|
Log-Analyse und Auswertung: Chinesischer DienstWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
06.03.2014, 16:03 | #1 |
| Chinesischer Dienst Ich habe in meinen Diensten einen Dienst gelistet mit chinesischen Schriftzeichen. Ich habe mein Anti-Virus Programm Eset durchlaufen lassen... NIX gemeldet. Was soll ich tun? Hier noch ein Bild vom Dienst. hxxp://i.epvpimg.com/y1ETb.png |
06.03.2014, 16:34 | #2 |
/// the machine /// TB-Ausbilder | Chinesischer Dienst hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
06.03.2014, 19:20 | #3 |
| Chinesischer Dienst FRST.txt:
__________________FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-03-2014 Ran by Martin (administrator) on MARTIN-PC on 06-03-2014 16:49:09 Running from C:\Users\Martin\Desktop Windows 8.1 Pro with Media Center (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\WINDOWS\system32\atiesrxx.exe (Adobe Systems Incorporated) D:\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Advanced Micro Devices, Inc.) D:\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe () C:\WINDOWS\SysWOW64\PnkBstrA.exe (Chris Pietschmann (hxxp://pietschsoft.com)) D:\Virtual Router\VirtualRouterService.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe (Microsoft Corporation) C:\WINDOWS\System32\LogonUI.exe (Microsoft Corporation) C:\WINDOWS\System32\LogonUI.exe (Microsoft Corporation) C:\WINDOWS\System32\LogonUI.exe (Microsoft Corporation) C:\WINDOWS\System32\LogonUI.exe (Microsoft Corporation) C:\WINDOWS\System32\LogonUI.exe (Microsoft Corporation) C:\WINDOWS\System32\LogonUI.exe (AMD) C:\WINDOWS\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\skydrive.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (Akamai Technologies, Inc.) C:\Users\Martin\AppData\Local\Akamai\netsession_win.exe (AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe (ICQ) C:\Users\Martin\AppData\Roaming\ICQM\icq.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) D:\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) D:\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (TeamSpeak Systems GmbH) D:\TeamSpeak 3 Client\ts3client_win64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) E:\Steam\steam.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Chucklefish LTD) E:\Steam\steamapps\common\Starbound\win32\launcher\launcher.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () D:\No-IP\DUC40.exe () E:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () E:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.201\deploy\LoLLauncher.exe () E:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.75\deploy\LolClient.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe () E:\Steam\steamapps\common\Starbound\win32\starbound_server.exe (Chucklefish LTD) E:\Steam\steamapps\common\Starbound\win32\starbound.exe (Valve Corporation) E:\Steam\GameOverlayUI.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [StartCCC] - D:\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-01-31] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-2676366874-2997908540-3519959478-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.) HKU\S-1-5-21-2676366874-2997908540-3519959478-1001\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2014-01-31] (AMD) HKU\S-1-5-21-2676366874-2997908540-3519959478-1001\...\Run: [icq] - C:\Users\Martin\AppData\Roaming\ICQM\icq.exe [33664344 2014-02-09] (ICQ) HKU\S-1-5-21-2676366874-2997908540-3519959478-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x08CA66E47FD0CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Java\32\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Java\32\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar64.dll (Steganos Software GmbH) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Chrome: ======= CHR HomePage: hxxp://www.google.de/ CHR Extension: (ProxTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2013-11-30] CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-24] CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-24] CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-24] CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-30] CHR Extension: (Google-Suche) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-24] CHR Extension: (Facebook Sidebar Chat Reversion) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\njmofogddjpgkcfhbielgcfdbjejeahi [2014-02-06] CHR Extension: (Google Wallet) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-24] CHR Extension: (Google Mail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-24] ==================== Services (Whitelisted) ================= R2 AdobeActiveFileMonitor9.0; D:\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-30] (Adobe Systems Incorporated) R2 AMD FUEL Service; D:\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-01-31] (Advanced Micro Devices, Inc.) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET) R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2014-03-01] () R3 Virtual Router; D:\Virtual Router\VirtualRouterService.exe [12288 2013-02-10] (Chris Pietschmann (hxxp://pietschsoft.com)) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270192 2013-04-01] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation) S2 WiseBootAssistant; D:\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com) S2 楗敳潂瑯獁楳瑳湡t; 㩄坜獩履楗敳䌠牡㘳尵潂瑯楔敭攮數 [X] ==================== Drivers (Whitelisted) ==================== S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; D:\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-19] (Advanced Micro Devices) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.) S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation) S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation) S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation) S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation) S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) R3 Lycosa; C:\Windows\system32\drivers\Lycosa.sys [18816 2008-01-17] (Razer USA Ltd.) R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) S3 NPF; C:\Windows\system32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.) S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation) R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [29472 2012-09-05] (SerComm Corporation) S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation) S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation) S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation) R3 WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [267776 2013-05-12] (Jungo Connectivity) S3 WacHidRouter; \SystemRoot\System32\drivers\wachidrouter.sys [X] S3 wacomrouterfilter; \SystemRoot\System32\drivers\wacomrouterfilter.