Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 26.12.2013, 13:26   #1
candelaver
 
LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner - Standard

LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner



Hi Leute,

ich kann aktuelle Office2013 Updates nicht installieren, ich habe ein wenig vorarbeit geleistet
und gemäß der Anleitungen des TB Forums, mit folgenden Programmen, erste LOGs erstellt.

Ich habe z.B. mit JRT Fragmente gefunden, die laut Forum auf BKA Trojaner deuten.
Allerdings hat Eset keine Warnmeldung ausgegeben.

Zitat:
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Failed to delete: [Folder] "C:\Program Files (x86)\myfree codec"
Des Weiteren, lassen sich aktuell keine Office 2013 Updates installieren, daher mein Verdacht auf Befall und Scanbedarf, um schwachstellen zu erkennen etc.

bevor ich weiter spekuliere, poste ich die bereits erstellen LOGs zur Ansicht und Auswertung.
Danke euch im Voraus für euer Hilfe und weiterhin frohes Fest.

JRT LOG
Zitat:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 8 Pro x64
Ran by ***** on 24.12.2013 at 3:18:25,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\AppID\secman.dll
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Failed to delete: [Folder] "C:\Program Files (x86)\myfree codec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.12.2013 at 3:30:18,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

GMER LOG

GMER Logfile:
Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-12-25 06:05:59
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000003d SAMSUNG_HM641JI rev.2AJ10001 596,17GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\******\AppData\Local\Temp\fgloquog.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\system32\vmms.exe[1632] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306                000007ffc56e177a 4 bytes [6E, C5, FF, 07]
.text   C:\Windows\system32\vmms.exe[1632] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314                000007ffc56e1782 4 bytes [6E, C5, FF, 07]
.text   C:\Windows\Explorer.EXE[2568] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690                               000007ffb85e1532 4 bytes [5E, B8, FF, 07]
.text   C:\Windows\Explorer.EXE[2568] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698                               000007ffb85e153a 4 bytes [5E, B8, FF, 07]
.text   C:\Windows\Explorer.EXE[2568] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246                             000007ffb85e165a 4 bytes [5E, B8, FF, 07]
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[3220] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 690    000007ffb85e1532 4 bytes [5E, B8, FF, 07]
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[3220] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 698    000007ffb85e153a 4 bytes [5E, B8, FF, 07]
.text   C:\Program Files\ESET\ESET Smart Security\egui.exe[3220] C:\Windows\SYSTEM32\msimg32.dll!TransparentBlt + 246  000007ffb85e165a 4 bytes [5E, B8, FF, 07]

---- Threads - GMER 2.1 ----

Thread  System [4:768]                                                                                                 fffffa8005915630
Thread  C:\Windows\system32\csrss.exe [536:560]                                                                        fffff960007945e8

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed                              -1259165456
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd508976                                    
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd508976@c4731e05de87                       0x78 0x0E 0x41 0x6F ...
Reg     HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd508976@0808c29c97e5                       0xA7 0xD9 0x72 0x31 ...

---- EOF - GMER 2.1 ----
         
--- --- ---



OTL LOG / Extras
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 25.12.2013 07:11:45 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\******\Desktop\Security
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,73 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 55,92% Memory free
7,48 Gb Paging File | 5,54 Gb Available in Paging File | 74,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 595,83 Gb Total Space | 113,22 Gb Free Space | 19,00% Space Free | Partition Type: NTFS
 
Computer Name: ******_ACER | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B69B967-C913-414E-B469-33049E99F988}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{14B17654-E4E2-4B41-B6E6-7E7C47C0776E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{14BD8869-80F8-4499-BD47-883BAD23B1A1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp3a\wnt500x64\rpcsandrasrv.exe | 
"{15BA6126-0D61-4182-B4D6-96560D04A911}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1E890845-6C0C-4BC7-A87F-2E6094B27DAD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1F545C4E-9839-4657-ADCE-0D43D5C3931E}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{307C4718-79EB-4E52-B133-9DE6C093F2E4}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{38480A0D-F94B-4F86-91D9-A6352285D817}" = rport=139 | protocol=6 | dir=out | app=system | 
"{52832964-7C80-421E-9833-B98CEA06FBB4}" = lport=137 | protocol=17 | dir=in | app=system | 
"{57728488-CD29-44C9-AA0D-AB5EECE19A27}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5CBDF52A-34AF-4477-9D92-4B2A377B9235}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6B8181F7-E084-4EC6-A3D9-DADF297365CF}" = lport=445 | protocol=6 | dir=in | app=system | 
"{728238FC-6E9C-4670-B884-3AF6F15F8CD2}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp3a\rpcagentsrv.exe | 
"{83DECDA6-FC75-4CEE-A26A-3CF0C68B5FE2}" = rport=138 | protocol=17 | dir=out | app=system | 
"{8C70855B-BE23-471A-A29E-238C15B8047C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{93F7BFCF-C323-4661-9CFC-D442C50B2F19}" = rport=445 | protocol=6 | dir=out | app=system | 
"{96A39704-93BF-4A91-BE23-B150FFAF9E0C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | 
"{B1565166-5D71-4CA7-8453-C2120990D2DB}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B3746986-0AD1-4690-9A7F-8F0F09ADB8A9}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{B9CAD40E-1340-48B6-B192-0F7E76445CDF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{D9AD2A58-05B7-4F14-8139-63C7C6B934C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E2D27982-A5FF-4621-85EA-F043A7DE355D}" = rport=137 | protocol=17 | dir=out | app=system | 
"{EE4FACB7-9388-4637-9C29-3AC970B8CA1F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F2A875D3-9247-46FE-9F2D-86FF68F55C71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F9506146-8E1A-4E2B-98BB-44C9A7812D75}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{FD03D522-2B7F-4379-B24C-801A234CD2CB}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0601D271-78F0-4448-87AD-AD6D4D581403}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{10965F33-0971-4392-993B-DEE87B239EF7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{13B7241B-B33D-4AB0-8330-6191FA195868}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{152E7F15-9E30-42DB-8511-F18E341CA888}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{157CF050-1110-4464-9289-0F0CBA357D31}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{24F558E9-181D-49CA-BD8E-28F8BE02C288}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{2E739CFA-567B-45A4-BC0D-ED05A412D6AE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{2EA361C3-3110-4461-A05F-023B472A4997}" = protocol=6 | dir=out | app=system | 
"{2FEB5C43-A599-485E-BD6A-3A566D72A48E}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{32EA2758-57A7-43B8-953E-CEECE5606297}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{3A5985E1-266F-4755-8146-763D819F1DE7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{3AAE50F7-CE99-4A5C-8CE0-3DE2F0188DF5}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{3F071E39-42EF-4A6A-87FC-86D31332AB14}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{4373FE82-3A09-4438-84B5-4EA800468FDD}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{442EEC3D-9440-469F-ABCF-50941EEC48A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{460DB205-5E17-4F6F-93D7-5D51D4A100F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5346D377-BE1C-4B00-9711-1EC670FCF297}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{534FE60A-13ED-4007-AFF4-CDAE1A070511}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{5B9410FA-E736-4B63-BC77-B46119F6DECA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{5BC18219-8E39-4475-BBB3-33B4113737DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5CC54D11-7872-4A72-8E49-1BEAD23E02C4}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{5D7AD459-64BF-4098-863D-B0A169077949}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{636AC02E-83FE-4384-8A44-5547159CF136}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{64D3FC3C-9AD7-4855-9CB5-5AC31E26FF62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{67905AD2-1E22-4AE4-AA69-B4F1667527B1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{732B4717-8AC2-493E-B1AD-FE2BF2D6E9C0}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{74852A99-838E-4BE6-B1DB-E44982396206}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{762E30EA-7708-4F6C-8560-94896CF1C1DC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{82E18FDA-F1A1-4895-B1AC-A3F51CB75165}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{83648A94-0824-43AD-B71F-697489195076}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{841C183E-6439-41CD-84EA-BEF664880D67}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{94A06A99-AD78-4101-9D06-944D6F144A8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9723267B-7D6F-4835-AC9B-7883BB9F83E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{985DB806-8466-4B2B-9860-D016E62F541E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9C351D59-2255-4E25-B94E-E0C3262B55FA}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{9D899732-E8BC-4D17-BF81-7029767DF063}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{9F47414C-4B2B-4D9B-AE39-7B3D5158F57D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A0A6DA1F-2591-42C6-B9BA-A0F55DAFB289}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{A2AC84D0-D763-491D-B705-2FA5D70A0AA8}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{A4358C1A-55A8-48C7-BAFE-EA52CC902BDB}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | 
"{B3879CCA-6868-4F9F-8CA9-C974A8741F1C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B62C0529-D1F0-4402-9BD7-8646CB1166D6}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{BD7A9018-0BA4-4955-993B-2C0C275C63B5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BEF3B58E-AB82-4B86-B0CC-B3958338D885}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{C0555A5E-21C4-4141-8AE7-B1CF201C8DC5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{CB702152-C96F-4E5F-BF0F-FE9A9425551E}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{CB72C95B-609A-4E80-BD80-AF14E9A741D8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{D7ADFB07-7F09-4C0D-B0A6-2FD30CE35691}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{D90CA66F-2999-4BD7-B883-41D5C244AA2E}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{DC1C21C6-F61D-430E-AFDA-BA8BC6EFA8FB}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EA9FB5D5-E0C6-40AE-A1E7-EE665D524D7F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{ECA7F3B4-8B42-4506-9922-E7E28A69773B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{ECE396C7-24DC-4120-AB9E-98AB4EE7BC94}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{F19C3A81-38DD-4541-8640-CC51D1CA44E5}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{F66CF718-58E3-4D71-8CEA-CD7B89A76B23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FB01C266-5629-4637-AD2E-82A355DC2E6D}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{FB7B3401-F630-4F72-8075-E1FB443C1BD2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{0AD70F9D-1955-4ECE-858D-08F39BDB4050}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{F1F25BF9-AEBA-4C5C-851B-295291B10214}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | 
"UDP Query User{1D1CD301-0DBB-4E58-8966-B24FC9C0FF21}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | 
"UDP Query User{43E20FB4-332B-4A6D-9324-27FD777CC2D8}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.6.6957 (3975d54) (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{427174C0-096E-40D9-9684-9C109BEE2CBF}" = iTunes
"{53A97E00-7252-4ED0-A1EB-9F9712FC0AC9}" = HP webOS SDK
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013
"{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{BA9A297F-0198-4EE8-90CB-F5036C180E1D}" = Novacomd
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2013.SP3a
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E507B0D7-A623-4F66-BB61-B31D7609B7B9}" = Nitro Pro 8
"{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}" = ESET Smart Security
"0630-0716-3135-7887" = JDownloader 2
"332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices  (10/09/2009 1.0.1)
"CCleaner" = CCleaner
"Ext2Ifs_for_NT6" = Ext2 IFS 1.11a for Windows Vista/2008
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"Sandboxie" = Sandboxie 4.06 (64-bit)
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"Unlocker" = Unlocker 1.9.2
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{065F384A-5C64-4532-814A-A24BA5374503}" = WinDFT
"{0D2FC29F-980A-4BAB-BC60-1463408F521E}" = USB Playback Console
"{0F1861E5-113D-46F9-B559-81587DF15C6D}" = SatChannelListEditor
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{450CFD4D-7E60-3839-D0FA-56DB08675447}" = dLAN Cockpit
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C6E319B-4F27-4A50-B43E-79525B8AB295}" = Web Tools
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D4328CA9-E332-456F-B68D-3D3DE90E50B5}" = calibre
"{D9C4202E-6D51-4B06-A8F1-22316E654BCA}" = Universal Adb Driver
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"AAF Recovery tool AT700_is1" = AAF_Recovery_tool installer V4.6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Engineer_is1" = AIDA64 Engineer v4.00
"Artisteer 3" = Artisteer 3
"Belarc Advisor" = Belarc Advisor 8.4
"dlancockpit" = devolo dLAN Cockpit
"DokanLibrary" = Dokan Library 0.6.0
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"ESET Online Scanner" = ESET Online Scanner v3
"FlashFXP 4" = FlashFXP 4
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 4.25
"ICE ECC" = ICE ECC v2.7
"InfraRecorder" = InfraRecorder
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8C6E319B-4F27-4A50-B43E-79525B8AB295}" = Web Tools
"KindleDRMRemoval" = Kindle DRM Removal
"LinuxLive USB Creator" = LinuxLive USB Creator
"Mirillis Splash PRO" = Splash PRO
"Mirillis Splash PRO EX" = Splash PRO EX
"Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de)
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Notepad++" = Notepad++
"Secure Eraser_is1" = Secure Eraser
"Start8" = Start8
"TeamViewer 8" = TeamViewer 8
"UFB Code SetupV2.6" = UFB Code Setup
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.8.3 (64-bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3754388793-1346805017-1485128776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.07.2013 11:00:18 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 26.07.2013 15:55:20 | Computer Name = ******_Acer | Source = Application Hang | ID = 1002
Description = Programm SplashPro.exe, Version 1.13.1.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 10cc    Startzeit:
 01ce8a39a7da5b66    Endzeit: 1296    Anwendungspfad: C:\Program Files (x86)\Mirillis\Splash
 PRO\SplashPro.exe    Berichts-ID: 260d03c8-f62d-11e2-bf56-b870f4dd05aa    Vollständiger
 Name des fehlerhaften Pakets:     Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:   
 
