| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Merkwürdige Website wird in Chrome angezeigtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
01.07.2014, 19:20
| #1 |
| |  Merkwürdige Website wird in Chrome angezeigt Hallo, ich hab mich mal hier angemeldet weil ich scheinbar ein kleines oder großes Problem mit Chrome habe. Und zwar, wenn ich irgend eine Website aufrufen will, bekomme ich manchmal eine Seite angezeigt in der das hier steht: " https://apinetcrawlinfo-a.akamaihd.net/gsrs?is=isgi1whDE&bp=BAS&g=4173b438-6b87-4f12-b273-8ee1916457a3 " Und sonnst steht da gar nichts. Wenn ich dann aber die Seite neu lade wird sie normal angezeigt. Ich habe mal versucht diesen merkwürdigen Link aufzurufen, bekomme aber nur ein Script angezeigt. Weiß Jemand was da vor sich geht? |
|
01.07.2014, 20:32
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Merkwürdige Website wird in Chrome angezeigt Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1   Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
02.07.2014, 22:58
| #3 |
| | Merkwürdige Website wird in Chrome angezeigt So hab mal den Scan durchlaufen lassen, ging ganz schön fix.
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-07-2014
Ran by Robin (administrator) on PITTER on 02-07-2014 23:54:25
Running from C:\Users\Robin\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
() C:\Users\Robin\AppData\Roaming\csrss.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Akamai Technologies, Inc.) C:\Users\Robin\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Robin\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe
() C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe
() C:\Program Files (x86)\NetCrawl\bin\NetCrawl.PurBrowse64.exe
() C:\Program Files (x86)\NetCrawl\bin\NetCrawl.BrowserAdapter.exe
(Dropbox, Inc.) C:\Users\Robin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\FileManager\PhotosApp.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-05] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-04] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [ADSKAppManager] => C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe [480648 2014-04-01] (Autodesk Inc.)
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\AVAST Software <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION
HKU\S-1-5-21-2650496097-3640950431-2646291901-1001\...\Run: [EPSONCFE74B (Epson Stylus Office BX305 Plus)] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHRE.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2650496097-3640950431-2646291901-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Robin\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2650496097-3640950431-2646291901-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1313536 2014-04-01] (Bogdan Sharkov)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [105072 2014-06-19] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [92272 2014-06-19] (Skytech Co., Ltd.)
IFEO\utilman.exe: [Debugger] c:\windows\system32\cmd.exe
Startup: C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Robin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\System32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: StorageProviderError -> {0CA2640D-5B9C-4c59-A5FB-2DA61A7437CF} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: StorageProviderSyncing -> {0A30F902-8398-4ee8-86F7-4CFB589F04D1} => C:\Windows\SysWOW64\shell32.dll (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xD33D378BF55ECF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: mySecureSurfer - {52EA1989-D16E-4560-9021-F0AD247DE4D1} - C:\Users\Robin\AppData\LocalLow\mySecureSurfer\IE\mySecureSurfer.dll (Soft-Ware International Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: NetCrawl - {769a91da-209f-47fe-88b9-b0321b0982c8} - C:\Program Files (x86)\NetCrawl\NetCrawlbho.dll (NetCrawl)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.0.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Robin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "hxxp://www.google.de/"
CHR DefaultSearchKeyword: sweet-page
CHR DefaultSearchProvider: sweet-page
CHR DefaultSearchURL: hxxp://www.sweet-page.com/web/?type=ds&ts=1403705287&from=cor&uid=ST500LT012-1DG142_S3P1N3RZ&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Drive) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-24]
CHR Extension: (YouTube) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-24]
CHR Extension: (Adblock Plus) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-04-24]
CHR Extension: (Google-Suche) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-24]
CHR Extension: (Jewel Quest Deluxe Spiel) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehehgijaidopomcfpkigakimeoglkjpa [2014-06-01]
CHR Extension: (Tetris 2 Spiel) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\emidddocikgklceeeifefomdnbkldhng [2014-06-01]
CHR Extension: (2048) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hekhdfjankbhklfkjmnmnefcacndeoll [2014-06-01]
CHR Extension: (Die besten Spiele) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjbggabcnolbjngfelaodkfoabjmjicc [2014-06-01]
CHR Extension: (Eyes - The Horror Game) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jojpkokphfnjlhbnbcilnhgnkkobkngd [2014-06-01]
CHR Extension: (SpongeBob Super Brawl 2) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbhbbkffljiemjcpkgpfkbcmplcfblje [2014-06-01]
CHR Extension: (save on) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccapdhmclljlgmnjfpbaojcagjniimn [2014-06-14]
CHR Extension: (Crazy Rider) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfgcmpnnailedfapmafbigfifabfamcl [2014-06-01]
CHR Extension: (Google Wallet) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-24]
CHR Extension: (YouTube Unblocker) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl [2014-06-25]
CHR Extension: (3D Bomb Destroyer) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\okehlnjpihomkdokiiafpejniofjaoom [2014-06-01]
CHR Extension: (Google Mail) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-24]
CHR Extension: (save on) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccapdhmclljlgmnjfpbaojcagjniimn\2.14 [2014-06-14]
CHR HKLM-x32\...\Chrome\Extension: [agabegcgoagbgcpiegohpamfdpcnmfba] - C:\Users\Robin\AppData\LocalLow\mySecureSurfer\CHROME\mySecureSurfer.crx [2014-06-30]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S2 AdAppMgrSvc; C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgrSvc.exe [581000 2014-04-01] (Autodesk Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
S3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
S2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [757872 2014-06-19] (Cherished Technololgy LIMITED)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-04-16] ()
R2 Update NetCrawl; C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe [318752 2014-07-02] ()
R2 Util NetCrawl; C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe [318752 2014-07-02] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] (Fuyu LIMITED)
==================== Drivers (Whitelisted) ====================
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-12-13] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-14] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2014-04-16] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-01-15] (AnchorFree Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2014-04-16] ()
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-01-15] (Anchorfree Inc.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R1 {57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64; C:\Windows\System32\drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys [61112 2014-06-13] (StdLib)
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64; C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys [61112 2014-06-30] (StdLib)
S3 DRHARD; \??\C:\Windows\system32\DRIVERS\DRHARD.SYS [X]
R3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-02 23:54 - 2014-07-02 23:54 - 00022410 _____ () C:\Users\Robin\Desktop\FRST.txt
2014-07-02 23:49 - 2014-07-02 23:49 - 00400466 _____ () C:\Users\Robin\Desktop\Daten2.rar
2014-07-02 23:43 - 2014-07-02 23:46 - 1413541866 _____ () C:\Users\Robin\Desktop\Daten.rar
2014-07-02 23:30 - 2014-07-02 23:54 - 00000000 ____D () C:\FRST
2014-07-02 23:30 - 2014-07-02 23:30 - 02083840 _____ (Farbar) C:\Users\Robin\Desktop\FRST64.exe
2014-07-02 22:46 - 2014-07-02 22:57 - 00000000 ____D () C:\Users\Robin\AppData\Local\Temporary Projects
2014-07-02 21:01 - 2014-07-02 23:13 - 00000000 ____D () C:\Users\Robin\Desktop\HowTo - Eigener Cursor
2014-07-01 21:59 - 2014-07-01 21:59 - 00000000 ____D () C:\Users\Robin\AppData\Local\Overwolf
2014-07-01 16:52 - 2014-07-01 16:52 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Opera
2014-07-01 16:52 - 2014-07-01 16:52 - 00000000 ____D () C:\Users\Robin\AppData\Local\Opera
2014-06-30 20:12 - 2014-06-30 10:51 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys
2014-06-29 21:43 - 2014-07-01 21:08 - 00000260 _____ () C:\Users\Robin\Desktop\Hilfe.txt
2014-06-29 18:21 - 2014-06-29 18:21 - 00001694 _____ () C:\Users\Public\Desktop\S4League.lnk
2014-06-29 18:13 - 2014-07-02 18:18 - 00000000 ____D () C:\Program Files (x86)\S4League
2014-06-29 10:35 - 2014-06-29 10:35 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\stetic
2014-06-29 10:35 - 2014-06-29 10:35 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\MonoDevelop-Unity-4.0
2014-06-29 10:35 - 2014-06-29 10:35 - 00000000 ____D () C:\Users\Robin\AppData\Local\MonoDevelop-Unity-4.0
2014-06-29 10:29 - 2014-06-29 10:44 - 00000000 ____D () C:\Users\Robin\Documents\New Unity Project
2014-06-29 10:24 - 2014-06-29 10:29 - 00000000 ____D () C:\ProgramData\Unity
2014-06-29 10:22 - 2014-06-29 10:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-06-29 10:22 - 2014-06-29 10:22 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-06-29 10:18 - 2014-06-29 10:23 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-06-28 16:59 - 2014-06-28 16:59 - 00000000 ____D () C:\Users\Robin\AppData\Local\Downloaded Installations
