| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: appround.net - ChromeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.02.2014, 12:02
| #1 |
| |  appround.net - Chrome Sehr geehrtes Forum, nach dem ich mich damit beschäftigt habe, dieses Problem anzugehen, habe ich mich dazu entschlossen das trojaner-board eindeutig die Beste alternative zur Lösung ist. Nach dem ich die Anleitung zur Beseitigung der anderen Betroffenen durchgearbeitet habe, hatte ich mich zunächst entschlossen die Reinigung selbst zu probieren, jedoch schnell Festgestellt das OTL doch fortgeschrittenere Kenntnisse erfordert. Immerhin habe ich schon einmal den Log der Durchsuchung: Ich würde mich sehr freuen wenn Ihr mir dabei helfen könntet das Problem zu lösen, da ich auf anderen Seiten schlimme folgen von appround.net gelesen habe. Liebe Grüße, der Nusserdt Code:
ATTFilter OTL Extras logfile created on: 20.02.2014 11:28:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\****\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,86 Gb Total Physical Memory | 3,53 Gb Available Physical Memory | 44,88% Memory free
15,72 Gb Paging File | 10,69 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 27,84 Gb Free Space | 5,98% Space Free | Partition Type: NTFS
Drive G: | 3,73 Gb Total Space | 3,63 Gb Free Space | 97,48% Space Free | Partition Type: FAT32
Computer Name: **** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E1BED7-4C81-4164-8745-320F2E752AFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{04FD1119-8DCC-413E-88D9-1C07151DF523}" = lport=2869 | protocol=6 | dir=in | app=system |
"{066F7877-FAB0-4AE4-9C11-7FD410B99A36}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{07E35CD7-0FE5-4C34-99AD-EA8FC2B7745B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0B1E4367-DEA7-49A8-A3A6-CDC14FF09D00}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BE6951D-AEF5-493F-9759-2FEE47AD0BC6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1093473C-61C0-4F06-92DC-EEA3A54413B2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{16D044F9-6293-4F08-A09B-0B20B039F92C}" = rport=137 | protocol=17 | dir=out | app=system |
"{22964A8E-9824-446F-A664-9B736F6425AD}" = rport=445 | protocol=6 | dir=out | app=system |
"{2349009A-0FF9-47AE-9230-1D06FCFB0A04}" = lport=445 | protocol=6 | dir=in | app=system |
"{23CCB981-D908-486D-A664-D4144BB1E1DE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{26726A3A-2A87-47F3-A6B5-261853E32ED9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36B246FE-FC20-4300-9D3C-1CE0617513E7}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3D948D73-9E05-4DDD-8C9F-AEA661D98DEA}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{418EC15B-8379-4071-9F91-13B3CD3ABC18}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{42B6B081-1684-4991-A097-7627D85C251E}" = lport=137 | protocol=17 | dir=in | app=system |
"{457721B2-786C-46F9-A064-8FCEDF2580E3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{48EADBAA-1079-4908-9587-B534892BD9B3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4A3EF1B7-F41C-42D1-A5B3-FD1D492EE446}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A429843-F32A-473F-8111-B5A491EE361B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4D63C884-A5B2-49FC-BDC9-35E61AC94C66}" = lport=139 | protocol=6 | dir=in | app=system |
"{5B127816-AFEF-458A-8657-05D9276438F8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{673C7319-DC34-4C71-A13C-C0F53061DA70}" = rport=80 | protocol=6 | dir=out | app=c:\users\****\appdata\local\warframe\downloaded\public\tools\launcher.exe |
"{673E008C-E9F9-4D47-A115-9C48BA4396D7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6BA6241B-3587-4221-975C-1359128DDE77}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D9F7D0E-9407-44DD-812F-40C864E26557}" = rport=80 | protocol=6 | dir=out | app=c:\****\games\downloaded\public\warframe.x64.exe |
"{71D59C4C-8B08-4F69-A35D-F45E79BAE504}" = lport=138 | protocol=17 | dir=in | app=system |
"{788B9C99-9FA4-4F31-8FA9-38F2EDED5C3B}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7FB5727F-BDBE-48C1-A1D1-3C191F2056B9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{810A0A28-8FFF-415F-9B9A-D6E1FABC33AC}" = rport=2869 | protocol=6 | dir=out | app=system |
"{84BFC7A9-8196-4338-8103-F50290195CEA}" = rport=80 | protocol=6 | dir=out | app=c:\****\games\downloaded\public\warframe.exe |
"{87FE6DB4-6F28-4648-8592-41C119D5A8F6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9A12221C-FBDE-4432-943F-78B9E48DE7ED}" = rport=138 | protocol=17 | dir=out | app=system |
"{A1710599-F0F0-4EFA-808F-29C97A58DA82}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A1AE8847-CEE8-4D63-BB35-AD1E41176A76}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AB5D219C-ACE0-410B-AAD8-9032F152F9E1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B5071A72-475D-498D-9663-03FD01D11FDD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5341EDA-47F2-4D25-A994-5FD43E22AD0D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA9C7BDD-2D7C-424F-8393-42DE4C776D98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C5A150AD-1080-4702-B3A0-6D82E5CA0105}" = rport=139 | protocol=6 | dir=out | app=system |
"{C7A9C6FD-4CF5-4E2E-B5CA-E3C7A6662AD3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D2D06E6C-04BD-49C7-8262-DD69ACFABB5E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D4EC5744-5F16-4EDB-AB48-924E08271CA8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE03B9B1-8CF8-4EFF-999B-CA115EBF6F77}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DEEF1D83-FA64-43F8-9DEE-E31D0E790C42}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0348E7A-4B4E-4265-AA07-E24297B6DDA5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E82CE86D-ACF8-434F-9C8B-4BCF1027518F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EB8B22C6-F39C-4936-AA00-F72A5458C26F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F0F7FA9D-935A-4C47-A3C7-34DBEFC95900}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3EE4A93-BA45-4D97-A99A-C9A099442FD9}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0349690D-4EF6-4FF4-AF0B-67A70069FD67}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{05182F19-C4E7-4C19-A883-28462F1B563A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{0762C9E1-6F90-40F1-B432-179D5731BDC1}" = protocol=17 | dir=in | app=c:\****\games\ assassin's creed ii\assassinscreedii.exe |
"{0F7E0241-D4D7-40BF-BFB7-E5729DF5A997}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe |
"{10DDB289-2DA5-4A99-A0EF-99A71FE7276F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1372C910-E06D-4BCE-92F5-573254991BF7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{13BD9966-8BA2-450E-93CA-6BBC32DDD85A}" = protocol=17 | dir=in | app=c:\****\games\riot games\league of legends\lol.launcher.exe |
"{189E8AEE-D9C0-4B47-91ED-15893DE7486A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{1989586F-4E6F-4BC1-8073-76E8D0CF89B1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{1C88DEEF-02C4-436F-AF48-C33BE0B25212}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{1E6C411D-0203-4A2B-B6BD-FF7CBABD0C77}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{1ED458B4-D476-46B9-A218-E18A0C3AE4E2}" = protocol=17 | dir=in | app=c:\users\****\appdata\roaming\dropbox\bin\dropbox.exe |
"{215A5AE2-1A82-4215-9F37-0D8EF895156B}" = protocol=17 | dir=out | app=c:\****\games\downloaded\public\warframe.x64.exe |
"{2444505E-F8B3-46EC-81CE-C3241AAF32ED}" = protocol=6 | dir=in | app=c:\users\****\appdata\roaming\dropbox\bin\dropbox.exe |
"{29930BB5-A5D9-4CBB-A60B-363131EBCAF8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{2A3DAEF2-56FB-4B3F-B4F1-8C27A2B5554C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2D9E98B7-899F-4E1A-9D10-27F85E0D720E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{31AF0C14-1A49-4FA5-8397-0A4304DF902D}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{3528044B-B4D0-4A3F-922E-6ADA4C152F14}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{3A2558AC-D34F-46D0-A5AA-CD746225B91A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3A6AC613-8759-44C9-87BB-6BF1EAEEA39F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3B8F87DD-0B44-41EB-A95B-AFAF0FA6F2B0}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{3C20A693-E03A-49FC-8DF6-65AC829DDB31}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3E3085AB-9A7B-4279-B20C-20D81ECB82AC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{411A3CD7-6DDC-48B5-819E-FFBCE2C6AB03}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{42E20069-731F-4553-B921-71FE62E1FA13}" = protocol=6 | dir=in | app=c:\martin\games\ assassin's creed ii\server.exe |
"{4483BDCF-519F-4085-9866-824A3D54058A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4756EC11-7F0F-492F-9418-54A5B45DBDEA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{4E59AA9B-1DD8-4A6A-BB91-9F88CBB67A6B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{4EC989F1-9046-4EAD-8564-4F1AD2C812E7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{53019F2A-04CA-4A41-94D7-8DF52C1B1CFB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{53B54FB0-0967-4787-912A-3BFE3B892C03}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{546B5B21-489F-4761-ABAC-FA96FB9432F6}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{549C32EB-BF0F-4A44-AD57-226496391FE9}" = protocol=6 | dir=in | app=c:\martin\games\ assassin's creed ii\assassinscreedii.exe |
"{587B45FF-DC87-4DCD-932A-5B4EC6A13401}" = protocol=6 | dir=in | app=c:\martin\games\two worlds ii\twoworlds2.exe |
"{592C72D1-4C0C-4FAA-91CA-6F0155DAEAF6}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\faxapplications.exe |
"{5ACF43D6-16A0-4040-BB08-BDECD9C909A1}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{5C30FE63-7D80-4279-AECA-E68235266D45}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6183558E-C7AE-4C98-A6BD-84130730BAF4}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{622E3104-E577-4B19-B30C-5A7E951A3841}" = protocol=6 | dir=in | app=c:\martin\games\ assassin's creed ii\uplaybrowser.exe |
"{6942907F-13B7-46E1-8714-5D9C264CD588}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{6BBE79A0-6B08-4FB3-A3AB-F5C178D6F673}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{6E5A004F-A9CD-41D2-BAEE-BD6C836DBD34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7165C847-72E5-47B5-8C20-7140F351E6A7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{7ED0A258-94D5-44C1-8524-F7675522722C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80075E41-D098-428D-8D22-5D4F1AB6AE15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{83217C83-42EB-4C94-9EA8-6CD0639D6E31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{83CA28A3-3F97-460F-A637-D8E9B0432849}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{89A35DD1-BF0E-44BE-A343-0EDD5874E75D}" = protocol=17 | dir=in | app=c:\martin\games\downloaded\public\warframe.x64.exe |
"{8B7202AA-297A-458F-8259-99CDD0E2934F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{8C7D163A-3FA1-4C1F-8BC1-F200BA2F3971}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{8CCFB3F9-F876-4A61-A730-31AC2EEFD753}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D769A7B-FFE7-44FC-98E4-AB38D4F81A3A}" = protocol=6 | dir=in | app=c:\martin\games\ assassin's creed ii\assassinscreediigame.exe |
"{8F96E0CE-EF1D-4296-85F1-27BD6CE88728}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9059AA0A-0A62-4B76-8E37-0E193AE8614C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{90FBE3CD-0261-424E-84A3-344AB2F88893}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{979F161F-F673-4ABA-BA71-970BEC21F939}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{9817DE67-43F9-431C-B1F6-2FB4F97EF726}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{9968ADBE-8308-4379-B460-7DDEAD315C62}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9996D592-8A8C-4271-9F80-26056C6665A5}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\sendafax.exe |
"{9D0CD84E-F271-468B-B9AC-6E4DEFAD204D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{A24B3966-5AE8-406A-8477-2BE317B70EEE}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe |
"{A25763C3-8FBC-4809-95F5-39EA67319AED}" = protocol=6 | dir=in | app=c:\martin\games\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{A45402CA-B0A8-47D3-BECA-B0F38BE77B85}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A8BC3C2B-6B56-4578-87C5-74C8C3FA01D7}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{AD1DFD22-0D1B-4BE0-8CF5-E959E236A00D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AD6DB4FF-A546-4433-918A-78EF6E6C965B}" = protocol=6 | dir=out | app=system |
"{AD71F2E5-1622-4A8B-B17B-C36130EBF391}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{B122BD1D-2487-4019-9736-5FF8AE451C78}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B211450C-15E0-4463-85F3-A7F2369615F5}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{B259BC98-57D4-4D6F-832A-A7799BEEF216}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B79AD748-157A-4BE2-8AD8-D3B9D2331106}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCDFADCE-A114-4A3F-84BA-9E16C2E15EA6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BE5A909E-0D8C-4088-A982-861A2D9D7A49}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C231512A-83A2-4244-9D0F-D224F20BD4D1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C375CBD5-6F92-43AF-AC5B-578D69CCCB29}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C5F3428E-D0F7-4F41-9FB9-BA10A4C98676}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C9384AEC-DC5D-4070-B819-D11F84BA081E}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{C9C59982-3390-47DF-925E-0D7C1B4B11A1}" = protocol=17 | dir=in | app=c:\martin\games\ assassin's creed ii\uplaybrowser.exe |
"{CAA52AF7-DA8F-4CFA-BA41-66BA8CF5A8FA}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{CADD9D9E-7C3D-4D9F-9F65-7E9F7B01004E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{CB226DED-BA3A-478F-91A1-DF604E85C27C}" = protocol=17 | dir=in | app=c:\martin\games\downloaded\public\warframe.exe |
"{CBE1399A-A20C-411E-9DF4-C7C45A5376AB}" = protocol=17 | dir=in | app=c:\martin\games\ assassin's creed ii\assassinscreediigame.exe |
"{CD12D500-EB61-4D85-B94E-B0EC326673A1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CD531F04-4087-40A2-8E5B-A4BD4665290D}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\digitalwizards.exe |
"{CF80A98F-3900-4693-895F-6B41D19D315C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{D2734395-1FA0-4C30-B48A-75535DD4AF6E}" = protocol=17 | dir=in | app=c:\martin\games\two worlds ii\twoworlds2.exe |
"{D432304F-40C3-4117-91EE-03AA155B68D3}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{D7ADEE35-CE17-4975-BD11-376FFE461EB5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{DF2430D8-B27B-4DDA-B3A4-8E8C292A3DE8}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{DFF965D1-1473-4870-AA5B-77142E43755E}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E07794C3-2AB5-4E4A-80C5-FB2900F971E3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{E139BCB2-7F12-4D1D-BCFF-605B0F5AAA0A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2FFAE43-334A-4EC1-9E27-6CAE613D6CAB}" = protocol=17 | dir=in | app=c:\martin\games\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{E8761386-2042-4C53-B291-8CAD71D01CE2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{EBD663BB-F73A-4C78-8253-E20FC527A455}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{ECA00F09-3616-4C46-BBF3-D4EF60771378}" = protocol=6 | dir=in | app=c:\martin\games\riot games\league of legends\lol.launcher.exe |
"{ED15FEC8-7430-45D5-B191-561B37DF47BC}" = protocol=17 | dir=out | app=c:\martin\games\downloaded\public\warframe.exe |
"{ED2A6605-9E3A-477D-A361-94A0254FF75A}" = protocol=17 | dir=in | app=c:\martin\games\ assassin's creed ii\server.exe |
"{F5510E23-5471-48ED-AD7E-7B8065CC10FB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{F7DD132F-5B62-4AE1-9994-17B666C59B9F}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FD1BC40F-D66C-4A86-8411-AACA910CFD4E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD3D6BE8-E5F0-4850-960B-5EF87F5059C7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FE4A04C1-4484-4ED7-8432-40617FE7A71B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FFF37E9D-B24F-4ACA-A3EF-80A21B19466C}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe |
"TCP Query User{1EEA7344-E317-4970-AFAC-5C636010C6B4}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{42FE6811-5B00-4A96-9770-B79B5520D6E2}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{5A8AF425-6503-469F-AFAA-E8A68DE99E26}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{6ED2FF9C-03CC-48E6-BD1E-2E9B6B35EC7E}C:\programdata\battle.net\agent\agent.1225\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"TCP Query User{7EB8DD4C-6718-408D-B35B-2F98BCD39AB7}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{86F2284B-077F-467F-B8C2-7C75AEE6FB70}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{B05BCDB9-3634-4903-8DB0-0C4533E69D5F}C:\programdata\battle.net\agent\agent.1737\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"TCP Query User{C08A4D9B-DE9F-41F1-8BDA-2F1D20FBE88C}C:\martin\games\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=c:\martin\games\dead island\deadislandgame.exe |