Error - 26.07.2013 16:05:47 | Computer Name = ******_Acer | Source = Application Hang | ID = 1002
Description = Programm SplashPro.exe, Version 1.13.1.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1300    Startzeit:
 01ce8a3af6b21b61    Endzeit: 109    Anwendungspfad: C:\Program Files (x86)\Mirillis\Splash
 PRO\SplashPro.exe    Berichts-ID: a6a3606f-f62e-11e2-bf56-b870f4dd05aa    Vollständiger
 Name des fehlerhaften Pakets:     Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:   
 
Error - 27.07.2013 13:31:55 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 29.07.2013 23:03:25 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 31.07.2013 13:52:15 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 31.07.2013 13:55:51 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 31.07.2013 14:06:11 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 31.07.2013 14:08:23 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 02.08.2013 03:23:27 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
[ System Events ]
Error - 21.07.2013 05:25:03 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469)
 64-Bit-Edition
 
Error - 21.07.2013 05:25:20 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865)
 64-Bit-Edition
 
Error - 21.07.2013 08:24:47 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft Office 2013 (KB2726996) 
64-Bit-Edition
 
Error - 21.07.2013 08:24:47 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469)
 64-Bit-Edition
 
Error - 21.07.2013 08:24:47 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865)
 64-Bit-Edition
 
Error - 22.07.2013 10:29:50 | Computer Name = ******_Acer | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?07.?2013 um 20:55:10 unerwartet heruntergefahren.
 
Error - 22.07.2013 10:31:00 | Computer Name = ******_Acer | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde mit
 folgendem Fehler beendet:   %%1008
 
Error - 22.07.2013 10:41:16 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft Office 2013 (KB2726996) 
64-Bit-Edition
 
Error - 22.07.2013 10:41:16 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469)
 64-Bit-Edition
 
Error - 22.07.2013 10:41:16 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865)
 64-Bit-Edition
 
 
< End of report >
         
--- --- ---


OTL EXTRAS
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 25.12.2013 07:11:45 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\*****\Desktop\Security
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16750)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,73 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 55,92% Memory free
7,48 Gb Paging File | 5,54 Gb Available in Paging File | 74,12% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 595,83 Gb Total Space | 113,22 Gb Free Space | 19,00% Space Free | Partition Type: NTFS
 
Computer Name: *****_ACER | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B69B967-C913-414E-B469-33049E99F988}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{14B17654-E4E2-4B41-B6E6-7E7C47C0776E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{14BD8869-80F8-4499-BD47-883BAD23B1A1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp3a\wnt500x64\rpcsandrasrv.exe | 
"{15BA6126-0D61-4182-B4D6-96560D04A911}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1E890845-6C0C-4BC7-A87F-2E6094B27DAD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1F545C4E-9839-4657-ADCE-0D43D5C3931E}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{307C4718-79EB-4E52-B133-9DE6C093F2E4}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{38480A0D-F94B-4F86-91D9-A6352285D817}" = rport=139 | protocol=6 | dir=out | app=system | 
"{52832964-7C80-421E-9833-B98CEA06FBB4}" = lport=137 | protocol=17 | dir=in | app=system | 
"{57728488-CD29-44C9-AA0D-AB5EECE19A27}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5CBDF52A-34AF-4477-9D92-4B2A377B9235}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6B8181F7-E084-4EC6-A3D9-DADF297365CF}" = lport=445 | protocol=6 | dir=in | app=system | 
"{728238FC-6E9C-4670-B884-3AF6F15F8CD2}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp3a\rpcagentsrv.exe | 
"{83DECDA6-FC75-4CEE-A26A-3CF0C68B5FE2}" = rport=138 | protocol=17 | dir=out | app=system | 
"{8C70855B-BE23-471A-A29E-238C15B8047C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{93F7BFCF-C323-4661-9CFC-D442C50B2F19}" = rport=445 | protocol=6 | dir=out | app=system | 
"{96A39704-93BF-4A91-BE23-B150FFAF9E0C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | 
"{B1565166-5D71-4CA7-8453-C2120990D2DB}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B3746986-0AD1-4690-9A7F-8F0F09ADB8A9}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | 
"{B9CAD40E-1340-48B6-B192-0F7E76445CDF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{D9AD2A58-05B7-4F14-8139-63C7C6B934C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{E2D27982-A5FF-4621-85EA-F043A7DE355D}" = rport=137 | protocol=17 | dir=out | app=system | 
"{EE4FACB7-9388-4637-9C29-3AC970B8CA1F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{F2A875D3-9247-46FE-9F2D-86FF68F55C71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F9506146-8E1A-4E2B-98BB-44C9A7812D75}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{FD03D522-2B7F-4379-B24C-801A234CD2CB}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0601D271-78F0-4448-87AD-AD6D4D581403}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{10965F33-0971-4392-993B-DEE87B239EF7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{13B7241B-B33D-4AB0-8330-6191FA195868}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{152E7F15-9E30-42DB-8511-F18E341CA888}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{157CF050-1110-4464-9289-0F0CBA357D31}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{24F558E9-181D-49CA-BD8E-28F8BE02C288}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{2E739CFA-567B-45A4-BC0D-ED05A412D6AE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{2EA361C3-3110-4461-A05F-023B472A4997}" = protocol=6 | dir=out | app=system | 
"{2FEB5C43-A599-485E-BD6A-3A566D72A48E}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{32EA2758-57A7-43B8-953E-CEECE5606297}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{3A5985E1-266F-4755-8146-763D819F1DE7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{3AAE50F7-CE99-4A5C-8CE0-3DE2F0188DF5}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{3F071E39-42EF-4A6A-87FC-86D31332AB14}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{4373FE82-3A09-4438-84B5-4EA800468FDD}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{442EEC3D-9440-469F-ABCF-50941EEC48A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{460DB205-5E17-4F6F-93D7-5D51D4A100F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5346D377-BE1C-4B00-9711-1EC670FCF297}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{534FE60A-13ED-4007-AFF4-CDAE1A070511}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{5B9410FA-E736-4B63-BC77-B46119F6DECA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{5BC18219-8E39-4475-BBB3-33B4113737DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5CC54D11-7872-4A72-8E49-1BEAD23E02C4}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{5D7AD459-64BF-4098-863D-B0A169077949}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{636AC02E-83FE-4384-8A44-5547159CF136}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{64D3FC3C-9AD7-4855-9CB5-5AC31E26FF62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{67905AD2-1E22-4AE4-AA69-B4F1667527B1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{732B4717-8AC2-493E-B1AD-FE2BF2D6E9C0}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{74852A99-838E-4BE6-B1DB-E44982396206}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{762E30EA-7708-4F6C-8560-94896CF1C1DC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{82E18FDA-F1A1-4895-B1AC-A3F51CB75165}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{83648A94-0824-43AD-B71F-697489195076}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{841C183E-6439-41CD-84EA-BEF664880D67}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{94A06A99-AD78-4101-9D06-944D6F144A8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9723267B-7D6F-4835-AC9B-7883BB9F83E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{985DB806-8466-4B2B-9860-D016E62F541E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9C351D59-2255-4E25-B94E-E0C3262B55FA}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{9D899732-E8BC-4D17-BF81-7029767DF063}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{9F47414C-4B2B-4D9B-AE39-7B3D5158F57D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A0A6DA1F-2591-42C6-B9BA-A0F55DAFB289}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{A2AC84D0-D763-491D-B705-2FA5D70A0AA8}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{A4358C1A-55A8-48C7-BAFE-EA52CC902BDB}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | 
"{B3879CCA-6868-4F9F-8CA9-C974A8741F1C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{B62C0529-D1F0-4402-9BD7-8646CB1166D6}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{BD7A9018-0BA4-4955-993B-2C0C275C63B5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{BEF3B58E-AB82-4B86-B0CC-B3958338D885}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{C0555A5E-21C4-4141-8AE7-B1CF201C8DC5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{CB702152-C96F-4E5F-BF0F-FE9A9425551E}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{CB72C95B-609A-4E80-BD80-AF14E9A741D8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{D7ADFB07-7F09-4C0D-B0A6-2FD30CE35691}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | 
"{D90CA66F-2999-4BD7-B883-41D5C244AA2E}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{DC1C21C6-F61D-430E-AFDA-BA8BC6EFA8FB}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EA9FB5D5-E0C6-40AE-A1E7-EE665D524D7F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{ECA7F3B4-8B42-4506-9922-E7E28A69773B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | 
"{ECE396C7-24DC-4120-AB9E-98AB4EE7BC94}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{F19C3A81-38DD-4541-8640-CC51D1CA44E5}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{F66CF718-58E3-4D71-8CEA-CD7B89A76B23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FB01C266-5629-4637-AD2E-82A355DC2E6D}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{FB7B3401-F630-4F72-8075-E1FB443C1BD2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{0AD70F9D-1955-4ECE-858D-08F39BDB4050}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{F1F25BF9-AEBA-4C5C-851B-295291B10214}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | 
"UDP Query User{1D1CD301-0DBB-4E58-8966-B24FC9C0FF21}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | 
"UDP Query User{43E20FB4-332B-4A6D-9324-27FD777CC2D8}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.6.6957 (3975d54) (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{427174C0-096E-40D9-9684-9C109BEE2CBF}" = iTunes
"{53A97E00-7252-4ED0-A1EB-9F9712FC0AC9}" = HP webOS SDK
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013
"{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013
"{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013
"{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013
"{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013
"{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013
"{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français
"{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano
"{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013
"{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013
"{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013
"{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013
"{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013
"{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013
"{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013
"{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013
"{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013
"{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{BA9A297F-0198-4EE8-90CB-F5036C180E1D}" = Novacomd
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2013.SP3a
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E507B0D7-A623-4F66-BB61-B31D7609B7B9}" = Nitro Pro 8
"{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}" = ESET Smart Security
"0630-0716-3135-7887" = JDownloader 2
"332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices  (10/09/2009 1.0.1)
"CCleaner" = CCleaner
"Ext2Ifs_for_NT6" = Ext2 IFS 1.11a for Windows Vista/2008
"Office15.PROPLUSR" = Microsoft Office Professional Plus 2013
"Sandboxie" = Sandboxie 4.06 (64-bit)
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
"Unlocker" = Unlocker 1.9.2
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{065F384A-5C64-4532-814A-A24BA5374503}" = WinDFT
"{0D2FC29F-980A-4BAB-BC60-1463408F521E}" = USB Playback Console
"{0F1861E5-113D-46F9-B559-81587DF15C6D}" = SatChannelListEditor
"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{450CFD4D-7E60-3839-D0FA-56DB08675447}" = dLAN Cockpit
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8C6E319B-4F27-4A50-B43E-79525B8AB295}" = Web Tools
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D4328CA9-E332-456F-B68D-3D3DE90E50B5}" = calibre
"{D9C4202E-6D51-4B06-A8F1-22316E654BCA}" = Universal Adb Driver
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"AAF Recovery tool AT700_is1" = AAF_Recovery_tool installer V4.6
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AIDA64 Engineer_is1" = AIDA64 Engineer v4.00
"Artisteer 3" = Artisteer 3
"Belarc Advisor" = Belarc Advisor 8.4
"dlancockpit" = devolo dLAN Cockpit
"DokanLibrary" = Dokan Library 0.6.0
"DVD Decrypter" = DVD Decrypter (Remove Only)
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"ESET Online Scanner" = ESET Online Scanner v3
"FlashFXP 4" = FlashFXP 4
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 4.25
"ICE ECC" = ICE ECC v2.7
"InfraRecorder" = InfraRecorder
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{8C6E319B-4F27-4A50-B43E-79525B8AB295}" = Web Tools
"KindleDRMRemoval" = Kindle DRM Removal
"LinuxLive USB Creator" = LinuxLive USB Creator
"Mirillis Splash PRO" = Splash PRO
"Mirillis Splash PRO EX" = Splash PRO EX
"Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de)
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"Notepad++" = Notepad++
"Secure Eraser_is1" = Secure Eraser
"Start8" = Start8
"TeamViewer 8" = TeamViewer 8
"UFB Code SetupV2.6" = UFB Code Setup
"WinPcapInst" = WinPcap 4.1.2
"Wireshark" = Wireshark 1.8.3 (64-bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3754388793-1346805017-1485128776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.07.2013 11:00:18 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 26.07.2013 15:55:20 | Computer Name = *****_Acer | Source = Application Hang | ID = 1002
Description = Programm SplashPro.exe, Version 1.13.1.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 10cc    Startzeit:
 01ce8a39a7da5b66    Endzeit: 1296    Anwendungspfad: C:\Program Files (x86)\Mirillis\Splash
 PRO\SplashPro.exe    Berichts-ID: 260d03c8-f62d-11e2-bf56-b870f4dd05aa    Vollständiger
 Name des fehlerhaften Pakets:     Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:   
 