2014-06-28 15:30 - 2014-06-28 15:59 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-06-28 15:30 - 2014-06-28 15:30 - 00000000 ____D () C:\Users\Robin\.thumbnails
2014-06-28 12:08 - 2014-06-28 12:12 - 52363264 _____ () C:\Users\Robin\Desktop\Bilder.avi
2014-06-28 11:36 - 2014-06-28 11:36 - 00000000 ____D () C:\Users\Robin\Documents\SafeNet Sentinel
2014-06-28 11:36 - 2014-06-28 11:36 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel
2014-06-27 16:53 - 2014-06-27 16:53 - 00000000 ____D () C:\Users\Robin\Documents\xgen
2014-06-27 16:53 - 2014-06-27 16:53 - 00000000 ____D () C:\Users\Robin\Documents\maya
2014-06-27 16:53 - 2014-06-27 16:53 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-06-27 16:00 - 2014-06-27 16:00 - 00000000 ____D () C:\Users\Robin\Documents\Direct Connect
2014-06-27 15:44 - 2014-06-27 19:05 - 00000000 ____D () C:\Program Files\Autodesk
2014-06-27 15:16 - 2014-06-27 19:05 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-06-27 15:16 - 2014-06-27 16:54 - 00000000 ____D () C:\Users\Robin\AppData\Local\Autodesk
2014-06-27 15:16 - 2014-06-27 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-06-27 15:16 - 2014-06-27 15:16 - 00000000 ____D () C:\Users\Robin\Documents\Autodesk Application Manager
2014-06-27 15:05 - 2014-06-27 16:53 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Autodesk
2014-06-27 15:05 - 2014-06-27 16:53 - 00000000 ____D () C:\ProgramData\Autodesk
2014-06-27 15:04 - 2014-06-27 15:04 - 00000000 ____D () C:\Autodesk
2014-06-25 21:00 - 2014-06-25 21:00 - 00012382 _____ () C:\Users\Robin\Desktop\ReadWritingMemory.vb
2014-06-25 17:13 - 2014-06-13 13:36 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys
2014-06-25 16:12 - 2014-06-25 16:12 - 00000000 ____D () C:\Users\Robin\Documents\PC Speed Maximizer
2014-06-25 16:09 - 2014-06-25 16:09 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\SupTab
2014-06-25 16:09 - 2014-06-25 16:09 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-25 16:09 - 2014-06-25 16:09 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-25 16:09 - 2014-06-25 16:09 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-25 16:08 - 2014-06-30 16:23 - 00000000 ____D () C:\Program Files (x86)\NetCrawl
2014-06-25 16:08 - 2014-06-25 16:08 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WTHUR1
2014-06-25 16:08 - 2014-06-25 16:08 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WFRI1
2014-06-25 16:08 - 2014-06-25 16:08 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\sweet-page
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WW2
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WW1
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WMON1
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT W2
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT T
2014-06-25 16:07 - 2014-06-25 16:07 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\WorldofTanks
2014-06-25 16:07 - 2014-06-25 16:07 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2014-06-25 16:07 - 2014-06-25 16:07 - 00000000 ____D () C:\Users\Robin\AppData\Local\WorldofTanks
2014-06-25 16:01 - 2014-06-25 16:01 - 00000000 ____D () C:\ProgramData\Pivot Animator
2014-06-25 16:00 - 2014-06-25 16:07 - 00001046 _____ () C:\Users\Public\Desktop\Pivot Animator.lnk
2014-06-25 16:00 - 2014-06-25 16:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
2014-06-25 16:00 - 2014-06-25 16:07 - 00000000 ____D () C:\Program Files (x86)\Pivot Animator
2014-06-25 15:31 - 2014-06-25 15:31 - 00000220 _____ () C:\Users\Robin\Desktop\Source Filmmaker.url
2014-06-25 10:48 - 2014-06-25 10:48 - 00003032 _____ () C:\Windows\System32\Tasks\{0854B18D-0BDD-4DC5-9A5A-2FFD8145FD0D}
2014-06-24 12:51 - 2014-06-24 12:51 - 00000000 ____D () C:\Windows\Sun
2014-06-22 20:36 - 2014-06-22 20:36 - 00060928 ___ST () C:\Windows\SysWOW64\7B34.dll
2014-06-22 20:36 - 2014-06-22 20:36 - 00000000 _____ () C:\Windows\SysWOW64\7B34.tmp
2014-06-22 20:23 - 2014-06-22 20:23 - 00060928 ___ST () C:\Windows\SysWOW64\D582.dll
2014-06-22 20:23 - 2014-06-22 20:23 - 00000000 _____ () C:\Windows\SysWOW64\D582.tmp
2014-06-22 16:49 - 2014-06-22 16:49 - 00001101 _____ () C:\Users\Robin\Desktop\Cheat Engine.lnk
2014-06-22 16:49 - 2014-06-22 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2014-06-22 16:49 - 2014-06-22 16:49 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2014-06-22 15:24 - 2014-06-22 15:24 - 00000000 ____D () C:\Users\Robin\Documents\DotNetBar for Silverlight Samples
2014-06-22 15:24 - 2014-06-22 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DotNetBar for Silverlight
2014-06-22 15:24 - 2014-06-22 15:24 - 00000000 ____D () C:\Program Files (x86)\DotNetBarSilverlight
2014-06-22 15:19 - 2014-06-22 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains dotPeek version 1.1
2014-06-22 10:32 - 2014-06-22 10:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-21 15:58 - 2014-06-21 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2014-06-21 14:53 - 2014-06-21 14:53 - 00001917 _____ () C:\Users\Robin\Desktop\Clownfish.lnk
2014-06-21 14:53 - 2014-06-21 14:53 - 00000000 ____D () C:\Users\Robin\Documents\Skype Voice Records
2014-06-21 14:53 - 2014-06-21 14:53 - 00000000 ____D () C:\Users\Robin\Documents\Clownfish Avatars
2014-06-21 14:53 - 2014-06-21 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
2014-06-21 14:53 - 2014-06-21 14:53 - 00000000 ____D () C:\Program Files (x86)\Clownfish
2014-06-20 22:55 - 2014-06-20 22:56 - 00014024 _____ () C:\Users\Robin\Desktop\Unpluplic gc by Crack-wtf v.0.5.rar
2014-06-20 19:42 - 2014-07-02 23:52 - 01065269 _____ () C:\Windows\SysWOW64\logs.dat
2014-06-20 15:22 - 2014-07-02 16:05 - 00003206 _____ () C:\Windows\System32\Tasks\csrss
2014-06-20 15:22 - 2014-06-20 15:22 - 01997824 ____H () C:\Users\Robin\AppData\Roaming\csrss.exe
2014-06-19 23:54 - 2014-07-02 23:41 - 00014336 ___SH () C:\Users\Robin\AppData\Local\Thumbs.db
2014-06-19 19:28 - 2014-07-01 22:00 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\TS3Client
2014-06-19 19:28 - 2014-06-19 19:28 - 00001178 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-06-19 19:28 - 2014-06-19 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-19 19:28 - 2014-06-19 19:28 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-06-19 17:48 - 2014-06-19 17:48 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\LolClient
2014-06-19 16:11 - 2014-06-19 16:12 - 00000000 ____D () C:\rads
2014-06-19 16:11 - 2014-06-19 16:11 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-19 16:11 - 2014-06-19 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-19 15:28 - 2014-06-19 15:28 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\LucasArts
2014-06-19 11:43 - 2014-06-19 11:43 - 00001324 _____ () C:\Users\Robin\Desktop\City Life 2008.lnk
2014-06-19 11:24 - 2014-06-19 11:24 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monte Cristo
2014-06-19 11:12 - 2014-06-19 11:12 - 00000000 ____H () C:\Users\Robin\Documents\Default.rdp
2014-06-19 10:12 - 2014-06-19 10:12 - 00000000 ____D () C:\Users\Robin\Documents\DIE SIEDLER - Aufstieg eines Königreichs
2014-06-18 23:52 - 2014-06-18 23:52 - 00000000 ____D () C:\Users\Robin\Documents\Atari
2014-06-18 23:34 - 2014-06-18 23:34 - 00000000 ____D () C:\Program Files (x86)\Monte Cristo
2014-06-18 21:58 - 2014-06-18 22:18 - 00000000 ____D () C:\Users\Robin\Documents\TmForever
2014-06-18 21:58 - 2014-06-18 22:04 - 00000000 ____D () C:\ProgramData\TmForever
2014-06-18 21:57 - 2014-06-18 21:57 - 00001124 _____ () C:\Users\Public\Desktop\TmNationsForever.lnk
2014-06-18 21:57 - 2014-06-18 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
2014-06-18 21:55 - 2014-06-18 21:57 - 00000000 ____D () C:\Program Files (x86)\TmNationsForever
2014-06-18 20:07 - 2014-06-07 20:26 - 176772758 _____ () C:\Users\Robin\Desktop\Aufnahme-1.avi
2014-06-17 20:39 - 2014-07-02 23:36 - 00000000 ___RD () C:\Users\Robin\Dropbox
2014-06-17 20:39 - 2014-06-17 20:39 - 00001087 _____ () C:\Users\Robin\Desktop\Dropbox.lnk
2014-06-15 23:54 - 2014-06-15 23:55 - 00213430 _____ () C:\Users\Robin\AppData\Local\debuggee.mdmp
2014-06-15 23:46 - 2014-06-15 23:46 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Apple Computer
2014-06-15 23:46 - 2014-06-15 23:46 - 00000000 ____D () C:\Users\Robin\AppData\Local\Apple Computer
2014-06-15 23:37 - 2014-06-15 23:37 - 00000000 ____D () C:\Users\Robin\AppData\Local\Geckofx
2014-06-15 14:10 - 2014-06-15 14:13 - 00000000 ____D () C:\AdwCleaner
2014-06-15 11:54 - 2014-06-15 11:54 - 00001284 _____ () C:\Users\Robin\Desktop\Revo Uninstaller.lnk
2014-06-15 11:54 - 2014-06-15 11:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-15 11:45 - 2014-01-15 00:47 - 00044744 _____ (AnchorFree Inc.) C:\Windows\system32\Drivers\hssdrv6.sys
2014-06-15 10:31 - 2014-06-15 10:32 - 00000000 ____D () C:\Users\Robin\Documents\NFS Undercover
2014-06-15 10:31 - 2014-06-15 10:31 - 00000000 __RHD () C:\Users\Robin\AppData\Roaming\SecuROM
2014-06-15 09:54 - 2014-06-15 09:54 - 00000000 ___HD () C:\ProgramData\{A4B500C8-F3EB-4AD9-9762-515CCA35FD16}
2014-06-15 09:54 - 2014-06-15 09:54 - 00000000 ____D () C:\Users\Robin\AppData\Local\Ironclad Games
2014-06-15 09:47 - 2014-06-15 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso
2014-06-15 09:47 - 2014-06-15 09:47 - 00000000 ____D () C:\Program Files (x86)\Kalypso
2014-06-14 21:08 - 2014-06-14 21:08 - 00000000 ____D () C:\Users\Robin\AppData\Local\Dropper
2014-06-14 20:55 - 2014-06-14 20:55 - 00001384 _____ () C:\Users\Robin\Desktop\Eazfuscator.NET.lnk
2014-06-14 20:54 - 2014-06-14 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eazfuscator.NET
2014-06-14 16:56 - 2014-06-14 16:56 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Awesomium
2014-06-14 16:23 - 2014-06-14 16:23 - 00000000 ____D () C:\Users\Robin\AppData\Local\Aeria Games
2014-06-14 16:22 - 2014-06-14 16:22 - 00001614 _____ () C:\Users\Robin\Desktop\Alliance of Valiant Arms.lnk
2014-06-14 16:22 - 2014-06-14 16:22 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-06-14 16:22 - 2014-06-14 16:22 - 00000000 ____D () C:\ProgramData\Aeria Games
2014-06-14 16:19 - 2014-06-14 16:19 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Crypto Obfuscator For .Net v2013 R2