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-06 16:49 - 2014-03-06 16:49 - 00011938 _____ () C:\Users\Martin\Desktop\FRST.txt 2014-03-06 16:48 - 2014-03-06 16:49 - 00000000 ____D () C:\FRST 2014-03-06 16:48 - 2014-03-06 16:48 - 02156544 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe 2014-03-06 16:48 - 2014-03-06 16:48 - 02156544 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe 2014-03-06 16:38 - 2014-03-06 16:39 - 00009292 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-06 14:22 - 2014-03-06 14:22 - 00000000 ____D () C:\Users\Martin\AppData\Local\LogMeIn 2014-03-06 14:22 - 2014-03-06 14:22 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-03-06 13:45 - 2014-03-06 13:45 - 08216576 _____ () C:\Users\Martin\Downloads\hamachi_2.2.0.173.msi 2014-03-05 22:20 - 2014-03-05 22:20 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-03-04 21:05 - 2014-03-04 21:05 - 00001862 _____ () C:\Users\Martin\Downloads\sammlung-verbesserung-phmeter.txt 2014-03-03 15:52 - 2014-03-03 15:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-03 15:52 - 2014-03-03 15:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-02 20:35 - 2014-01-08 02:46 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-03-02 20:35 - 2014-01-08 02:41 - 01530712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-03-02 20:35 - 2014-01-08 02:41 - 00382808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-03-02 20:35 - 2014-01-04 16:54 - 00138240 _____ () C:\WINDOWS\system32\OEMLicense.dll 2014-03-02 20:35 - 2014-01-04 16:08 - 00103936 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll 2014-03-02 20:35 - 2014-01-04 15:08 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-03-02 20:35 - 2014-01-04 14:53 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll 2014-03-02 20:35 - 2014-01-03 00:54 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll 2014-03-02 20:35 - 2014-01-03 00:48 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll 2014-03-02 20:35 - 2014-01-03 00:40 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-03-02 20:35 - 2014-01-03 00:38 - 06640640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-03-02 20:35 - 2014-01-01 02:55 - 01720560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-03-02 20:35 - 2014-01-01 02:52 - 00481944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2014-03-02 20:35 - 2014-01-01 01:56 - 01472048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-03-02 20:35 - 2014-01-01 01:55 - 00381168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2014-03-02 20:35 - 2014-01-01 00:59 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2014-03-02 20:35 - 2014-01-01 00:57 - 01214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2014-03-02 20:35 - 2014-01-01 00:56 - 00960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-03-02 20:35 - 2013-12-31 00:34 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sti.dll 2014-03-02 20:35 - 2013-12-31 00:33 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2014-03-02 20:35 - 2013-12-31 00:32 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sti.dll 2014-03-02 20:35 - 2013-12-31 00:31 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-03-02 20:35 - 2013-12-31 00:31 - 00914944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2014-03-02 20:35 - 2013-12-27 16:09 - 00419160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-03-02 20:35 - 2013-12-27 11:38 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2014-03-02 20:35 - 2013-12-27 09:57 - 00842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll 2014-03-02 20:35 - 2013-12-27 09:57 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-03-02 20:35 - 2013-12-27 09:23 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-03-02 20:35 - 2013-12-27 09:16 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-03-02 20:35 - 2013-12-27 08:03 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll 2014-03-02 20:35 - 2013-12-27 08:03 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe 2014-03-02 20:35 - 2013-12-27 07:37 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2014-03-02 20:35 - 2013-12-21 08:21 - 00376320 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll 2014-03-02 20:35 - 2013-12-17 08:21 - 00408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys 2014-03-02 20:35 - 2013-12-14 07:31 - 13949440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-03-02 20:35 - 2013-12-14 07:19 - 18576384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-03-02 20:35 - 2013-12-13 11:54 - 00131160 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2014-03-02 20:35 - 2013-12-13 08:24 - 00121088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBAUDIO.sys 2014-03-02 20:35 - 2013-12-13 07:36 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2014-03-02 20:35 - 2013-12-13 06:32 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll 2014-03-02 20:35 - 2013-12-09 09:05 - 21199256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-03-02 20:35 - 2013-12-09 05:51 - 18643560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-03-02 20:35 - 2013-12-09 04:25 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-03-02 18:59 - 2014-03-02 18:59 - 00122900 ____T () C:\Users\Martin\Desktop\wk.oxps 2014-03-01 11:30 - 2014-03-01 11:30 - 00000000 ____D () C:\Users\Martin\AppData\Local\ESN 2014-03-01 11:29 - 2014-03-01 11:29 - 03821064 _____ () C:\Users\Martin\Downloads\battlelog-web-plugins_2.3.2_130.exe 2014-03-01 11:29 - 2014-03-01 11:29 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-03-01 11:28 - 2014-03-01 11:30 - 00000000 ____D () C:\Users\Martin\Documents\Battlefield 3 2014-03-01 11:28 - 2014-03-01 11:28 - 00000000 ____D () C:\ProgramData\EA Core 2014-02-26 19:57 - 2014-02-26 19:57 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys 2014-02-24 18:18 - 2014-02-24 18:18 - 01743711 _____ () C:\Users\Martin\Downloads\putty-0.60.tar.gz 2014-02-24 17:42 - 2014-02-24 17:42 - 13203125 _____ () C:\Users\Martin\Downloads\avr8-gnu-toolchain-3.4.3.1072-linux.any.x86_64.tar.lzma 2014-02-24 17:29 - 2014-02-24 17:29 - 00170616 _____ () C:\Users\Martin\Downloads\test.lzma 2014-02-24 17:05 - 2014-02-24 17:05 - 00000607 _____ () C:\Users\Public\Desktop\KiCad.lnk 2014-02-24 16:59 - 2014-02-24 17:04 - 207245212 _____ () C:\Users\Martin\Downloads\KiCad_stable-2013.07.07-BZR4022_Win_full_version.exe 2014-02-20 21:08 - 2014-02-20 21:08 - 00000140 _____ () C:\Users\Martin\Desktop\Operationsverstärker-Grundschaltungen - Mikrocontroller.net.url 2014-02-20 20:57 - 2014-02-20 20:57 - 00000081 _____ () C:\Users\Martin\Desktop\datasheets.maximintegrated.com-en-ds-DS18B20.pdf.url 2014-02-20 20:53 - 2014-02-20 20:53 - 00000000 ____D () C:\Users\Martin\Desktop\lufa 2014-02-20 20:52 - 2014-02-20 20:53 - 06281158 _____ () C:\Users\Martin\Downloads\LUFA-130901.zip 2014-02-20 18:12 - 2014-02-20 18:12 - 00048890 _____ () C:\Users\Martin\Downloads\onewire.zip 