Error - 26.07.2013 16:05:47 | Computer Name = *****_Acer | Source = Application Hang | ID = 1002
Description = Programm SplashPro.exe, Version 1.13.1.0 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1300    Startzeit:
 01ce8a3af6b21b61    Endzeit: 109    Anwendungspfad: C:\Program Files (x86)\Mirillis\Splash
 PRO\SplashPro.exe    Berichts-ID: a6a3606f-f62e-11e2-bf56-b870f4dd05aa    Vollständiger
 Name des fehlerhaften Pakets:     Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:   
 
Error - 27.07.2013 13:31:55 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 29.07.2013 23:03:25 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 31.07.2013 13:52:15 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 31.07.2013 13:55:51 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 31.07.2013 14:06:11 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 31.07.2013 14:08:23 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
Error - 02.08.2013 03:23:27 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion
 steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.  In Konflikt
 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
 
[ System Events ]
Error - 21.07.2013 05:25:03 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469)
 64-Bit-Edition
 
Error - 21.07.2013 05:25:20 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865)
 64-Bit-Edition
 
Error - 21.07.2013 08:24:47 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft Office 2013 (KB2726996) 
64-Bit-Edition
 
Error - 21.07.2013 08:24:47 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469)
 64-Bit-Edition
 
Error - 21.07.2013 08:24:47 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865)
 64-Bit-Edition
 
Error - 22.07.2013 10:29:50 | Computer Name = *****_Acer | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?21.?07.?2013 um 20:55:10 unerwartet heruntergefahren.
 
Error - 22.07.2013 10:31:00 | Computer Name = *****_Acer | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde mit
 folgendem Fehler beendet:   %%1008
 
Error - 22.07.2013 10:41:16 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft Office 2013 (KB2726996) 
64-Bit-Edition
 
Error - 22.07.2013 10:41:16 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469)
 64-Bit-Edition
 
Error - 22.07.2013 10:41:16 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865)
 64-Bit-Edition
 
 
< End of report >
         
--- --- ---






MBAR Rootkit LOG
Zitat:
Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2013.12.24.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
****** :: ******_ACER [administrator]

24.12.2013 11:04:21
mbar-log-2013-12-24 (11-04-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 269322
Time elapsed: 1 hour(s), 47 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Alt 26.12.2013, 13:28   #2
candelaver
 
LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner - Standard

LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner



FRST64 LOG und Addition


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013
Ran by ***** (administrator) on *****_ACER on 26-12-2013 04:21:25
Running from C:\Users\*****\Desktop\Security
Windows 8 Pro (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Palm) C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe
() C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Windows\System32\mmc.exe
() C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\Program Files\Tools\totalcmd\TOTALCMD64.EXE
(Ghisler Software GmbH) C:\Program Files\Tools\totalcmd\TOTALCMD64.EXE
(Ghisler Software GmbH) C:\Program Files\Tools\totalcmd\TOTALCMD64.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics)
HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1511792 2013-03-28] (Samsung)
HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEB8C570C5E85CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {DEE2929B-E914-4764-A697-BACD6E77FCCC} hxxp://192.168.178.27/classes/AverMediaCamV_H264.cab
DPF: HKLM-x32 {F140A533-BF17-4F3A-BD4E-046CDE5295AB} hxxp://192.168.178.128:5550/PCViewX.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.235.1

Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\*****\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\*****\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Nitro PDF plugin for Firefox and Chrome) - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
CHR Plugin: (Google Update) - C:\Users\*****\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Extension: (Xmarks Bookmark Sync) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.26_0
CHR Extension: (AdBlock) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Ghostery) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (NotScripts) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0
CHR Extension: (Bitdefender QuickScan) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0
CHR Extension: (Yann Arthus-Bertrand) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc\3_0