2014-06-14 16:16 - 2014-06-19 16:11 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-06-14 16:16 - 2014-06-14 16:16 - 00002044 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
2014-06-14 16:16 - 2014-06-14 16:16 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Aeria Games & Entertainment
2014-06-14 16:16 - 2014-06-14 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-06-14 16:16 - 2014-06-14 16:16 - 00000000 ____D () C:\Program Files (x86)\Aeria Games
2014-06-14 15:51 - 2014-06-14 15:51 - 00000000 ____D () C:\Users\Robin\AppData\Local\SkinSoft
2014-06-14 15:51 - 2014-06-14 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogicNP Software
2014-06-14 15:51 - 2014-06-14 15:51 - 00000000 ____D () C:\Program Files (x86)\LogicNP Software
2014-06-14 15:26 - 2014-06-14 16:16 - 00000000 ____D () C:\AeriaGames
2014-06-14 15:26 - 2014-06-14 15:27 - 00000000 ____D () C:\Users\Robin\AppData\Local\Akamai
2014-06-14 14:48 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-06-14 14:37 - 2014-06-18 16:34 - 00000000 ____D () C:\Users\Public\Documents\Ashampoo
2014-06-14 14:37 - 2014-06-15 12:08 - 00001871 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk
2014-06-14 14:37 - 2014-06-15 12:08 - 00001855 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deutschland Digital.lnk
2014-06-14 14:37 - 2014-06-15 12:08 - 00000213 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-06-14 14:37 - 2014-06-15 12:08 - 00000205 _____ () C:\Users\Public\Desktop\Deutschland Digital.url
2014-06-14 14:37 - 2014-06-15 12:08 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-06-14 14:37 - 2014-06-14 14:37 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-06-14 14:31 - 2014-06-14 14:31 - 00001092 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-06-14 14:21 - 2014-06-14 14:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-14 13:11 - 2014-06-14 13:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-14 13:00 - 2014-06-14 13:00 - 00000000 ____D () C:\Windows\ERUNT
2014-06-14 12:57 - 2014-06-14 12:57 - 00000703 _____ () C:\DelFix.txt
2014-06-14 11:29 - 2014-06-14 13:49 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-14 11:29 - 2014-06-14 13:49 - 00000000 ____D () C:\Program Files (x86)\Adblocker
2014-06-13 23:46 - 2014-06-14 20:57 - 00000000 ____D () C:\Users\Robin\AppData\Local\Gapotchenko
2014-06-13 23:46 - 2014-06-14 20:54 - 00000000 ____D () C:\Program Files (x86)\Eazfuscator.NET
2014-06-11 23:11 - 2014-06-11 23:12 - 00000000 ____D () C:\Users\Robin\AppData\Local\Adobe
2014-06-09 17:21 - 2014-06-09 17:21 - 00000000 ____D () C:\Program Files (x86)\JetBrains
2014-06-09 00:56 - 2014-06-09 00:56 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft Corporation
2014-06-08 16:14 - 2014-06-21 15:58 - 00000000 ____D () C:\Program Files (x86)\AutoIt3
2014-06-08 16:14 - 2014-06-08 16:14 - 00000000 ____D () C:\Users\Robin\AppData\Local\AutoIt v3
2014-06-08 08:46 - 2014-06-14 13:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
2014-06-08 08:46 - 2014-06-14 13:49 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.3
2014-06-07 19:43 - 2014-06-07 19:43 - 00012382 _____ () C:\Users\Robin\Desktop\ReadWritingMemory .vb
2014-06-07 19:26 - 2014-06-25 22:54 - 00000866 _____ () C:\Users\Robin\SciTE.session
2014-06-06 23:23 - 2014-06-06 23:23 - 00000000 ____D () C:\Users\Robin\AppData\Local\DFH
2014-06-04 17:52 - 2014-06-04 17:52 - 00001088 _____ () C:\Users\Robin\Desktop\Counter-Strike 1.6.lnk
2014-06-04 17:52 - 2014-06-04 17:52 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-06-04 17:52 - 2014-06-04 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-06-04 17:50 - 2014-06-04 17:54 - 00000000 ____D () C:\Program Files (x86)\Counter-Strike 1.6
2014-06-03 20:50 - 2014-06-03 20:49 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-06-03 20:21 - 2014-06-03 20:21 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\StunlockStudios
2014-06-03 20:07 - 2014-06-25 15:31 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-03 20:07 - 2014-06-03 20:07 - 00000222 _____ () C:\Users\Robin\Desktop\Dead Island Epidemic.url
2014-06-02 19:00 - 2014-06-02 19:00 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\TuneUp Software
2014-06-02 19:00 - 2014-06-02 19:00 - 00000000 ____D () C:\Users\Robin\AppData\Local\TuneUp Software
==================== One Month Modified Files and Folders =======
2014-07-02 23:54 - 2014-07-02 23:54 - 00022410 _____ () C:\Users\Robin\Desktop\FRST.txt
2014-07-02 23:54 - 2014-07-02 23:30 - 00000000 ____D () C:\FRST
2014-07-02 23:52 - 2014-06-20 19:42 - 01065269 _____ () C:\Windows\SysWOW64\logs.dat
2014-07-02 23:51 - 2014-04-22 11:32 - 00806912 ___SH () C:\Users\Robin\Downloads\Thumbs.db
2014-07-02 23:50 - 2014-04-15 21:30 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\ClassicShell
2014-07-02 23:49 - 2014-07-02 23:49 - 00400466 _____ () C:\Users\Robin\Desktop\Daten2.rar
2014-07-02 23:47 - 2014-04-16 16:30 - 02056704 ___SH () C:\Users\Robin\Desktop\Thumbs.db
2014-07-02 23:46 - 2014-07-02 23:43 - 1413541866 _____ () C:\Users\Robin\Desktop\Daten.rar
2014-07-02 23:41 - 2014-06-19 23:54 - 00014336 ___SH () C:\Users\Robin\AppData\Local\Thumbs.db
2014-07-02 23:36 - 2014-06-17 20:39 - 00000000 ___RD () C:\Users\Robin\Dropbox
2014-07-02 23:36 - 2014-05-27 18:06 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\DropboxMaster
2014-07-02 23:36 - 2014-05-27 18:05 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Dropbox
2014-07-02 23:35 - 2014-05-07 19:00 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Notepad++
2014-07-02 23:35 - 2014-05-01 12:02 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-02 23:35 - 2014-04-21 18:51 - 00000000 ____D () C:\Users\Robin\AppData\Local\CrashDumps
2014-07-02 23:30 - 2014-07-02 23:30 - 02083840 _____ (Farbar) C:\Users\Robin\Desktop\FRST64.exe
2014-07-02 23:13 - 2014-07-02 21:01 - 00000000 ____D () C:\Users\Robin\Desktop\HowTo - Eigener Cursor
2014-07-02 23:05 - 2014-05-10 20:00 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-02 23:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2014-07-02 22:58 - 2014-04-15 22:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-02 22:57 - 2014-07-02 22:46 - 00000000 ____D () C:\Users\Robin\AppData\Local\Temporary Projects
2014-07-02 22:33 - 2014-04-15 21:16 - 00003922 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{63CD8669-5BA8-4ADB-BB1D-ECF34FCF7007}
2014-07-02 22:26 - 2014-04-27 19:25 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Skype
2014-07-02 20:25 - 2014-04-22 10:26 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\.minecraft
2014-07-02 20:18 - 2013-08-22 15:25 - 00000194 _____ () C:\Windows\win.ini
2014-07-02 20:15 - 2014-05-15 16:47 - 01592398 _____ (TeamExtreme) C:\Users\Robin\Desktop\Minecraft.exe
2014-07-02 20:05 - 2014-05-10 20:00 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-02 19:52 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-02 18:38 - 2014-04-15 21:13 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2650496097-3640950431-2646291901-1001
2014-07-02 18:18 - 2014-06-29 18:13 - 00000000 ____D () C:\Program Files (x86)\S4League
2014-07-02 16:59 - 2014-04-15 21:08 - 00000000 ____D () C:\Users\Robin
2014-07-02 16:05 - 2014-06-20 15:22 - 00003206 _____ () C:\Windows\System32\Tasks\csrss
2014-07-01 22:00 - 2014-06-19 19:28 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\TS3Client
2014-07-01 21:59 - 2014-07-01 21:59 - 00000000 ____D () C:\Users\Robin\AppData\Local\Overwolf
2014-07-01 21:08 - 2014-06-29 21:43 - 00000260 _____ () C:\Users\Robin\Desktop\Hilfe.txt
2014-07-01 17:00 - 2014-04-24 10:33 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Opera Software
2014-07-01 17:00 - 2014-04-24 10:33 - 00000000 ____D () C:\Users\Robin\AppData\Local\Opera Software
2014-07-01 17:00 - 2014-04-24 10:33 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-07-01 16:52 - 2014-07-01 16:52 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Opera
2014-07-01 16:52 - 2014-07-01 16:52 - 00000000 ____D () C:\Users\Robin\AppData\Local\Opera
2014-06-30 16:23 - 2014-06-25 16:08 - 00000000 ____D () C:\Program Files (x86)\NetCrawl
2014-06-30 10:51 - 2014-06-30 20:12 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}Gw64.sys
2014-06-29 19:30 - 2014-04-18 16:33 - 00000000 ____D () C:\Users\Robin\Documents\Visual Studio 2010
2014-06-29 18:21 - 2014-06-29 18:21 - 00001694 _____ () C:\Users\Public\Desktop\S4League.lnk
2014-06-29 18:20 - 2014-04-21 19:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S4League
2014-06-29 18:13 - 2014-04-15 21:14 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-29 10:44 - 2014-06-29 10:29 - 00000000 ____D () C:\Users\Robin\Documents\New Unity Project
2014-06-29 10:44 - 2014-06-29 10:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity
2014-06-29 10:35 - 2014-06-29 10:35 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\stetic
2014-06-29 10:35 - 2014-06-29 10:35 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\MonoDevelop-Unity-4.0
2014-06-29 10:35 - 2014-06-29 10:35 - 00000000 ____D () C:\Users\Robin\AppData\Local\MonoDevelop-Unity-4.0
2014-06-29 10:33 - 2014-04-24 09:52 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Unity
2014-06-29 10:29 - 2014-06-29 10:24 - 00000000 ____D () C:\ProgramData\Unity
2014-06-29 10:24 - 2014-04-24 09:49 - 00000000 ____D () C:\Users\Robin\AppData\Local\Unity
2014-06-29 10:23 - 2014-06-29 10:18 - 00000000 ____D () C:\Program Files (x86)\Unity
2014-06-29 10:22 - 2014-06-29 10:22 - 00000000 ____D () C:\Users\Public\Documents\Unity Projects
2014-06-29 09:29 - 2014-05-10 20:01 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-28 23:41 - 2014-04-21 18:31 - 00005120 _____ () C:\Users\Robin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-28 21:02 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-28 16:59 - 2014-06-28 16:59 - 00000000 ____D () C:\Users\Robin\AppData\Local\Downloaded Installations
2014-06-28 15:59 - 2014-06-28 15:30 - 00000000 ____D () C:\Program Files\Blender Foundation
2014-06-28 15:30 - 2014-06-28 15:30 - 00000000 ____D () C:\Users\Robin\.thumbnails
