ C:\Users\Streeetz\Documents\cc_20131201_001126.reg 2013-12-01 00:07 - 2013-12-01 00:07 - 00002778 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2013-12-01 00:07 - 2013-12-01 00:07 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk 2013-12-01 00:07 - 2013-12-01 00:07 - 00000000 ____D C:\Program Files\CCleaner 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN52A5.tmp 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN5295.tmp 2013-11-30 23:59 - 2013-11-30 23:59 - 00000000 _____ C:\Windows\SysWOW64\REN5294.tmp 2013-11-30 23:45 - 2013-10-28 16:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-11-30 23:33 - 2013-11-30 23:33 - 00000882 _____ C:\Users\Public\Desktop\Waterfox.lnk 2013-11-30 23:33 - 2013-11-30 23:33 - 00000000 ____D C:\Program Files\Waterfox 2013-11-30 23:14 - 2009-07-14 05:45 - 00441848 _____ C:\Windows\system32\FNTCACHE.DAT 2013-11-30 23:05 - 2012-12-09 13:20 - 00000000 ____D C:\Users\Streeetz\KAG 2013-11-30 23:03 - 2012-09-21 22:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-11-30 23:02 - 2013-03-04 21:54 - 00000000 ____D C:\Program Files (x86)\OpenOffice.org 3 2013-11-30 23:02 - 2012-09-21 23:11 - 00111520 _____ C:\Users\Streeetz\AppData\Local\GDIPFONTCACHEV1.DAT 2013-11-30 22:49 - 2013-11-30 22:49 - 00000011 ____R C:\Windows\amunres.lsl 2013-11-30 22:18 - 2013-09-11 23:17 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Overwolf 2013-11-30 21:15 - 2012-10-23 17:02 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Apple Computer 2013-11-30 20:52 - 2012-09-28 23:23 - 00000000 ____D C:\Users\Streeetz\AppData\Roaming\vlc 2013-11-30 20:43 - 2013-11-30 20:43 - 00000000 ____D C:\Program Files (x86)\QuickTime 2013-11-30 19:03 - 2013-04-30 18:41 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Game Dev Tycoon 2013-11-30 15:24 - 2013-07-14 15:01 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server 2013-11-30 15:20 - 2013-11-30 15:20 - 00001162 _____ C:\Users\UpdatusUser.Streeetz-PC\Desktop\Continue Zip Opener Installation.lnk 2013-11-30 15:09 - 2013-05-02 09:45 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2013-11-30 15:09 - 2013-03-28 18:17 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2013-11-30 15:09 - 2013-03-28 18:17 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2013-11-30 14:53 - 2013-02-23 17:03 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Google 2013-11-30 14:52 - 2013-02-23 17:03 - 00000000 ____D C:\Program Files (x86)\Google 2013-11-30 14:42 - 2012-09-28 19:51 - 00000000 ____D C:\Users\Streeetz\AppData\Local\PMB Files 2013-11-30 14:42 - 2012-09-28 19:51 - 00000000 ____D C:\ProgramData\PMB Files 2013-11-29 05:28 - 2013-02-23 17:03 - 00004110 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2013-11-29 05:28 - 2013-02-23 17:03 - 00003858 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2013-11-27 14:31 - 2013-04-03 13:56 - 00629760 ___SH C:\Users\Streeetz\Desktop\Thumbs.db 2013-11-27 13:37 - 2013-10-01 14:31 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-11-26 01:37 - 2013-11-26 01:01 - 00000000 ____D C:\Program Files (x86)\mp3DirectCut 2013-11-24 20:48 - 2013-11-24 14:48 - 105952601 _____ C:\Windows\SysWOW64\䁫읒9 2013-11-24 14:50 - 2013-11-24 14:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf 2013-11-23 22:37 - 2013-11-22 22:37 - 105869762 _____ C:\Windows\SysWOW64\邛T 2013-11-22 16:37 - 2013-11-22 10:37 - 105660331 _____ C:\Windows\SysWOW64\敔瑽 2013-11-22 04:37 - 2013-11-22 04:37 - 105618727 _____ C:\Windows\SysWOW64\㭚 2013-11-22 04:31 - 2013-11-22 04:31 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2013-11-21 22:37 - 2013-11-21 16:37 - 105611834 _____ C:\Windows\SysWOW64\ᔖ弰 2013-11-21 11:58 - 2013-08-17 02:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-11-21 