==================== Services (Whitelisted) =================

R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3526136 2013-08-27] (devolo AG)
R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [22736 2013-06-27] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
R2 NovacomD; C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [72192 2011-06-24] (Palm)
R2 Palm_TCP_Relay; C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe [11776 2011-12-21] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP3a\RpcAgentSrv.exe [71832 2009-04-22] (SiSoftware)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC)
R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143624 2013-01-09] (Stardock Software, Inc)
R2 vmms; C:\Windows\system32\vmms.exe [11201536 2013-06-01] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com)
R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2013-06-20] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET)
R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [270272 2008-09-25] (Stephan Schreiber)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] ()
S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2013-04-22] (BitDefender LLC)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [67816 2012-10-11] (Microsoft Corporation)
R1 IfsMount; C:\Windows\system32\DRIVERS\ifsmount.sys [80320 2008-08-28] (Stephan Schreiber)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [18944 2012-07-26] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-08-21] (CACE Technologies)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [20992 2012-07-26] (Microsoft Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [16384 2012-07-26] (Microsoft Corporation)
R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [569344 2013-02-02] (Microsoft Corporation)
S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [569344 2013-02-02] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [569344 2013-02-02] (Microsoft Corporation)
U5 bdelam; C:\Windows\System32\Drivers\bdelam.sys [23456 2012-07-11] (Bitdefender)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
S3 dgderdrv; System32\drivers\dgderdrv.sys [x]
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET)
U2 TMAgent; 
S2 VBoxDRV; \??\F:\VirtualBox\Portable-VirtualBox\app64\drivers\VBoxDrv\VBoxDrv.sys [x]
S2 VBoxUSBMon; \??\F:\VirtualBox\Portable-VirtualBox\app64\drivers\USB\filter\VBoxUSBMon.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-26 04:21 - 2013-12-26 04:21 - 00000000 ____D C:\FRST
2013-12-26 03:18 - 2013-12-26 03:18 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-26 03:18 - 2013-12-26 03:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-26 03:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-26 02:47 - 2013-12-26 02:52 - 1468432384 _____ C:\Users\*****\Downloads\Ragazze.Costrette.avi
2013-12-25 14:57 - 2013-12-25 14:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-25 06:05 - 2013-12-25 06:05 - 00002515 _____ C:\Users\*****\Desktop\gmer_05.log
2013-12-25 05:52 - 2013-12-25 05:52 - 00003001 _____ C:\Users\*****\Desktop\gmer_04.log
2013-12-25 05:41 - 2013-12-25 05:41 - 00000458 _____ C:\Users\*****\Desktop\gmer_03.log
2013-12-25 05:32 - 2013-12-26 04:21 - 00000000 ____D C:\Users\*****\Desktop\Security
2013-12-25 05:11 - 2013-12-25 05:17 - 00000000 ____D C:\AdwCleaner
2013-12-25 04:49 - 2013-12-25 04:49 - 00011984 _____ C:\Users\*****\Desktop\gmer_02.log
2013-12-24 16:46 - 2013-12-24 16:46 - 00000793 _____ C:\Users\*****\Desktop\gmer_01.log
2013-12-24 13:59 - 2013-12-24 04:31 - 00377856 _____ C:\Users\*****\Desktop\gmer_2.1.19163.exe
2013-12-24 13:58 - 2013-12-24 13:58 - 00000000 ____D C:\Users\*****\Desktop\gmer
2013-12-24 11:04 - 2013-12-24 13:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-24 11:03 - 2013-12-24 11:03 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-24 04:22 - 2013-12-24 04:22 - 00000000 ____D C:\Users\*****\Desktop\mbar
2013-12-24 03:30 - 2013-12-24 03:30 - 00003161 _____ C:\Users\*****\Desktop\JRT.txt
2013-12-24 03:18 - 2013-12-24 03:18 - 00000000 ____D C:\Windows\ERUNT
2013-12-24 02:48 - 2013-12-24 02:48 - 03950128 _____ (Microsoft Corporation) C:\Users\*****\Downloads\stsupldloc2013-kb2726996-fullfile-x64-glb (3).exe
2013-12-24 02:39 - 2013-12-24 02:39 - 03950128 _____ (Microsoft Corporation) C:\Users\*****\Downloads\stsupldloc2013-kb2726996-fullfile-x64-glb (2).exe
2013-12-24 01:38 - 2013-12-25 17:39 - 27901952 _____ C:\Windows\system32\vmguest.iso
2013-12-23 01:37 - 2013-12-23 01:37 - 05428186 _____ C:\Users\*****\Downloads\update-134.tar.gz
2013-12-23 01:35 - 2013-12-23 01:35 - 05428186 _____ C:\Users\*****\Downloads\update-134.gz
2013-12-22 19:34 - 2013-12-22 19:34 - 00000000 ____D C:\Users\*****\Downloads\TM.2.YT.DL.v2.1.0.537
2013-12-22 19:33 - 2013-12-22 19:34 - 02237534 _____ C:\Users\*****\Downloads\TM.2.YT.DL.v2.1.0.537.rar
2013-12-22 15:39 - 2013-12-22 15:39 - 00000000 ____D C:\Users\*****\Downloads\HDD_Low_Level_Format_Tool_4.25_Software
2013-12-22 15:36 - 2013-12-22 15:36 - 01277576 _____ C:\Users\*****\Downloads\HDD_Low_Level_Format_Tool_4.25_Software.rar
2013-12-22 13:53 - 2013-12-22 13:54 - 04278747 _____ C:\Users\*****\Downloads\usb110511.zip
2013-12-22 13:38 - 2013-12-22 13:39 - 147571049 _____ C:\Users\*****\Downloads\Biffy Clyro - Opposites Live from Glasgow (2013).zip
2013-12-22 13:38 - 2013-12-22 13:38 - 00000000 ____D C:\Users\*****\Downloads\pcunlocker_trial
2013-12-22 13:34 - 2013-12-22 13:34 - 31489469 _____ C:\Users\*****\Downloads\pcunlocker_trial.zip
2013-12-22 13:31 - 2013-12-22 13:32 - 71381976 _____ (Magic Rescue CD                                             ) C:\Users\*****\Downloads\rescueCD_setup_free_version.exe
2013-12-22 03:05 - 2013-12-22 03:10 - 1252147200 _____ C:\Users\*****\Downloads\linuxmint-16-cinnamon-dvd-64bit.iso
2013-12-22 02:31 - 2013-12-22 02:34 - 734947328 _____ C:\Users\*****\Downloads\ADRIANE-KNOPPIX_V7.2.0gCD-2013-07-28-DE.iso
2013-12-22 02:23 - 2013-12-22 02:23 - 00033590 _____ C:\Users\*****\Downloads\packagelist_kubuntu_64.txt
2013-12-22 01:08 - 2013-12-22 01:09 - 01094939 _____ (pendrivelinux.com) C:\Users\*****\Downloads\Universal-USB-Installer-1.9.5.1.exe
2013-12-21 23:54 - 2013-12-21 23:54 - 05192704 _____ (Geza Kovacs) C:\Users\*****\Downloads\unetbootin-windows-585 (3).exe
2013-12-21 23:54 - 2013-12-21 23:54 - 05192704 _____ (Geza Kovacs) C:\Users\*****\Downloads\unetbootin-windows-585 (2).exe
2013-12-21 22:54 - 2013-12-21 22:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2013-12-21 22:53 - 2013-12-21 22:54 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2013-12-21 22:51 - 2013-12-21 22:55 - 938475520 _____ C:\Users\*****\Downloads\ubuntu-13.10-desktop-i386.iso
2013-12-21 22:49 - 2013-12-21 22:50 - 04766976 _____ (LinuxLive USB Creator) C:\Users\*****\Downloads\LinuxLive USB Creator 2.8.26.exe
2013-12-21 22:28 - 2013-12-21 22:28 - 01046523 _____ (Ext2Fsd Group                                               ) C:\Users\*****\Downloads\Ext2Fsd-0.51.exe
2013-12-21 21:49 - 2013-12-24 03:48 - 00000000 ____D C:\Users\*****\Downloads\UpdatePack_V134
2013-12-21 21:47 - 2013-12-21 21:48 - 24964514 _____ C:\Users\*****\Downloads\UpdatePack_V134.zip
2013-12-21 21:26 - 2013-12-21 21:27 - 66471052 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part15.rar
2013-12-21 21:26 - 2013-12-21 21:27 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part14.rar
2013-12-21 21:26 - 2013-12-21 21:27 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part13.rar
2013-12-21 21:25 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part12.rar
2013-12-21 21:24 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part11.rar
2013-12-21 21:24 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part10.rar
2013-12-21 21:23 - 2013-12-21 21:25 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part09.rar
2013-12-21 21:23 - 2013-12-21 21:24 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part08.rar
2013-12-21 21:23 - 2013-12-21 21:24 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part07.rar
2013-12-21 21:22 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part06.rar
2013-12-21 21:22 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part05.rar
2013-12-21 21:22 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part04.rar
2013-12-21 21:21 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part03.rar
2013-12-21 21:21 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part02.rar
2013-12-21 21:21 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part01.rar
2013-12-21 21:06 - 2013-12-21 21:06 - 516747800 _____ C:\Windows\MEMORY.DMP
2013-12-21 21:06 - 2013-12-21 21:06 - 00296536 _____ C:\Windows\Minidump\122113-31621-01.dmp
2013-12-21 20:58 - 2013-12-21 20:58 - 00001985 _____ C:\Users\*****\Desktop\UFB Code Setup.lnk
2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\WCH.CN
2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UFB Code Setup
2013-12-21 20:58 - 2011-11-05 00:00 - 00039696 _____ (www.winchiphead.com) C:\Windows\system32\Drivers\CH341SER.SYS
2013-12-21 20:58 - 2008-12-18 00:00 - 00020089 _____ C:\Windows\system32\CH341SER.VXD
2013-12-21 20:58 - 2007-06-12 00:00 - 00019680 _____ (www.winchiphead.com) C:\Windows\system32\Drivers\CH341S98.SYS
2013-12-21 20:58 - 2005-07-30 00:00 - 00006712 _____ (www.winchiphead.com) C:\Windows\system32\CH341PT.DLL
2013-12-21 20:57 - 2013-12-21 21:04 - 00000000 ____D C:\Program Files (x86)\UFB Code Setup
2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Windows\UFB Code Setup
2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Users\*****\Downloads\UFB234_CD-Inhalt
2013-12-21 20:55 - 2013-12-21 20:55 - 17560304 _____ C:\Users\*****\Downloads\UFB234_CD-Inhalt.zip
2013-12-21 19:39 - 2013-12-21 19:39 - 67745277 _____ C:\Users\*****\Downloads\poecanmahtki.part16.rar
2013-12-21 19:39 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part15.rar
2013-12-21 19:38 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part14.rar
2013-12-21 19:38 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part13.rar
2013-12-21 19:37 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part11.rar
2013-12-21 19:37 - 2013-12-21 19:38 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part12.rar
2013-12-21 19:36 - 2013-12-21 19:38 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part09.rar
2013-12-21 19:36 - 2013-12-21 19:37 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part10.rar
2013-12-21 19:35 - 2013-12-21 19:37 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part08.rar
2013-12-21 19:35 - 2013-12-21 19:36 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part07.rar
2013-12-21 19:35 - 2013-12-21 19:36 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part06.rar
2013-12-21 19:34 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part05.rar
2013-12-21 19:33 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part04.rar