"TCP Query User{C583D710-78CD-4906-A72E-32D09FFDDA70}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{CBEE09BF-6FD8-4526-886E-A622C0506425}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{D6987827-F4D9-4A03-BFAF-7A1554C75339}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"TCP Query User{E403079F-E871-4B64-B7A1-26CF9D50FEF1}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{ECFC734F-D92D-4532-8F92-C62012178051}C:\martin\games\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=c:\martin\games\dead island\deadislandgame.exe |
"TCP Query User{F0BED8A7-B6D3-4F52-A892-3F9D2CD31957}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"TCP Query User{F274DA56-0DFC-4517-8958-6C6839DF40B8}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{FDB9CAC6-3387-4FC4-9EA0-20D97B93E63D}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{0A3C0836-CC0A-472A-9BA4-BFDBC2A3B153}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"UDP Query User{5B4D5CB6-B4D6-4F91-9173-6326ABDBA21C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{73F36140-7FDA-4501-B69A-975C1B0B14B1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{8F558C4A-C048-4EED-B47D-F3D4F0039978}C:\martin\games\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=c:\martin\games\dead island\deadislandgame.exe |
"UDP Query User{93C53445-6608-46CA-B5A9-2BE0B025AE68}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{951CD9AB-BD3A-45AF-B65C-19C8FCB71710}C:\martin\games\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=c:\martin\games\dead island\deadislandgame.exe |
"UDP Query User{97071E3E-BF08-40D3-8625-C3AA2F4757D7}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{A2E53270-3B82-48A6-9101-AD211FDB2020}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{A59378C8-772B-4CF8-A37F-1C755ACFDBB3}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"UDP Query User{ADFDC36A-2AE1-4760-A97C-2CC984DB322F}C:\programdata\battle.net\agent\agent.1737\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"UDP Query User{B4FFC6B8-568F-4458-9FB9-3AA594A58743}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{C63DA2A4-2A53-47ED-ADF0-9AF2ACF998BB}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{E2AB5F8F-0B66-4B2C-995D-6FA83815603B}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{E5AAC63A-55AE-4E9B-B43F-B610EAE036DE}C:\programdata\battle.net\agent\agent.1225\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"UDP Query User{F1175E72-011C-471B-A949-D0C8642C399E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{F4E55292-6D4E-4DEB-8A12-346A889A57D0}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2DD893C5-ABC1-4E27-B6D4-279E01AEB4E2}" = OZ711 SCR Driver (x64)
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{47220B83-D895-4262-9227-E5D8FA7F7384}" = Nitro Reader 3
"{4B1CF482-AD0E-48F3-8032-BCF5F071C123}" = O2Micro Flash Memory Card Windows Driver
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{51692C66-5505-41B8-92A7-548C69FB867C}" = Wireless Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}" = Shock Sensor Utility
"{B2F4C332-2359-4ADE-AF0C-C631768BBB89}" = Bluetooth Feature Pack 5.0
"{B9824225-2055-4700-BCD4-64B25EC88264}" = Studie zur Verbesserung von HP Officejet Pro 8600 Produkten
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}" = HP Officejet Pro 8600 - Grundlegende Software für das Gerät
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"LSI Soft Modem" = LSI HDA Modem
"LTMOH" = LSI V92 MOH Application
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROSet" = Intel(R) Network Connections Drivers
"sp6" = Logitech SetPoint 6.30
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{150E7499-BC35-4416-917D-5D16FBE2602B}" = Warframe
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}" = Perfect Effects 4.0.4
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{48DEAAF2-8276-4BBD-B7B6-91E454938476}" = CambridgeSoft ChemDraw Ultra 12.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP 3.80
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.4.0
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Deutsch
"{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}" = CambridgeSoft Activation Client
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7708742-E734-4BC1-BEEB-F200DE21C5FC}" = Qualcomm Gobi 2000 Package for Sierra
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FDE820DD-CC88-4395-AD5C-801365B8F316}" = HP Officejet Pro 8600 Hilfe
"5513-1208-7298-9440" = JDownloader 0.9
"64F02083-9C18-41fd-A5BB-54FC8E5A376E_is1" = Jagged Alliance 2 v1.13 (DE) [1.0.0.2085]
"Amazon Browser Settings" = Amazon Browser Settings
"Audacity_is1" = Audacity 2.0
"Battle.net" = Battle.net
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dead Island" = Dead Island
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"DSMT6" = MathType 6
"ElsterFormular" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio Converter_is1" = Free Audio Converter version 5.0.17.903
"Free Image Convert and Resize_is1" = Free Image Convert and Resize version 2.1.26.1230
"Free Studio_is1" = Free Studio version 5.6.2.627
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"Hearthstone" = Hearthstone
"InstallShield_{2DD893C5-ABC1-4E27-B6D4-279E01AEB4E2}" = OZ711 SCR Driver (x64)
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{4B1CF482-AD0E-48F3-8032-BCF5F071C123}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{51692C66-5505-41B8-92A7-548C69FB867C}" = Wireless Selector
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}" = Shock Sensor Utility
"InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"Jagged Alliance 2" = Jagged Alliance 2
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MestReNova LITE" = MestReNova LITE 5.2.5-5780
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 9" = TeamViewer 9
"WinRAR archiver" = WinRAR Archivierer
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3359158749-1672355249-3210524210-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.02.2014 16:46:12 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.02.2014 02:24:24 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.02.2014 02:11:04 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.02.2014 02:26:18 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.02.2014 09:16:40 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.02.2014 08:24:27 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.02.2014 02:39:36 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.02.2014 01:40:32 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.02.2014 17:29:20 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.02.2014 18:24:54 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.2.0.2723,
Zeitstempel: 0x52fc0fab Name des fehlerhaften Moduls: League of Legends.exe, Version:
4.2.0.2723, Zeitstempel: 0x52fc0fab Ausnahmecode: 0xc0000005 Fehleroffset: 0x00431de0
ID
des fehlerhaften Prozesses: 0x828 Startzeit der fehlerhaften Anwendung: 0x01cf2cf2b3639635
Pfad
der fehlerhaften Anwendung: C:\Martin\Games\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.9\deploy\League
of Legends.exe Pfad des fehlerhaften Moduls: C:\Martin\Games\Riot Games\League of
Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.9\deploy\League of Legends.exe
Berichtskennung:
7d4450ec-98eb-11e3-ac28-4cedde5219df
Error - 19.02.2014 02:01:23 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.02.2014 06:52:54 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.02.2014 12:28:00 | Computer Name = Martin-PC | Source = Application Hang | ID = 1002
Description = Programm EXCEL.EXE, Version 12.0.6683.5002 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2a2c Startzeit:
01cf2d8e3c38b286 Endzeit: 38 Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
Berichts-ID:
b2e8130e-9982-11e3-a80f-4cedde5219df
Error - 20.02.2014 02:31:50 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 25.09.2013 03:19:43 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3291
seconds with 2160 seconds of active time. This session ended with a crash.
Error - 26.09.2013 03:00:33 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 260
seconds with 180 seconds of active time. This session ended with a crash.
Error - 26.09.2013 03:01:26 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.09.2013 10:51:30 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.09.2013 10:52:13 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12.01.2014 11:35:12 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 3420
seconds with 3420 seconds of active time. This session ended with a crash.
Error - 12.01.2014 12:15:35 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2290
seconds with 2160 seconds of active time. This session ended with a crash.
Error - 12.01.2014 12:28:16 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 508
seconds with 480 seconds of active time. This session ended with a crash.
Error - 12.01.2014 12:38:09 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 225
seconds with 180 seconds of active time. This session ended with a crash.
Error - 08.02.2014 08:51:08 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 251
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 17.02.2014 18:23:01 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.02.2014 01:42:42 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.02.2014 01:43:56 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.02.2014 12:22:19 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 19.02.2014 02:00:04 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 19.02.2014 06:50:13 | Computer Name = Martin-PC | Source = DCOM | ID = 10010
Description =
Error - 19.02.2014 06:51:26 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 19.02.2014 06:52:40 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 20.02.2014 02:30:29 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 20.02.2014 04:01:23 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
< End of report >
EXTRAS:
Code:
ATTFilter OTL Extras logfile created on: 20.02.2014 11:28:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\****\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,86 Gb Total Physical Memory | 3,53 Gb Available Physical Memory | 44,88% Memory free
15,72 Gb Paging File | 10,69 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,66 Gb Total Space | 27,84 Gb Free Space | 5,98% Space Free | Partition Type: NTFS
Drive G: | 3,73 Gb Total Space | 3,63 Gb Free Space | 97,48% Space Free | Partition Type: FAT32
Computer Name: **** | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E1BED7-4C81-4164-8745-320F2E752AFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{04FD1119-8DCC-413E-88D9-1C07151DF523}" = lport=2869 | protocol=6 | dir=in | app=system |
"{066F7877-FAB0-4AE4-9C11-7FD410B99A36}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{07E35CD7-0FE5-4C34-99AD-EA8FC2B7745B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{0B1E4367-DEA7-49A8-A3A6-CDC14FF09D00}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{0BE6951D-AEF5-493F-9759-2FEE47AD0BC6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1093473C-61C0-4F06-92DC-EEA3A54413B2}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{16D044F9-6293-4F08-A09B-0B20B039F92C}" = rport=137 | protocol=17 | dir=out | app=system |
"{22964A8E-9824-446F-A664-9B736F6425AD}" = rport=445 | protocol=6 | dir=out | app=system |
"{2349009A-0FF9-47AE-9230-1D06FCFB0A04}" = lport=445 | protocol=6 | dir=in | app=system |
"{23CCB981-D908-486D-A664-D4144BB1E1DE}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{26726A3A-2A87-47F3-A6B5-261853E32ED9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{36B246FE-FC20-4300-9D3C-1CE0617513E7}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3D948D73-9E05-4DDD-8C9F-AEA661D98DEA}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{418EC15B-8379-4071-9F91-13B3CD3ABC18}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{42B6B081-1684-4991-A097-7627D85C251E}" = lport=137 | protocol=17 | dir=in | app=system |
"{457721B2-786C-46F9-A064-8FCEDF2580E3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{48EADBAA-1079-4908-9587-B534892BD9B3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4A3EF1B7-F41C-42D1-A5B3-FD1D492EE446}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4A429843-F32A-473F-8111-B5A491EE361B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{4D63C884-A5B2-49FC-BDC9-35E61AC94C66}" = lport=139 | protocol=6 | dir=in | app=system |
"{5B127816-AFEF-458A-8657-05D9276438F8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{673C7319-DC34-4C71-A13C-C0F53061DA70}" = rport=80 | protocol=6 | dir=out | app=c:\users\martin\appdata\local\warframe\downloaded\public\tools\launcher.exe |
"{673E008C-E9F9-4D47-A115-9C48BA4396D7}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{6BA6241B-3587-4221-975C-1359128DDE77}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6D9F7D0E-9407-44DD-812F-40C864E26557}" = rport=80 | protocol=6 | dir=out | app=c:\martin\games\downloaded\public\warframe.x64.exe |
"{71D59C4C-8B08-4F69-A35D-F45E79BAE504}" = lport=138 | protocol=17 | dir=in | app=system |
"{788B9C99-9FA4-4F31-8FA9-38F2EDED5C3B}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{7FB5727F-BDBE-48C1-A1D1-3C191F2056B9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{810A0A28-8FFF-415F-9B9A-D6E1FABC33AC}" = rport=2869 | protocol=6 | dir=out | app=system |
"{84BFC7A9-8196-4338-8103-F50290195CEA}" = rport=80 | protocol=6 | dir=out | app=c:\martin\games\downloaded\public\warframe.exe |
"{87FE6DB4-6F28-4648-8592-41C119D5A8F6}" = lport=4000 | protocol=6 | dir=out | app=c:\program files (x86)\dll-files.com fixer\dllfixer.exe |
"{9A12221C-FBDE-4432-943F-78B9E48DE7ED}" = rport=138 | protocol=17 | dir=out | app=system |
"{A1710599-F0F0-4EFA-808F-29C97A58DA82}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A1AE8847-CEE8-4D63-BB35-AD1E41176A76}" = lport=2869 | protocol=6 | dir=in | app=system |
"{AB5D219C-ACE0-410B-AAD8-9032F152F9E1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{B5071A72-475D-498D-9663-03FD01D11FDD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B5341EDA-47F2-4D25-A994-5FD43E22AD0D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BA9C7BDD-2D7C-424F-8393-42DE4C776D98}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C5A150AD-1080-4702-B3A0-6D82E5CA0105}" = rport=139 | protocol=6 | dir=out | app=system |
"{C7A9C6FD-4CF5-4E2E-B5CA-E3C7A6662AD3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{D2D06E6C-04BD-49C7-8262-DD69ACFABB5E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{D4EC5744-5F16-4EDB-AB48-924E08271CA8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DE03B9B1-8CF8-4EFF-999B-CA115EBF6F77}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DEEF1D83-FA64-43F8-9DEE-E31D0E790C42}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E0348E7A-4B4E-4265-AA07-E24297B6DDA5}" = lport=10243 | protocol=6 | dir=in | app=system |
"{E82CE86D-ACF8-434F-9C8B-4BCF1027518F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EB8B22C6-F39C-4936-AA00-F72A5458C26F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{F0F7FA9D-935A-4C47-A3C7-34DBEFC95900}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F3EE4A93-BA45-4D97-A99A-C9A099442FD9}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0349690D-4EF6-4FF4-AF0B-67A70069FD67}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{05182F19-C4E7-4C19-A883-28462F1B563A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{0762C9E1-6F90-40F1-B432-179D5731BDC1}" = protocol=17 | dir=in | app=c:\martin\games\ assassin's creed ii\assassinscreedii.exe |
"{0F7E0241-D4D7-40BF-BFB7-E5729DF5A997}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicatorcom.exe |
"{10DDB289-2DA5-4A99-A0EF-99A71FE7276F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{1372C910-E06D-4BCE-92F5-573254991BF7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{13BD9966-8BA2-450E-93CA-6BBC32DDD85A}" = protocol=17 | dir=in | app=c:\martin\games\riot games\league of legends\lol.launcher.exe |
"{189E8AEE-D9C0-4B47-91ED-15893DE7486A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{1989586F-4E6F-4BC1-8073-76E8D0CF89B1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2689\agent.exe |
"{1C88DEEF-02C4-436F-AF48-C33BE0B25212}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{1E6C411D-0203-4A2B-B6BD-FF7CBABD0C77}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{1ED458B4-D476-46B9-A218-E18A0C3AE4E2}" = protocol=17 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{215A5AE2-1A82-4215-9F37-0D8EF895156B}" = protocol=17 | dir=out | app=c:\martin\games\downloaded\public\warframe.x64.exe |
"{2444505E-F8B3-46EC-81CE-C3241AAF32ED}" = protocol=6 | dir=in | app=c:\users\martin\appdata\roaming\dropbox\bin\dropbox.exe |
"{29930BB5-A5D9-4CBB-A60B-363131EBCAF8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{2A3DAEF2-56FB-4B3F-B4F1-8C27A2B5554C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2D9E98B7-899F-4E1A-9D10-27F85E0D720E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{31AF0C14-1A49-4FA5-8397-0A4304DF902D}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{3528044B-B4D0-4A3F-922E-6ADA4C152F14}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{3A2558AC-D34F-46D0-A5AA-CD746225B91A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{3A6AC613-8759-44C9-87BB-6BF1EAEEA39F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3B8F87DD-0B44-41EB-A95B-AFAF0FA6F2B0}" = protocol=6 | dir=in | app=c:\programdata\esafe\egdpsvc.exe |