2014-06-28 12:12 - 2014-06-28 12:08 - 52363264 _____ () C:\Users\Robin\Desktop\Bilder.avi
2014-06-28 11:36 - 2014-06-28 11:36 - 00000000 ____D () C:\Users\Robin\Documents\SafeNet Sentinel
2014-06-28 11:36 - 2014-06-28 11:36 - 00000000 ____D () C:\ProgramData\SafeNet Sentinel
2014-06-27 23:15 - 2014-04-21 18:29 - 00000000 ____D () C:\Users\Robin\Documents\Camtasia Studio
2014-06-27 19:05 - 2014-06-27 15:44 - 00000000 ____D () C:\Program Files\Autodesk
2014-06-27 19:05 - 2014-06-27 15:16 - 00000000 ____D () C:\Program Files\Common Files\Autodesk Shared
2014-06-27 16:54 - 2014-06-27 15:16 - 00000000 ____D () C:\Users\Robin\AppData\Local\Autodesk
2014-06-27 16:53 - 2014-06-27 16:53 - 00000000 ____D () C:\Users\Robin\Documents\xgen
2014-06-27 16:53 - 2014-06-27 16:53 - 00000000 ____D () C:\Users\Robin\Documents\maya
2014-06-27 16:53 - 2014-06-27 16:53 - 00000000 ____D () C:\ProgramData\FLEXnet
2014-06-27 16:53 - 2014-06-27 15:05 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Autodesk
2014-06-27 16:53 - 2014-06-27 15:05 - 00000000 ____D () C:\ProgramData\Autodesk
2014-06-27 16:00 - 2014-06-27 16:00 - 00000000 ____D () C:\Users\Robin\Documents\Direct Connect
2014-06-27 15:59 - 2014-06-27 15:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2014-06-27 15:16 - 2014-06-27 15:16 - 00000000 ____D () C:\Users\Robin\Documents\Autodesk Application Manager
2014-06-27 15:16 - 2014-04-15 21:14 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-27 15:04 - 2014-06-27 15:04 - 00000000 ____D () C:\Autodesk
2014-06-27 13:49 - 2014-04-29 18:01 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\FileZilla
2014-06-25 22:54 - 2014-06-07 19:26 - 00000866 _____ () C:\Users\Robin\SciTE.session
2014-06-25 21:00 - 2014-06-25 21:00 - 00012382 _____ () C:\Users\Robin\Desktop\ReadWritingMemory.vb
2014-06-25 16:16 - 2014-04-28 17:03 - 00000000 ____D () C:\Users\Robin\AppData\Local\PMB Files
2014-06-25 16:12 - 2014-06-25 16:12 - 00000000 ____D () C:\Users\Robin\Documents\PC Speed Maximizer
2014-06-25 16:09 - 2014-06-25 16:09 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\SupTab
2014-06-25 16:09 - 2014-06-25 16:09 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-25 16:09 - 2014-06-25 16:09 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-25 16:09 - 2014-06-25 16:09 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-06-25 16:08 - 2014-06-25 16:08 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WTHUR1
2014-06-25 16:08 - 2014-06-25 16:08 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WFRI1
2014-06-25 16:08 - 2014-06-25 16:08 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\sweet-page
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WW2
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WW1
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT WMON1
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT W2
2014-06-25 16:07 - 2014-06-25 16:07 - 00003442 _____ () C:\Windows\System32\Tasks\WOT T
2014-06-25 16:07 - 2014-06-25 16:07 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\WorldofTanks
2014-06-25 16:07 - 2014-06-25 16:07 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WorldofTanks
2014-06-25 16:07 - 2014-06-25 16:07 - 00000000 ____D () C:\Users\Robin\AppData\Local\WorldofTanks
2014-06-25 16:07 - 2014-06-25 16:00 - 00001046 _____ () C:\Users\Public\Desktop\Pivot Animator.lnk
2014-06-25 16:07 - 2014-06-25 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pivot Animator
2014-06-25 16:07 - 2014-06-25 16:00 - 00000000 ____D () C:\Program Files (x86)\Pivot Animator
2014-06-25 16:01 - 2014-06-25 16:01 - 00000000 ____D () C:\ProgramData\Pivot Animator
2014-06-25 15:31 - 2014-06-25 15:31 - 00000220 _____ () C:\Users\Robin\Desktop\Source Filmmaker.url
2014-06-25 15:31 - 2014-06-03 20:07 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-06-25 10:48 - 2014-06-25 10:48 - 00003032 _____ () C:\Windows\System32\Tasks\{0854B18D-0BDD-4DC5-9A5A-2FFD8145FD0D}
2014-06-25 10:33 - 2014-04-17 10:34 - 00000000 ____D () C:\Users\Robin\Documents\Gothic3
2014-06-24 20:52 - 2014-04-15 22:09 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Mozilla
2014-06-24 12:51 - 2014-06-24 12:51 - 00000000 ____D () C:\Windows\Sun
2014-06-22 20:36 - 2014-06-22 20:36 - 00060928 ___ST () C:\Windows\SysWOW64\7B34.dll
2014-06-22 20:36 - 2014-06-22 20:36 - 00000000 _____ () C:\Windows\SysWOW64\7B34.tmp
2014-06-22 20:23 - 2014-06-22 20:23 - 00060928 ___ST () C:\Windows\SysWOW64\D582.dll
2014-06-22 20:23 - 2014-06-22 20:23 - 00000000 _____ () C:\Windows\SysWOW64\D582.tmp
2014-06-22 16:49 - 2014-06-22 16:49 - 00001101 _____ () C:\Users\Robin\Desktop\Cheat Engine.lnk
2014-06-22 16:49 - 2014-06-22 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2014-06-22 16:49 - 2014-06-22 16:49 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2014-06-22 15:24 - 2014-06-22 15:24 - 00000000 ____D () C:\Users\Robin\Documents\DotNetBar for Silverlight Samples
2014-06-22 15:24 - 2014-06-22 15:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DotNetBar for Silverlight
2014-06-22 15:24 - 2014-06-22 15:24 - 00000000 ____D () C:\Program Files (x86)\DotNetBarSilverlight
2014-06-22 15:19 - 2014-06-22 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains dotPeek version 1.1
2014-06-22 10:44 - 2014-05-09 14:53 - 00000000 ____D () C:\temp
2014-06-22 10:32 - 2014-06-22 10:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-06-21 15:58 - 2014-06-21 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2014-06-21 15:58 - 2014-06-08 16:14 - 00000000 ____D () C:\Program Files (x86)\AutoIt3
2014-06-21 15:58 - 2013-08-23 01:26 - 00000000 ____D () C:\Windows\ShellNew
2014-06-21 14:58 - 2014-04-28 16:54 - 00000000 ____D () C:\Program Files (x86)\MoonTools
2014-06-21 14:53 - 2014-06-21 14:53 - 00001917 _____ () C:\Users\Robin\Desktop\Clownfish.lnk
2014-06-21 14:53 - 2014-06-21 14:53 - 00000000 ____D () C:\Users\Robin\Documents\Skype Voice Records
2014-06-21 14:53 - 2014-06-21 14:53 - 00000000 ____D () C:\Users\Robin\Documents\Clownfish Avatars
2014-06-21 14:53 - 2014-06-21 14:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clownfish
2014-06-21 14:53 - 2014-06-21 14:53 - 00000000 ____D () C:\Program Files (x86)\Clownfish
2014-06-20 22:56 - 2014-06-20 22:55 - 00014024 _____ () C:\Users\Robin\Desktop\Unpluplic gc by Crack-wtf v.0.5.rar
2014-06-20 15:22 - 2014-06-20 15:22 - 01997824 ____H () C:\Users\Robin\AppData\Roaming\csrss.exe
2014-06-19 19:28 - 2014-06-19 19:28 - 00001178 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-06-19 19:28 - 2014-06-19 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-06-19 19:28 - 2014-06-19 19:28 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-06-19 18:33 - 2014-04-28 17:03 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-19 17:48 - 2014-06-19 17:48 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\LolClient
2014-06-19 16:12 - 2014-06-19 16:11 - 00000000 ____D () C:\rads
2014-06-19 16:11 - 2014-06-19 16:11 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-06-19 16:11 - 2014-06-19 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-06-19 16:11 - 2014-06-14 16:16 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-06-19 15:28 - 2014-06-19 15:28 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\LucasArts
2014-06-19 15:11 - 2014-04-17 11:36 - 00000000 ____D () C:\Program Files (x86)\LucasArts
2014-06-19 11:43 - 2014-06-19 11:43 - 00001324 _____ () C:\Users\Robin\Desktop\City Life 2008.lnk
2014-06-19 11:24 - 2014-06-19 11:24 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Monte Cristo
2014-06-19 11:12 - 2014-06-19 11:12 - 00000000 ____H () C:\Users\Robin\Documents\Default.rdp
2014-06-19 10:12 - 2014-06-19 10:12 - 00000000 ____D () C:\Users\Robin\Documents\DIE SIEDLER - Aufstieg eines Königreichs
2014-06-18 23:52 - 2014-06-18 23:52 - 00000000 ____D () C:\Users\Robin\Documents\Atari
2014-06-18 23:42 - 2014-04-16 09:22 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-06-18 23:36 - 2014-04-17 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2014-06-18 23:36 - 2014-04-17 12:29 - 00000000 ____D () C:\Program Files (x86)\Atari
2014-06-18 23:34 - 2014-06-18 23:34 - 00000000 ____D () C:\Program Files (x86)\Monte Cristo
2014-06-18 22:18 - 2014-06-18 21:58 - 00000000 ____D () C:\Users\Robin\Documents\TmForever
2014-06-18 22:04 - 2014-06-18 21:58 - 00000000 ____D () C:\ProgramData\TmForever
2014-06-18 21:57 - 2014-06-18 21:57 - 00001124 _____ () C:\Users\Public\Desktop\TmNationsForever.lnk
2014-06-18 21:57 - 2014-06-18 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TmNationsForever
2014-06-18 21:57 - 2014-06-18 21:55 - 00000000 ____D () C:\Program Files (x86)\TmNationsForever
2014-06-18 16:34 - 2014-06-14 14:37 - 00000000 ____D () C:\Users\Public\Documents\Ashampoo
2014-06-17 20:39 - 2014-06-17 20:39 - 00001087 _____ () C:\Users\Robin\Desktop\Dropbox.lnk
2014-06-17 20:34 - 2014-05-27 18:06 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-17 19:04 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 19:03 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\Web
2014-06-15 23:55 - 2014-06-15 23:54 - 00213430 _____ () C:\Users\Robin\AppData\Local\debuggee.mdmp
2014-06-15 23:46 - 2014-06-15 23:46 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Apple Computer
2014-06-15 23:46 - 2014-06-15 23:46 - 00000000 ____D () C:\Users\Robin\AppData\Local\Apple Computer
2014-06-15 23:37 - 2014-06-15 23:37 - 00000000 ____D () C:\Users\Robin\AppData\Local\Geckofx
2014-06-15 14:13 - 2014-06-15 14:10 - 00000000 ____D () C:\AdwCleaner
2014-06-15 12:08 - 2014-06-14 14:37 - 00001871 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Software Deals.lnk
2014-06-15 12:08 - 2014-06-14 14:37 - 00001855 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deutschland Digital.lnk
2014-06-15 12:08 - 2014-06-14 14:37 - 00000213 _____ () C:\Users\Public\Desktop\Your Software Deals.url
2014-06-15 12:08 - 2014-06-14 14:37 - 00000205 _____ () C:\Users\Public\Desktop\Deutschland Digital.url
2014-06-15 12:08 - 2014-06-14 14:37 - 00000000 ____D () C:\ProgramData\Ashampoo
2014-06-15 11:54 - 2014-06-15 11:54 - 00001284 _____ () C:\Users\Robin\Desktop\Revo Uninstaller.lnk