2013-12-21 19:32 - 2013-12-21 19:34 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part02.rar
2013-12-21 19:32 - 2013-12-21 19:34 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part01.rar
2013-12-21 19:32 - 2013-12-21 19:33 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part03.rar
2013-12-20 19:49 - 2013-12-20 19:49 - 00000000 ____D C:\ProgramData\ESET
2013-12-20 19:49 - 2013-12-20 19:49 - 00000000 ____D C:\Program Files\ESET
2013-12-20 19:34 - 2013-12-20 19:35 - 154561875 _____ C:\Users\*****\Downloads\eset_nod32_smart security.rar
2013-12-20 19:28 - 2013-12-20 19:28 - 00423360 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-20 19:19 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2013-12-20 19:19 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2013-12-20 19:19 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2013-12-20 19:19 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2013-12-20 19:19 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2013-12-20 19:19 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2013-12-20 19:19 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2013-12-20 19:19 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-12-20 19:19 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-12-20 19:19 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-12-20 19:19 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-12-20 18:48 - 2013-12-20 18:49 - 02888335 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).flv
2013-12-20 18:48 - 2013-12-20 18:48 - 10759552 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).mp4
2013-12-20 18:48 - 2013-12-20 18:48 - 00690824 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).3gp
2013-12-20 01:22 - 2013-12-20 01:22 - 00381540 _____ C:\Users\*****\Downloads\enigma2-skin-elgato-hd_1.0.1_all.ipk
2013-12-19 01:55 - 2013-12-19 01:55 - 04513064 _____ C:\Users\*****\Downloads\npp.6.5.2.bin.7z
2013-12-19 01:53 - 2013-12-19 01:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Notepad++
2013-12-19 01:53 - 2013-12-19 01:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-12-19 01:53 - 2013-12-19 01:53 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-12-19 01:52 - 2013-12-19 01:52 - 07549839 _____ C:\Users\*****\Downloads\npp.6.5.2.Installer.exe
2013-12-19 01:48 - 2013-12-19 01:48 - 01432078 _____ C:\Users\*****\Downloads\redate.zip
2013-12-19 00:28 - 2013-12-19 00:28 - 00000001 _____ C:\Users\*****\AppData\Local\llftool.4.40.agreement
2013-12-18 22:01 - 2013-12-18 22:01 - 02046464 _____ C:\Users\*****\Downloads\HDDLLF.4.40.exe
2013-12-18 21:39 - 2013-12-18 21:39 - 00000000 ____D C:\Users\*****\Downloads\usbit (1)
2013-12-18 21:38 - 2013-12-18 21:38 - 00221471 _____ C:\Users\*****\Downloads\usbit (1).zip
2013-12-18 21:35 - 2013-12-18 21:35 - 00236402 _____ C:\Users\*****\Downloads\Anleitung_3_Duck-Trick_Image_USB_Stick_unter_Windows_erstellen_flor62.zip
2013-12-18 20:09 - 2013-12-18 20:09 - 00928690 _____ C:\Users\*****\Downloads\DreamUP133_11.zip
2013-12-18 20:08 - 2013-12-18 20:08 - 03847349 _____ C:\Users\*****\Downloads\CP210x_VCP_Windows.zip
2013-12-18 20:07 - 2013-12-18 20:07 - 54083533 _____ C:\Users\*****\Downloads\newnigma2-stable-dm800-v4.0.6.zip
2013-12-18 19:30 - 2013-12-21 22:06 - 00000000 ____D C:\Users\*****\Downloads\BIP2
2013-12-17 19:51 - 2013-12-17 19:51 - 04603098 _____ C:\Users\*****\Downloads\e2.ipk
2013-12-17 19:51 - 2013-12-17 19:51 - 00303096 _____ C:\Users\*****\Downloads\python-mechanize_0.2.5-r0_mips32el.ipk
2013-12-17 19:46 - 2013-12-17 19:47 - 00000000 ____D C:\Burgard
2013-12-17 19:43 - 2013-12-17 19:44 - 24509740 _____ (Macrovision Corporation) C:\Users\*****\Downloads\drivers-amp-utility.exe
2013-12-17 01:52 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-17 01:52 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-17 01:52 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-17 01:52 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-17 01:52 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-17 01:52 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-17 01:52 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-17 01:52 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-17 01:52 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-17 01:52 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-17 01:51 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-17 01:51 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-17 01:51 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-17 01:51 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-17 01:50 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-17 01:50 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-17 01:50 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-17 01:50 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-17 01:50 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-17 01:50 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-17 01:50 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-17 01:50 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-17 01:50 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-17 01:50 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-17 01:50 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-17 01:50 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-17 01:50 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2013-12-17 01:50 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-17 01:50 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-17 01:50 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-17 01:50 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-12-17 01:50 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-17 01:50 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 21:57 - 2013-12-11 21:57 - 00018077 _____ C:\Users\*****\Downloads\Black.Mirror.S02E03.DVDRip.XviD-iNGOT.de-SubCentral.rar
2013-12-11 21:56 - 2013-12-11 21:56 - 00012208 _____ C:\Users\*****\Downloads\Black.Mirror.S02E01.DVDRip.XviD-iNGOT.de-SubCentral.rar
2013-12-11 21:56 - 2013-12-11 21:56 - 00010431 _____ C:\Users\*****\Downloads\Black.Mirror.S02E02.DVDRip.XviD-iNGOT.de-SubCentral.rar
2013-12-11 21:54 - 2013-12-11 21:54 - 00020353 _____ C:\Users\*****\Downloads\Black.Mirror.S01E03.DVDRip.XviD-TASTETV.de-SubCentral.rar
2013-12-11 21:54 - 2013-12-11 21:54 - 00020107 _____ C:\Users\*****\Downloads\Black.Mirror.S01E01.DVDRip.XviD-TASTETV.de-SubCentral.rar
2013-12-11 21:54 - 2013-12-11 21:54 - 00016848 _____ C:\Users\*****\Downloads\Black.Mirror.S01E02.DVDRip.XviD-TASTETV.de-SubCentral.rar
2013-12-11 21:54 - 2013-12-11 21:54 - 00016848 _____ C:\Users\*****\Downloads\Black.Mirror.S01E02.DVDRip.XviD-TASTETV.de-SubCentral (1).rar
2013-12-11 21:45 - 2013-12-11 21:45 - 56234802 _____ C:\Users\*****\Downloads\blckmirr-203.part4.rar
2013-12-11 21:44 - 2013-12-11 21:45 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part3.rar
2013-12-11 21:44 - 2013-12-11 21:45 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part2.rar
2013-12-11 21:44 - 2013-12-11 21:45 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part1.rar
2013-12-11 21:43 - 2013-12-11 21:44 - 55171152 _____ C:\Users\*****\Downloads\blckmirr-202.part4.rar
2013-12-11 21:42 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part3.rar
2013-12-11 21:42 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part2.rar
2013-12-11 21:42 - 2013-12-11 21:43 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part1.rar
2013-12-11 21:42 - 2013-12-11 21:42 - 55229266 _____ C:\Users\*****\Downloads\blckmirr-201.part4.rar
2013-12-11 21:40 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part3.rar
2013-12-11 21:40 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part1.rar
2013-12-11 21:40 - 2013-12-11 21:41 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part2.rar
2013-12-11 21:34 - 2013-12-11 21:39 - 575199387 _____ C:\Users\*****\Downloads\black.mirror.s01e02-tastetv.avi.rar
2013-12-11 21:34 - 2013-12-11 21:39 - 367141019 _____ C:\Users\*****\Downloads\black.mirror.s01e03-tastetv.avi.rar
2013-12-11 21:34 - 2013-12-11 21:39 - 365891737 _____ C:\Users\*****\Downloads\black.mirror.s01e01-tastetv.avi.rar
2013-12-10 16:42 - 2013-12-10 16:43 - 99262843 _____ C:\Users\*****\Downloads\evdeadz.part09.rar
2013-12-10 16:42 - 2013-12-10 16:43 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part08.rar
2013-12-10 16:41 - 2013-12-10 16:43 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part07.rar
2013-12-10 16:41 - 2013-12-10 16:42 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part06.rar
2013-12-10 16:40 - 2013-12-10 16:42 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part05.rar
2013-12-10 16:40 - 2013-12-10 16:41 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part04.rar
2013-12-10 16:39 - 2013-12-10 16:41 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part01.rar
2013-12-10 16:39 - 2013-12-10 16:40 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part03.rar
2013-12-10 16:39 - 2013-12-10 16:40 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part02.rar
2013-12-10 16:36 - 2013-12-10 16:37 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part08.rar
2013-12-10 16:36 - 2013-12-10 16:36 - 15845444 _____ C:\Users\*****\Downloads\DaenikenAegypten.part09.rar
2013-12-10 16:35 - 2013-12-10 16:36 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part07.rar
2013-12-10 16:35 - 2013-12-10 16:36 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part06.rar
2013-12-10 16:35 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part05.rar
2013-12-10 16:34 - 2013-12-10 16:36 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part04.rar
2013-12-10 16:33 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part03.rar
2013-12-10 16:33 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part02.rar
2013-12-10 16:33 - 2013-12-10 16:34 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part01.rar
2013-12-10 16:33 - 2013-12-10 16:33 - 22387776 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part8.rar
2013-12-10 16:32 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part7.rar
2013-12-10 16:32 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part6.rar
2013-12-10 16:31 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part5.rar
2013-12-10 16:31 - 2013-12-10 16:32 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part4.rar
2013-12-10 16:31 - 2013-12-10 16:32 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part3.rar
2013-12-10 16:30 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part2.rar
2013-12-10 16:30 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part1.rar
2013-12-10 16:30 - 2013-12-10 16:30 - 73842964 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part7.rar
2013-12-10 16:29 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part6.rar
2013-12-10 16:29 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part5.rar