"{3C20A693-E03A-49FC-8DF6-65AC829DDB31}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{3E3085AB-9A7B-4279-B20C-20D81ECB82AC}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{411A3CD7-6DDC-48B5-819E-FFBCE2C6AB03}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{42E20069-731F-4553-B921-71FE62E1FA13}" = protocol=6 | dir=in | app=c:\martin\games\ assassin's creed ii\server.exe |
"{4483BDCF-519F-4085-9866-824A3D54058A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4756EC11-7F0F-492F-9418-54A5B45DBDEA}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2680\agent.exe |
"{4E59AA9B-1DD8-4A6A-BB91-9F88CBB67A6B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{4EC989F1-9046-4EAD-8564-4F1AD2C812E7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{53019F2A-04CA-4A41-94D7-8DF52C1B1CFB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{53B54FB0-0967-4787-912A-3BFE3B892C03}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{546B5B21-489F-4761-ABAC-FA96FB9432F6}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{549C32EB-BF0F-4A44-AD57-226496391FE9}" = protocol=6 | dir=in | app=c:\martin\games\ assassin's creed ii\assassinscreedii.exe |
"{587B45FF-DC87-4DCD-932A-5B4EC6A13401}" = protocol=6 | dir=in | app=c:\martin\games\two worlds ii\twoworlds2.exe |
"{592C72D1-4C0C-4FAA-91CA-6F0155DAEAF6}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\faxapplications.exe |
"{5ACF43D6-16A0-4040-BB08-BDECD9C909A1}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{5C30FE63-7D80-4279-AECA-E68235266D45}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6183558E-C7AE-4C98-A6BD-84130730BAF4}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{622E3104-E577-4B19-B30C-5A7E951A3841}" = protocol=6 | dir=in | app=c:\martin\games\ assassin's creed ii\uplaybrowser.exe |
"{6942907F-13B7-46E1-8714-5D9C264CD588}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{6BBE79A0-6B08-4FB3-A3AB-F5C178D6F673}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{6E5A004F-A9CD-41D2-BAEE-BD6C836DBD34}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7165C847-72E5-47B5-8C20-7140F351E6A7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{7ED0A258-94D5-44C1-8524-F7675522722C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{80075E41-D098-428D-8D22-5D4F1AB6AE15}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{83217C83-42EB-4C94-9EA8-6CD0639D6E31}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{83CA28A3-3F97-460F-A637-D8E9B0432849}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{89A35DD1-BF0E-44BE-A343-0EDD5874E75D}" = protocol=17 | dir=in | app=c:\martin\games\downloaded\public\warframe.x64.exe |
"{8B7202AA-297A-458F-8259-99CDD0E2934F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{8C7D163A-3FA1-4C1F-8BC1-F200BA2F3971}" = protocol=17 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{8CCFB3F9-F876-4A61-A730-31AC2EEFD753}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8D769A7B-FFE7-44FC-98E4-AB38D4F81A3A}" = protocol=6 | dir=in | app=c:\martin\games\ assassin's creed ii\assassinscreediigame.exe |
"{8F96E0CE-EF1D-4296-85F1-27BD6CE88728}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9059AA0A-0A62-4B76-8E37-0E193AE8614C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe |
"{90FBE3CD-0261-424E-84A3-344AB2F88893}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{979F161F-F673-4ABA-BA71-970BEC21F939}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{9817DE67-43F9-431C-B1F6-2FB4F97EF726}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{9968ADBE-8308-4379-B460-7DDEAD315C62}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9996D592-8A8C-4271-9F80-26056C6665A5}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\sendafax.exe |
"{9D0CD84E-F271-468B-B9AC-6E4DEFAD204D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{A24B3966-5AE8-406A-8477-2BE317B70EEE}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\hpnetworkcommunicator.exe |
"{A25763C3-8FBC-4809-95F5-39EA67319AED}" = protocol=6 | dir=in | app=c:\martin\games\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{A45402CA-B0A8-47D3-BECA-B0F38BE77B85}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A8BC3C2B-6B56-4578-87C5-74C8C3FA01D7}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{AD1DFD22-0D1B-4BE0-8CF5-E959E236A00D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AD6DB4FF-A546-4433-918A-78EF6E6C965B}" = protocol=6 | dir=out | app=system |
"{AD71F2E5-1622-4A8B-B17B-C36130EBF391}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{B122BD1D-2487-4019-9736-5FF8AE451C78}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B211450C-15E0-4463-85F3-A7F2369615F5}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{B259BC98-57D4-4D6F-832A-A7799BEEF216}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{B79AD748-157A-4BE2-8AD8-D3B9D2331106}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BCDFADCE-A114-4A3F-84BA-9E16C2E15EA6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{BE5A909E-0D8C-4088-A982-861A2D9D7A49}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C231512A-83A2-4244-9D0F-D224F20BD4D1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C375CBD5-6F92-43AF-AC5B-578D69CCCB29}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{C5F3428E-D0F7-4F41-9FB9-BA10A4C98676}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C9384AEC-DC5D-4070-B819-D11F84BA081E}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{C9C59982-3390-47DF-925E-0D7C1B4B11A1}" = protocol=17 | dir=in | app=c:\martin\games\ assassin's creed ii\uplaybrowser.exe |
"{CAA52AF7-DA8F-4CFA-BA41-66BA8CF5A8FA}" = protocol=6 | dir=in | app=c:\program files (x86)\hearthstone\hearthstone.exe |
"{CADD9D9E-7C3D-4D9F-9F65-7E9F7B01004E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1199\agent.exe |
"{CB226DED-BA3A-478F-91A1-DF604E85C27C}" = protocol=17 | dir=in | app=c:\martin\games\downloaded\public\warframe.exe |
"{CBE1399A-A20C-411E-9DF4-C7C45A5376AB}" = protocol=17 | dir=in | app=c:\martin\games\ assassin's creed ii\assassinscreediigame.exe |
"{CD12D500-EB61-4D85-B94E-B0EC326673A1}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CD531F04-4087-40A2-8E5B-A4BD4665290D}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\digitalwizards.exe |
"{CF80A98F-3900-4693-895F-6B41D19D315C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{D2734395-1FA0-4C30-B48A-75535DD4AF6E}" = protocol=17 | dir=in | app=c:\martin\games\two worlds ii\twoworlds2.exe |
"{D432304F-40C3-4117-91EE-03AA155B68D3}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{D7ADEE35-CE17-4975-BD11-376FFE461EB5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe |
"{DF2430D8-B27B-4DDA-B3A4-8E8C292A3DE8}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{DFF965D1-1473-4870-AA5B-77142E43755E}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E07794C3-2AB5-4E4A-80C5-FB2900F971E3}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.beta.2638\agent.exe |
"{E139BCB2-7F12-4D1D-BCFF-605B0F5AAA0A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E2FFAE43-334A-4EC1-9E27-6CAE613D6CAB}" = protocol=17 | dir=in | app=c:\martin\games\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{E8761386-2042-4C53-B291-8CAD71D01CE2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe |
"{EBD663BB-F73A-4C78-8253-E20FC527A455}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{ECA00F09-3616-4C46-BBF3-D4EF60771378}" = protocol=6 | dir=in | app=c:\martin\games\riot games\league of legends\lol.launcher.exe |
"{ED15FEC8-7430-45D5-B191-561B37DF47BC}" = protocol=17 | dir=out | app=c:\martin\games\downloaded\public\warframe.exe |
"{ED2A6605-9E3A-477D-A361-94A0254FF75A}" = protocol=17 | dir=in | app=c:\martin\games\ assassin's creed ii\server.exe |
"{F5510E23-5471-48ED-AD7E-7B8065CC10FB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2380\agent.exe |
"{F7DD132F-5B62-4AE1-9994-17B666C59B9F}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{FD1BC40F-D66C-4A86-8411-AACA910CFD4E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FD3D6BE8-E5F0-4850-960B-5EF87F5059C7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{FE4A04C1-4484-4ED7-8432-40617FE7A71B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{FFF37E9D-B24F-4ACA-A3EF-80A21B19466C}" = dir=in | app=c:\program files\hp\hp officejet pro 8600\bin\devicesetup.exe |
"TCP Query User{1EEA7344-E317-4970-AFAC-5C636010C6B4}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{42FE6811-5B00-4A96-9770-B79B5520D6E2}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"TCP Query User{5A8AF425-6503-469F-AFAA-E8A68DE99E26}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{6ED2FF9C-03CC-48E6-BD1E-2E9B6B35EC7E}C:\programdata\battle.net\agent\agent.1225\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"TCP Query User{7EB8DD4C-6718-408D-B35B-2F98BCD39AB7}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"TCP Query User{86F2284B-077F-467F-B8C2-7C75AEE6FB70}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"TCP Query User{B05BCDB9-3634-4903-8DB0-0C4533E69D5F}C:\programdata\battle.net\agent\agent.1737\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"TCP Query User{C08A4D9B-DE9F-41F1-8BDA-2F1D20FBE88C}C:\martin\games\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=c:\martin\games\dead island\deadislandgame.exe |
"TCP Query User{C583D710-78CD-4906-A72E-32D09FFDDA70}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{CBEE09BF-6FD8-4526-886E-A622C0506425}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{D6987827-F4D9-4A03-BFAF-7A1554C75339}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"TCP Query User{E403079F-E871-4B64-B7A1-26CF9D50FEF1}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"TCP Query User{ECFC734F-D92D-4532-8F92-C62012178051}C:\martin\games\dead island\deadislandgame.exe" = protocol=6 | dir=in | app=c:\martin\games\dead island\deadislandgame.exe |
"TCP Query User{F0BED8A7-B6D3-4F52-A892-3F9D2CD31957}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=6 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"TCP Query User{F274DA56-0DFC-4517-8958-6C6839DF40B8}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"TCP Query User{FDB9CAC6-3387-4FC4-9EA0-20D97B93E63D}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{0A3C0836-CC0A-472A-9BA4-BFDBC2A3B153}C:\program files\onone software\perfect effects 4\perfect effects 4.exe" = protocol=17 | dir=in | app=c:\program files\onone software\perfect effects 4\perfect effects 4.exe |
"UDP Query User{5B4D5CB6-B4D6-4F91-9173-6326ABDBA21C}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{73F36140-7FDA-4501-B69A-975C1B0B14B1}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{8F558C4A-C048-4EED-B47D-F3D4F0039978}C:\martin\games\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=c:\martin\games\dead island\deadislandgame.exe |
"UDP Query User{93C53445-6608-46CA-B5A9-2BE0B025AE68}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{951CD9AB-BD3A-45AF-B65C-19C8FCB71710}C:\martin\games\dead island\deadislandgame.exe" = protocol=17 | dir=in | app=c:\martin\games\dead island\deadislandgame.exe |
"UDP Query User{97071E3E-BF08-40D3-8625-C3AA2F4757D7}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"UDP Query User{A2E53270-3B82-48A6-9101-AD211FDB2020}C:\programdata\battle.net\agent\agent.998\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"UDP Query User{A59378C8-772B-4CF8-A37F-1C755ACFDBB3}C:\program files (x86)\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"UDP Query User{ADFDC36A-2AE1-4760-A97C-2CC984DB322F}C:\programdata\battle.net\agent\agent.1737\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1737\agent.exe |
"UDP Query User{B4FFC6B8-568F-4458-9FB9-3AA594A58743}C:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\planetside 2\planetside2.exe |
"UDP Query User{C63DA2A4-2A53-47ED-ADF0-9AF2ACF998BB}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{E2AB5F8F-0B66-4B2C-995D-6FA83815603B}C:\programdata\battle.net\agent\agent.1040\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"UDP Query User{E5AAC63A-55AE-4E9B-B43F-B610EAE036DE}C:\programdata\battle.net\agent\agent.1225\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1225\agent.exe |
"UDP Query User{F1175E72-011C-471B-A949-D0C8642C399E}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{F4E55292-6D4E-4DEB-8A12-346A889A57D0}C:\programdata\battle.net\agent\agent.976\agent.exe" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2DD893C5-ABC1-4E27-B6D4-279E01AEB4E2}" = OZ711 SCR Driver (x64)
"{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"{47220B83-D895-4262-9227-E5D8FA7F7384}" = Nitro Reader 3
"{4B1CF482-AD0E-48F3-8032-BCF5F071C123}" = O2Micro Flash Memory Card Windows Driver
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{51692C66-5505-41B8-92A7-548C69FB867C}" = Wireless Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}" = Shock Sensor Utility
"{B2F4C332-2359-4ADE-AF0C-C631768BBB89}" = Bluetooth Feature Pack 5.0
"{B9824225-2055-4700-BCD4-64B25EC88264}" = Studie zur Verbesserung von HP Officejet Pro 8600 Produkten
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}" = HP Officejet Pro 8600 - Grundlegende Software für das Gerät
"{E8A34AC8-0137-4515-A94B-0A0946DDC251}" = Scan To
"{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"HP LaserJet Professional M1130-M1210 MFP Series" = HP LaserJet Professional M1130-M1210 MFP Series
"LSI Soft Modem" = LSI HDA Modem
"LTMOH" = LSI V92 MOH Application
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager
"PROSet" = Intel(R) Network Connections Drivers
"sp6" = Logitech SetPoint 6.30
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.2
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{150E7499-BC35-4416-917D-5D16FBE2602B}" = Warframe
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 51
"{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}" = Perfect Effects 4.0.4
"{399C37FB-08AF-493B-BFED-20FBD85EDF7F}" = FJ Camera
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}" = Smite
"{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}" = Hi-Rez Studios Authenticate and Update Service
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{415FA9AD-DA10-4ABE-97B6-5051D4795C90}" = HP FWUpdateEDO2
"{45410935-B52C-468A-A836-0D1000018201}" = BulletStorm
"{48DEAAF2-8276-4BBD-B7B6-91E454938476}" = CambridgeSoft ChemDraw Ultra 12.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{501451DE-5808-4599-B544-8BD0915B6B24}_is1" = FreeRIP 3.80
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{80A07844-CA64-4DE4-AB61-D37DDBE8074F}" = PDF Architect
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.4.0
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.9) - Deutsch
"{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{E773E0B9-6ABE-4F9E-816C-56B2DD8613B9}" = CambridgeSoft Activation Client
"{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}" = Google Drive
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F7708742-E734-4BC1-BEEB-F200DE21C5FC}" = Qualcomm Gobi 2000 Package for Sierra
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FDE820DD-CC88-4395-AD5C-801365B8F316}" = HP Officejet Pro 8600 Hilfe
"5513-1208-7298-9440" = JDownloader 0.9
"64F02083-9C18-41fd-A5BB-54FC8E5A376E_is1" = Jagged Alliance 2 v1.13 (DE) [1.0.0.2085]
"Amazon Browser Settings" = Amazon Browser Settings
"Audacity_is1" = Audacity 2.0
"Battle.net" = Battle.net
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dead Island" = Dead Island
"Diablo III" = Diablo III
"DivX Setup" = DivX-Setup
"DSMT6" = MathType 6
"ElsterFormular" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free Audio Converter_is1" = Free Audio Converter version 5.0.17.903
"Free Image Convert and Resize_is1" = Free Image Convert and Resize version 2.1.26.1230
"Free Studio_is1" = Free Studio version 5.6.2.627
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"Hearthstone" = Hearthstone
"InstallShield_{2DD893C5-ABC1-4E27-B6D4-279E01AEB4E2}" = OZ711 SCR Driver (x64)
"InstallShield_{4108974B-DE87-4AD4-9167-930C62C45691}" = Fujitsu Display Manager
"InstallShield_{4B1CF482-AD0E-48F3-8032-BCF5F071C123}" = O2Micro Flash Memory Card Windows Driver
"InstallShield_{51692C66-5505-41B8-92A7-548C69FB867C}" = Wireless Selector
"InstallShield_{6226477E-444F-4DFE-BA19-9F4F7D4565BC}" = LifeBook Application Panel
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{ABE8CE7E-01CC-4500-BAF5-FFC29EA108A1}" = Shock Sensor Utility
"InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}" = Fujitsu Hotkey Utility
"InstallShield_{E8A5B78F-4456-4511-AB3D-E7BFFB974A7A}" = Fujitsu System Extension Utility
"InstallShield_{EC314CDF-3521-482B-A21C-65AC95664814}" = Fujitsu MobilityCenter Extension Utility
"Jagged Alliance 2" = Jagged Alliance 2
"LAME_is1" = LAME v3.99.3 (for Windows)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MestReNova LITE" = MestReNova LITE 5.2.5-5780
"Steam App 10190" = Call of Duty: Modern Warfare 2 - Multiplayer
"SystemRequirementsLab" = System Requirements Lab
"TeamViewer 9" = TeamViewer 9
"WinRAR archiver" = WinRAR Archivierer
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3359158749-1672355249-3210524210-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"MyFreeCodec" = MyFreeCodec
"UnityWebPlayer" = Unity Web Player