2014-06-15 11:54 - 2014-06-15 11:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-06-15 10:44 - 2014-04-15 23:30 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2014-06-15 10:32 - 2014-06-15 10:31 - 00000000 ____D () C:\Users\Robin\Documents\NFS Undercover
2014-06-15 10:31 - 2014-06-15 10:31 - 00000000 __RHD () C:\Users\Robin\AppData\Roaming\SecuROM
2014-06-15 09:54 - 2014-06-15 09:54 - 00000000 ___HD () C:\ProgramData\{A4B500C8-F3EB-4AD9-9762-515CCA35FD16}
2014-06-15 09:54 - 2014-06-15 09:54 - 00000000 ____D () C:\Users\Robin\AppData\Local\Ironclad Games
2014-06-15 09:47 - 2014-06-15 09:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso
2014-06-15 09:47 - 2014-06-15 09:47 - 00000000 ____D () C:\Program Files (x86)\Kalypso
2014-06-14 21:08 - 2014-06-14 21:08 - 00000000 ____D () C:\Users\Robin\AppData\Local\Dropper
2014-06-14 20:57 - 2014-06-13 23:46 - 00000000 ____D () C:\Users\Robin\AppData\Local\Gapotchenko
2014-06-14 20:55 - 2014-06-14 20:55 - 00001384 _____ () C:\Users\Robin\Desktop\Eazfuscator.NET.lnk
2014-06-14 20:54 - 2014-06-14 20:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eazfuscator.NET
2014-06-14 20:54 - 2014-06-13 23:46 - 00000000 ____D () C:\Program Files (x86)\Eazfuscator.NET
2014-06-14 16:56 - 2014-06-14 16:56 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Awesomium
2014-06-14 16:23 - 2014-06-14 16:23 - 00000000 ____D () C:\Users\Robin\AppData\Local\Aeria Games
2014-06-14 16:22 - 2014-06-14 16:22 - 00001614 _____ () C:\Users\Robin\Desktop\Alliance of Valiant Arms.lnk
2014-06-14 16:22 - 2014-06-14 16:22 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-06-14 16:22 - 2014-06-14 16:22 - 00000000 ____D () C:\ProgramData\Aeria Games
2014-06-14 16:19 - 2014-06-14 16:19 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Crypto Obfuscator For .Net v2013 R2
2014-06-14 16:16 - 2014-06-14 16:16 - 00002044 _____ () C:\Users\Public\Desktop\Aeria Ignite.lnk
2014-06-14 16:16 - 2014-06-14 16:16 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Aeria Games & Entertainment
2014-06-14 16:16 - 2014-06-14 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-06-14 16:16 - 2014-06-14 16:16 - 00000000 ____D () C:\Program Files (x86)\Aeria Games
2014-06-14 16:16 - 2014-06-14 15:26 - 00000000 ____D () C:\AeriaGames
2014-06-14 15:51 - 2014-06-14 15:51 - 00000000 ____D () C:\Users\Robin\AppData\Local\SkinSoft
2014-06-14 15:51 - 2014-06-14 15:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogicNP Software
2014-06-14 15:51 - 2014-06-14 15:51 - 00000000 ____D () C:\Program Files (x86)\LogicNP Software
2014-06-14 15:27 - 2014-06-14 15:26 - 00000000 ____D () C:\Users\Robin\AppData\Local\Akamai
2014-06-14 14:49 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-14 14:42 - 2014-05-16 03:03 - 00000000 _____ () C:\Windows\SysWOW64\config.nt
2014-06-14 14:42 - 2014-04-15 22:15 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-14 14:42 - 2014-04-15 22:13 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-14 14:42 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-14 14:37 - 2014-06-14 14:37 - 00000000 ____D () C:\Program Files (x86)\Ashampoo
2014-06-14 14:34 - 2014-06-01 18:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-06-14 14:34 - 2014-05-27 00:02 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-06-14 14:31 - 2014-06-14 14:31 - 00001092 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-06-14 14:31 - 2014-05-27 00:02 - 00000000 ____D () C:\ProgramData\Avira
2014-06-14 14:21 - 2014-06-14 14:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-14 13:50 - 2014-05-10 19:24 - 00000000 ____D () C:\Users\Robin\Desktop\SannyBox
2014-06-14 13:49 - 2014-06-14 11:29 - 00000000 ____D () C:\ProgramData\Adblocker
2014-06-14 13:49 - 2014-06-14 11:29 - 00000000 ____D () C:\Program Files (x86)\Adblocker
2014-06-14 13:49 - 2014-06-08 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.3
2014-06-14 13:49 - 2014-06-08 08:46 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.3
2014-06-14 13:49 - 2014-05-10 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-14 13:49 - 2014-05-08 17:49 - 00000000 ____D () C:\ProgramData\saVVee. net
2014-06-14 13:49 - 2014-04-24 09:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-06-14 13:49 - 2013-08-22 17:36 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-14 13:42 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2014-06-14 13:39 - 2014-04-22 11:23 - 00000000 ____D () C:\ProgramData\MAGIX
2014-06-14 13:39 - 2014-04-22 11:15 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\MAGIX
2014-06-14 13:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2014-06-14 13:38 - 2014-05-16 19:38 - 00000000 ____D () C:\Program Files (x86)\G Data
2014-06-14 13:11 - 2014-06-14 13:11 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-14 13:00 - 2014-06-14 13:00 - 00000000 ____D () C:\Windows\ERUNT
2014-06-14 12:57 - 2014-06-14 12:57 - 00000703 _____ () C:\DelFix.txt
2014-06-14 10:47 - 2014-04-22 11:26 - 00000000 ____D () C:\Users\Robin\Documents\MAGIX_MusicEditor
2014-06-13 13:36 - 2014-06-25 17:13 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{57f143ae-1ecd-493d-9ddb-32c45a3cecd5}Gw64.sys
2014-06-11 23:12 - 2014-06-11 23:11 - 00000000 ____D () C:\Users\Robin\AppData\Local\Adobe
2014-06-09 17:21 - 2014-06-09 17:21 - 00000000 ____D () C:\Program Files (x86)\JetBrains
2014-06-09 00:56 - 2014-06-09 00:56 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft Corporation
2014-06-08 16:14 - 2014-06-08 16:14 - 00000000 ____D () C:\Users\Robin\AppData\Local\AutoIt v3
2014-06-07 20:26 - 2014-06-18 20:07 - 176772758 _____ () C:\Users\Robin\Desktop\Aufnahme-1.avi
2014-06-07 19:43 - 2014-06-07 19:43 - 00012382 _____ () C:\Users\Robin\Desktop\ReadWritingMemory .vb
2014-06-06 23:23 - 2014-06-06 23:23 - 00000000 ____D () C:\Users\Robin\AppData\Local\DFH
2014-06-04 18:28 - 2014-04-15 21:08 - 00000000 ____D () C:\Users\Robin\AppData\Local\VirtualStore
2014-06-04 17:54 - 2014-06-04 17:50 - 00000000 ____D () C:\Program Files (x86)\Counter-Strike 1.6
2014-06-04 17:52 - 2014-06-04 17:52 - 00001088 _____ () C:\Users\Robin\Desktop\Counter-Strike 1.6.lnk
2014-06-04 17:52 - 2014-06-04 17:52 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-06-04 17:52 - 2014-06-04 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-06-03 20:49 - 2014-06-03 20:50 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-06-03 20:21 - 2014-06-03 20:21 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\StunlockStudios
2014-06-03 20:07 - 2014-06-03 20:07 - 00000222 _____ () C:\Users\Robin\Desktop\Dead Island Epidemic.url
2014-06-02 20:46 - 2014-05-10 20:00 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-02 20:46 - 2014-05-10 20:00 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-02 20:29 - 2014-04-17 11:54 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-06-02 19:29 - 2014-06-01 20:38 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-06-02 19:16 - 2014-06-01 20:38 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-06-02 19:00 - 2014-06-02 19:00 - 00000000 ____D () C:\Users\Robin\AppData\Roaming\TuneUp Software
2014-06-02 19:00 - 2014-06-02 19:00 - 00000000 ____D () C:\Users\Robin\AppData\Local\TuneUp Software
2014-06-02 15:25 - 2014-04-15 21:04 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-02 15:25 - 2013-08-23 01:24 - 00765582 _____ () C:\Windows\system32\perfh007.dat
2014-06-02 15:25 - 2013-08-23 01:24 - 00159366 _____ () C:\Windows\system32\perfc007.dat
Some content of TEMP:
====================
C:\Users\Robin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxvvytr.dll
C:\Users\Robin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz_c97w.dll
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-28 18:05
==================== End Of Log ============================
|
|
02.07.2014, 23:00
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Merkwürdige Website wird in Chrome angezeigt Hi, Addition.txt? Kommt die noch? 
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
02.07.2014, 23:02
| #5 |
| | Merkwürdige Website wird in Chrome angezeigt Ach ja und hier die Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-07-2014
Ran by Robin at 2014-07-03 00:00:03
Running from C:\Users\Robin\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
8GadgetPack (HKLM-x32\...\{32A7C3B0-E5C3-4913-B1F2-49FE860FAA5E}) (Version: 11.0.0 - Helmut Buhler)
Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12.2.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.0.367 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Alliance of Valiant Arms (HKLM-x32\...\Alliance of Valiant Arms) (Version: - )
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
ANNO 1404 (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 1.00.0000 - Ubisoft)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
Assassin's Creed III 1.01 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.01 - Ubisoft)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 2.2.12.0 - Autodesk)
Autodesk DirectConnect 2015 64-bit (HKLM\...\Autodesk DirectConnect 2015 64-bit) (Version: 9.0.56.4 - Autodesk)
Autodesk DirectConnect 2015 64-bit (Version: 9.0.56.4 - Autodesk) Hidden
AutoIt v3.3.12.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.12.0 - AutoIt Team)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
City Life 2008 (HKLM-x32\...\City Life) (Version: 3.00 - Monte Cristo Games)
Classic Shell (HKLM\...\{023F92C9-AB10-4C54-BF09-C550AEC37917}) (Version: 4.0.6 - IvoSoft)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version: - )
Crypto Obfuscator For .Net 2013 R2 (HKLM-x32\...\Crypto Obfuscator For .Net_is1) (Version: - LogicNP Software)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Deutschland Digital 1.0.0 (HKLM-x32\...\Deutschland Digital_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
DIE SIEDLER - Aufstieg eines Königreichs (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
DotNetBar for Silverlight (HKLM-x32\...\{8FE73FE6-87E2-44B0-AA0E-48F1C705988C}) (Version: 2.2.0.64 - DevComponents)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.3 - Dropbox, Inc.)