2013-12-10 16:29 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part4.rar
2013-12-10 16:28 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part3.rar
2013-12-10 16:28 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part2.rar
2013-12-10 16:28 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part1.rar
2013-12-10 13:43 - 2013-12-10 13:44 - 80295200 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part6.rar
2013-12-10 13:43 - 2013-12-10 13:44 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part5.rar
2013-12-10 13:43 - 2013-12-10 13:44 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part4.rar
2013-12-10 13:42 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part3.rar
2013-12-10 13:42 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part2.rar
2013-12-10 13:42 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part1.rar
2013-12-09 13:49 - 2013-12-09 13:50 - 82071312 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part6.rar
2013-12-09 13:49 - 2013-12-09 13:50 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part5.rar
2013-12-09 13:49 - 2013-12-09 13:50 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part4.rar
2013-12-09 13:48 - 2013-12-09 13:49 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part3.rar
2013-12-09 13:48 - 2013-12-09 13:48 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part2.rar
2013-12-09 13:47 - 2013-12-09 13:49 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part1.rar
2013-12-09 13:47 - 2013-12-09 13:48 - 102291714 _____ C:\Users\*****\Downloads\dwAtlantis.part6.rar
2013-12-09 13:47 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part5.rar
2013-12-09 13:46 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part4.rar
2013-12-09 13:46 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part3.rar
2013-12-09 13:45 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part2.rar
2013-12-09 13:45 - 2013-12-09 13:46 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part1.rar
2013-12-09 13:45 - 2013-12-09 13:46 - 104857600 _____ C:\Users\*****\Downloads\atlan.part5.rar
2013-12-09 13:45 - 2013-12-09 13:45 - 42755408 _____ C:\Users\*****\Downloads\atlan.part6.rar
2013-12-09 13:44 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\atlan.part4.rar
2013-12-09 13:44 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\atlan.part3.rar
2013-12-09 13:44 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\atlan.part2.rar
2013-12-09 13:43 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\atlan.part1.rar
2013-12-09 13:42 - 2013-12-09 13:44 - 99246501 _____ C:\Users\*****\Downloads\VWAtlantisRdM.part5.rar
2013-12-09 13:42 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\VWAtlantisRdM.part1.rar
2013-12-09 13:42 - 2013-12-09 13:42 - 29707332 _____ C:\Users\*****\Downloads\FREE.Atlanta.part4.rar
2013-12-09 13:42 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part3.rar
2013-12-09 13:41 - 2013-12-09 13:42 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part11.rar
2013-12-09 13:41 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part2.rar
2013-12-09 13:41 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part1.rar
2013-12-09 13:40 - 2013-12-09 13:41 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part10.rar
2013-12-09 13:40 - 2013-12-09 13:41 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part09.rar
2013-12-09 13:39 - 2013-12-09 13:41 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part08.rar
2013-12-09 13:39 - 2013-12-09 13:40 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part07.rar
2013-12-09 13:38 - 2013-12-09 13:40 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part06.rar
2013-12-09 13:37 - 2013-12-09 13:39 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part05.rar
2013-12-09 13:37 - 2013-12-09 13:39 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part04.rar
2013-12-09 13:37 - 2013-12-09 13:38 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part03.rar
2013-12-09 13:36 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part02.rar
2013-12-09 13:36 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part01.rar
2013-12-09 13:35 - 2013-12-09 13:37 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part2.rar
2013-12-09 13:35 - 2013-12-09 13:36 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part3.rar
2013-12-09 13:35 - 2013-12-09 13:36 - 113068050 _____ C:\Users\*****\Downloads\DieAzoren.part4.rar
2013-12-09 13:34 - 2013-12-09 13:35 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part1.rar
2013-12-09 13:34 - 2013-12-09 13:35 - 110443060 _____ C:\Users\*****\Downloads\XAtlantis.part4.rar
2013-12-09 13:33 - 2013-12-09 13:35 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part3.rar
2013-12-09 13:33 - 2013-12-09 13:34 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part2.rar
2013-12-09 13:32 - 2013-12-09 13:34 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part1.rar
2013-12-09 13:32 - 2013-12-09 13:33 - 82886274 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part4.rar
2013-12-09 13:31 - 2013-12-09 13:33 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part3.rar
2013-12-09 13:31 - 2013-12-09 13:32 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part2.rar
2013-12-09 13:31 - 2013-12-09 13:32 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part1.rar
2013-12-09 13:31 - 2013-12-09 13:31 - 36734289 _____ C:\Users\*****\Downloads\BBCM-E07.part4.rar
2013-12-09 13:29 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part3.rar
2013-12-09 13:29 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part2.rar
2013-12-09 13:29 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part1.rar
2013-12-08 19:27 - 2013-12-08 19:27 - 46970212 _____ C:\Users\*****\Downloads\pt-s01e08.part3.rar
2013-12-08 19:26 - 2013-12-08 19:27 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e08.part2.rar
2013-12-08 19:26 - 2013-12-08 19:27 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e08.part1.rar
2013-12-08 19:25 - 2013-12-08 19:27 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e09.part2.rar
2013-12-08 19:25 - 2013-12-08 19:26 - 47604356 _____ C:\Users\*****\Downloads\pt-s01e09.part3.rar
2013-12-08 19:25 - 2013-12-08 19:26 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e09.part1.rar
2013-12-08 19:25 - 2013-12-08 19:25 - 47100740 _____ C:\Users\*****\Downloads\pt-s01e07.part3.rar
2013-12-08 19:24 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e07.part2.rar
2013-12-08 19:24 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e07.part1.rar
2013-12-08 19:24 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e06.part2.rar
2013-12-08 19:24 - 2013-12-08 19:24 - 47007212 _____ C:\Users\*****\Downloads\pt-s01e06.part3.rar
2013-12-08 19:23 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e06.part1.rar
2013-12-08 19:23 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e05.part2.rar
2013-12-08 19:23 - 2013-12-08 19:23 - 45389476 _____ C:\Users\*****\Downloads\pt-s01e05.part3.rar
2013-12-08 19:22 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e05.part1.rar
2013-12-08 19:22 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e04.part2.rar
2013-12-08 19:22 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e04.part1.rar
2013-12-08 19:22 - 2013-12-08 19:22 - 45668004 _____ C:\Users\*****\Downloads\pt-s01e04.part3.rar
2013-12-08 19:15 - 2013-12-08 19:15 - 48223084 _____ C:\Users\*****\Downloads\pt-s01e03.part3.rar
2013-12-08 19:15 - 2013-12-08 19:15 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e03.part2.rar
2013-12-08 19:14 - 2013-12-08 19:15 - 46095564 _____ C:\Users\*****\Downloads\pt-s01e02.part3.rar
2013-12-08 19:14 - 2013-12-08 19:15 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e03.part1.rar
2013-12-08 19:13 - 2013-12-08 19:15 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e02.part1.rar
2013-12-08 19:13 - 2013-12-08 19:14 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e02.part2.rar
2013-12-08 19:12 - 2013-12-08 19:14 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e01.part2.rar
2013-12-08 19:12 - 2013-12-08 19:13 - 47069908 _____ C:\Users\*****\Downloads\pt-s01e01.part3.rar
2013-12-08 19:12 - 2013-12-08 19:13 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e01.part1.rar
2013-12-08 16:46 - 2013-12-08 16:46 - 26169389 _____ C:\Users\*****\Downloads\historyvati.part4.rar
2013-12-08 16:44 - 2013-12-08 16:46 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part3.rar
2013-12-08 16:44 - 2013-12-08 16:46 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part2.rar
2013-12-08 16:44 - 2013-12-08 16:46 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part1.rar
2013-12-07 17:25 - 2013-12-07 17:41 - 00000000 ____D C:\Users\*****\Documents\dave
2013-12-07 17:25 - 2013-12-07 17:25 - 04712205 _____ C:\Users\*****\Documents\dave.rar
2013-12-03 19:04 - 2013-12-03 19:04 - 00000000 ____D C:\Users\*****\AppData\Local\Unattneded
2013-12-03 19:00 - 2013-12-03 19:00 - 00001087 _____ C:\Users\*****\Desktop\AAF Recovery tool AV700.lnk
2013-12-03 19:00 - 2013-12-03 19:00 - 00000000 ____D C:\Program Files (x86)\AAF Recovery tool AV700
2013-12-03 18:55 - 2013-12-03 18:55 - 28338913 _____ C:\Users\*****\Downloads\AAF_Recovery_Tool_V4.6_av700.rar
2013-12-03 18:42 - 2013-12-03 18:42 - 00120681 _____ C:\Users\*****\Downloads\CreateMini.rar
2013-12-03 18:41 - 2013-12-03 18:41 - 01245289 _____ C:\Users\*****\Downloads\Maxiboot_Installer_Setup_V15.rar
2013-12-03 18:28 - 2013-12-03 18:28 - 00098304 _____ (Hewlett-Packard Company) C:\Users\*****\Downloads\HPUSBFW_v2.2.3 (3).exe
2013-12-03 18:28 - 2013-12-03 18:28 - 00098304 _____ (Hewlett-Packard Company) C:\Users\*****\Downloads\HPUSBFW_v2.2.3 (2).exe
2013-12-03 18:21 - 2013-12-03 18:21 - 26545043 _____ C:\Users\*****\Downloads\AAF_Recovery_Tool_V4.5a_av700.rar
2013-12-03 18:19 - 2013-12-03 18:58 - 00000000 ____D C:\Users\*****\Downloads\[0000]---geier
2013-12-03 17:19 - 2013-12-03 17:23 - 18627789 _____ C:\Users\*****\Downloads\Atemio_700_TitanNit_Edition_1.45iboot.rar
2013-12-03 16:50 - 2013-12-03 16:51 - 33292288 _____ C:\Users\*****\Downloads\BP-NMP_miniFLASH_BASE-rev6011.img
2013-12-03 16:49 - 2013-12-03 16:50 - 33292288 _____ C:\Users\*****\Downloads\miniFLASH_rev4839-p191.img
2013-12-02 19:24 - 2013-12-02 19:25 - 209730560 _____ C:\Users\*****\Downloads\ASXXDDx6CE.part1 (1).rar
2013-12-02 18:35 - 2013-12-02 19:23 - 00000000 ____D C:\Users\*****\Downloads\ASXXDDx6CE.part1.rar
2013-12-02 18:03 - 2013-12-02 18:06 - 606025919 _____ C:\Users\*****\Downloads\xcite-anal.sweethearts.5.part2.rar
2013-12-02 17:59 - 2013-12-02 18:02 - 734003200 _____ C:\Users\*****\Downloads\xcite-anal.sweethearts.5.part1.rar
2013-12-01 19:53 - 2013-12-01 19:57 - 409579390 _____ C:\Users\*****\Downloads\Riddick.Ueberleben.Ist.Seine.Rache.2013.DRip.Ger.A3.DUB.x264-UPX.part2.rar
2013-12-01 19:53 - 2013-12-01 19:56 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part03.rar
2013-12-01 19:53 - 2013-12-01 19:55 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part10.rar