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.02.2014 16:46:12 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 12.02.2014 02:24:24 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 13.02.2014 02:11:04 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.02.2014 02:26:18 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 14.02.2014 09:16:40 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 16.02.2014 08:24:27 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 17.02.2014 02:39:36 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.02.2014 01:40:32 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.02.2014 17:29:20 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 18.02.2014 18:24:54 | Computer Name = Martin-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.2.0.2723,
Zeitstempel: 0x52fc0fab Name des fehlerhaften Moduls: League of Legends.exe, Version:
4.2.0.2723, Zeitstempel: 0x52fc0fab Ausnahmecode: 0xc0000005 Fehleroffset: 0x00431de0
ID
des fehlerhaften Prozesses: 0x828 Startzeit der fehlerhaften Anwendung: 0x01cf2cf2b3639635
Pfad
der fehlerhaften Anwendung: C:\Martin\Games\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.9\deploy\League
of Legends.exe Pfad des fehlerhaften Moduls: C:\Martin\Games\Riot Games\League of
Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.9\deploy\League of Legends.exe
Berichtskennung:
7d4450ec-98eb-11e3-ac28-4cedde5219df
Error - 19.02.2014 02:01:23 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.02.2014 06:52:54 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
Error - 19.02.2014 12:28:00 | Computer Name = Martin-PC | Source = Application Hang | ID = 1002
Description = Programm EXCEL.EXE, Version 12.0.6683.5002 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2a2c Startzeit:
01cf2d8e3c38b286 Endzeit: 38 Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
Berichts-ID:
b2e8130e-9982-11e3-a80f-4cedde5219df
Error - 20.02.2014 02:31:50 | Computer Name = Martin-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 25.09.2013 03:19:43 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3291
seconds with 2160 seconds of active time. This session ended with a crash.
Error - 26.09.2013 03:00:33 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 260
seconds with 180 seconds of active time. This session ended with a crash.
Error - 26.09.2013 03:01:26 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.09.2013 10:51:30 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.09.2013 10:52:13 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12.01.2014 11:35:12 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 3420
seconds with 3420 seconds of active time. This session ended with a crash.
Error - 12.01.2014 12:15:35 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2290
seconds with 2160 seconds of active time. This session ended with a crash.
Error - 12.01.2014 12:28:16 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 508
seconds with 480 seconds of active time. This session ended with a crash.
Error - 12.01.2014 12:38:09 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 225
seconds with 180 seconds of active time. This session ended with a crash.
Error - 08.02.2014 08:51:08 | Computer Name = Martin-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 251
seconds with 180 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 17.02.2014 18:23:01 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.02.2014 01:42:42 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.02.2014 01:43:56 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 18.02.2014 12:22:19 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 19.02.2014 02:00:04 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 19.02.2014 06:50:13 | Computer Name = Martin-PC | Source = DCOM | ID = 10010
Description =
Error - 19.02.2014 06:51:26 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 19.02.2014 06:52:40 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 20.02.2014 02:30:29 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
Error - 20.02.2014 04:01:23 | Computer Name = Martin-PC | Source = ipnathlp | ID = 31004
Description =
< End of report >
|
|
20.02.2014, 12:12
| #2 |
| /// the machine /// TB-Ausbilder    | appround.net - Chrome Hi,
__________________OTL ist total veraltet. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
20.02.2014, 13:00
| #3 |
| | appround.net - ChromeFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-02-2014
Ran by Martin (administrator) on MARTIN-PC on 20-02-2014 12:41:57
Running from C:\Users\Martin\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hi-Rez Studios) C:\Martin\Games\Smite\HiPatchService.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(O2Micro International) C:\Windows\SysWOW64\o2flash.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSierra.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
() C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Dropbox, Inc.) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [nwiz] - nwiz.exe /installquiet
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16414824 2009-11-13] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [SSUtility] - C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [282984 2009-07-22] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-10-27] (FUJITSU LIMITED)
HKLM\...\Run: [BthSyncServ] - "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe"
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-06-24] (Logitech, Inc.)
HKLM\...\Run: [PC Monitor Operations] - "C:\Program Files\PC Monitor\pcmontask.exe"
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-11-01] ()
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-06-16] (FUJITSU LIMITED)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [Google Update] - C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-25] (Google Inc.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe [866632 2014-02-02] (Google Inc.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\MountPoints2: {d9175cb0-e78b-11e0-b9c7-00a0c6000000} - E:\SETUP.EXE
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\MountPoints2: {fd630c52-fb59-11e2-9228-8c736e83e879} - F:\SISetup.exe
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST9500420AS_5VJAFFDQXXXX5VJAFFDQ&ts=1384002371&type=default&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST9500420AS_5VJAFFDQXXXX5VJAFFDQ&ts=1384002371&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST9500420AS_5VJAFFDQXXXX5VJAFFDQ&ts=1384002371&type=default&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST9500420AS_5VJAFFDQXXXX5VJAFFDQ&ts=1384002371&type=default&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.dosearches.com/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=sc&from=cor&uid=ST9500420AS_5VJAFFDQXXXX5VJAFFDQ&ts=1384002371
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST9500420AS_5VJAFFDQXXXX5VJAFFDQ&ts=1384002371&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.dosearches.com/web/?utm_source=b&utm_medium=cor&utm_campaign=rg&utm_content=ds&from=cor&uid=ST9500420AS_5VJAFFDQXXXX5VJAFFDQ&ts=1384002371&type=default&q={searchTerms}
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GbR)
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.107\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Users\Martin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-06]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google-Suche) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Select and Speak) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn [2013-10-06]
CHR Extension: (Domain Error Assistant) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj [2012-09-10]
CHR Extension: (Savings-Slider) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk [2012-09-10]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-09-22]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-12-23]
CHR Extension: (Google Mail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Martin\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-05]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Martin\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-21]
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-02-23]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.3.crx [2012-10-16]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 HiPatchService; C:\Martin\Games\Smite\HiPatchService.exe [9216 2014-01-05] (Hi-Rez Studios)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 O2Flash; C:\Windows\SysWOW64\o2flash.exe [65536 2007-02-12] (O2Micro International)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 QDLService2kSierra; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSierra.exe [329976 2009-10-01] (QUALCOMM, Inc.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145792 2009-10-12] (CSR, plc)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62312 2009-07-21] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-25] (DT Soft Ltd)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [14696 2011-08-01] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [58400 2009-05-13] (O2Micro )
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscrx64.sys [107808 2009-05-15] (O2Micro)
R3 qcfiltersra2k; C:\Windows\System32\DRIVERS\qcfiltersra2k.sys [6400 2009-10-01] (QUALCOMM Incorporated)
R3 qcusbnetsra2k; C:\Windows\System32\DRIVERS\qcusbnetsra2k.sys [235008 2009-10-01] (QUALCOMM Incorporated)
R3 qcusbsersra2k; C:\Windows\System32\DRIVERS\qcusbsersra2k.sys [121216 2009-10-01] (QUALCOMM Incorporated)
S3 rstescu; C:\Windows\system32\drivers\rstescu.sys [607256 2011-03-25] (Intel Corporation)
S3 rstescu1; C:\Windows\system32\drivers\rstescu1.sys [607256 2011-03-25] (Intel Corporation)
R0 rstfltr; C:\Windows\System32\drivers\rstfltr.sys [22552 2011-03-25] (Intel Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3531776 2009-09-04] ()
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-01-25] (Windows (R) Win 7 DDK provider)
S3 ALSysIO; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 GPU-Z; \??\C:\Users\ADMINI~1\AppData\Local\Temp\GPU-Z.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-20 12:41 - 2014-02-20 12:42 - 00018982 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-02-20 12:41 - 2014-02-20 12:41 - 00000000 ____D () C:\FRST
2014-02-20 12:40 - 2014-02-20 12:40 - 02153472 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2014-02-20 11:38 - 2014-02-20 11:38 - 00106148 _____ () C:\Users\Martin\Desktop\Extras.Txt
2014-02-20 11:36 - 2014-02-20 11:50 - 00247938 _____ () C:\Users\Martin\Desktop\OTL.Txt
2014-02-20 11:14 - 2014-02-20 11:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-18 17:54 - 2014-02-19 20:49 - 00000000 ____D () C:\Users\Martin\Desktop\Chemieklausur
2014-02-17 22:05 - 2014-02-17 22:05 - 00000000 ____D () C:\Users\Martin\Desktop\Ersatz Stick
2014-02-17 09:42 - 2014-02-19 17:29 - 00695448 _____ () C:\Users\Martin\Desktop\Anne DailyStatistik.xlsm
2014-02-12 23:47 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 23:47 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 23:46 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 23:46 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 23:46 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 23:46 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 23:46 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 23:46 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 23:46 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 23:46 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 23:46 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 23:46 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 23:46 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 23:46 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 23:46 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 23:46 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 23:46 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 23:46 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 23:46 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 23:46 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 23:46 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 23:46 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 23:46 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 23:46 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 23:46 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 23:46 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 23:46 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 23:46 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 23:46 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 23:46 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 23:46 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 23:46 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 23:46 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 23:46 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 23:46 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 23:46 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 23:46 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 23:46 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 23:46 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 23:46 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 23:46 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 07:31 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 07:31 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 07:31 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 07:31 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 07:31 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 07:31 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 07:31 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 07:31 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 07:31 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 07:31 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 07:31 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 07:31 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 07:31 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 07:31 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 07:31 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 07:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 07:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 07:31 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 07:31 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 07:31 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 07:31 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 07:31 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 07:31 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 07:31 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-08 20:54 - 2014-02-16 18:47 - 00402993 _____ () C:\Users\Martin\Desktop\Serviceportal Offenbach 2014.xlsm
2014-02-07 01:05 - 2014-02-07 01:05 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard
2014-02-07 00:49 - 2014-02-07 01:05 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-02-07 00:48 - 2014-02-19 23:35 - 00000000 ____D () C:\Users\Martin\AppData\Local\Battle.net
2014-02-07 00:48 - 2014-02-12 13:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-07 00:48 - 2014-02-07 08:05 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Battle.net
2014-02-07 00:48 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard Entertainment
2014-02-04 22:32 - 2014-02-04 22:32 - 00009901 _____ () C:\Users\Martin\Desktop\Versicherungs Katalog.xlsx
2014-02-04 14:30 - 2014-02-04 14:30 - 00000000 ____D () C:\Users\Martin\Desktop\LoL
2014-02-02 16:27 - 2014-02-02 16:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 16:27 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-02 16:27 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 16:27 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 16:27 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 16:26 - 2014-02-02 16:27 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-02 13:57 - 2014-02-04 16:14 - 00069074 _____ () C:\Users\Martin\Desktop\ESt2013_Kober_Martin.elfo
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 22:05 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 12:11 - 2014-01-28 12:11 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-28 11:55 - 2014-01-28 12:08 - 00000000 ____D () C:\Program Files\PC Monitor
2014-01-28 11:53 - 2014-02-12 23:58 - 01591306 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-27 22:26 - 2014-02-20 07:31 - 00000000 ___RD () C:\Users\Martin\Dropbox
2014-01-27 22:26 - 2014-01-27 22:26 - 00001041 _____ () C:\Users\Martin\Desktop\Dropbox.lnk
2014-01-27 22:22 - 2014-02-20 07:31 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Dropbox
2014-01-27 22:22 - 2014-01-27 22:26 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DropboxMaster
2014-01-27 22:22 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-26 19:54 - 2014-01-26 19:54 - 00011756 _____ () C:\Users\Martin\Documents\PTV Auszahlung.xlsx
2014-01-25 17:03 - 2014-01-25 17:03 - 00092993 _____ () C:\Users\Martin\Desktop\KW-Rechner 2010.xlsm
2014-01-25 16:49 - 2014-01-25 16:50 - 00000000 ____D () C:\Users\Martin\Desktop\zu Verkaufen
2014-01-25 16:31 - 2014-01-27 20:16 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-01-25 16:31 - 2014-01-25 16:31 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spyware Terminator
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
==================== One Month Modified Files and Folders =======