Eazfuscator.NET (HKLM-x32\...\{5DCC072D-A86C-4985-BA88-F257CB9FFC37}) (Version: 4.4.45 - Gapotchenko)
EPSON BX305 Plus Series Printer Uninstall (HKLM\...\EPSON BX305 Plus Series) (Version: - SEIKO EPSON Corporation)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
Gothic 3 Enhanced Edition (HKLM-x32\...\{C28A686B-D439-4B83-B023-7402E982F69D}_is1) (Version: - Nordic Games GmbH)
Gothic 3 Modkit v1.75.14 (HKLM-x32\...\{420DA6C7-EE34-4468-AE16-87205B7D24EF}_is1) (Version: v1.75.14 - Nordic Games GmbH)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java 8 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418000FF}) (Version: 8.0.0 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden
JetBrains dotPeek 1.1 (HKLM-x32\...\{D5A5829D-E916-4277-8E08-2EBD98EC4A10}) (Version: 1.1.1.33 - JetBrains Inc)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO® Star Wars™ III: The Clone Wars™ (HKLM-x32\...\{6C0A6B81-0D00-453F-B220-E1F7931B3C2A}) (Version: 1.0.0.0 - LucasArts)
MAGIX Audio Cleaning Lab 16 deluxe Download Version (HKLM-x32\...\MAGIX_MSI_mclab_16dlx) (Version: 16.0.0.0 - MAGIX AG)
MAGIX Audio Cleaning Lab 16 deluxe Download Version (x32 Version: 16.0.0.0 - MAGIX AG) Hidden
MAGIX Speed 2 (MSI) (HKLM-x32\...\{C09F1573-6262-47F2-8B90-5B2290A58B12}) (Version: 6.0.1.2 - MAGIX AG)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{F6E484FB-BC48-4A63-8186-E25DF4607B3B}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Designelemente) (HKLM-x32\...\MX.{53BBE66D-C843-4E0A-A317-2F0B8FA29485}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Designelemente) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (NewBlueFX ColorFast) (HKLM-x32\...\MX.{D9D24F5F-1E36-48BE-9419-CF97B34AB063}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (NewBlueFX ColorFast) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Titeleffekte) (HKLM-x32\...\MX.{5FDFCBBF-44F5-40B2-B5F3-C42E4C2DB69F}) (Version: 1.0.1.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Titeleffekte) (Version: 1.0.1.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Überblendeffekte) (HKLM-x32\...\MX.{3B812D22-B8EC-4060-B909-FF822FE7612B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Überblendeffekte) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
mental ray renderer for Autodesk Maya 2015 (HKLM\...\{BDF821F0-D64C-421D-0052-A9B995B20873}) (Version: 15.0.1335.0 - mental ray)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Need for Speed™ Carbon (HKLM-x32\...\{259C0ABB-A3B2-4D70-008F-BF7EE491B70B}) (Version: - )
Need for Speed™ Most Wanted (HKLM-x32\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version: - )
NetCrawl (HKLM\...\NetCrawl) (Version: 2014.06.24.214734 - NetCrawl)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.1 - Notepad++ Team)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
particleIllusion v1.041 for After Effects (HKLM\...\{2E8540C0-E871-4ACB-91FD-61DDA856578E}_is1) (Version: - GenArts, Inc.)
PAYDAY 2 Demo (HKLM-x32\...\Steam App 251040) (Version: - OVERKILL - a Starbreeze Studio.)
Pivot Animator version 4.1.10 (HKLM-x32\...\Pivot Animator_is1) (Version: 4.1.10 - Motus Software Ltd)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rise And Fall (remove only) (HKLM-x32\...\Rise And Fall) (Version: 1.7.0.11.2.4.3 - Midway Home Entertainment Inc.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
S4 League_EU (HKLM-x32\...\{1D12BDC2-5960-4268-B868-EAFCB14875A2}) (Version: 1.00.0000 - )
Sins of a Solar Empire (HKLM-x32\...\Sins of a Solar Empire) (Version: - Stardock Entertainment)
Sins of a Solar Empire (x32 Version: 1.05 - Kalypso) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - Valve)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
sweet-page uninstall (HKLM-x32\...\sweet-page uninstall) (Version: - sweet-page) <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Terrorist Takedown 3 (HKLM-x32\...\Terrorist Takedown 3/DE-German_is1) (Version: - City Interactive)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
Tycoon City - New York (HKLM-x32\...\{A5101403-2C42-40E0-8D9E-5E49E7C3B89E}) (Version: 1.00.000 - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
WindowsProtectManger20.0.0.401 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION
WinRAR 5.10 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.2 - win.rar GmbH)
WorldofTanks (HKCU\...\WorldofTanks) (Version: - WorldofTanks)
Your Software Deals 1.0.0 (HKLM-x32\...\Your Software Deals_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
==================== Restore Points =========================
18-06-2014 19:57:12 DirectX wurde installiert
22-06-2014 13:24:26 Installed DotNetBar for Silverlight
27-06-2014 13:09:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
29-06-2014 15:43:37 Removed S4 League_EU
01-07-2014 14:51:36 Installed Opera 10.63.
==================== Hosts content: ==========================
2013-08-22 15:25 - 2014-05-11 15:19 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {14A1EC38-4B09-424B-BA3D-0FFF3A3BFEFB} - System32\Tasks\WOT WMON1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {1B329E88-0271-4666-BEDB-3A126C6C4A39} - System32\Tasks\WOT T => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {1D232B34-DF0C-48B6-8D7B-B0C609D8A1B2} - System32\Tasks\WOT WW2 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {1E2E8F4F-483E-4CAB-A395-5A0C4C2F0AF2} - System32\Tasks\WOT W2 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {1FC31DC0-1239-43CE-984A-F3C1FEBD8922} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2170B9D9-247E-4DCE-AB11-3D8141F5FFE2} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2650496097-3640950431-2646291901-1001
Task: {29AB81AA-8F50-4ECA-953F-FABF632C283B} - System32\Tasks\WOT WW1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {2ACAE293-A3A9-4428-B877-5649E8DBB9D4} - System32\Tasks\WOT WTHUR1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {32AB729F-FF43-4AF7-A955-C9BEEBFC938C} - System32\Tasks\csrss => C:\Users\Robin\AppData\Roaming\csrss.exe [2014-06-20] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {47D804E5-269F-4377-9D25-7990ABDFFCA6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {70199FEE-D016-4034-8CA0-61347E725898} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9ACA00EF-326A-45B7-843D-43AC61ECDBF8} - System32\Tasks\WOT WFRI1 => Iexplore.exe hxxp://mmotraffic.com/catalog/goplay/1327/MTE3NjYvLy8xMzI3/
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C04D145A-123D-4E0E-AC9A-3EDA2E695F31} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-10] (Google Inc.)
Task: {CDA4B9F2-FEA7-40E8-AD37-551A5C01CD50} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-12-06 16:06 - 2013-12-06 16:06 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-04-16 09:22 - 2014-04-16 09:22 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-20 15:22 - 2014-06-20 15:22 - 01997824 ____H () C:\Users\Robin\AppData\Roaming\csrss.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 00667808 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-06-24 23:47 - 2014-07-02 16:13 - 00318752 _____ () C:\Program Files (x86)\NetCrawl\updateNetCrawl.exe
2014-06-25 17:12 - 2014-07-02 16:16 - 00318752 _____ () C:\Program Files (x86)\NetCrawl\bin\utilNetCrawl.exe
2014-06-25 17:13 - 2014-07-01 13:31 - 00287008 _____ () C:\Program Files (x86)\NetCrawl\bin\NetCrawl.PurBrowse64.exe
2014-06-25 17:13 - 2014-07-02 19:43 - 00096544 _____ () C:\Program Files (x86)\NetCrawl\bin\NetCrawl.BrowserAdapter.exe
2014-07-02 23:36 - 2014-07-02 23:36 - 00043008 _____ () c:\users\robin\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpz_c97w.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Robin\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-10 20:01 - 2014-04-02 03:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
2014-06-25 17:13 - 2014-07-02 19:43 - 00183584 _____ () C:\Program Files (x86)\NetCrawl\bin\NetCrawlBAApp.dll
2014-05-10 20:01 - 2014-04-02 03:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
2014-05-10 20:01 - 2014-04-02 03:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
2014-05-10 20:01 - 2014-04-02 03:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
2014-05-10 20:01 - 2014-04-02 03:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
2014-05-10 20:01 - 2014-04-02 03:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
2014-05-10 20:01 - 2014-04-02 03:58 - 13691720 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:302A9871
AlternateDataStreams: C:\Users\Robin\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "RadioRage Search Scope Monitor"
HKLM\...\StartupApproved\Run32: => "RadioRage EPM Support"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "GDFirewallTray"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKCU\...\StartupApproved\StartupFolder: => "Sidebar978.lnk"
HKCU\...\StartupApproved\Run: => "EPSONCFE74B (Epson Stylus Office BX305 Plus)"
HKCU\...\StartupApproved\Run: => "DriverBoot"
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Gerät
Description: PCI-Gerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/02/2014 10:11:03 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (07/02/2014 09:58:07 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (07/02/2014 09:33:59 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (07/02/2014 09:07:02 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed
Error: (07/02/2014 06:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: [eazy] Injector.exe, Version: 1.0.0.0, Zeitstempel: 0x53b2ed97
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d557d
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000ab78
ID des fehlerhaften Prozesses: 0x3b9c
Startzeit der fehlerhaften Anwendung: 0x[eazy] Injector.exe0
Pfad der fehlerhaften Anwendung: [eazy] Injector.exe1
Pfad des fehlerhaften Moduls: [eazy] Injector.exe2
Berichtskennung: [eazy] Injector.exe3
Vollständiger Name des fehlerhaften Pakets: [eazy] Injector.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: [eazy] Injector.exe5
Error: (07/02/2014 06:32:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: [eazy] Injector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
bei EazyInjector.My.MyApplication.Main(System.String[])
Error: (07/02/2014 06:13:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: [eazy] Injector.exe, Version: 1.0.0.0, Zeitstempel: 0x53b2ed97
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d557d
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000ab78
ID des fehlerhaften Prozesses: 0xebc
Startzeit der fehlerhaften Anwendung: 0x[eazy] Injector.exe0
Pfad der fehlerhaften Anwendung: [eazy] Injector.exe1
Pfad des fehlerhaften Moduls: [eazy] Injector.exe2
Berichtskennung: [eazy] Injector.exe3
Vollständiger Name des fehlerhaften Pakets: [eazy] Injector.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: [eazy] Injector.exe5
Error: (07/02/2014 06:13:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: [eazy] Injector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
bei EazyInjector.My.MyApplication.Main(System.String[])
Error: (07/02/2014 06:13:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: [eazy] Injector.exe, Version: 1.0.0.0, Zeitstempel: 0x53b2ed97
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.16408, Zeitstempel: 0x523d557d
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000ab78
ID des fehlerhaften Prozesses: 0x35a0
Startzeit der fehlerhaften Anwendung: 0x[eazy] Injector.exe0
Pfad der fehlerhaften Anwendung: [eazy] Injector.exe1
Pfad des fehlerhaften Moduls: [eazy] Injector.exe2
Berichtskennung: [eazy] Injector.exe3
Vollständiger Name des fehlerhaften Pakets: [eazy] Injector.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: [eazy] Injector.exe5
Error: (07/02/2014 06:13:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: [eazy] Injector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
bei EazyInjector.My.MyApplication.Main(System.String[])
System errors:
=============
Error: (07/02/2014 06:39:55 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/02/2014 06:39:25 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/02/2014 05:26:27 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: Microsoft.Windows.PhotoManager
Error: (07/01/2014 05:44:23 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/01/2014 05:43:53 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/30/2014 05:45:28 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (06/30/2014 05:44:58 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/28/2014 11:41:37 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736}
Error: (06/28/2014 07:08:57 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (06/28/2014 07:08:27 PM) (Source: DCOM) (EventID: 10010) (User: PITTER)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office Sessions:
=========================
Error: (07/02/2014 10:11:03 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (07/02/2014 09:58:07 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (07/02/2014 09:33:59 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (07/02/2014 09:07:02 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description:
Error: (07/02/2014 06:32:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: [eazy] Injector.exe1.0.0.053b2ed97KERNELBASE.dll6.3.9600.16408523d557de0434352000000000000ab783b9c01cf961342fa8026C:\Users\Robin\Desktop\[eazy] Injector.exeC:\Windows\system32\KERNELBASE.dll80b87ffe-0206-11e4-8260-a01d48d15a06
Error: (07/02/2014 06:32:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: [eazy] Injector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
bei EazyInjector.My.MyApplication.Main(System.String[])
Error: (07/02/2014 06:13:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: [eazy] Injector.exe1.0.0.053b2ed97KERNELBASE.dll6.3.9600.16408523d557de0434352000000000000ab78ebc01cf96109b1d077cC:\Users\Robin\Desktop\[eazy] Injector.exeC:\Windows\system32\KERNELBASE.dlld8eb1cdb-0203-11e4-8260-a01d48d15a06
Error: (07/02/2014 06:13:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: [eazy] Injector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
bei EazyInjector.My.MyApplication.Main(System.String[])
Error: (07/02/2014 06:13:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: [eazy] Injector.exe1.0.0.053b2ed97KERNELBASE.dll6.3.9600.16408523d557de0434352000000000000ab7835a001cf9610882a8661C:\Users\Robin\AppData\Local\Temp\Rar$EXa0.279\[eazy] Injector.exeC:\Windows\system32\KERNELBASE.dllc64b0975-0203-11e4-8260-a01d48d15a06
Error: (07/02/2014 06:13:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: [eazy] Injector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
bei Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
bei EazyInjector.My.MyApplication.Main(System.String[])
==================== Memory info ===========================
Percentage of memory in use: 31%
Total physical RAM: 7366.26 MB
Available physical RAM: 5080.66 MB
Total Pagefile: 8581.72 MB
Available Pagefile: 5615.13 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.54 GB) (Free:283.53 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 710FD2B4)
Partition: GPT Partition Type.