2013-12-01 19:53 - 2013-12-01 19:54 - 39228144 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part14.rar
2013-12-01 19:53 - 2013-12-01 19:54 - 19727295 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part3.rar
2013-12-01 19:51 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part11.rar
2013-12-01 19:51 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part08.rar
2013-12-01 19:51 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part04.rar
2013-12-01 19:51 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part02.rar
2013-12-01 19:50 - 2013-12-01 20:00 - 1072693248 _____ C:\Users\*****\Downloads\Riddick.Ueberleben.Ist.Seine.Rache.2013.DRip.Ger.A3.DUB.x264-UPX.part1.rar
2013-12-01 19:46 - 2013-12-01 19:48 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part13.rar
2013-12-01 19:44 - 2013-12-01 19:48 - 525336595 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part1.rar
2013-12-01 19:43 - 2013-12-01 19:46 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part12.rar
2013-12-01 19:43 - 2013-12-01 19:46 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part09.rar
2013-12-01 19:42 - 2013-12-01 19:48 - 525336595 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part2.rar
2013-12-01 19:42 - 2013-12-01 19:47 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part07.rar
2013-12-01 19:42 - 2013-12-01 19:46 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part05.rar
2013-12-01 19:42 - 2013-12-01 19:45 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part01.rar
2013-12-01 19:42 - 2013-12-01 19:44 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part06.rar
2013-12-01 17:05 - 2013-12-01 17:06 - 00000000 ___HD C:\$WINDOWS.~BT
2013-12-01 16:20 - 2013-12-01 16:21 - 60337803 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part36.rar
2013-12-01 16:16 - 2013-12-01 16:45 - 804946521 _____ C:\Users\*****\Downloads\FroRusWthL.part1.rar
2013-12-01 16:16 - 2013-12-01 16:42 - 803894836 _____ C:\Users\*****\Downloads\FroRusWthL.part2.rar
2013-12-01 16:11 - 2013-12-01 16:19 - 1032666462 _____ C:\Users\*****\Downloads\HMitSafFot.rar
2013-11-29 19:48 - 2013-11-29 19:48 - 41971440 _____ C:\Users\*****\Downloads\gemini2-510-dm800-20100721145005.nfi (3).zip
2013-11-29 16:18 - 2013-11-29 16:21 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part35.rar
2013-11-29 16:17 - 2013-11-29 16:21 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part34.rar
2013-11-29 16:17 - 2013-11-29 16:21 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part33.rar
2013-11-29 16:16 - 2013-11-29 16:19 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part32.rar
2013-11-29 16:15 - 2013-11-29 16:20 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part31.rar
2013-11-29 16:11 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part30.rar
2013-11-29 16:11 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part29.rar
2013-11-29 16:10 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part27.rar
2013-11-29 16:10 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part26.rar
2013-11-29 16:10 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part25.rar
2013-11-29 16:10 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part24.rar
2013-11-29 16:10 - 2013-11-29 16:17 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part28.rar
2013-11-29 16:09 - 2013-11-29 16:17 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part22.rar
2013-11-29 16:09 - 2013-11-29 16:15 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part23.rar
2013-11-29 16:07 - 2013-11-29 16:15 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part21.rar
2013-11-29 16:03 - 2013-11-29 16:11 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part20.rar
2013-11-29 16:03 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part19.rar
2013-11-29 16:02 - 2013-11-29 16:11 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part18.rar
2013-11-29 16:02 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part16.rar
2013-11-29 16:02 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part14.rar
2013-11-29 16:02 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part17.rar
2013-11-29 16:02 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part15.rar
2013-11-29 16:02 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part13.rar
2013-11-29 16:01 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part12.rar
2013-11-29 16:01 - 2013-11-29 16:07 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part11.rar
2013-11-29 15:54 - 2013-11-29 16:03 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part09.rar
2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part08.rar
2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part06.rar
2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part04.rar
2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part03.rar
2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part02.rar
2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part01.rar
2013-11-29 15:54 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part10.rar
2013-11-29 15:54 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part07.rar
2013-11-29 15:54 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part05.rar
2013-11-29 15:30 - 2013-11-29 15:30 - 00001458 _____ C:\Windows\PFRO.log
2013-11-29 15:21 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-11-29 15:21 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-11-29 15:21 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-11-29 15:21 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-11-29 15:21 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-11-29 15:21 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-11-29 15:21 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-11-29 15:21 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-11-29 15:21 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-11-29 15:21 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-11-29 15:21 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-11-29 15:21 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-11-29 15:21 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-11-29 15:21 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-11-29 15:21 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-11-29 15:21 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-11-29 15:21 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-11-29 15:21 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-11-29 15:21 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-11-29 15:21 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2013-11-29 15:21 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2013-11-29 15:21 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2013-11-29 15:21 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2013-11-29 14:58 - 2013-11-29 14:58 - 00014021 _____ C:\ComboFix.txt
2013-11-29 12:44 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-29 12:44 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-29 12:44 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-29 12:44 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-29 12:44 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-29 12:44 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2013-11-29 12:44 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-29 12:44 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-29 12:44 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-29 12:42 - 2013-11-29 14:58 - 00000000 ____D C:\Qoobox
2013-11-29 12:42 - 2013-11-29 14:52 - 00000000 ____D C:\Windows\erdnt
2013-11-29 12:41 - 2013-11-29 15:08 - 00004740 _____ C:\Users\*****\Desktop\Rkill.txt
2013-11-29 12:41 - 2013-11-29 12:41 - 01059064 _____ (Bleeping Computer, LLC) C:\Users\*****\Desktop\rkill64.exe
2013-11-29 12:41 - 2013-11-29 12:41 - 00000000 ____D C:\Users\*****\Desktop\rkill
2013-11-29 12:40 - 2013-11-29 12:40 - 05150163 ____R (Swearware) C:\Users\*****\Desktop\ComboFix.exe
2013-11-29 12:40 - 2013-11-29 12:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\*****\Downloads\rkill.exe
2013-11-29 12:40 - 2013-11-29 12:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\*****\Desktop\rkill.exe
2013-11-29 12:39 - 2013-11-29 12:40 - 05150163 _____ (Swearware) C:\Users\*****\Downloads\ComboFix.exe
2013-11-29 12:31 - 2013-11-29 12:31 - 00000000 ____D C:\Users\*****\Downloads\RootkitRevealer
2013-11-29 12:30 - 2013-11-29 12:30 - 00231390 _____ C:\Users\*****\Downloads\RootkitRevealer.zip
2013-11-29 12:23 - 2013-11-29 12:23 - 00001907 _____ C:\Users\*****\Downloads\02.vbs
2013-11-29 12:19 - 2013-11-29 12:19 - 00001186 _____ C:\Users\*****\Desktop\AIDA64 Engineer.lnk
2013-11-29 12:19 - 2013-11-29 12:19 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-11-29 12:18 - 2013-11-29 12:18 - 00000000 ____D C:\Users\*****\Downloads\AA644.00.2700
2013-11-29 12:17 - 2013-11-29 12:17 - 48071965 _____ C:\Users\*****\Downloads\AA644.00.2700.rar
2013-11-29 12:12 - 2013-11-29 12:12 - 00001966 _____ C:\Users\*****\Downloads\01.vbs
2013-11-29 11:51 - 2013-11-29 11:51 - 00000000 ____D C:\Program Files (x86)\Belarc
2013-11-29 11:49 - 2013-11-29 11:50 - 03197352 _____ C:\Users\*****\Downloads\advisorinstaller.exe
2013-11-29 11:20 - 2013-11-29 11:20 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-29 11:19 - 2013-11-29 11:19 - 35890436 _____ C:\Users\*****\Downloads\Microsoft.Kekskit.250BETA1.rar
2013-11-29 10:53 - 2013-11-29 10:53 - 00005593 _____ C:\Users\*****\Downloads\wpkey_v1.4.7d (1).zip
2013-11-29 10:53 - 2013-11-29 10:53 - 00000000 ____D C:\Users\*****\Downloads\wpkey_v1.4.7d (1)
2013-11-29 09:52 - 2013-11-29 09:52 - 00009273 _____ C:\Users\*****\Downloads\Gbox Key Files 25.11.2013.rar
2013-11-29 09:51 - 2013-11-29 09:51 - 00320666 _____ C:\Users\*****\Downloads\SoftCam_Editor.zip
2013-11-28 22:46 - 2013-11-28 22:46 - 02157971 _____ C:\Users\*****\Downloads\HDD 1018.pdf.zip
2013-11-28 17:29 - 2013-11-28 17:29 - 00000000 ____D C:\Users\*****\Downloads\gbox.net.git806
2013-11-28 16:30 - 2013-11-28 16:30 - 01569767 _____ C:\Users\*****\Downloads\gbox.net.git806.rar
2013-11-28 16:30 - 2013-11-28 16:30 - 00284885 _____ C:\Users\*****\Downloads\dbox2-gbox.net.git806.geshrinkt.rar
2013-11-28 16:30 - 2013-11-28 16:30 - 00284885 _____ C:\Users\*****\Downloads\dbox2-gbox.net.git806.geshrinkt (1).rar
2013-11-27 10:49 - 2013-11-27 10:49 - 00140826 _____ C:\Users\*****\Downloads\Kryptoanalyse_des_Premiere_NDS_Verschluesselungssystem.zip
2013-11-27 10:40 - 2013-11-27 10:40 - 00479365 _____ C:\Users\*****\Downloads\CSA-Rainbow-Table-Tool_V2.02_package.zip
2013-11-27 10:40 - 2013-11-27 10:40 - 00160493 _____ C:\Users\*****\Downloads\ChainAuthor.map
2013-11-27 10:40 - 2013-11-27 10:40 - 00160493 _____ C:\Users\*****\Downloads\ChainAuthor (1).map
2013-11-26 14:32 - 2013-11-26 14:32 - 01722190 _____ C:\Users\*****\Downloads\Anleitungen_Duck-Trick_Image (1).zip