2014-02-20 12:42 - 2014-02-20 12:41 - 00018982 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-02-20 12:41 - 2014-02-20 12:41 - 00000000 ____D () C:\FRST
2014-02-20 12:40 - 2014-02-20 12:40 - 02153472 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2014-02-20 12:27 - 2011-09-25 17:06 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000UA.job
2014-02-20 12:23 - 2013-01-22 14:38 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-20 12:06 - 2013-11-09 14:06 - 00000296 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-02-20 11:50 - 2014-02-20 11:36 - 00247938 _____ () C:\Users\Martin\Desktop\OTL.Txt
2014-02-20 11:38 - 2014-02-20 11:38 - 00106148 _____ () C:\Users\Martin\Desktop\Extras.Txt
2014-02-20 11:34 - 2011-09-25 18:21 - 00000000 ____D () C:\Users\Martin\Desktop\Programme
2014-02-20 11:21 - 2011-08-01 10:20 - 01933934 _____ () C:\Windows\WindowsUpdate.log
2014-02-20 11:14 - 2014-02-20 11:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-20 08:27 - 2011-09-25 17:06 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000Core.job
2014-02-20 08:23 - 2013-01-22 14:38 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-20 08:16 - 2013-12-19 17:06 - 00000153 _____ () C:\Users\Martin\AppData\Roaming\WB.CFG
2014-02-20 07:37 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-20 07:37 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-20 07:35 - 2011-08-01 20:15 - 00697098 _____ () C:\Windows\system32\perfh007.dat
2014-02-20 07:35 - 2011-08-01 20:15 - 00148362 _____ () C:\Windows\system32\perfc007.dat
2014-02-20 07:35 - 2009-07-14 06:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-20 07:31 - 2014-01-27 22:26 - 00000000 ___RD () C:\Users\Martin\Dropbox
2014-02-20 07:31 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Dropbox
2014-02-20 07:30 - 2013-01-22 14:41 - 00000000 ___RD () C:\Users\Martin\Google Drive
2014-02-20 07:30 - 2012-07-04 23:30 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-20 07:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-20 07:30 - 2009-07-14 05:51 - 00153567 _____ () C:\Windows\setupact.log
2014-02-19 23:35 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Battle.net
2014-02-19 20:49 - 2014-02-18 17:54 - 00000000 ____D () C:\Users\Martin\Desktop\Chemieklausur
2014-02-19 17:29 - 2014-02-17 09:42 - 00695448 _____ () C:\Users\Martin\Desktop\Anne DailyStatistik.xlsm
2014-02-19 11:51 - 2010-11-21 04:47 - 00068550 _____ () C:\Windows\PFRO.log
2014-02-19 11:49 - 2013-11-09 14:06 - 00000000 ____D () C:\ProgramData\eSafe
2014-02-19 11:22 - 2011-10-24 20:09 - 04502016 ___SH () C:\Users\Martin\Desktop\Thumbs.db
2014-02-17 22:05 - 2014-02-17 22:05 - 00000000 ____D () C:\Users\Martin\Desktop\Ersatz Stick
2014-02-17 10:09 - 2013-12-20 14:32 - 00000000 ____D () C:\Users\Martin\Desktop\2000_Excelvorlagen
2014-02-17 01:16 - 2013-08-10 09:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 01:15 - 2011-10-25 17:00 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 18:47 - 2014-02-08 20:54 - 00402993 _____ () C:\Users\Martin\Desktop\Serviceportal Offenbach 2014.xlsm
2014-02-14 08:18 - 2013-01-22 14:38 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 08:18 - 2013-01-22 14:38 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 12:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-13 08:06 - 2013-11-09 14:06 - 00003240 _____ () C:\Windows\System32\Tasks\UpdaterEX
2014-02-12 23:58 - 2014-01-28 11:53 - 01591306 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 13:31 - 2014-02-07 00:48 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-12 08:22 - 2011-09-25 17:06 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000UA
2014-02-12 08:22 - 2011-09-25 17:06 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000Core
2014-02-09 16:53 - 2014-01-11 19:39 - 00384208 _____ () C:\Users\Martin\Desktop\Projekt Ellen - Serviceportal Offenbach 2014.xlsm
2014-02-08 15:32 - 2014-01-11 21:32 - 00322090 _____ () C:\Users\Martin\Desktop\Projekt Anne Landau.xlsm
2014-02-07 15:03 - 2011-09-25 17:13 - 00000000 ____D () C:\Users\Martin\Desktop\Games
2014-02-07 09:21 - 2012-05-17 10:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-02-07 08:05 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Battle.net
2014-02-07 01:05 - 2014-02-07 01:05 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard
2014-02-07 01:05 - 2014-02-07 00:49 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-02-07 00:48 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard Entertainment
2014-02-06 13:16 - 2014-02-12 23:46 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 23:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 23:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 23:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 23:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 23:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 23:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 23:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 23:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 23:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 23:46 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 23:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 23:46 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 23:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 23:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 23:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 23:46 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 23:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 23:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 23:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 23:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 23:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 23:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 23:46 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 23:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 23:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 23:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 23:46 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 23:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 23:46 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 23:46 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 23:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 23:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 23:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 23:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 23:46 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 23:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 23:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 23:46 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 22:32 - 2014-02-04 22:32 - 00009901 _____ () C:\Users\Martin\Desktop\Versicherungs Katalog.xlsx
2014-02-04 16:14 - 2014-02-02 13:57 - 00069074 _____ () C:\Users\Martin\Desktop\ESt2013_Kober_Martin.elfo
2014-02-04 14:30 - 2014-02-04 14:30 - 00000000 ____D () C:\Users\Martin\Desktop\LoL
2014-02-02 16:27 - 2014-02-02 16:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 16:27 - 2014-02-02 16:26 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-02 16:27 - 2012-04-21 13:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-02 13:35 - 2014-01-07 12:26 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-02-02 13:34 - 2011-09-25 14:08 - 00000000 ____D () C:\Users\Martin
2014-02-01 13:57 - 2012-07-31 20:29 - 00000000 ____D () C:\Users\Martin\Desktop\WG-Ostbahnstr. 47
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 21:48 - 2013-10-05 07:58 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-01-29 21:48 - 2011-09-25 14:09 - 00001425 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-29 08:22 - 2009-07-14 05:45 - 00457376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-28 13:16 - 2011-09-25 17:37 - 00119096 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-28 12:11 - 2014-01-28 12:11 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-28 12:08 - 2014-01-28 11:55 - 00000000 ____D () C:\Program Files\PC Monitor
2014-01-28 12:08 - 2013-03-26 10:16 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-28 10:44 - 2012-02-12 10:17 - 00000000 ____D () C:\Users\Martin\Desktop\Dokumente
2014-01-27 22:26 - 2014-01-27 22:26 - 00001041 _____ () C:\Users\Martin\Desktop\Dropbox.lnk
2014-01-27 22:26 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DropboxMaster
2014-01-27 22:22 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-27 22:22 - 2011-09-25 14:09 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-27 20:16 - 2014-01-25 16:31 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-01-26 19:54 - 2014-01-26 19:54 - 00011756 _____ () C:\Users\Martin\Documents\PTV Auszahlung.xlsx
2014-01-26 15:25 - 2014-01-07 12:10 - 00000000 ____D () C:\ProgramData\WPM
2014-01-25 17:03 - 2014-01-25 17:03 - 00092993 _____ () C:\Users\Martin\Desktop\KW-Rechner 2010.xlsm
2014-01-25 16:50 - 2014-01-25 16:49 - 00000000 ____D () C:\Users\Martin\Desktop\zu Verkaufen
2014-01-25 16:31 - 2014-01-25 16:31 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spyware Terminator
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-01-22 05:46 - 2011-09-29 16:59 - 00000000 ____D () C:\Users\Martin\Desktop\Bilder
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.6520.dll
Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\avguidx.dll
C:\Users\Martin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Martin\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Martin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq5qrhw.dll
C:\Users\Martin\AppData\Local\Temp\DTLite4454-0315.exe
C:\Users\Martin\AppData\Local\Temp\GUR7A0F.exe
C:\Users\Martin\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Martin\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Martin\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Martin\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Martin\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Martin\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Martin\AppData\Local\Temp\MPDD0000.exe
C:\Users\Martin\AppData\Local\Temp\nitro_pdf_reader_x64.exe
C:\Users\Martin\AppData\Local\Temp\nitro_reader3_x64.exe
C:\Users\Martin\AppData\Local\Temp\siinst.exe
C:\Users\Martin\AppData\Local\Temp\strings.dll
C:\Users\Martin\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Martin\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Martin\AppData\Local\Temp\_is6EAD.exe
C:\Users\Martin\AppData\Local\Temp\_isC92A.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 17:32
==================== End Of Log ============================
ADDITION Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-02-2014
Ran by Martin at 2014-02-20 12:42:13
Running from C:\Users\Martin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader X (10.1.9) - Deutsch (x32 Version: 10.1.9 - Adobe Systems Incorporated)
Amazon Browser Settings (x32 Version: 3.0 - Amazon)
Assassin's Creed II (x32 Version: 1.01 - Ubisoft)
Audacity 2.0 (x32 Version: - Audacity Team)
Battle.net (x32 Version: - Blizzard Entertainment)
Bluetooth Feature Pack 5.0 (Version: 5.0.13 - CSR Plc.)
BulletStorm (x32 Version: 1.0.0001.130 - EA) Hidden
Call of Duty: Modern Warfare 2 - Multiplayer (x32 Version: - Infinity Ward)
CambridgeSoft Activation Client (x32 Version: 12.0 - CambridgeSoft Corporation)
CambridgeSoft ChemDraw Ultra 12.0 (x32 Version: 12.0 - CambridgeSoft Corporation)
DAEMON Tools Lite (x32 Version: 4.45.4.0315 - DT Soft Ltd)
Dead Island (x32 Version: - )
Diablo III (x32 Version: - Blizzard Entertainment)
DivX-Setup (x32 Version: 2.6.1.3 - DivX, LLC)
Dropbox (HKCU Version: 2.6.2 - Dropbox, Inc.)
ElsterFormular (x32 Version: 15.0.13315 - Landesfinanzdirektion Thüringen)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FJ Camera (x32 Version: 5.8.52008.0 - Sonix)
Free Audio Converter version 5.0.17.903 (x32 Version: 5.0.17.903 - DVDVideoSoft Ltd.)
Free Image Convert and Resize version 2.1.26.1230 (x32 Version: 2.1.26.1230 - DVDVideoSoft Ltd.)
Free Studio version 5.6.2.627 (x32 Version: 5.6.2.627 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.32.918 (x32 Version: 3.11.32.918 - DVDVideoSoft Ltd.)
FreeRIP 3.80 (x32 Version: 3.80 - GreenTree Applications SRL)
Fujitsu Display Manager (Version: 7.01.20.204 - Ihr Firmenname) Hidden
Fujitsu Display Manager (x32 Version: - )
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
Fujitsu MobilityCenter Extension Utility (Version: 3.01.00.000 - Ihr Firmenname) Hidden
Fujitsu MobilityCenter Extension Utility (x32 Version: - )
Fujitsu System Extension Utility (Version: 3.1.0.0 - FUJITSU LIMITED) Hidden
Fujitsu System Extension Utility (x32 Version: - )
Google Chrome (HKCU Version: 32.0.1700.107 - Google Inc.)
Google Drive (x32 Version: 1.14.6059.644 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hearthstone (x32 Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0 - Hi-Rez Studios)
HP FWUpdateEDO2 (x32 Version: 1.2.0.0 - Hewlett-Packard)
HP LaserJet Professional M1130-M1210 MFP Series (Version: - )
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (x32 Version: 28.0.0 - Hewlett Packard)
HP Update (x32 Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (x32 Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (Version: 14.5 - Intel)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.00.01.1002 - Intel Corporation)
Jagged Alliance 2 (x32 Version: - )
Jagged Alliance 2 v1.13 (DE) [1.0.0.2085] (x32 Version: 1.0.0.2085 - Members of the Bear's Pit Forum)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 31 (x32 Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
LAME v3.99.3 (for Windows) (x32 Version: - )
League of Legends (x32 Version: 1.02.0000 - Riot Games)
LifeBook Application Panel (Version: 8.1.0.0 - FUJITSU LIMITED) Hidden
LifeBook Application Panel (x32 Version: - )
Logitech SetPoint 6.30 (Version: 6.30.43 - Logitech)
LSI HDA Modem (Version: 2.2.97 - LSI Corporation)
LSI V92 MOH Application (Version: - LSI Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
MathType 6 (x32 Version: 6.0 - Design Science, Inc.)
McAfee Security Scan Plus (Version: 3.8.141.11 - McAfee, Inc.)
MestReNova LITE 5.2.5-5780 (x32 Version: 5.2.5-5780 - Mestrelab Research S.L.)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (x32 Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU Version: - )
Nitro Reader 3 (Version: 3.5.2.10 - Nitro)
NVIDIA Drivers (Version: 1.10 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (Version: 6.14.10.12130 - NVIDIA Corporation)
NVIDIA PhysX (x32 Version: 9.10.0224 - NVIDIA Corporation)
O2Micro Flash Memory Card Windows Driver (Version: 3.00.0006 - O2Micro International LTD.) Hidden
O2Micro Flash Memory Card Windows Driver (x32 Version: 3.00.0006 - O2Micro International LTD.)
OZ711 SCR Driver (x64) (Version: 3.0.1.6D - O2Micro) Hidden
OZ711 SCR Driver (x64) (x32 Version: 3.0.1.6D - O2Micro)
PDF Architect (x32 Version: 1.0.52.8917 - pdfforge)
PDF24 Creator 5.4.0 (x32 Version: - PDF24.org)
PDFCreator (x32 Version: 1.7.1 - pdfforge)
Perfect Effects 4.0.4 (x32 Version: 4.0.4 - onOne Software)
Qualcomm Gobi 2000 Package for Sierra (x32 Version: 1.1.18 - QUALCOMM)
Samsung Kies (x32 Version: 2.3.0.12035_16 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.0.12035_16 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Scan To (Version: 1.0.1 - HP)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (x32 Version: 1.0.0 - Microsoft)
Shock Sensor Utility (Version: 4.01.00.000 - Ihr Firmenname) Hidden
Shock Sensor Utility (x32 Version: - )
Smite (x32 Version: 0.1.1888.2 - Hi-Rez Studios)
Spyware Terminator 2012 (x32 Version: 3.0.0.82 - Crawler.com)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (Version: 14.0.10.0 - Synaptics Incorporated)
System Requirements Lab (x32 Version: - )
TeamViewer 9 (x32 Version: 9.0.26297 - TeamViewer)
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (x32 Version: - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32 Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32 Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32 Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32 Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (x32 Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.2 (Version: 2.0.2 - VideoLAN)
Warframe (x32 Version: 1.0.0 - Digital Extremes)
WinRAR Archivierer (x32 Version: - )
Wireless Selector (Version: 4.01.00.100 - FUJITSU LIMITED) Hidden
Wireless Selector (x32 Version: - )
==================== Restore Points =========================
12-02-2014 22:46:36 Windows Update
17-02-2014 00:14:45 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2011-11-22 18:56 - 00001052 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 static3.cdn.ubi.com
127.0.0.1 ubisoft-orbit.s3.amazonaws.com
127.0.0.1 onlineconfigservice.ubi.com
127.0.0.1 orbitservice.ubi.com
127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
==================== Scheduled Tasks (whitelisted) =============
Task: {03BAB118-E0BC-4B05-B3B7-BB1473D0B13A} - System32\Tasks\UpdaterEX => C:\Users\Martin\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {0F805355-137F-4FFB-802F-A49B57381CE4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000UA => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-25] (Google Inc.)