==================== End Of Log ============================
|
|
02.07.2014, 23:13
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | Merkwürdige Website wird in Chrome angezeigt Schauen wir mal was da los ist... Code:
ATTFilter () C:\Users\Robin\AppData\Roaming\csrss.exe
Schritt 1 Bitte deinstalliere folgende Programme: WindowsProtectManger20.0.0.401 sweet-page uninstall Java 7 Update 55 Java 8 Versuche es bei Windows 8  mit der Windowstaste + X über  .Sollte das nicht gehen, lade Dir bitte Revo Uninstaller  hier herunter. Entpacke die zip-Datei auf den Desktop.
Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter: Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3  Malwarebytes Antimalware
Downloade Dir HitmanPro  auf Deinen Desktop:HitmanPro - 32 Bit HitmanPro - 64 Bit
__________________ --> Merkwürdige Website wird in Chrome angezeigt |
|
02.07.2014, 23:59
| #7 |
| | Merkwürdige Website wird in Chrome angezeigt So der Adwcleaner ist schon Fertig, nur Malwarebytes konnte ich nicht verwenden "Ihre Lizenz ist nicht mehr gültig". Ähm, aber Hitman ist glaub auch schon vertisch. Code:
ATTFilter # AdwCleaner v3.214 - Bericht erstellt am 03/07/2014 um 00:24:15
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Robin - PITTER
# Gestartet von : C:\Users\Robin\Desktop\adwcleaner_3.214.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : IePluginServices
[#] Dienst Gelöscht : Update NetCrawl
[#] Dienst Gelöscht : Util NetCrawl
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Adblocker
Ordner Gelöscht : C:\ProgramData\IePluginServices
Ordner Gelöscht : C:\ProgramData\WindowsProtectManger
Ordner Gelöscht : C:\Program Files (x86)\Adblocker
Ordner Gelöscht : C:\Program Files (x86)\NetCrawl
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Users\Robin\AppData\Roaming\sweet-page
Ordner Gelöscht : C:\Users\Robin\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoloiglmppglohbdjhfkdgblbjmgjkef
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoloiglmppglohbdjhfkdgblbjmgjkef
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoloiglmppglohbdjhfkdgblbjmgjkef
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccapdhmclljlgmnjfpbaojcagjniimn
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccapdhmclljlgmnjfpbaojcagjniimn
Ordner Gelöscht : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccapdhmclljlgmnjfpbaojcagjniimn
Ordner Gelöscht : C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccapdhmclljlgmnjfpbaojcagjniimn
Datei Gelöscht : C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\NetCrawl
Schlüssel Gelöscht : HKLM\Software\NetCrawl
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWindowsProtectManger
Schlüssel Gelöscht : HKLM\Software\sweet-pageSoftware
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NetCrawl
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16384
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Google Chrome v34.0.1847.116
[ Datei : C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Extension] : lccapdhmclljlgmnjfpbaojcagjniimn
*************************
AdwCleaner[R0].txt - [1647 octets] - [15/06/2014 14:10:34]
AdwCleaner[R1].txt - [5094 octets] - [03/07/2014 00:23:08]
AdwCleaner[S0].txt - [1586 octets] - [15/06/2014 14:12:23]
AdwCleaner[S1].txt - [4486 octets] - [03/07/2014 00:24:15]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4546 octets] ##########
Code:
ATTFilter HitmanPro 3.7.9.220
www.hitmanpro.com
Computer name . . . . : PITTER
Windows . . . . . . . : 6.3.0.9600.X64/4
User name . . . . . . : PITTER\Robin
UAC . . . . . . . . . : Enabled
License . . . . . . . : Trial (29 days left)
Scan date . . . . . . : 2014-07-03 00:32:57
Scan mode . . . . . . : Normal
Scan duration . . . . : 11m 19s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : Yes
Threats . . . . . . . : 24
Traces . . . . . . . : 32
Objects scanned . . . : 1.962.211
Files scanned . . . . : 82.098
Remnants scanned . . : 854.808 files / 1.025.305 keys
Malware _____________________________________________________________________
C:\Program Files (x86)\Microsoft\DesktopLayer.exe -> Quarantined
Size . . . . . . . : 56.320 bytes
Age . . . . . . . : 0.3 days (2014-07-02 16:57:05)
Entropy . . . . . : 7.9
SHA-256 . . . . . : FD6C69C345F1E32924F0A5BB7393E191B393A78D58E2C6413B03CED7482F2320
Product . . . . . : люзанх
Publisher . . . . : SOFTWIN S.R.L.
Description . . . : BitDefender Management Console
Version . . . . . : 106.42.73.61
Copyright . . . . : 2528-6142
LanguageID . . . . : 1033
> G Data . . . . . . : Gen:Variant.Zbot.13 (Engine-A)
Fuzzy . . . . . . : 110.0
3.8s C:\Program Files (x86)\Microsoft\
3.8s C:\Program Files (x86)\Microsoft\DesktopLayer.exe
4.5s C:\Users\Robin\AppData\Local\Temp\69E0.tmp
4.9s C:\Users\Robin\AppData\Local\Temp\6B67.tmp
C:\Program Files (x86)\S4League\removeinstall.dll -> Quarantined
Size . . . . . . . : 4.074.496 bytes
Age . . . . . . . : 0.3 days (2014-07-02 16:56:16)
Entropy . . . . . : 7.9
SHA-256 . . . . . : C5184CB4CEB05423FD50ADB779E0DA5DEC1B5FAC59B81484B4088FDCA60706C1
> Bitdefender . . . : Trojan.Generic.11439516
Fuzzy . . . . . . : 116.0
Forensic Cluster
-9.5s C:\Program Files (x86)\S4League\ScriptInstall OS-Hack.exe
-0.6s C:\Program Files (x86)\S4League\HS4L-[CloseCrap].dll
-0.6s C:\Program Files (x86)\S4League\HS4L-[CloseCrap].dll
-0.6s C:\Program Files (x86)\S4League\HS4L-[CloseCrap].dll
-0.6s C:\Program Files (x86)\S4League\HS4L-[CloseCrap].dll
-0.6s C:\Program Files (x86)\S4League\HS4L-[CloseCrap].dll
-0.6s C:\Program Files (x86)\S4League\HS4L-[CloseCrap].dll
-0.6s C:\Program Files (x86)\S4League\HS4L-[CloseCrap].dll
-0.6s C:\Program Files (x86)\S4League\HS4L-[CloseCrap].dll
-0.6s C:\Program Files (x86)\S4League\AutoItX3.dll
-0.6s C:\Program Files (x86)\S4League\AutoItX3.dll
-0.6s C:\Program Files (x86)\S4League\AutoItX3.dll
-0.6s C:\Program Files (x86)\S4League\AutoItX3.dll
-0.5s C:\Program Files (x86)\S4League\mfc120u.dll
-0.5s C:\Program Files (x86)\S4League\mfc120u.dll
-0.2s C:\Program Files (x86)\S4League\msvcr120.dll
-0.2s C:\Program Files (x86)\S4League\msvcr120d.dll
-0.1s C:\Program Files (x86)\S4League\msvcp120.dll
-0.1s C:\Program Files (x86)\S4League\msvcp120.dll
-0.1s C:\Program Files (x86)\S4League\msvcp120.dll
0.0s C:\Program Files (x86)\S4League\removeinstall.dll
0.0s C:\Program Files (x86)\S4League\removeinstall.dll
2.4s C:\Users\Robin\AppData\Local\Temp\B0E0.tmp
3.1s C:\Users\Robin\AppData\Local\Temp\B3FE.tmp
C:\Users\Robin\AppData\Roaming\csrss.exe -> Deleted
Size . . . . . . . : 1.997.824 bytes
Age . . . . . . . : 12.4 days (2014-06-20 15:22:35)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 187B37364BAA2827CC1C9F2A85C8B96E65B31C52487E924E840D53AF53186559
Parent Name . . . : C:\Windows\system32\svchost.exe
Running processes : 1596
> Bitdefender . . . : Trojan.GenericKD.1719202
> Kaspersky . . . . : Trojan-Dropper.Win32.Dapato.ecbg
Fuzzy . . . . . . : 135.0
Startup
C:\Windows\system32\Tasks\csrss
Forensic Cluster
0.0s C:\Users\Robin\AppData\Roaming\csrss.exe
0.1s C:\Windows\System32\Tasks\csrss
1.0s C:\Windows\System32\LogFiles\Scm\32ab729f-ff43-4af7-a955-c9beebfc938c
1.0s C:\Windows\System32\LogFiles\Scm\32ab729f-ff43-4af7-a955-c9beebfc938c
C:\Users\Robin\Dropbox\s4 gameinstaller.exe -> Quarantined
Size . . . . . . . : 428.544 bytes
Age . . . . . . . : 4.2 days (2014-06-28 19:54:49)
Entropy . . . . . : 5.7
SHA-256 . . . . . : 73C93D179E93767C5E19FFCA300848AFE1276F3882EB34FABC54E77383B901B5
Product . . . . . : ForTheX
LanguageID . . . . : 0
> Bitdefender . . . : Trojan.Generic.11157163
> Kaspersky . . . . : Trojan.Win32.Agent.afxld
Fuzzy . . . . . . : 108.0
Forensic Cluster
0.0s C:\Users\Robin\Dropbox\s4 gameinstaller.exe
0.0s C:\Users\Robin\Dropbox\s4 gameinstaller.exe
0.0s C:\Users\Robin\Dropbox\s4 gameinstaller.exe
0.0s C:\Users\Robin\Dropbox\s4 gameinstaller.exe
C:\Users\Robin\Microsoft\DesktopLayer.exe -> Quarantined
Size . . . . . . . : 56.320 bytes
Age . . . . . . . : 0.3 days (2014-07-02 16:59:04)
Entropy . . . . . : 7.9
SHA-256 . . . . . : FD6C69C345F1E32924F0A5BB7393E191B393A78D58E2C6413B03CED7482F2320
Product . . . . . : люзанх
Publisher . . . . : SOFTWIN S.R.L.