2014-02-20 17:44 - 2014-02-20 17:44 - 00003996 _____ () C:\Users\Martin\Downloads\AVR_LCD_Lib.zip 2014-02-20 17:35 - 2014-02-20 17:42 - 00002588 _____ () C:\Users\Martin\Desktop\Makefile 2014-02-20 17:00 - 2014-02-20 17:00 - 00059477 _____ () C:\Users\Martin\Downloads\AVR_LCD_Lib_Demo.zip 2014-02-20 16:46 - 2014-02-20 17:45 - 00005396 _____ () C:\Users\Martin\Desktop\lcd.h 2014-02-20 16:45 - 2014-02-20 17:45 - 00005309 _____ () C:\Users\Martin\Desktop\lcd.c 2014-02-20 16:45 - 2014-02-20 16:45 - 00005328 _____ () C:\Users\Martin\Desktop\hd44780.c 2014-02-20 16:45 - 2014-02-20 16:45 - 00002955 _____ () C:\Users\Martin\Desktop\hd44780.h 2014-02-20 16:43 - 2014-02-20 16:43 - 00002425 _____ () C:\Users\Martin\Desktop\defines.h 2014-02-20 16:40 - 2014-02-20 16:40 - 00003253 _____ () C:\Users\Martin\Desktop\dallas_one_wire.h 2014-02-20 16:38 - 2014-02-20 16:39 - 00010849 _____ () C:\Users\Martin\Desktop\dallas_one_wire.c 2014-02-20 15:59 - 2014-02-20 15:59 - 00005162 _____ () C:\Users\Martin\Downloads\1wire.zip 2014-02-20 15:57 - 2014-02-20 15:57 - 00027590 _____ () C:\Users\Martin\Downloads\ds18x20_demo_20110209.zip 2014-02-17 16:45 - 2014-03-06 15:50 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf2bf73bdb33b3.job 2014-02-17 16:45 - 2014-02-17 16:45 - 00004110 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf2bf73bdb33b3 2014-02-15 23:06 - 2014-02-15 23:06 - 00340223 _____ () C:\Users\Martin\Downloads\RNDISEthernet.zip 2014-02-15 20:29 - 2014-02-15 20:29 - 00000114 _____ () C:\Users\Martin\Desktop\www.stromflo.de-dokuwiki-lib-exe-fetch.php-media=xmega-c-tutorial_teil_1_rev1.pdf.url 2014-02-15 19:20 - 2014-02-15 19:20 - 00000086 _____ () C:\Users\Martin\Desktop\xmega-c-tutorial [stromflo].url 2014-02-15 11:25 - 2014-02-15 11:25 - 00000000 ____D () C:\Users\Martin\Documents\ICQ Dateien 2014-02-12 17:19 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-02-12 17:19 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-12 17:19 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-12 17:19 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-02-12 17:19 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-12 17:19 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-12 17:19 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-12 17:19 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-12 17:19 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-12 17:19 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-12 17:19 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-12 17:19 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-02-12 17:19 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-02-12 17:19 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-12 17:19 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-12 17:19 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-02-12 17:19 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-12 17:19 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-12 17:19 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-02-12 17:19 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-02-12 17:19 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-12 17:19 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-12 17:19 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-12 17:19 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-12 17:19 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-12 17:19 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-02-12 17:19 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-12 17:19 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-02-12 17:19 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-02-12 17:19 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-02-12 17:19 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-12 17:19 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-02-12 17:19 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-02-12 17:19 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-02-12 17:19 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-02-12 17:19 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-02-12 17:19 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-12 17:14 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-02-12 17:14 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-02-12 17:14 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-02-12 17:14 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-02-12 17:14 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-02-12 17:14 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-02-12 17:14 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-02-12 17:14 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-02-12 17:14 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll 2014-02-12 17:14 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-02-12 17:14 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2014-02-12 17:14 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2014-02-12 17:14 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-02-12 17:14 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-02-12 17:14 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-02-12 17:14 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll 2014-02-12 17:14 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-02-12 17:14 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-02-12 17:14 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-02-12 17:14 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-02-12 17:14 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll 2014-02-12 17:14 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-02-12 17:14 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms 2014-02-12 17:14 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2014-02-12 17:14 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-02-12 17:14 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2014-02-12 17:14 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-02-12 17:14 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-02-12 17:14 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-02-12 17:14 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll 2014-02-12 17:14 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll 2014-02-12 17:14 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-02-12 17:14 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2014-02-12 17:14 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2014-02-10 12:57 - 2014-02-10 12:57 - 00000101 _____ () C:\Users\Martin\Desktop\dallas_one_wire (4).url 2014-02-10 12:57 - 2014-02-10 12:57 - 00000096 _____ () C:\Users\Martin\Desktop\dallas_one_wire (5).url 2014-02-10 11:32 - 2014-03-01 11:28 - 00000000 ____D () C:\Users\Martin\AppData\Local\Origin 2014-02-10 11:32 - 2014-02-10 11:33 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Origin 2014-02-10 11:31 - 2014-03-01 11:28 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-02-10 11:31 - 2014-03-01 11:15 - 00000000 ____D () C:\ProgramData\Origin 2014-02-10 09:41 - 2014-03-06 13:36 - 00000000 __RDO () C:\Users\Martin\SkyDrive 2014-02-09 17:10 - 2014-02-09 17:10 - 00000076 _____ () C:\Users\Martin\Desktop\dallas_one_wire (2).url 2014-02-09 17:10 - 2014-02-09 17:10 - 00000065 _____ () C:\Users\Martin\Desktop\dallas_one_wire (3).url 2014-02-09 17:09 - 2014-02-09 17:09 - 00000066 _____ () C:\Users\Martin\Desktop\dallas_one_wire (1).url 2014-02-09 17:09 - 2014-02-09 17:09 - 00000062 _____ () C:\Users\Martin\Desktop\(temporary working title) AVR Stick PROTOTYPE.url 2014-02-09 16:48 - 2014-02-09 16:49 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\ICQ-Profile 2014-02-09 16:48 - 2014-02-09 16:48 - 00001678 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk 2014-02-09 16:48 - 2014-02-09 16:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ 2014-02-09 16:48 - 2014-02-09 16:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\ICQM 2014-02-08 10:21 - 2014-02-08 10:21 - 00000096 _____ () C:\Users\Martin\Desktop\Arduino Tutorial- Temperature Sensor - Ray Wenderlich.url 2014-02-06 18:19 - 2014-02-06 18:19 - 00000000 ____D () C:\Program Files (x86)\AMD APP SDK 2014-02-06 18:18 - 2014-02-06 18:18 - 00000000 ____D () C:\ProgramData\Downloaded Installations 2014-02-06 18:07 - 2014-02-06 18:07 - 00000867 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\guiminer.lnk 2014-02-06 18:03 - 2014-02-06 18:03 - 00000000 ____D () C:\ProgramData\ATI 2014-02-06 17:58 - 2014-02-06 17:58 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-02-06 17:58 - 2014-02-06 17:58 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-02-06 17:57 - 2014-02-06 17:57 - 00059532 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201402061757016351.log 2014-02-06 17:57 - 2014-02-06 17:57 - 00055965 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201402061757590431.log 2014-02-06 17:39 - 2014-02-06 17:39 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\poclbm 2014-02-06 17:30 - 2014-03-02 17:46 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Litecoin 2014-02-06 17:29 - 2014-02-06 17:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Litecoin 2014-02-04 22:51 - 2014-02-04 22:51 - 00000000 ____D () C:\Users\Martin\Documents\My Cheat Tables ==================== One Month Modified Files and Folders ======= 2014-03-06 16:49 - 2014-03-06 16:49 - 00011938 _____ () C:\Users\Martin\Desktop\FRST.txt 2014-03-06 16:49 - 2014-03-06 16:48 - 00000000 ____D () C:\FRST 2014-03-06 16:49 - 2013-10-24 07:43 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Skype 2014-03-06 16:48 - 2014-03-06 16:48 - 02156544 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe 2014-03-06 16:48 - 2014-03-06 16:48 - 02156544 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe 2014-03-06 16:40 - 2013-10-24 07:46 - 00000000 ____D () C:\Users\Martin\AppData\Local\PMB Files 2014-03-06 16:39 - 2014-03-06 16:38 - 00009292 _____ () C:\WINDOWS\WindowsUpdate.log 2014-03-06 16:30 - 2013-10-24 07:06 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2676366874-2997908540-3519959478-1001 2014-03-06 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-03-06 15:50 - 2014-02-17 16:45 - 00001138 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf2bf73bdb33b3.job 2014-03-06 15:11 - 2013-10-24 07:46 - 00000000 ____D () C:\ProgramData\PMB Files 2014-03-06 14:22 - 2014-03-06 14:22 - 00000000 ____D () C:\Users\Martin\AppData\Local\LogMeIn 2014-03-06 14:22 - 2014-03-06 14:22 - 00000000 ____D () C:\ProgramData\LogMeIn 2014-03-06 13:45 - 2014-03-06 13:45 - 08216576 _____ () C:\Users\Martin\Downloads\hamachi_2.2.0.173.msi 2014-03-06 13:36 - 2014-02-10 09:41 - 00000000 __RDO () C:\Users\Martin\SkyDrive 2014-03-06 06:49 - 2013-11-15 17:09 - 00000000 ____D () C:\Users\Martin\AppData\Local\Adobe 2014-03-05 22:20 - 2014-03-05 22:20 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-03-04 21:05 - 2014-03-04 21:05 - 00001862 _____ () C:\Users\Martin\Downloads\sammlung-verbesserung-phmeter.txt 2014-03-03 15:57 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-03-03 15:52 - 2014-03-03 15:52 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-03 15:52 - 2014-03-03 15:52 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-02 21:24 - 2013-10-23 22:21 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-03-02 21:24 - 2013-10-23 22:21 - 00000000 ___RD () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-03-02 21:24 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-03-02 21:24 - 2013-08-22 15:44 - 05227280 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-03-02 21:22 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-03-02 21:22 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-03-02 18:59 - 2014-03-02 18:59 - 00122900 ____T () C:\Users\Martin\Desktop\wk.oxps 2014-03-02 17:46 - 2014-02-06 17:30 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Litecoin 2014-03-01 12:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-03-01 11:31 - 2013-12-14 11:31 - 00280904 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr 2014-03-01 11:31 - 2013-12-14 11:31 - 00000000 ____D () C:\Users\Martin\AppData\Local\PunkBuster 2014-03-01 11:31 - 2013-12-12 21:57 - 00280904 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe 2014-03-01 11:30 - 2014-03-01 11:30 - 00000000 ____D () C:\Users\Martin\AppData\Local\ESN 2014-03-01 11:30 - 2014-03-01 11:28 - 00000000 ____D () C:\Users\Martin\Documents\Battlefield 3 2014-03-01 11:29 - 2014-03-01 11:29 - 03821064 _____ () C:\Users\Martin\Downloads\battlelog-web-plugins_2.3.2_130.exe 2014-03-01 11:29 - 2014-03-01 11:29 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins 2014-03-01 11:28 - 2014-03-01 11:28 - 00000000 ____D () C:\ProgramData\EA Core 2014-03-01 11:28 - 2014-02-10 11:32 - 00000000 ____D () C:\Users\Martin\AppData\Local\Origin 2014-03-01 11:28 - 2014-02-10 11:31 - 00000000 ____D () C:\ProgramData\Electronic Arts 2014-03-01 11:21 - 2013-12-12 21:57 - 00189248 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0 2014-03-01 11:21 - 2013-12-12 21:57 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2014-03-01 11:15 - 2014-02-10 11:31 - 00000000 ____D () C:\ProgramData\Origin 2014-03-01 10:50 - 2013-12-23 14:25 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Wise Care 365 2014-02-26 19:57 - 2014-02-26 19:57 - 00046136 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys 2014-02-25 18:11 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-02-25 18:11 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat 2014-02-25 18:11 