Task: {87562B7D-2004-4BD8-BFCF-9F976C7799EF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)
Task: {9EE7170E-730C-49E8-8A21-A805F6D70073} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000Core => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-25] (Google Inc.)
Task: {A58399E8-EF18-4113-A819-A2378A25D2C8} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {AD117D9C-813A-44E0-990C-B3130132E587} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-22] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000Core.job => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000UA.job => C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\Martin\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-08-02 13:03 - 2012-09-29 12:25 - 00409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2013-08-02 13:03 - 2012-09-29 12:25 - 00074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2009-07-21 17:31 - 2009-07-21 17:31 - 00062312 _____ () C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
2011-06-24 00:42 - 2011-06-24 00:42 - 01302808 _____ () C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
2011-07-29 00:08 - 2011-07-29 00:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-02-20 07:31 - 2014-02-20 07:31 - 00041984 _____ () c:\users\martin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq5qrhw.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Martin\AppData\Roaming\Dropbox\bin\libcef.dll
2011-07-29 00:09 - 2011-07-29 00:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-02-20 07:30 - 2014-02-20 07:30 - 00098816 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32api.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00110080 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\pywintypes27.dll
2014-02-20 07:30 - 2014-02-20 07:30 - 00364544 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\pythoncom27.dll
2014-02-20 07:30 - 2014-02-20 07:30 - 00044032 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\_socket.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 01157120 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\_ssl.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00320512 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32com.shell.shell.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00712192 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\_hashlib.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 01175040 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\wx._core_.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00805888 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\wx._gdi_.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00811008 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\wx._windows_.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 01062400 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\wx._controls_.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00735232 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\wx._misc_.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00128512 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\_elementtree.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00127488 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\pyexpat.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00557056 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\pysqlite2._sqlite.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00087040 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\_ctypes.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00119808 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32file.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00108544 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32security.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00018432 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32event.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00038912 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32inet.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00122368 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\wx._wizard.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00070656 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\wx._html2.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00026624 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\_multiprocessing.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00010240 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\select.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00024064 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32pipe.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00686080 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\unicodedata.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00025600 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32pdh.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00525640 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\windows._lib_cacheinvalidation.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00011264 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32crypt.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00035840 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32process.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00017408 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32profile.pyd
2014-02-20 07:30 - 2014-02-20 07:30 - 00022528 _____ () C:\Users\Martin\AppData\Local\Temp\_MEI33084\win32ts.pyd
2012-01-30 17:28 - 2014-01-17 15:39 - 09490944 _____ () C:\Users\Martin\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_rdlang32.deu
2013-12-18 19:42 - 2013-12-18 19:42 - 00305520 _____ () C:\Program Files (x86)\Adobe\Reader 10.0\Reader\sqlite.dll
2012-01-30 17:28 - 2014-01-17 15:39 - 00045568 _____ () C:\Users\Martin\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_weblink.DEU
2012-01-30 17:28 - 2014-01-17 15:39 - 00100352 _____ () C:\Users\Martin\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_EScript.DEU
2012-01-30 17:29 - 2014-01-17 15:39 - 00014336 _____ () C:\Users\Martin\AppData\Local\Adobe\Acrobat\10.0\Cache\RdLang_Updater.DEU
2014-02-04 16:24 - 2014-02-02 00:41 - 00715592 _____ () C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-04 16:24 - 2014-02-02 00:41 - 00100168 _____ () C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.107\libegl.dll
2014-02-04 16:24 - 2014-02-02 00:42 - 04055368 _____ () C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 16:24 - 2014-02-02 00:42 - 00399688 _____ () C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 16:24 - 2014-02-02 00:41 - 01634632 _____ () C:\Users\Martin\AppData\Local\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2013-11-15 17:18 - 2008-01-31 14:29 - 00701968 _____ () C:\Program Files (x86)\Microsoft Office\Office12\STARTUP\MathPage.wll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: NitroReaderDriverReadSpool2 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Martin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: ConMgr => "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe"
MSCONFIG\startupreg: CSRFTP => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRBthFtpServer.exe
MSCONFIG\startupreg: CSRSkype => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: snp2uvc => C:\Windows\vsnp2uvc.exe
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/20/2014 07:31:50 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/19/2014 05:28:00 PM) (Source: Application Hang) (User: )
Description: Programm EXCEL.EXE, Version 12.0.6683.5002 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2a2c
Startzeit: 01cf2d8e3c38b286
Endzeit: 38
Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
Berichts-ID: b2e8130e-9982-11e3-a80f-4cedde5219df
Error: (02/19/2014 11:52:54 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/19/2014 07:01:23 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2014 11:24:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: League of Legends.exe, Version: 4.2.0.2723, Zeitstempel: 0x52fc0fab
Name des fehlerhaften Moduls: League of Legends.exe, Version: 4.2.0.2723, Zeitstempel: 0x52fc0fab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00431de0
ID des fehlerhaften Prozesses: 0x828
Startzeit der fehlerhaften Anwendung: 0xLeague of Legends.exe0
Pfad der fehlerhaften Anwendung: League of Legends.exe1
Pfad des fehlerhaften Moduls: League of Legends.exe2
Berichtskennung: League of Legends.exe3
Error: (02/18/2014 10:29:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/18/2014 06:40:32 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/17/2014 07:39:36 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/16/2014 01:24:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/14/2014 02:16:40 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/20/2014 09:01:23 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (02/20/2014 07:30:29 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (02/19/2014 11:52:40 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (02/19/2014 11:51:26 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (02/19/2014 11:50:13 AM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (02/19/2014 07:00:04 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (02/18/2014 05:22:19 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (02/18/2014 06:43:56 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (02/18/2014 06:42:42 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (02/17/2014 11:23:01 PM) (Source: ipnathlp) (User: )
Description: 0
Microsoft Office Sessions:
=========================
Error: (02/08/2014 01:51:08 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 251 seconds with 180 seconds of active time. This session ended with a crash.
Error: (01/12/2014 05:38:09 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 225 seconds with 180 seconds of active time. This session ended with a crash.
Error: (01/12/2014 05:28:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 508 seconds with 480 seconds of active time. This session ended with a crash.
Error: (01/12/2014 05:15:35 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 2290 seconds with 2160 seconds of active time. This session ended with a crash.
Error: (01/12/2014 04:35:12 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6683.5002, Microsoft Office Version: 12.0.6612.1000. This session lasted 3420 seconds with 3420 seconds of active time. This session ended with a crash.
Error: (09/26/2013 03:52:13 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash.
Error: (09/26/2013 03:51:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time. This session ended with a crash.
Error: (09/26/2013 08:01:26 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error: (09/26/2013 08:00:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 260 seconds with 180 seconds of active time. This session ended with a crash.
Error: (09/25/2013 08:19:43 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6679.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3291 seconds with 2160 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 8051.51 MB
Available physical RAM: 5146.71 MB
Total Pagefile: 16101.2 MB
Available Pagefile: 13077.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:27.74 GB) NTFS
Drive g: (ADAC) (Removable) (Total:3.73 GB) (Free:3.63 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 7AC1260B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 4 GB) (Disk ID: 5FE2617E)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)
==================== End Of Log ============================
Done. |
|
21.02.2014, 09:58
| #4 |
| /// the machine /// TB-Ausbilder | appround.net - Chrome Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.02.2014, 11:56
| #5 |
| | appround.net - Chrome MALWEAR Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.02.21.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Martin :: MARTIN-PC [Administrator] 21.02.2014 10:13:23 MBAM-log-2014-02-21 (11-16-54).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 427435 Laufzeit: 1 Stunde(n), 16 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 2 C:\Martin\Programme\DTLite4413-0173.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\Martin\AppData\Local\Temp\DTLite4454-0315.exe (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. (Ende) Code:
ATTFilter # AdwCleaner v3.019 - Bericht erstellt am 21/02/2014 um 11:34:07
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Martin - MARTIN-PC
# Gestartet von : C:\Users\Martin\Desktop\Programme\Anti-Virus\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\eSafe
[x] Nicht Gelöscht : C:\ProgramData\FreeRIP
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\FreeCompressor
[x] Nicht Gelöscht : C:\Program Files (x86)\FreeRIP
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
Ordner Gelöscht : C:\Users\Martin\AppData\Local\FreeCompressor Air
Ordner Gelöscht : C:\Users\Martin\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Martin\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Martin\AppData\Roaming\FreeCompressor
Ordner Gelöscht : C:\Users\Martin\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Martin\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Martin\AppData\Roaming\UpdaterEX
[x] Nicht Gelöscht : C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeRIP
Ordner Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Ordner Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Martin\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
Datei Gelöscht : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
Datei Gelöscht : C:\Windows\Tasks\UpdaterEX.job
Datei Gelöscht : C:\Windows\System32\Tasks\UpdaterEX
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FreeCompressor-setup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FreeCompressor-setup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FreeRIP3_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_samsung-kies_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_samsung-kies_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Alexa Internet
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\FreeCompressor
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\UpdaterEX
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gelöscht : HKLM\Software\AedgePerformanceBCN
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{501451DE-5808-4599-B544-8BD0915B6B24}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Settings
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16518
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v
[ Datei : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [9414 octets] - [21/02/2014 11:20:25]
AdwCleaner[S0].txt - [8127 octets] - [21/02/2014 11:34:07]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8187 octets] ##########
JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by Martin on 21.02.2014 at 11:37:40,93
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\freerip"
Successfully deleted: [Folder] "C:\Program Files (x86)\freerip"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.02.2014 at 11:42:16,87
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-02-2014
Ran by Martin (administrator) on MARTIN-PC on 21-02-2014 11:54:18
Running from C:\Users\Martin\Desktop\Programme\Anti-Virus
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hi-Rez Studios) C:\Martin\Games\Smite\HiPatchService.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(O2Micro International) C:\Windows\SysWOW64\o2flash.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSierra.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
() C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [nwiz] - nwiz.exe /installquiet
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16414824 2009-11-13] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [SSUtility] - C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [282984 2009-07-22] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-10-27] (FUJITSU LIMITED)
HKLM\...\Run: [BthSyncServ] - "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe"
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-06-24] (Logitech, Inc.)
HKLM\...\Run: [PC Monitor Operations] - "C:\Program Files\PC Monitor\pcmontask.exe"
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-11-01] ()
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-06-16] (FUJITSU LIMITED)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [Google Update] - C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-25] (Google Inc.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe [859464 2014-02-20] (Google Inc.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\MountPoints2: {d9175cb0-e78b-11e0-b9c7-00a0c6000000} - E:\SETUP.EXE
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\MountPoints2: {fd630c52-fb59-11e2-9228-8c736e83e879} - F:\SISetup.exe
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Users\Martin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-06]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google-Suche) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Select and Speak) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn [2013-10-06]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-09-22]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-12-23]
CHR Extension: (Google Mail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Martin\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-05]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Martin\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-21]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 HiPatchService; C:\Martin\Games\Smite\HiPatchService.exe [9216 2014-01-05] (Hi-Rez Studios)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 O2Flash; C:\Windows\SysWOW64\o2flash.exe [65536 2007-02-12] (O2Micro International)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 QDLService2kSierra; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSierra.exe [329976 2009-10-01] (QUALCOMM, Inc.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145792 2009-10-12] (CSR, plc)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62312 2009-07-21] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-25] (DT Soft Ltd)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [14696 2011-08-01] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [58400 2009-05-13] (O2Micro )
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscrx64.sys [107808 2009-05-15] (O2Micro)
R3 qcfiltersra2k; C:\Windows\System32\DRIVERS\qcfiltersra2k.sys [6400 2009-10-01] (QUALCOMM Incorporated)
R3 qcusbnetsra2k; C:\Windows\System32\DRIVERS\qcusbnetsra2k.sys [235008 2009-10-01] (QUALCOMM Incorporated)
R3 qcusbsersra2k; C:\Windows\System32\DRIVERS\qcusbsersra2k.sys [121216 2009-10-01] (QUALCOMM Incorporated)
S3 rstescu; C:\Windows\system32\drivers\rstescu.sys [607256 2011-03-25] (Intel Corporation)
S3 rstescu1; C:\Windows\system32\drivers\rstescu1.sys [607256 2011-03-25] (Intel Corporation)
R0 rstfltr; C:\Windows\System32\drivers\rstfltr.sys [22552 2011-03-25] (Intel Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3531776 2009-09-04] ()
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-01-25] (Windows (R) Win 7 DDK provider)
S3 ALSysIO; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 GPU-Z; \??\C:\Users\ADMINI~1\AppData\Local\Temp\GPU-Z.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-21 11:42 - 2014-02-21 11:44 - 00000750 _____ () C:\Users\Martin\Desktop\JRT.txt
2014-02-21 11:37 - 2014-02-21 11:37 - 00008295 _____ () C:\Users\Martin\Desktop\AdwCleaner[S0].txt
2014-02-21 11:37 - 2014-02-21 11:37 - 00000000 ____D () C:\Windows\ERUNT
2014-02-21 11:17 - 2014-02-21 11:34 - 00000000 ____D () C:\AdwCleaner
2014-02-20 12:41 - 2014-02-21 11:54 - 00000000 ____D () C:\FRST
2014-02-20 11:14 - 2014-02-20 11:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-18 17:54 - 2014-02-19 20:49 - 00000000 ____D () C:\Users\Martin\Desktop\Chemieklausur
2014-02-17 09:42 - 2014-02-21 07:51 - 00697606 _____ () C:\Users\Martin\Desktop\Anne DailyStatistik.xlsm