Description . . . : BitDefender Management Console
Version . . . . . : 106.42.73.61
Copyright . . . . : 2528-6142
LanguageID . . . . : 1033
> G Data . . . . . . : Gen:Variant.Zbot.13 (Engine-A)
Fuzzy . . . . . . : 110.0
Forensic Cluster
-0.0s C:\Users\Robin\Microsoft\
-0.0s C:\Users\Robin\Microsoft\
0.0s C:\Users\Robin\Microsoft\DesktopLayer.exe
Suspicious files ____________________________________________________________
C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\c7da58edb5f23384b90087025d7d6faa
Size . . . . . . . : 314.956 bytes
Age . . . . . . . : 5.3 days (2014-06-27 18:07:56)
Entropy . . . . . : 6.2
SHA-256 . . . . . : C8C18714CDEB3DB045A873B38AAEF03FC6A36C21AC50AA8F34C91028FD8C68AE
Fuzzy . . . . . . : 52.0
The file is hidden from Windows API. This is typical for malware.
The file is completely hidden from view and most antivirus products. It may belong to a rootkit.
The file name extension of this program is not common.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Forensic Cluster
-0.2s C:\Program Files (x86)\Steam\depotcache\222901_473222622872144336.manifest
-0.2s C:\Program Files (x86)\Steam\depotcache\222901_473222622872144336.manifest
-0.2s C:\Program Files (x86)\Steam\depotcache\222901_473222622872144336.manifest
-0.2s C:\Program Files (x86)\Steam\depotcache\222901_473222622872144336.manifest
-0.2s C:\Program Files (x86)\Steam\depotcache\222901_473222622872144336.manifest
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\state_222900_222901.patch
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\state_222900_222901.patch
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\state_222900_222901.patch
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\state_222900_222901.patch
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\state_222900_222901.patch
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\state_222900_222901.patch
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Audio\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Audio\characters.fsb
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Audio\elemental_fx.fsb
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Audio\enemies.fsb
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Audio\gameplay.fsb
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Audio\Project Conductor.fev
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Audio\Project Conductor.h
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Audio\weapons.fsb
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\cachedata.sexp
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib.exe
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\level0
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Managed\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Managed\Assembly-CSharp.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Managed\Mono.Security.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Managed\mscorlib.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Managed\System.Core.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Managed\System.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Managed\System.Xml.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Managed\UnityEngine.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Plugins\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Plugins\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Plugins\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Plugins\AVProWindowsMedia.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Mono\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Mono\mono.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\resources.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Resources\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Resources\unity default resources
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\Resources\unity_builtin_extra
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\sharedassets0.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\sharedassets0.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\sharedassets1.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic - Crib_Data\sharedassets1.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic.exe
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic.exe
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic.exe
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic.exe
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\level0
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\level1
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\level2
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\level3
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\level4
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\level5
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\level6
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\level7
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\level8
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\mainData
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Managed\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Managed\Assembly-CSharp.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Managed\Mono.Security.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Managed\mscorlib.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Managed\System.Core.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Managed\System.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Managed\System.Xml.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Managed\UnityEngine.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Mono\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Resources\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\resources.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Mono\mono.dll
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Resources\unity default resources
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\Resources\unity_builtin_extra
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets0.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets1.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets2.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets3.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets4.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets5.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets6.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets7.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets8.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Dead Island Epidemic_Data\sharedassets9.assets
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Maps\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Maps\Scavenger_01_Resort_scene.cmo
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Maps\Scavenger_02_Jungle_scene.cmo
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\Maps\Scavenger_03_Expedition_scene.cmo
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\03b9eeeffbbd30b4ba4e34825ec83b0b
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\0731c25ecacab83429878af43c34d433
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\0810930a3a17be74c98cb345bcdd3000
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\08620b52ad3bff84390a565927c1f44d
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\0a2b74bb942ca2844beed896286f1a7c
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\1002
-0.1s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\102
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\1021
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\10f424344b0ed76468b22e35b353b716
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\119
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\121
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\16
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\16ecfdeb992a328498a7807ef1a6f055
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\1839
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\1859
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\21ff38bc3ea511a42971836973fb52db
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\26b747a7e4cabec489b80acb592e2df7
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\28c5413615d53f24b9b2bba9d155f39d
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\3365
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\338
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\3513
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\3a37d181221933e4da1b2cf3a66d8d98
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\418603b9d9e62c341bff019954e21445
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\41a5c00fef8a2204080b329be4a5175e
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\43e41076388780b4182669d5019d8f0c
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\497b35102d32041409891ccc56517352
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\4a03cafd109e93e4eb16ea85260c7d9f
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\4a11451a0a9f46f489ca28f1be982acb
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\4aae299ec91f01f4f92958bf02723ce8
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\4d813085675ccf44a8d97d51d93a99f9
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\4dd355e87f2e45442b76d49e4336bd4a
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\4f5de2a17d267e146a0f5f606167fc65
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\5043
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\5877
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\5bdf05cedf407eb4387497f5138a6e62
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\5c97da574e8eb1444b55df5a52022b3a
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\5f7339ee719a85a43a1aab4c22a4d5f9
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\6296
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\63abeee52e73dec418ffbbe01d4b85a1
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\647d04d5ed6b1624ca820e7a142d8de4
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\64b8c0ab5dbff2e48bce1b71f65d9261
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\6707
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\6822
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\6fae62035c9904348b10f6ced6905fae
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\7014
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\706
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\79ab6994641fe0a4d8afc0373e562a2c
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\7a55b9bd4acefe641b0030d75de4c85d
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\7cba645bd575b1e40a71e966561e18ec
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\7f7998fea471d764a8db03b08489690b
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\816b3d8fc2d76a44fbe69a092ab85797
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\8269
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\82d193d55ca48874eb3e5827e4376594
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\82d52888bdc58224e9f2f890bd6b2dad
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\83704c4e84ec8d34b9e9a7ae70249e6e
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\8510b09abf572b84e8c64b0f135d3841
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\87956ade6a38e9a42b6df335221d31fa
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\8a09507ec6e32e84297d1fa86e023790
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\8b04d233afb1e1d4d89a308e89c7d1b0
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\9050f58532689024092beab7f54c6a47
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\90d117f6a03a6b743ab07042fc4c5a5c
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\918
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\91dd70da90adad84baabfeb9e0c2c035
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\92fd14e91147c234daf6179ba83f1f1a
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\930
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\93f13e2a62624da4896156dd852f9f91
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\96d85b6263091a847928fb2498a743e2
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\979b235a72d90da45b39ca5e727a1fcf
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\9f55a9350fa0e7648ac739e9e10a0957
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\9fccbd05ba43d2649adb0e2a86f206ff
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\a894ab65b251f8b4c9dcf59a15a219bc
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\a94170379f7aded47ab3e4bbdafaba87
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\ac4690f5c2c007840991eeb9fd41e531
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\b1a2fb97b54d4334aabf976195f09d8c
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\b223b27a308cd7f438840f39b7d20ba3
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\b2908db42e3e68c4a99fd442d3363618
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\b730ec729b5be32448b6461b135cacab
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\b748f06226bc3b044b34482fd2d9eae8
-0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\b8c6cdd5e32816e4898c975205ecfef0
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\be330b669c3a2bf44827d2a298610dfb
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\c7da58edb5f23384b90087025d7d6faa
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\c81b533b764dfa64881095a5959f7638
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\cb873f6053c931245bc680125873b222
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\d41c93813409bbc48a85748ac58f8223
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\d49293bc6e1a8334a8dd29b7ce6fa6f4
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\d4a86d609ac00014387c26ed71fe0ad8
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\d7d1dbaf22a52054696a4ac5411e5f0b
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\e36be01e694fb864bac56ae206dc5b52
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\ec1fe2186212f7943b31b770f4423caf
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\ecaf28502af687547bfb8ee7f0b35e87
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\ef9c1fe178ac7ff498b778508621549b
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\f086cf866ea5d714f883afc238e57b7e
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\f1db7a5382a910b499bc1fd8d555f91b
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\f33ce171d0713414cb2ea49064b77626
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\f70af03f92ec0054f8eadacd10f6581a
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\fab1032ceab1669458efe17336ac705a
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\fd97443367364384981acaefc69f43cf
0.0s C:\Program Files (x86)\Steam\SteamApps\downloading\222900\weapons\fd97443367364384981acaefc69f43cf
C:\Users\Robin\Desktop\FRST64.exe
Size . . . . . . . : 2.083.840 bytes
Age . . . . . . . : 0.0 days (2014-07-02 23:30:28)
Entropy . . . . . : 7.5
SHA-256 . . . . . : 38521AD5A90A95513DF394E9086F182F4AB22E2BA8315C018C1A82BF18D3B01E
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
0.0s C:\Users\Robin\Desktop\FRST64.exe
0.0s C:\Users\Robin\Desktop\FRST64.exe
0.0s C:\Users\Robin\Desktop\FRST64.exe
Malware remnants ____________________________________________________________
HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}\ (Jotzey) -> Deleted
Potential Unwanted Programs _________________________________________________
HKU\.DEFAULT\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> Deleted
HKU\S-1-5-18\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> PendingDelete
HKU\S-1-5-20\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}\ (FLV Player) -> Deleted
|
|
03.07.2014, 00:03
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Merkwürdige Website wird in Chrome angezeigt Es steht zwar nirgendwo, dass Du mit Hitman was löschen sollst, aber gut.... Verstehe das Problem mit MBAM nicht. Schritt 1 Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Merkwürdige Website wird in Chrome angezeigt |
| angemeldet, angezeigt, aufrufe, aufrufen, chrome, gemeldet, großes, https, irgend, kleines, link, merkwürdige, neu, schei, script, seite, versuch, versucht, website |
dann auf 
und dann auf 
.
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