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat 2014-02-24 18:18 - 2014-02-24 18:18 - 01743711 _____ () C:\Users\Martin\Downloads\putty-0.60.tar.gz 2014-02-24 17:42 - 2014-02-24 17:42 - 13203125 _____ () C:\Users\Martin\Downloads\avr8-gnu-toolchain-3.4.3.1072-linux.any.x86_64.tar.lzma 2014-02-24 17:29 - 2014-02-24 17:29 - 00170616 _____ () C:\Users\Martin\Downloads\test.lzma 2014-02-24 17:05 - 2014-02-24 17:05 - 00000607 _____ () C:\Users\Public\Desktop\KiCad.lnk 2014-02-24 17:04 - 2014-02-24 16:59 - 207245212 _____ () C:\Users\Martin\Downloads\KiCad_stable-2013.07.07-BZR4022_Win_full_version.exe 2014-02-20 21:08 - 2014-02-20 21:08 - 00000140 _____ () C:\Users\Martin\Desktop\Operationsverstärker-Grundschaltungen - Mikrocontroller.net.url 2014-02-20 20:57 - 2014-02-20 20:57 - 00000081 _____ () C:\Users\Martin\Desktop\datasheets.maximintegrated.com-en-ds-DS18B20.pdf.url 2014-02-20 20:53 - 2014-02-20 20:53 - 00000000 ____D () C:\Users\Martin\Desktop\lufa 2014-02-20 20:53 - 2014-02-20 20:52 - 06281158 _____ () C:\Users\Martin\Downloads\LUFA-130901.zip 2014-02-20 18:12 - 2014-02-20 18:12 - 00048890 _____ () C:\Users\Martin\Downloads\onewire.zip 2014-02-20 17:45 - 2014-02-20 16:46 - 00005396 _____ () C:\Users\Martin\Desktop\lcd.h 2014-02-20 17:45 - 2014-02-20 16:45 - 00005309 _____ () C:\Users\Martin\Desktop\lcd.c 2014-02-20 17:44 - 2014-02-20 17:44 - 00003996 _____ () C:\Users\Martin\Downloads\AVR_LCD_Lib.zip 2014-02-20 17:42 - 2014-02-20 17:35 - 00002588 _____ () C:\Users\Martin\Desktop\Makefile 2014-02-20 17:00 - 2014-02-20 17:00 - 00059477 _____ () C:\Users\Martin\Downloads\AVR_LCD_Lib_Demo.zip 2014-02-20 16:45 - 2014-02-20 16:45 - 00005328 _____ () C:\Users\Martin\Desktop\hd44780.c 2014-02-20 16:45 - 2014-02-20 16:45 - 00002955 _____ () C:\Users\Martin\Desktop\hd44780.h 2014-02-20 16:43 - 2014-02-20 16:43 - 00002425 _____ () C:\Users\Martin\Desktop\defines.h 2014-02-20 16:40 - 2014-02-20 16:40 - 00003253 _____ () C:\Users\Martin\Desktop\dallas_one_wire.h 2014-02-20 16:39 - 2014-02-20 16:38 - 00010849 _____ () C:\Users\Martin\Desktop\dallas_one_wire.c 2014-02-20 15:59 - 2014-02-20 15:59 - 00005162 _____ () C:\Users\Martin\Downloads\1wire.zip 2014-02-20 15:57 - 2014-02-20 15:57 - 00027590 _____ () C:\Users\Martin\Downloads\ds18x20_demo_20110209.zip 2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-17 16:45 - 2014-02-17 16:45 - 00004110 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1cf2bf73bdb33b3 2014-02-15 23:06 - 2014-02-15 23:06 - 00340223 _____ () C:\Users\Martin\Downloads\RNDISEthernet.zip 2014-02-15 20:29 - 2014-02-15 20:29 - 00000114 _____ () C:\Users\Martin\Desktop\www.stromflo.de-dokuwiki-lib-exe-fetch.php-media=xmega-c-tutorial_teil_1_rev1.pdf.url 2014-02-15 19:20 - 2014-02-15 19:20 - 00000086 _____ () C:\Users\Martin\Desktop\xmega-c-tutorial [stromflo].url 2014-02-15 11:25 - 2014-02-15 11:25 - 00000000 ____D () C:\Users\Martin\Documents\ICQ Dateien 2014-02-12 21:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-02-12 21:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-02-12 21:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-02-12 17:21 - 2013-10-24 22:40 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-02-12 17:20 - 2013-10-24 22:40 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-02-12 16:23 - 2013-11-02 18:42 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\vlc 2014-02-10 12:57 - 2014-02-10 12:57 - 00000101 _____ () C:\Users\Martin\Desktop\dallas_one_wire (4).url 2014-02-10 12:57 - 2014-02-10 12:57 - 00000096 _____ () C:\Users\Martin\Desktop\dallas_one_wire (5).url 2014-02-10 11:33 - 2014-02-10 11:32 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Origin 2014-02-10 09:41 - 2013-10-25 08:41 - 00000000 __RDO () C:\Users\Martin\SkyDrive.old 2014-02-10 09:41 - 2013-10-25 08:18 - 00000000 ____D () C:\Users\Martin 2014-02-09 17:10 - 2014-02-09 17:10 - 00000076 _____ () C:\Users\Martin\Desktop\dallas_one_wire (2).url 2014-02-09 17:10 - 2014-02-09 17:10 - 00000065 _____ () C:\Users\Martin\Desktop\dallas_one_wire (3).url 2014-02-09 17:09 - 2014-02-09 17:09 - 00000066 _____ () C:\Users\Martin\Desktop\dallas_one_wire (1).url 2014-02-09 17:09 - 2014-02-09 17:09 - 00000062 _____ () C:\Users\Martin\Desktop\(temporary working title) AVR Stick PROTOTYPE.url 2014-02-09 16:58 - 2013-12-15 17:19 - 00000000 ____D () C:\Program Files\OBS 2014-02-09 16:49 - 2014-02-09 16:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\ICQ-Profile 2014-02-09 16:48 - 2014-02-09 16:48 - 00001678 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\ICQ.lnk 2014-02-09 16:48 - 2014-02-09 16:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICQ 2014-02-09 16:48 - 2014-02-09 16:48 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\ICQM 2014-02-08 10:21 - 2014-02-08 10:21 - 00000096 _____ () C:\Users\Martin\Desktop\Arduino Tutorial- Temperature Sensor - Ray Wenderlich.url 2014-02-06 18:19 - 2014-02-06 18:19 - 00000000 ____D () C:\Program Files (x86)\AMD APP SDK 2014-02-06 18:18 - 2014-02-06 18:18 - 00000000 ____D () C:\ProgramData\Downloaded Installations 2014-02-06 18:07 - 2014-02-06 18:07 - 00000867 _____ () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\guiminer.lnk 2014-02-06 18:03 - 2014-02-06 18:03 - 00000000 ____D () C:\ProgramData\ATI 2014-02-06 17:58 - 2014-02-06 17:58 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-02-06 17:58 - 2014-02-06 17:58 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-02-06 17:57 - 2014-02-06 17:57 - 00059532 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201402061757016351.log 2014-02-06 17:57 - 2014-02-06 17:57 - 00055965 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201402061757590431.log 2014-02-06 17:57 - 2013-10-24 08:05 - 00000000 ____D () C:\ProgramData\AMD 2014-02-06 17:49 - 2013-10-24 08:05 - 00000000 ____D () C:\AMD 2014-02-06 17:43 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports 2014-02-06 17:39 - 2014-02-06 17:39 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\poclbm 2014-02-06 17:29 - 2014-02-06 17:29 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Litecoin 2014-02-06 13:16 - 2014-02-12 17:19 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-02-06 12:30 - 2014-02-12 17:19 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-02-06 12:30 - 2014-02-12 17:19 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-02-06 12:12 - 2014-02-12 17:19 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-02-06 12:07 - 2014-02-12 17:19 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-02-06 12:06 - 2014-02-12 17:19 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-02-06 11:57 - 2014-02-12 17:19 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-02-06 11:56 - 2014-02-12 17:19 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-02-06 11:49 - 