2014-02-12 23:47 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 23:47 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 23:46 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 23:46 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 23:46 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 23:46 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 23:46 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 23:46 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 23:46 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 23:46 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 23:46 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 23:46 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 23:46 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 23:46 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 23:46 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 23:46 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 23:46 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 23:46 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 23:46 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 23:46 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 23:46 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 23:46 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 23:46 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 23:46 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 23:46 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 23:46 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 23:46 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 23:46 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 23:46 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 23:46 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 23:46 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 23:46 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 23:46 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 23:46 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 23:46 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 23:46 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 23:46 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 23:46 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 23:46 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 23:46 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 23:46 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 07:31 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 07:31 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 07:31 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 07:31 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 07:31 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 07:31 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 07:31 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 07:31 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 07:31 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 07:31 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 07:31 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 07:31 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 07:31 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 07:31 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 07:31 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 07:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 07:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 07:31 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 07:31 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 07:31 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 07:31 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 07:31 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 07:31 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 07:31 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-08 20:54 - 2014-02-16 18:47 - 00402993 _____ () C:\Users\Martin\Desktop\Serviceportal Offenbach 2014.xlsm
2014-02-07 01:05 - 2014-02-07 01:05 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard
2014-02-07 00:49 - 2014-02-07 01:05 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-02-07 00:48 - 2014-02-20 23:58 - 00000000 ____D () C:\Users\Martin\AppData\Local\Battle.net
2014-02-07 00:48 - 2014-02-12 13:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-07 00:48 - 2014-02-07 08:05 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Battle.net
2014-02-07 00:48 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard Entertainment
2014-02-04 22:32 - 2014-02-04 22:32 - 00009901 _____ () C:\Users\Martin\Desktop\Versicherungs Katalog.xlsx
2014-02-04 14:30 - 2014-02-04 14:30 - 00000000 ____D () C:\Users\Martin\Desktop\LoL
2014-02-02 16:27 - 2014-02-02 16:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 16:27 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-02 16:27 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 16:27 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 16:27 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 16:26 - 2014-02-02 16:27 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-02 13:57 - 2014-02-04 16:14 - 00069074 _____ () C:\Users\Martin\Desktop\ESt2013_Kober_Martin.elfo
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 22:05 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 12:11 - 2014-01-28 12:11 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-28 11:55 - 2014-01-28 12:08 - 00000000 ____D () C:\Program Files\PC Monitor
2014-01-28 11:53 - 2014-02-12 23:58 - 01591306 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-27 22:26 - 2014-02-21 11:36 - 00000000 ___RD () C:\Users\Martin\Dropbox
2014-01-27 22:26 - 2014-01-27 22:26 - 00001041 _____ () C:\Users\Martin\Desktop\Dropbox.lnk
2014-01-27 22:22 - 2014-02-21 11:37 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Dropbox
2014-01-27 22:22 - 2014-01-27 22:26 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DropboxMaster
2014-01-27 22:22 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-26 19:54 - 2014-01-26 19:54 - 00011756 _____ () C:\Users\Martin\Documents\PTV Auszahlung.xlsx
2014-01-25 17:03 - 2014-01-25 17:03 - 00092993 _____ () C:\Users\Martin\Desktop\KW-Rechner 2010.xlsm
2014-01-25 16:49 - 2014-01-25 16:50 - 00000000 ____D () C:\Users\Martin\Desktop\zu Verkaufen
2014-01-25 16:31 - 2014-01-27 20:16 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-01-25 16:31 - 2014-01-25 16:31 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spyware Terminator
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
==================== One Month Modified Files and Folders =======
2014-02-21 11:54 - 2014-02-20 12:41 - 00000000 ____D () C:\FRST
2014-02-21 11:44 - 2014-02-21 11:42 - 00000750 _____ () C:\Users\Martin\Desktop\JRT.txt
2014-02-21 11:43 - 2011-08-01 20:15 - 00697098 _____ () C:\Windows\system32\perfh007.dat
2014-02-21 11:43 - 2011-08-01 20:15 - 00148362 _____ () C:\Windows\system32\perfc007.dat
2014-02-21 11:43 - 2009-07-14 06:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-21 11:43 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-21 11:43 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-21 11:37 - 2014-02-21 11:37 - 00008295 _____ () C:\Users\Martin\Desktop\AdwCleaner[S0].txt
2014-02-21 11:37 - 2014-02-21 11:37 - 00000000 ____D () C:\Windows\ERUNT
2014-02-21 11:37 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Dropbox
2014-02-21 11:36 - 2014-01-27 22:26 - 00000000 ___RD () C:\Users\Martin\Dropbox
2014-02-21 11:36 - 2013-01-22 14:41 - 00000000 ___RD () C:\Users\Martin\Google Drive
2014-02-21 11:36 - 2013-01-22 14:38 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-21 11:36 - 2012-07-04 23:30 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-21 11:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-21 11:36 - 2009-07-14 05:51 - 00154474 _____ () C:\Windows\setupact.log
2014-02-21 11:35 - 2011-08-01 10:20 - 01998516 _____ () C:\Windows\WindowsUpdate.log
2014-02-21 11:34 - 2014-02-21 11:17 - 00000000 ____D () C:\AdwCleaner
2014-02-21 11:27 - 2011-09-25 17:06 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000UA.job
2014-02-21 11:23 - 2013-01-22 14:38 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-21 08:27 - 2011-09-25 17:06 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000Core.job
2014-02-21 08:16 - 2013-12-19 17:06 - 00000163 _____ () C:\Users\Martin\AppData\Roaming\WB.CFG
2014-02-21 07:51 - 2014-02-17 09:42 - 00697606 _____ () C:\Users\Martin\Desktop\Anne DailyStatistik.xlsm
2014-02-20 23:58 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Battle.net
2014-02-20 11:34 - 2011-09-25 18:21 - 00000000 ____D () C:\Users\Martin\Desktop\Programme
2014-02-20 11:14 - 2014-02-20 11:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-19 20:49 - 2014-02-18 17:54 - 00000000 ____D () C:\Users\Martin\Desktop\Chemieklausur
2014-02-19 11:51 - 2010-11-21 04:47 - 00068550 _____ () C:\Windows\PFRO.log
2014-02-19 11:22 - 2011-10-24 20:09 - 04502016 ___SH () C:\Users\Martin\Desktop\Thumbs.db
2014-02-17 10:09 - 2013-12-20 14:32 - 00000000 ____D () C:\Users\Martin\Desktop\2000_Excelvorlagen
2014-02-17 01:16 - 2013-08-10 09:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 01:15 - 2011-10-25 17:00 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 18:47 - 2014-02-08 20:54 - 00402993 _____ () C:\Users\Martin\Desktop\Serviceportal Offenbach 2014.xlsm
2014-02-14 08:18 - 2013-01-22 14:38 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 08:18 - 2013-01-22 14:38 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 12:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 23:58 - 2014-01-28 11:53 - 01591306 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 13:31 - 2014-02-07 00:48 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-12 08:22 - 2011-09-25 17:06 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000UA
2014-02-12 08:22 - 2011-09-25 17:06 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000Core
2014-02-09 16:53 - 2014-01-11 19:39 - 00384208 _____ () C:\Users\Martin\Desktop\Projekt Ellen - Serviceportal Offenbach 2014.xlsm
2014-02-08 15:32 - 2014-01-11 21:32 - 00322090 _____ () C:\Users\Martin\Desktop\Projekt Anne Landau.xlsm
2014-02-07 15:03 - 2011-09-25 17:13 - 00000000 ____D () C:\Users\Martin\Desktop\Games
2014-02-07 09:21 - 2012-05-17 10:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-02-07 08:05 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Battle.net
2014-02-07 01:05 - 2014-02-07 01:05 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard
2014-02-07 01:05 - 2014-02-07 00:49 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-02-07 00:48 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard Entertainment
2014-02-06 13:16 - 2014-02-12 23:46 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 23:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 23:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 23:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 23:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 23:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 23:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 23:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 23:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 23:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 23:46 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 23:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 23:46 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 23:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 23:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 23:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 23:46 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 23:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 23:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 23:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 23:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 23:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 23:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 23:46 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 23:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 23:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 23:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 23:46 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 23:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 23:46 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 23:46 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 23:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 23:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 23:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 23:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 23:46 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 23:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 23:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 23:46 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 22:32 - 2014-02-04 22:32 - 00009901 _____ () C:\Users\Martin\Desktop\Versicherungs Katalog.xlsx
2014-02-04 16:14 - 2014-02-02 13:57 - 00069074 _____ () C:\Users\Martin\Desktop\ESt2013_Kober_Martin.elfo
2014-02-04 14:30 - 2014-02-04 14:30 - 00000000 ____D () C:\Users\Martin\Desktop\LoL
2014-02-02 16:27 - 2014-02-02 16:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 16:27 - 2014-02-02 16:26 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-02 16:27 - 2012-04-21 13:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-02 13:35 - 2014-01-07 12:26 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-02-02 13:34 - 2011-09-25 14:08 - 00000000 ____D () C:\Users\Martin
2014-02-01 13:57 - 2012-07-31 20:29 - 00000000 ____D () C:\Users\Martin\Desktop\WG-Ostbahnstr. 47
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 21:48 - 2013-10-05 07:58 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-01-29 21:48 - 2011-09-25 14:09 - 00001425 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-29 08:22 - 2009-07-14 05:45 - 00457376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-28 13:16 - 2011-09-25 17:37 - 00119096 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-28 12:11 - 2014-01-28 12:11 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-28 12:08 - 2014-01-28 11:55 - 00000000 ____D () C:\Program Files\PC Monitor
2014-01-28 12:08 - 2013-03-26 10:16 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-28 10:44 - 2012-02-12 10:17 - 00000000 ____D () C:\Users\Martin\Desktop\Dokumente
2014-01-27 22:26 - 2014-01-27 22:26 - 00001041 _____ () C:\Users\Martin\Desktop\Dropbox.lnk
2014-01-27 22:26 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DropboxMaster
2014-01-27 22:22 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-27 22:22 - 2011-09-25 14:09 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-27 20:16 - 2014-01-25 16:31 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-01-26 19:54 - 2014-01-26 19:54 - 00011756 _____ () C:\Users\Martin\Documents\PTV Auszahlung.xlsx
2014-01-25 17:03 - 2014-01-25 17:03 - 00092993 _____ () C:\Users\Martin\Desktop\KW-Rechner 2010.xlsm
2014-01-25 16:50 - 2014-01-25 16:49 - 00000000 ____D () C:\Users\Martin\Desktop\zu Verkaufen
2014-01-25 16:31 - 2014-01-25 16:31 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spyware Terminator
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-01-22 05:46 - 2011-09-29 16:59 - 00000000 ____D () C:\Users\Martin\Desktop\Bilder
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.6520.dll
Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\avguidx.dll
C:\Users\Martin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Martin\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Martin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp8ekg4c.dll
C:\Users\Martin\AppData\Local\Temp\DTLite4454-0315.exe
C:\Users\Martin\AppData\Local\Temp\GUR7A0F.exe
C:\Users\Martin\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Martin\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Martin\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Martin\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Martin\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Martin\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Martin\AppData\Local\Temp\MPDD0000.exe
C:\Users\Martin\AppData\Local\Temp\nitro_pdf_reader_x64.exe
C:\Users\Martin\AppData\Local\Temp\nitro_reader3_x64.exe
C:\Users\Martin\AppData\Local\Temp\Quarantine.exe
C:\Users\Martin\AppData\Local\Temp\siinst.exe
C:\Users\Martin\AppData\Local\Temp\strings.dll
C:\Users\Martin\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Martin\AppData\Local\Temp\_is6EAD.exe
C:\Users\Martin\AppData\Local\Temp\_isC92A.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 17:32
==================== End Of Log ============================
--- --- --- ADDITIONAL Wurde nicht erstellt. |
|
22.02.2014, 13:21
| #6 |
| /// the machine /// TB-Ausbilder | appround.net - ChromeESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> appround.net - Chrome |
|
24.02.2014, 17:58
| #7 |
| | appround.net - ChromeCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7de13491153fba4790e4e7d69917bbb3
# engine=17202
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-24 04:19:41
# local_time=2014-02-24 05:19:41 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 282073 144888631 0 0
# compatibility_mode=7937 16777214 28 75 2598510 28304029 0 0
# scanned=226529
# found=0
# cleaned=0
# scan_time=8131
Code:
ATTFilter Results of screen317's Security Check version 0.99.79 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Spyware Terminator 2012 Malwarebytes Anti-Malware Version 1.75.0.1300 JavaFX 2.1.1 Java(TM) 6 Update 31 Java 7 Update 51 Adobe Reader 10.1.9 Adobe Reader out of Date! Google Chrome 32.0.1700.107 Google Chrome 33.0.1750.117 ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by Martin (administrator) on MARTIN-PC on 24-02-2014 17:57:40
Running from C:\Users\Martin\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hi-Rez Studios) C:\Martin\Games\Smite\HiPatchService.exe
(HP) C:\Windows\system32\HPSIsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(O2Micro International) C:\Windows\SysWOW64\o2flash.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSierra.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
() C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sonix) C:\Windows\vsnp2uvc.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(FUJITSU LIMITED) C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [nwiz] - nwiz.exe /installquiet
HKLM\...\Run: [NvCplDaemon] - C:\Windows\system32\NvCpl.dll [16414824 2009-11-13] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1861416 2009-10-09] (Synaptics Incorporated)
HKLM\...\Run: [snp2uvc] - C:\Windows\vsnp2uvc.exe [662016 2009-08-12] (Sonix)
HKLM\...\Run: [LoadFujitsuQuickTouch] - C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe [157544 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [LoadBtnHnd] - C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe [35176 2009-10-15] (FUJITSU LIMITED)
HKLM\...\Run: [SSUtility] - C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe [282984 2009-07-22] (FUJITSU LIMITED)
HKLM\...\Run: [FDM7] - C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe [164712 2009-10-27] (FUJITSU LIMITED)
HKLM\...\Run: [BthSyncServ] - "C:\Program Files\CSR\Bluetooth Feature Pack 5.0\bthsyncserv.exe"
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [1744152 2011-06-24] (Logitech, Inc.)
HKLM\...\Run: [PC Monitor Operations] - "C:\Program Files\PC Monitor\pcmontask.exe"
HKLM-x32\...\Run: [IMSS] - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-11-01] ()
HKLM-x32\...\Run: [IndicatorUtility] - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [LoadFUJ02E3] - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe [36712 2009-06-16] (FUJITSU LIMITED)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-29] ()
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [Google Update] - C:\Users\Martin\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-25] (Google Inc.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [GoogleDriveSync] - C:\Program Files (x86)\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe [859464 2014-02-20] (Google Inc.)