11:58 - 2012-09-21 20:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-21 10:37 - 2013-11-19 23:44 - 105483598 _____ C:\Windows\SysWOW64\컚ㅙ 2013-11-14 23:20 - 2013-10-01 04:32 - 00000000 ____D C:\Users\Streeetz\Desktop\Bewerbung 2013-11-13 03:25 - 2012-09-21 19:37 - 00001425 _____ C:\Users\Streeetz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2013-11-13 03:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2013-11-13 03:03 - 2013-11-13 03:03 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-11-13 03:03 - 2013-11-13 03:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-11-13 03:03 - 2013-11-13 03:03 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-11-13 03:03 - 2013-11-13 03:03 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-11-13 03:03 - 2013-11-13 03:03 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-11-13 03:03 - 2013-11-13 03:03 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-11-13 03:03 - 2013-11-13 03:03 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2013-11-13 03:03 - 2013-11-13 03:03 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-11-13 03:03 - 2013-11-13 03:03 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-11-13 03:03 - 2013-11-13 03:03 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-11-13 03:03 - 2013-11-13 03:03 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-11-13 03:03 - 2013-11-13 03:03 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-11-13 03:03 - 2013-11-13 03:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-13 03:02 - 2013-07-26 02:00 - 00000000 ____D C:\Windows\system32\MRT 2013-11-13 03:00 - 2012-09-21 20:31 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-11-11 18:59 - 2013-11-02 18:59 - 103792856 _____ C:\Windows\SysWOW64\ᴍ獎 2013-11-09 15:53 - 2013-11-09 15:53 - 00000000 ____D C:\ProgramData\Steam 2013-11-09 14:34 - 2013-10-23 01:59 - 00000000 ____D C:\Users\Streeetz\AppData\Local\Battle.net Some content of TEMP: ==================== C:\Users\Streeetz\AppData\Local\Temp\avgnt.exe C:\Users\Streeetz\AppData\Local\Temp\DTLite4481-0347.exe C:\Users\Streeetz\AppData\Local\Temp\java-installer.exe C:\Users\Streeetz\AppData\Local\Temp\jre_setup.exe C:\Users\Streeetz\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-11-30 15:46 ==================== End Of Log ============================ JRT konnte ich trotz ausgeschaltetem AntiVir, sowie "zulassen" unter Sicherheit nicht starten. Bei einem Doppelklick öffnet sich kurz ein Dos-Fenster und schließt sich direkt wieder. Schöne Nacht |
![]() | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Starte bitte mal die cmd.exe (Konsole) über Rechtsklick als Administrator Navigiere mit diesen Konsolenbefehl zu deinem Desktop: Code:
ATTFilter cd %userprofile%\desktop
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #13 |
![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Guten morgen, habe es so gestartet wie gesagt. Das selbe Problem tritt auf - Start von JRT nicht möglich. Grüße |
![]() | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Steht denn in der Konsole eine Fehlermeldung?
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #15 |
![]() | ![]() Java lässt sich nicht neu/deinstallieren [registry?] Nein die Konsole schließt sich direkt, ohne dass ich etwas ablesen könnte. |
![]() |
Themen zu Java lässt sich nicht neu/deinstallieren [registry?] |
absturz, adobe reader xi, antivir, avira, battle.net, bho, bonjour, computer, converter, desktop, error, firefox, flash player, google, iexplore.exe, install.exe, installation, launch, logfile, mozilla, msiinstaller, object, office 2013, plug-in, realtek, registry, scan, secure search, senden, server, svchost.exe, teamspeak, windows, wrapper |