2014-02-12 17:19 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-02-06 11:48 - 2014-02-12 17:19 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-02-06 11:48 - 2014-02-12 17:19 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-02-06 11:38 - 2014-02-12 17:19 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-02-06 11:32 - 2014-02-12 17:19 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-02-06 11:20 - 2014-02-12 17:19 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-02-06 11:17 - 2014-02-12 17:19 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-02-06 11:11 - 2014-02-12 17:19 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-02-06 11:01 - 2014-02-12 17:19 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-02-06 11:00 - 2014-02-12 17:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-02-06 10:57 - 2014-02-12 17:19 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-02-06 10:57 - 2014-02-12 17:19 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-02-06 10:52 - 2014-02-12 17:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-02-06 10:52 - 2014-02-12 17:19 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-02-06 10:50 - 2014-02-12 17:19 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-02-06 10:47 - 2014-02-12 17:19 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-02-06 10:46 - 2014-02-12 17:19 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-02-06 10:25 - 2014-02-12 17:19 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-02-06 10:25 - 2014-02-12 17:19 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-02-06 10:24 - 2014-02-12 17:19 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-02-06 10:22 - 2014-02-12 17:19 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-02-06 10:13 - 2014-02-12 17:19 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-02-06 10:09 - 2014-02-12 17:19 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-02-06 10:03 - 2014-02-12 17:19 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-02-06 09:55 - 2014-02-12 17:19 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-02-06 09:41 - 2014-02-12 17:19 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-02-06 09:40 - 2014-02-12 17:19 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-02-06 09:36 - 2014-02-12 17:19 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-02-06 09:34 - 2014-02-12 17:19 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-02-05 15:55 - 2013-10-23 22:20 - 00000000 ____D () C:\Users\Martin\AppData\Local\Packages 2014-02-04 22:51 - 2014-02-04 22:51 - 00000000 ____D () C:\Users\Martin\Documents\My Cheat Tables 2014-02-04 21:47 - 2014-01-26 09:57 - 00000000 ____D () C:\Users\Martin\AppData\Roaming\MultiBit ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-01 12:06 ==================== End Of Log ============================ --- --- --- Addition.txt: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-03-2014 Ran by Martin at 2014-03-06 16:49:57 Running from C:\Users\Martin\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated) Adobe Fireworks CS6 (HKLM-x32\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.1 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0.3.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 9 (x32 Version: 9.0.3.0 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) AMD Accelerated Video Transcoding (Version: 13.30.100.40131 - Advanced Micro Devices, Inc.) Hidden AMD APP SDK 2.9 (HKLM\...\{B192EDAC-25C7-408D-99A0-A23455F50E27}) (Version: 2.9.233.167 - Advanced Micro Devices, Inc.) AMD Catalyst Control Center (x32 Version: 2014.0131.1535.27922 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (HKLM\...\{8D2C98CB-7D5D-25CE-C72B-3F2C257F0284}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2014.0131.1535.27922 - Ihr Firmenname) Hidden AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft) Arduino (HKLM-x32\...\Arduino) (Version: 1.0.5 - Arduino LLC) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB) Blender (HKLM\...\Blender) (Version: 2.69 - Blender Foundation) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2014.0131.1534.27922 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2014.0131.1535.27922 - Advanced Micro Devices, Inc.) Hidden Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine) Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Diablo III Beta (HKLM-x32\...\Diablo III Beta) (Version: - Blizzard Entertainment) EAGLE 6.5.0 (HKLM-x32\...\EAGLE 6.5.0) (Version: 6.5.0 - CadSoft Computer GmbH) Elements 9 Organizer (x32 Version: 9.0 - Ihr Firmenname) Hidden Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden ESET NOD32 Antivirus (HKLM\...\{7EE0D9E8-299E-4E7A-8BDE-B1D295E30077}) (Version: 7.0.302.26 - ESET, spol s r. o.) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.) Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games) Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation) HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz) HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden ICQ 8.2 (build 6901) (HKCU\...\ICQ) (Version: 8.2.6901.0 - ICQ) ImageMagick 6.8.7-6 Q16 (64-bit) (2013-12-01) (HKLM\...\ImageMagick 6.8.7 Q16 (64-bit)_is1) (Version: 6.8.7 - ImageMagick Studio LLC) Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - ) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle) JLink OB CDC Driver Package (HKLM\...\{85153CE3-6356-407F-A672-C1FA085FB031}) (Version: 1.2.2 - SEGGER) KiCad 2013.07.07 (HKLM-x32\...\KiCad) (Version: 2013.07.07 - ) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Litecoin (HKCU\...\Litecoin) (Version: 0.8.6.2 - Litecoin project) MAGIX Foto & Grafik Designer 7 SE (HKLM-x32\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG) MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MultiBit 0.5.16 (HKLM-x32\...\MultiBit 0.5.16) (Version: 0.5.16 - ) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.) PyQt GPL v4.10.3 for Python v2.7 (x32) (HKLM-x32\...\PyQt GPL v4.10.3 for Python v2.7 (x32)) (Version: 4.10.3 - ) Python 2.7 Cython-0.19.2 (HKLM-x32\...\Cython-py2.7) (Version: - ) Python 2.7 numpy-1.8.0 (HKLM-x32\...\numpy-py2.7) (Version: - ) Python 2.7 PIL-1.1.7 (HKCU\...\PIL-py2.7) (Version: - ) Python 2.7 py2exe-0.6.10 (HKLM-x32\...\py2exe-py2.7) (Version: - ) Python 2.7 pygame-1.9.2a0 (HKLM-x32\...\pygame-py2.7) (Version: - ) Python 2.7 PyOpenGL-3.1.0a1 (HKLM-x32\...\PyOpenGL-py2.7) (Version: - ) Python 2.7 pywin32-218.4 (HKLM-x32\...\pywin32-py2.7) (Version: - ) Python 2.7 setuptools-2.0.1 (HKLM-x32\...\setuptools-py2.7) (Version: - ) Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation) S4 League_EU (HKLM-x32\...\{DF5D2AE8-884E-4C1D-A668-A6570F452CB0}) (Version: 1.00.0000 - ) SketchUp 8 (HKLM-x32\...