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\MountPoints2: {d9175cb0-e78b-11e0-b9c7-00a0c6000000} - E:\SETUP.EXE
HKU\S-1-5-21-3359158749-1672355249-3210524210-1000\...\MountPoints2: {fd630c52-fb59-11e2-9228-8c736e83e879} - F:\SISetup.exe
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Martin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Martin\AppData\Local\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Google Update) - C:\Users\Martin\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-06]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google-Suche) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (Select and Speak) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn [2013-10-06]
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-09-22]
CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-12-23]
CHR Extension: (Google Mail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Martin\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-05-05]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Martin\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-09-21]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR StartMenuInternet: Google Chrome - C:\Users\Martin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 HiPatchService; C:\Martin\Games\Smite\HiPatchService.exe [9216 2014-01-05] (Hi-Rez Studios)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software)
R2 O2Flash; C:\Windows\SysWOW64\o2flash.exe [65536 2007-02-12] (O2Micro International)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 QDLService2kSierra; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kSierra.exe [329976 2009-10-01] (QUALCOMM, Inc.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145792 2009-10-12] (CSR, plc)
R2 WirelessSelectorService; C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [62312 2009-07-21] ()
==================== Drivers (Whitelisted) ====================
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-05-25] (DT Soft Ltd)
R0 FJGSDisk; C:\Windows\System32\DRIVERS\FJGSDisk.sys [14696 2011-08-01] (FUJITSU LIMITED)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [7808 2006-11-01] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\System32\DRIVERS\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [58400 2009-05-13] (O2Micro )
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscrx64.sys [107808 2009-05-15] (O2Micro)
R3 qcfiltersra2k; C:\Windows\System32\DRIVERS\qcfiltersra2k.sys [6400 2009-10-01] (QUALCOMM Incorporated)
R3 qcusbnetsra2k; C:\Windows\System32\DRIVERS\qcusbnetsra2k.sys [235008 2009-10-01] (QUALCOMM Incorporated)
R3 qcusbsersra2k; C:\Windows\System32\DRIVERS\qcusbsersra2k.sys [121216 2009-10-01] (QUALCOMM Incorporated)
S3 rstescu; C:\Windows\system32\drivers\rstescu.sys [607256 2011-03-25] (Intel Corporation)
S3 rstescu1; C:\Windows\system32\drivers\rstescu1.sys [607256 2011-03-25] (Intel Corporation)
R0 rstfltr; C:\Windows\System32\drivers\rstfltr.sys [22552 2011-03-25] (Intel Corporation)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [3531776 2009-09-04] ()
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-01-25] (Windows (R) Win 7 DDK provider)
S3 ALSysIO; \??\C:\Users\ADMINI~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 GPU-Z; \??\C:\Users\ADMINI~1\AppData\Local\Temp\GPU-Z.sys [X]
S3 massfilter; system32\drivers\massfilter.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-24 17:57 - 2014-02-24 17:57 - 02155520 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2014-02-24 17:57 - 2014-02-24 17:57 - 00017710 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-02-21 11:37 - 2014-02-21 11:37 - 00000000 ____D () C:\Windows\ERUNT
2014-02-21 11:17 - 2014-02-21 11:34 - 00000000 ____D () C:\AdwCleaner
2014-02-20 12:41 - 2014-02-24 17:57 - 00000000 ____D () C:\FRST
2014-02-20 11:14 - 2014-02-20 11:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-18 17:54 - 2014-02-19 20:49 - 00000000 ____D () C:\Users\Martin\Desktop\Chemieklausur
2014-02-17 09:42 - 2014-02-21 07:51 - 00697606 _____ () C:\Users\Martin\Desktop\Anne DailyStatistik.xlsm
2014-02-12 23:47 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 23:47 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 23:46 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 23:46 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 23:46 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-12 23:46 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 23:46 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 23:46 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-12 23:46 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 23:46 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 23:46 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 23:46 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 23:46 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-12 23:46 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-12 23:46 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 23:46 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 23:46 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 23:46 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 23:46 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 23:46 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 23:46 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-12 23:46 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 23:46 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 23:46 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 23:46 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 23:46 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 23:46 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-12 23:46 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-12 23:46 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-12 23:46 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 23:46 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 23:46 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 23:46 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 23:46 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 23:46 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-12 23:46 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 23:46 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 23:46 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 23:46 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-12 23:46 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 23:46 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-12 07:31 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-12 07:31 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 07:31 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 07:31 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 07:31 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 07:31 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 07:31 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 07:31 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 07:31 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 07:31 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 07:31 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 07:31 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 07:31 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 07:31 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 07:31 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-12 07:31 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-12 07:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-12 07:31 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-12 07:31 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 07:31 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-12 07:31 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-12 07:31 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-12 07:31 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-12 07:31 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 07:31 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-08 20:54 - 2014-02-16 18:47 - 00402993 _____ () C:\Users\Martin\Desktop\Serviceportal Offenbach 2014.xlsm
2014-02-07 01:05 - 2014-02-07 01:05 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard
2014-02-07 00:49 - 2014-02-07 01:05 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-02-07 00:48 - 2014-02-24 17:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Battle.net
2014-02-07 00:48 - 2014-02-12 13:31 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-07 00:48 - 2014-02-07 08:05 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Battle.net
2014-02-07 00:48 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard Entertainment
2014-02-04 22:32 - 2014-02-04 22:32 - 00009901 _____ () C:\Users\Martin\Desktop\Versicherungs Katalog.xlsx
2014-02-04 14:30 - 2014-02-04 14:30 - 00000000 ____D () C:\Users\Martin\Desktop\LoL
2014-02-02 16:27 - 2014-02-02 16:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 16:27 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-02 16:27 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-02 16:27 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-02 16:27 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-02 16:26 - 2014-02-02 16:27 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-02 13:57 - 2014-02-04 16:14 - 00069074 _____ () C:\Users\Martin\Desktop\ESt2013_Kober_Martin.elfo
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 22:05 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-28 12:11 - 2014-01-28 12:11 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-28 11:55 - 2014-01-28 12:08 - 00000000 ____D () C:\Program Files\PC Monitor
2014-01-28 11:53 - 2014-02-12 23:58 - 01591306 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-01-27 22:26 - 2014-02-24 17:56 - 00000000 ___RD () C:\Users\Martin\Dropbox
2014-01-27 22:26 - 2014-01-27 22:26 - 00001041 _____ () C:\Users\Martin\Desktop\Dropbox.lnk
2014-01-27 22:22 - 2014-02-24 17:56 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Dropbox
2014-01-27 22:22 - 2014-01-27 22:26 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DropboxMaster
2014-01-27 22:22 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-26 19:54 - 2014-01-26 19:54 - 00011756 _____ () C:\Users\Martin\Documents\PTV Auszahlung.xlsx
2014-01-25 17:03 - 2014-01-25 17:03 - 00092993 _____ () C:\Users\Martin\Desktop\KW-Rechner 2010.xlsm
2014-01-25 16:49 - 2014-01-25 16:50 - 00000000 ____D () C:\Users\Martin\Desktop\zu Verkaufen
2014-01-25 16:31 - 2014-01-27 20:16 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-01-25 16:31 - 2014-01-25 16:31 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spyware Terminator
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
==================== One Month Modified Files and Folders =======
2014-02-24 17:57 - 2014-02-24 17:57 - 02155520 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2014-02-24 17:57 - 2014-02-24 17:57 - 00017710 _____ () C:\Users\Martin\Desktop\FRST.txt
2014-02-24 17:57 - 2014-02-20 12:41 - 00000000 ____D () C:\FRST
2014-02-24 17:56 - 2014-01-27 22:26 - 00000000 ___RD () C:\Users\Martin\Dropbox
2014-02-24 17:56 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Dropbox
2014-02-24 17:55 - 2013-01-22 14:41 - 00000000 ___RD () C:\Users\Martin\Google Drive
2014-02-24 17:55 - 2013-01-22 14:38 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-24 17:55 - 2012-07-04 23:30 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-02-24 17:54 - 2010-11-21 04:47 - 00069384 _____ () C:\Windows\PFRO.log
2014-02-24 17:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 17:54 - 2009-07-14 05:51 - 00154586 _____ () C:\Windows\setupact.log
2014-02-24 17:52 - 2011-08-01 10:20 - 02021895 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 17:48 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Battle.net
2014-02-24 17:27 - 2011-10-30 20:38 - 00000000 ____D () C:\Users\Martin\Documents\My Games
2014-02-24 17:27 - 2011-09-25 17:06 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000UA.job
2014-02-24 17:25 - 2011-08-01 11:36 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-24 17:23 - 2013-01-22 14:38 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 14:34 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 14:34 - 2009-07-14 05:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-21 14:04 - 2011-08-01 20:15 - 00697098 _____ () C:\Windows\system32\perfh007.dat
2014-02-21 14:04 - 2011-08-01 20:15 - 00148362 _____ () C:\Windows\system32\perfc007.dat
2014-02-21 14:04 - 2009-07-14 06:13 - 01613412 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-21 11:37 - 2014-02-21 11:37 - 00000000 ____D () C:\Windows\ERUNT
2014-02-21 11:34 - 2014-02-21 11:17 - 00000000 ____D () C:\AdwCleaner
2014-02-21 08:27 - 2011-09-25 17:06 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000Core.job
2014-02-21 08:16 - 2013-12-19 17:06 - 00000163 _____ () C:\Users\Martin\AppData\Roaming\WB.CFG
2014-02-21 07:51 - 2014-02-17 09:42 - 00697606 _____ () C:\Users\Martin\Desktop\Anne DailyStatistik.xlsm
2014-02-20 11:34 - 2011-09-25 18:21 - 00000000 ____D () C:\Users\Martin\Desktop\Programme
2014-02-20 11:14 - 2014-02-20 11:14 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-19 20:49 - 2014-02-18 17:54 - 00000000 ____D () C:\Users\Martin\Desktop\Chemieklausur
2014-02-19 11:22 - 2011-10-24 20:09 - 04502016 ___SH () C:\Users\Martin\Desktop\Thumbs.db
2014-02-17 10:09 - 2013-12-20 14:32 - 00000000 ____D () C:\Users\Martin\Desktop\2000_Excelvorlagen
2014-02-17 01:16 - 2013-08-10 09:51 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 01:15 - 2011-10-25 17:00 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 18:47 - 2014-02-08 20:54 - 00402993 _____ () C:\Users\Martin\Desktop\Serviceportal Offenbach 2014.xlsm
2014-02-14 08:18 - 2013-01-22 14:38 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 08:18 - 2013-01-22 14:38 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 12:36 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-12 23:58 - 2014-01-28 11:53 - 01591306 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-12 13:31 - 2014-02-07 00:48 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-02-12 08:22 - 2011-09-25 17:06 - 00004096 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000UA
2014-02-12 08:22 - 2011-09-25 17:06 - 00003700 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3359158749-1672355249-3210524210-1000Core
2014-02-09 16:53 - 2014-01-11 19:39 - 00384208 _____ () C:\Users\Martin\Desktop\Projekt Ellen - Serviceportal Offenbach 2014.xlsm
2014-02-08 15:32 - 2014-01-11 21:32 - 00322090 _____ () C:\Users\Martin\Desktop\Projekt Anne Landau.xlsm
2014-02-07 15:03 - 2011-09-25 17:13 - 00000000 ____D () C:\Users\Martin\Desktop\Games
2014-02-07 09:21 - 2012-05-17 10:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-02-07 08:05 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Battle.net
2014-02-07 01:05 - 2014-02-07 01:05 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard
2014-02-07 01:05 - 2014-02-07 00:49 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-02-07 00:48 - 2014-02-07 00:48 - 00000000 ____D () C:\Users\Martin\AppData\Local\Blizzard Entertainment
2014-02-06 13:16 - 2014-02-12 23:46 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-12 23:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-12 23:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-12 23:46 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-12 23:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-12 23:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-12 23:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-12 23:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 11:52 - 2014-02-12 23:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 11:49 - 2014-02-12 23:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-12 23:46 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-12 23:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-12 23:46 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-12 23:46 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-12 23:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-12 23:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 11:11 - 2014-02-12 23:46 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-12 23:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-12 23:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-12 23:46 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-12 23:46 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-12 23:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-12 23:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-12 23:46 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:49 - 2014-02-12 23:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 10:47 - 2014-02-12 23:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-12 23:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-12 23:46 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-12 23:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-12 23:46 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 10:22 - 2014-02-12 23:46 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-12 23:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-12 23:46 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-12 23:46 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 09:55 - 2014-02-12 23:46 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-12 23:46 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-12 23:46 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-12 23:46 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-12 23:46 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-04 22:32 - 2014-02-04 22:32 - 00009901 _____ () C:\Users\Martin\Desktop\Versicherungs Katalog.xlsx
2014-02-04 16:14 - 2014-02-02 13:57 - 00069074 _____ () C:\Users\Martin\Desktop\ESt2013_Kober_Martin.elfo
2014-02-04 14:30 - 2014-02-04 14:30 - 00000000 ____D () C:\Users\Martin\Desktop\LoL
2014-02-02 16:27 - 2014-02-02 16:27 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-02 16:27 - 2014-02-02 16:26 - 00005933 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-02-02 16:27 - 2012-04-21 13:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-02 13:35 - 2014-01-07 12:26 - 00000000 ____D () C:\Program Files (x86)\ElsterFormular
2014-02-02 13:34 - 2011-09-25 14:08 - 00000000 ____D () C:\Users\Martin
2014-02-01 13:57 - 2012-07-31 20:29 - 00000000 ____D () C:\Users\Martin\Desktop\WG-Ostbahnstr. 47
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-29 22:05 - 2014-01-29 22:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-29 21:48 - 2013-10-05 07:58 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-01-29 21:48 - 2011-09-25 14:09 - 00001425 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-29 08:22 - 2009-07-14 05:45 - 00457376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-28 13:16 - 2011-09-25 17:37 - 00119096 _____ () C:\Users\Martin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-28 12:11 - 2014-01-28 12:11 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-01-28 12:08 - 2014-01-28 11:55 - 00000000 ____D () C:\Program Files\PC Monitor
2014-01-28 12:08 - 2013-03-26 10:16 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-01-28 10:44 - 2012-02-12 10:17 - 00000000 ____D () C:\Users\Martin\Desktop\Dokumente
2014-01-27 22:26 - 2014-01-27 22:26 - 00001041 _____ () C:\Users\Martin\Desktop\Dropbox.lnk
2014-01-27 22:26 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\DropboxMaster
2014-01-27 22:22 - 2014-01-27 22:22 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-27 22:22 - 2011-09-25 14:09 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-27 20:16 - 2014-01-25 16:31 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-01-26 19:54 - 2014-01-26 19:54 - 00011756 _____ () C:\Users\Martin\Documents\PTV Auszahlung.xlsx
2014-01-25 17:03 - 2014-01-25 17:03 - 00092993 _____ () C:\Users\Martin\Desktop\KW-Rechner 2010.xlsm
2014-01-25 16:50 - 2014-01-25 16:49 - 00000000 ____D () C:\Users\Martin\Desktop\zu Verkaufen
2014-01-25 16:31 - 2014-01-25 16:31 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Spyware Terminator
2014-01-25 16:31 - 2014-01-25 16:31 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.6520.dll
Some content of TEMP:
====================
C:\Users\Martin\AppData\Local\Temp\avguidx.dll
C:\Users\Martin\AppData\Local\Temp\BackupSetup.exe
C:\Users\Martin\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Martin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnnqpvc.dll
C:\Users\Martin\AppData\Local\Temp\DTLite4454-0315.exe
C:\Users\Martin\AppData\Local\Temp\GUR7A0F.exe
C:\Users\Martin\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\Martin\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\Martin\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Martin\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Martin\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Martin\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Martin\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Martin\AppData\Local\Temp\MPDD0000.exe
C:\Users\Martin\AppData\Local\Temp\nitro_pdf_reader_x64.exe
C:\Users\Martin\AppData\Local\Temp\nitro_reader3_x64.exe
C:\Users\Martin\AppData\Local\Temp\Quarantine.exe
C:\Users\Martin\AppData\Local\Temp\siinst.exe
C:\Users\Martin\AppData\Local\Temp\strings.dll
C:\Users\Martin\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Martin\AppData\Local\Temp\_is6EAD.exe
C:\Users\Martin\AppData\Local\Temp\_isC92A.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-18 17:32
==================== End Of Log ============================
--- --- --- What's next? |
|
25.02.2014, 17:16
| #8 |
| /// the machine /// TB-Ausbilder | appround.net - Chrome Adobe udpaten. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.02.2014, 11:19
| #9 |
| | appround.net - Chrome Also bisher habe ich keine Auswirkungen der vorherigen Situation bemerkt. Vielen vielen dank Schrauber für deine Hilfe. Ich empfehle euch definitiv weiter. Liebe Grüße, Martin Bearbeitung des Threads kann beendet werden. |
|
27.02.2014, 09:31
| #10 |
| /// the machine /// TB-Ausbilder | appround.net - Chrome Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu appround.net - Chrome |
| adobe, battle.net, beseitigung, converter, error, excel, explorer, format, google, homepage, iexplore.exe, install.exe, league of legends, logfile, mp3, officejet, problem, programm, registry, rundll, scan, security, seiten, software, svchost.exe, tcp, udp, usb, windows |
Linear-Darstellung