\{B8F4A45C-581C-4707-8EF2-2B9E6722270C}) (Version: 3.0.16944 - Trimble Navigation Limited) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Starbound (HKLM-x32\...\Steam App 211820) (Version: - ) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Sublime Text Build 3059 (HKLM-x32\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) SUPER © v2013.build.59+Recorder (2013/12/18) Version v2013.buil (HKLM-x32\...\{8E2A18E2-96AF-4DF9-8459-5C06B75139A4}_is1) (Version: v2013.build.59+Recorder - eRightSoft) TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft) Virtual Router v1.0 (HKLM-x32\...\{BE905C46-2B34-4D73-AEE1-769ED138E0FF}) (Version: 1.0 - Chris Pietschmann) VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN) WD Drive Utilities (HKLM-x32\...\{C093AD5D-29E9-4777-AAAC-28C02FCC2A51}) (Version: 1.0.4.11 - Western Digital Technologies, Inc.) WinAVR 20100110 (remove only) (HKLM-x32\...\WinAVR-20100110) (Version: 20100110 - ) Windows Driver Package - Silicon Laboratories (silabenm) Ports (12/10/2012 6.6.1.0) (HKLM\...\D680DEE0F68D64EC53D0C5769879D15D387054CC) (Version: 12/10/2012 6.6.1.0 - Silicon Laboratories) Windows-Treiberpaket - Segger (jlink) USB (04/11/2012 2.6.8.2) (HKLM\...\419546AE8E4244C647A348987F769803F43B9C4F) (Version: 04/11/2012 2.6.8.2 - Segger) Windows-Treiberpaket - SEGGER (usbser) Ports (01/25/2012 6.0.2600.4) (HKLM\...\BD6BF8BBF7BE0D0091163F649A1A423B7EB9D4F1) (Version: 01/25/2012 6.0.2600.4 - SEGGER) WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH) WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl) Wise Care 365 Version 2.92 (HKLM-x32\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.9.3 - WiseCleaner.com, Inc.) ==================== Restore Points ========================= 12-02-2014 16:20:00 Windows Update 20-02-2014 16:15:14 Geplanter Prüfpunkt 01-03-2014 10:19:56 DirectX wurde installiert 06-03-2014 05:51:13 DirectX wurde installiert 06-03-2014 05:53:11 Removed osu! 06-03-2014 12:45:52 Installed LogMeIn Hamachi 06-03-2014 13:22:32 Removed LogMeIn Hamachi ==================== Hosts content: ========================== 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {43AA7B82-8EA0-4E6E-97C1-C7EAE63E4437} - System32\Tasks\GoogleUpdateTaskMachineUA1cf2bf73bdb33b3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-24] (Google Inc.) Task: {44E4A3C2-9E0F-45E4-AB06-A4D5A92CE418} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Fischer.Martin.98@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {5B282EEE-3322-430D-BEA2-A01F10E44A96} - System32\Tasks\Wise Turbo Checker => D:\Wise\Wise Care 365\WiseTurbo.exe [2013-12-09] (WiseCleaner.COM) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {EA8FC96D-4E59-47EF-A6F3-58E722CAD2A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-12] (Microsoft Corporation) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf2bf73bdb33b3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => D:\Wise\Wise Care 365\WiseTurbo.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-31 15:38 - 2014-01-31 15:38 - 00214528 _____ () D:\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2013-11-04 15:03 - 2013-11-04 15:03 - 00818688 _____ () D:\ATI Technologies\ATI.ACE\Fuel\Device.dll 2013-11-04 15:03 - 2013-11-04 15:03 - 03650560 _____ () D:\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2013-12-12 21:57 - 2014-03-01 11:21 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2013-12-13 12:20 - 2013-12-13 12:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll 2014-01-31 15:38 - 2014-01-31 15:38 - 00102400 _____ () D:\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2013-10-23 13:15 - 2013-10-23 13:15 - 00302056 _____ () D:\TeamSpeak 3 Client\soundbackends\directsound_win64.dll 2013-10-23 13:15 - 2013-10-23 13:15 - 00320488 _____ () D:\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll 2013-10-23 13:15 - 2013-10-23 13:15 - 00565224 _____ () D:\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2013-10-23 13:15 - 2013-10-23 13:15 - 00700904 _____ () D:\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2013-01-24 19:12 - 2013-01-24 19:12 - 00270336 _____ () D:\No-IP\DUC40.exe 2013-06-12 17:11 - 2013-10-24 07:47 - 01294336 _____ () E:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe 2013-10-24 07:47 - 2014-03-06 15:02 - 05325152 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.201\deploy\LoLLauncher.exe 2013-10-24 07:55 - 2013-10-24 07:55 - 00074752 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.75\deploy\LolClient.exe 2014-03-05 22:20 - 2014-03-06 06:50 - 31677493 _____ () E:\Steam\steamapps\common\Starbound\win32\starbound_server.exe 2014-02-09 16:48 - 2014-02-09 16:48 - 00857944 _____ () C:\Users\Martin\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll 2014-03-04 13:53 - 2014-03-02 03:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll 2014-03-04 13:53 - 2014-03-02 03:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll 2014-03-04 13:53 - 2014-03-02 03:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll 2014-03-04 13:53 - 2014-03-02 03:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll 2014-03-04 13:53 - 2014-03-02 03:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll 2014-03-04 13:53 - 2014-03-02 03:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll 2014-03-04 13:53 - 2014-03-02 03:35 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll 2014-03-05 15:28 - 2013-12-12 23:19 - 00142848 _____ () E:\Steam\libavresample-1.dll 2014-03-05 15:28 - 2013-11-05 02:12 - 00890592 _____ () E:\Steam\libavutil-52.dll 2014-03-05 20:14 - 2014-02-11 03:34 - 00751616 _____ () E:\Steam\SDL2.dll 2014-03-05 20:14 - 2014-02-25 22:57 - 01135296 _____ () E:\Steam\bin\chromehtml.DLL 2014-03-05 20:14 - 2014-01-11 00:33 - 20625832 _____ () E:\Steam\bin\libcef.dll 2013-10-28 18:55 - 2013-06-15 00:49 - 01100800 _____ () E:\Steam\bin\avcodec-53.dll 2013-10-28 18:55 - 2013-06-15 00:49 - 00124416 _____ () E:\Steam\bin\avutil-51.dll 2013-10-28 18:55 - 2013-06-15 00:49 - 00192000 _____ () E:\Steam\bin\avformat-53.dll 2014-03-05 22:20 - 2014-03-06 06:50 - 00544817 _____ () E:\Steam\steamapps\common\Starbound\win32\launcher\libgcc_s_dw2-1.dll 2014-03-05 22:20 - 2014-03-06 06:50 - 00989805 _____ () E:\Steam\steamapps\common\Starbound\win32\launcher\libstdc++-6.dll 2014-03-05 22:20 - 2014-03-06 06:50 - 03369922 _____ () E:\Steam\steamapps\common\Starbound\win32\launcher\icuin51.dll 2014-03-05 22:20 - 2014-03-06 06:50 - 01978690 _____ () E:\Steam\steamapps\common\Starbound\win32\launcher\icuuc51.dll 2014-03-05 22:20 - 2014-03-06 06:50 - 22378434 _____ () E:\Steam\steamapps\common\Starbound\win32\launcher\icudt51.dll 2014-03-05 22:20 - 2014-03-06 06:50 - 01269760 _____ () E:\Steam\steamapps\common\Starbound\win32\launcher\platforms\qwindows.dll 2014-03-06 06:50 - 2014-03-06 06:50 - 00052224 _____ () E:\Steam\steamapps\common\Starbound\win32\launcher\imageformats\qico.dll 2014-03-06 06:50 - 2014-03-06 06:50 - 00261120 _____ () E:\Steam\steamapps\common\Starbound\win32\launcher\imageformats\qjpeg.dll 2013-01-24 07:34 - 2013-01-24 07:34 - 00067584 _____ () D:\No-IP\ducapi.dll 2013-10-24 07:47 - 2014-03-06 15:02 - 00265056 _____ () E:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.201\deploy\RiotLauncher.dll 2014-03-05 22:20 - 2014-03-06 06:50 - 00551096 _____ () E:\Steam\steamapps\common\Starbound\win32\freetype6.dll 2014-03-06 06:50 - 2014-03-06 06:50 - 00081293 _____ () E:\Steam\steamapps\common\Starbound\win32\cygvorbisfile-3.dll 2014-03-06 06:50 - 2014-03-06 06:50 - 00074752 _____ () E:\Steam\steamapps\common\Starbound\win32\zlib1.dll 2014-03-06 06:50 - 2014-03-06 06:50 - 00253042 _____ () E:\Steam\steamapps\common\Starbound\win32\lua52.dll 2014-03-06 06:50 - 2014-03-06 06:50 - 00216763 _____ () E:\Steam\steamapps\common\Starbound\win32\cygvorbis-0.dll 2014-03-06 06:50 - 2014-03-06 06:50 - 00086143 _____ () E:\Steam\steamapps\common\Starbound\win32\cygogg-0.dll 2014-03-06 06:50 - 2014-03-06 06:50 - 00058368 _____ () E:\Steam\steamapps\common\Starbound\win32\sblclfx.dll 2014-03-05 22:20 - 2014-03-06 06:50 - 00303616 _____ () E:\Steam\steamapps\common\Starbound\win32\SDL.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Martin\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Martin\SkyDrive.old:ms-properties ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/06/2014 02:22:32 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (03/06/2014 01:45:59 PM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (03/06/2014 01:38:43 PM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (03/06/2014 06:53:12 AM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (03/06/2014 06:51:23 AM) (Source: Microsoft-Windows-CAPI2) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (03/06/2014 06:47:42 AM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (03/05/2014 10:11:31 PM) (Source: Steam Client Service) (User: ) Description: Error: Failed to poke open firewall Error: (03/02/2014 05:39:53 PM) (Source: Perflib) (User: ) Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4 Error: (03/02/2014 05:39:53 PM) (Source: Perflib) (User: ) Description: rdyboost4 Error: (03/02/2014 05:39:53 PM) (Source: PerfNet) (User: ) Description: System errors: ============= Error: (03/06/2014 01:46:26 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (03/06/2014 01:46:26 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht. Error: (03/06/2014 01:46:25 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren. Error: (03/06/2014 01:38:46 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/06/2014 08:55:53 AM) (Source: DCOM) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/05/2014 10:20:34 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/05/2014 08:14:50 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (03/05/2014 08:14:50 PM) (Source: Service Control Manager) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error: (03/05/2014 06:00:00 PM) (Source: DCOM) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/05/2014 03:28:15 PM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Microsoft Office Sessions: ========================= ==================== Memory info =========================== Percentage of memory in use: 50% Total physical RAM: 8190.46 MB Available physical RAM: 4026.38 MB Total Pagefile: 9470.46 MB Available Pagefile: 4667.42 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (WINDOWS) (Fixed) (Total:244.14 GB) (Free:185.29 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Programme) (Fixed) (Total:244.14 GB) (Free:237.66 GB) NTFS Drive e: (Spiele) (Fixed) (Total:244.14 GB) (Free:125.22 GB) NTFS Drive f: (Speicher) (Fixed) (Total:199.07 GB) (Free:197.38 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: FA930F7A) Partition: GPT Partition Type. ==================== End Of Log ============================ Code:
ATTFilter S2 楗敳潂瑯獁楳瑳湡t; 㩄坜獩履楗敳䌠牡㘳尵潂瑯楔敭攮數 [X] |
07.03.2014, 16:51 | #4 |
/// the machine /// TB-Ausbilder | Chinesischer Dienst ein unicode-Treiber Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter S2 楗敳潂瑯獁楳瑳湡t; 㩄坜獩履楗敳䌠牡㘳尵潂瑯楔敭攮數 [X] Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
07.03.2014, 18:26 | #5 |
| Chinesischer DienstCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-03-2014 Ran by Martin at 2014-03-07 18:06:46 Run:1 Running from C:\Users\Martin\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** S2 楗敳潂瑯獁楳瑳湡t; 㩄坜獩履楗敳䌠牡㘳尵潂瑯楔敭攮數 [X] ***************** 楗敳潂瑯獁楳瑳湡t => Service deleted successfully. ==== End of Fixlog ==== Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.03.07.07 Windows 8 x64 NTFS Internet Explorer 11.0.9600.16518 Martin :: MARTIN-PC [Administrator] 07.03.2014 18:09:24 mbam-log-2014-03-07 (18-09-24).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 239035 Laufzeit: 4 Minute(n), 32 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\$Recycle.Bin\S-1-5-21-2676366874-2997908540-3519959478-1001\$RLGJQAY.zip (PUP.Optional.Cgminer) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.020 - Bericht erstellt am 07/03/2014 um 18:21:45 # Aktualisiert 27/02/2014 von Xplode # Betriebssystem : Windows 8.1 Pro with Media Center (64 bits) # Benutzername : Martin - MARTIN-PC # Gestartet von : C:\Users\Martin\Desktop\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** [x] Nicht Gelöscht : C:\WINDOWS\SysWOW64\AI_RecycleBin [x] Nicht Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk ***** [ Verknüpfungen ] ***** [x] Nicht Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Feature Manager.lnk ***** [ Registrierungsdatenbank ] ***** [x] Nicht Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} [x] Nicht Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} [x] Nicht Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} [x] Nicht Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} [x] Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} [x] Nicht Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Schlüssel Gelöscht : HKCU\Software\Softonic Schlüssel Gelöscht : HKLM\Software\caphyon ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16518 -\\ Google Chrome v33.0.1750.146 [ Datei : C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [1763 octets] - [07/03/2014 18:16:13] AdwCleaner[S0].txt - [1610 octets] - [07/03/2014 18:21:45] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1670 octets] ########## |
08.03.2014, 17:06 | #6 |
/// the machine /// TB-Ausbilder | Chinesischer Dienst Alles löschen lassen. ESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ --> Chinesischer Dienst |
Themen zu Chinesischer Dienst |
bild, chinesische, chinesischer, chinesischer dienst, dienst, dienste, eset, programm, pup.optional.cgminer |