==================== One Month Modified Files and Folders =======

2013-12-26 04:21 - 2013-12-26 04:21 - 00000000 ____D C:\FRST
2013-12-26 04:21 - 2013-12-25 05:32 - 00000000 ____D C:\Users\*****\Desktop\Security
2013-12-26 04:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2013-12-26 03:31 - 2013-05-15 18:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001UA1ce518e6ecec2ba.job
2013-12-26 03:24 - 2012-11-07 22:13 - 00000000 ____D C:\Program Files\JDownloader 2
2013-12-26 03:18 - 2013-12-26 03:18 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-12-26 03:18 - 2013-12-26 03:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-26 03:17 - 2012-09-26 23:32 - 00000000 ____D C:\Users\*****\AppData\Local\Mirillis
2013-12-26 02:52 - 2013-12-26 02:47 - 1468432384 _____ C:\Users\*****\Downloads\Ragazze.Costrette.avi
2013-12-26 02:26 - 2013-04-28 11:43 - 01944691 _____ C:\Windows\WindowsUpdate.log
2013-12-25 17:39 - 2013-12-24 01:38 - 27901952 _____ C:\Windows\system32\vmguest.iso
2013-12-25 17:36 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-25 17:13 - 2013-04-14 20:10 - 00000000 ____D C:\Users\*****\Downloads\!
2013-12-25 14:57 - 2013-12-25 14:57 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-25 06:05 - 2013-12-25 06:05 - 00002515 _____ C:\Users\*****\Desktop\gmer_05.log
2013-12-25 05:52 - 2013-12-25 05:52 - 00003001 _____ C:\Users\*****\Desktop\gmer_04.log
2013-12-25 05:42 - 2013-02-11 01:16 - 00001872 _____ C:\Windows\Sandboxie.ini
2013-12-25 05:41 - 2013-12-25 05:41 - 00000458 _____ C:\Users\*****\Desktop\gmer_03.log
2013-12-25 05:17 - 2013-12-25 05:11 - 00000000 ____D C:\AdwCleaner
2013-12-25 04:49 - 2013-12-25 04:49 - 00011984 _____ C:\Users\*****\Desktop\gmer_02.log
2013-12-24 16:46 - 2013-12-24 16:46 - 00000793 _____ C:\Users\*****\Desktop\gmer_01.log
2013-12-24 13:58 - 2013-12-24 13:58 - 00000000 ____D C:\Users\*****\Desktop\gmer
2013-12-24 13:57 - 2013-12-24 11:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-24 11:03 - 2013-12-24 11:03 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2013-12-24 04:31 - 2013-12-24 13:59 - 00377856 _____ C:\Users\*****\Desktop\gmer_2.1.19163.exe
2013-12-24 04:22 - 2013-12-24 04:22 - 00000000 ____D C:\Users\*****\Desktop\mbar
2013-12-24 03:48 - 2013-12-21 21:49 - 00000000 ____D C:\Users\*****\Downloads\UpdatePack_V134
2013-12-24 03:30 - 2013-12-24 03:30 - 00003161 _____ C:\Users\*****\Desktop\JRT.txt
2013-12-24 03:18 - 2013-12-24 03:18 - 00000000 ____D C:\Windows\ERUNT
2013-12-24 02:48 - 2013-12-24 02:48 - 03950128 _____ (Microsoft Corporation) C:\Users\*****\Downloads\stsupldloc2013-kb2726996-fullfile-x64-glb (3).exe
2013-12-24 02:39 - 2013-12-24 02:39 - 03950128 _____ (Microsoft Corporation) C:\Users\*****\Downloads\stsupldloc2013-kb2726996-fullfile-x64-glb (2).exe
2013-12-23 04:14 - 2012-10-24 18:48 - 00000000 ____D C:\Users\*****\Documents\Outlook-Dateien
2013-12-23 03:42 - 2012-07-26 11:27 - 00756916 _____ C:\Windows\system32\perfh007.dat
2013-12-23 03:42 - 2012-07-26 11:27 - 00157052 _____ C:\Windows\system32\perfc007.dat
2013-12-23 03:42 - 2012-07-26 08:28 - 01754216 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-23 01:37 - 2013-12-23 01:37 - 05428186 _____ C:\Users\*****\Downloads\update-134.tar.gz
2013-12-23 01:35 - 2013-12-23 01:35 - 05428186 _____ C:\Users\*****\Downloads\update-134.gz
2013-12-22 19:34 - 2013-12-22 19:34 - 00000000 ____D C:\Users\*****\Downloads\TM.2.YT.DL.v2.1.0.537
2013-12-22 19:34 - 2013-12-22 19:33 - 02237534 _____ C:\Users\*****\Downloads\TM.2.YT.DL.v2.1.0.537.rar
2013-12-22 19:31 - 2013-05-15 18:05 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001Core1ce518e6da097c5.job
2013-12-22 15:41 - 2013-11-02 10:28 - 00000000 ____D C:\Program Files (x86)\HDDGURU LLF Tool
2013-12-22 15:40 - 2013-11-02 10:28 - 00001060 _____ C:\Users\*****\Desktop\Hard Disk Low Level Format Tool.lnk
2013-12-22 15:39 - 2013-12-22 15:39 - 00000000 ____D C:\Users\*****\Downloads\HDD_Low_Level_Format_Tool_4.25_Software
2013-12-22 15:36 - 2013-12-22 15:36 - 01277576 _____ C:\Users\*****\Downloads\HDD_Low_Level_Format_Tool_4.25_Software.rar
2013-12-22 13:54 - 2013-12-22 13:53 - 04278747 _____ C:\Users\*****\Downloads\usb110511.zip
2013-12-22 13:39 - 2013-12-22 13:38 - 147571049 _____ C:\Users\*****\Downloads\Biffy Clyro - Opposites Live from Glasgow (2013).zip
2013-12-22 13:38 - 2013-12-22 13:38 - 00000000 ____D C:\Users\*****\Downloads\pcunlocker_trial
2013-12-22 13:34 - 2013-12-22 13:34 - 31489469 _____ C:\Users\*****\Downloads\pcunlocker_trial.zip
2013-12-22 13:32 - 2013-12-22 13:31 - 71381976 _____ (Magic Rescue CD                                             ) C:\Users\*****\Downloads\rescueCD_setup_free_version.exe
2013-12-22 03:10 - 2013-12-22 03:05 - 1252147200 _____ C:\Users\*****\Downloads\linuxmint-16-cinnamon-dvd-64bit.iso
2013-12-22 02:34 - 2013-12-22 02:31 - 734947328 _____ C:\Users\*****\Downloads\ADRIANE-KNOPPIX_V7.2.0gCD-2013-07-28-DE.iso
2013-12-22 02:23 - 2013-12-22 02:23 - 00033590 _____ C:\Users\*****\Downloads\packagelist_kubuntu_64.txt
2013-12-22 01:09 - 2013-12-22 01:08 - 01094939 _____ (pendrivelinux.com) C:\Users\*****\Downloads\Universal-USB-Installer-1.9.5.1.exe
2013-12-22 00:23 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-21 23:54 - 2013-12-21 23:54 - 05192704 _____ (Geza Kovacs) C:\Users\*****\Downloads\unetbootin-windows-585 (3).exe
2013-12-21 23:54 - 2013-12-21 23:54 - 05192704 _____ (Geza Kovacs) C:\Users\*****\Downloads\unetbootin-windows-585 (2).exe
2013-12-21 22:55 - 2013-12-21 22:51 - 938475520 _____ C:\Users\*****\Downloads\ubuntu-13.10-desktop-i386.iso
2013-12-21 22:54 - 2013-12-21 22:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator
2013-12-21 22:54 - 2013-12-21 22:53 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator
2013-12-21 22:50 - 2013-12-21 22:49 - 04766976 _____ (LinuxLive USB Creator) C:\Users\*****\Downloads\LinuxLive USB Creator 2.8.26.exe
2013-12-21 22:28 - 2013-12-21 22:28 - 01046523 _____ (Ext2Fsd Group                                               ) C:\Users\*****\Downloads\Ext2Fsd-0.51.exe
2013-12-21 22:06 - 2013-12-18 19:30 - 00000000 ____D C:\Users\*****\Downloads\BIP2
2013-12-21 21:48 - 2013-12-21 21:47 - 24964514 _____ C:\Users\*****\Downloads\UpdatePack_V134.zip
2013-12-21 21:36 - 2013-07-21 10:37 - 00002664 _____ C:\Windows\setupact.log
2013-12-21 21:27 - 2013-12-21 21:26 - 66471052 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part15.rar
2013-12-21 21:27 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part14.rar
2013-12-21 21:27 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part13.rar
2013-12-21 21:27 - 2013-01-06 21:04 - 00000000 ____D C:\Users\*****\Downloads\extracted
2013-12-21 21:26 - 2013-12-21 21:25 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part12.rar
2013-12-21 21:26 - 2013-12-21 21:24 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part11.rar
2013-12-21 21:26 - 2013-12-21 21:24 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part10.rar
2013-12-21 21:25 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part09.rar
2013-12-21 21:24 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part08.rar
2013-12-21 21:24 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part07.rar
2013-12-21 21:23 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part06.rar
2013-12-21 21:23 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part05.rar
2013-12-21 21:23 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part04.rar
2013-12-21 21:22 - 2013-12-21 21:21 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part03.rar
2013-12-21 21:22 - 2013-12-21 21:21 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part02.rar
2013-12-21 21:22 - 2013-12-21 21:21 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part01.rar
2013-12-21 21:06 - 2013-12-21 21:06 - 516747800 _____ C:\Windows\MEMORY.DMP
2013-12-21 21:06 - 2013-12-21 21:06 - 00296536 _____ C:\Windows\Minidump\122113-31621-01.dmp
2013-12-21 21:06 - 2013-01-14 22:52 - 00000000 ____D C:\Windows\Minidump
2013-12-21 21:04 - 2013-12-21 20:57 - 00000000 ____D C:\Program Files (x86)\UFB Code Setup
2013-12-21 20:58 - 2013-12-21 20:58 - 00001985 _____ C:\Users\*****\Desktop\UFB Code Setup.lnk
2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\WCH.CN
2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UFB Code Setup
2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Windows\UFB Code Setup
2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Users\*****\Downloads\UFB234_CD-Inhalt
2013-12-21 20:55 - 2013-12-21 20:55 - 17560304 _____ C:\Users\*****\Downloads\UFB234_CD-Inhalt.zip
2013-12-21 19:39 - 2013-12-21 19:39 - 67745277 _____ C:\Users\*****\Downloads\poecanmahtki.part16.rar
2013-12-21 19:39 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part15.rar
2013-12-21 19:39 - 2013-12-21 19:38 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part14.rar
2013-12-21 19:39 - 2013-12-21 19:38 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part13.rar
2013-12-21 19:39 - 2013-12-21 19:37 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part11.rar
2013-12-21 19:38 - 2013-12-21 19:37 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part12.rar
2013-12-21 19:38 - 2013-12-21 19:36 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part09.rar
2013-12-21 19:37 - 2013-12-21 19:36 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part10.rar
2013-12-21 19:37 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part08.rar
2013-12-21 19:36 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part07.rar
2013-12-21 19:36 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part06.rar
2013-12-21 19:35 - 2013-12-21 19:34 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part05.rar
2013-12-21 19:35 - 2013-12-21 19:33 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part04.rar
2013-12-21 19:34 - 2013-12-21 19:32 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part02.rar
2013-12-21 19:34 - 2013-12-21 19:32 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part01.rar
2013-12-21 19:33 - 2013-12-21 19:32 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part03.rar
2013-12-21 19:15 - 2013-05-21 12:31 - 00130560 ___SH C:\Users\*****\Downloads\Thumbs.db
2013-12-20 22:50 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-12-20 19:49 - 2013-12-20 19:49 - 00000000 ____D C:\ProgramData\ESET
2013-12-20 19:49 - 2013-12-20 19:49 - 00000000 ____D C:\Program Files\ESET
2013-12-20 19:35 - 2013-12-20 19:34 - 154561875 _____ C:\Users\*****\Downloads\eset_nod32_smart security.rar
2013-12-20 19:28 - 2013-12-20 19:28 - 00423360 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-20 19:15 - 2013-05-06 10:42 - 00000000 ____D C:\Users\*****\Downloads\utopia-ccf-s04e15-xvid
2013-12-20 19:15 - 2012-11-07 18:00 - 00000000 ____D C:\Users\*****\Downloads\[0000]---Abarbeiten---
2013-12-20 19:15 - 2012-09-27 18:54 - 00000000 ____D C:\Users\*****\Downloads\[0000]---UFS910 Aufnahmen---
2013-12-20 19:15 - 2012-09-03 20:33 - 00000000 ____D C:\Users\*****\Downloads\[0000]---JD-Load-entpackt
2013-12-20 18:49 - 2013-12-20 18:48 - 02888335 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).flv
2013-12-20 18:48 - 2013-12-20 18:48 - 10759552 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).mp4
2013-12-20 18:48 - 2013-12-20 18:48 - 00690824 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).3gp
2013-12-20 16:09 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2013-12-20 01:22 - 2013-12-20 01:22 - 00381540 _____ C:\Users\*****\Downloads\enigma2-skin-elgato-hd_1.0.1_all.ipk
2013-12-19 04:20 - 2013-04-29 13:26 - 00000000 ____D C:\Users\*****\Downloads\HrnOvr40_29
2013-12-19 04:20 - 2012-12-04 14:18 - 00000000 ____D C:\Users\*****\Downloads\!-Mui Importante
2013-12-19 04:19 - 2013-09-09 19:10 - 00000000 ____D C:\Users\*****\Downloads\!!
2013-12-19 03:01 - 2013-03-04 15:18 - 00000000 ____D C:\Users\*****\Documents\[0000]---dream800---
2013-12-19 02:15 - 2012-08-28 21:49 - 00000000 ____D C:\Users\*****\AppData\Roaming\QuickScan
2013-12-19 01:55 - 2013-12-19 01:55 - 04513064 _____ C:\Users\*****\Downloads\npp.6.5.2.bin.7z
2013-12-19 01:54 - 2013-12-19 01:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\Notepad++
2013-12-19 01:53 - 2013-12-19 01:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2013-12-19 01:53 - 2013-12-19 01:53 - 00000000 ____D C:\Program Files (x86)\Notepad++
2013-12-19 01:52 - 2013-12-19 01:52 - 07549839 _____ C:\Users\*****\Downloads\npp.6.5.2.Installer.exe
2013-12-19 01:48 - 2013-12-19 01:48 - 01432078 _____ C:\Users\*****\Downloads\redate.zip
2013-12-19 00:28 - 2013-12-19 00:28 - 00000001 _____ C:\Users\*****\AppData\Local\llftool.4.40.agreement
2013-12-18 22:01 - 2013-12-18 22:01 - 02046464 _____ C:\Users\*****\Downloads\HDDLLF.4.40.exe
2013-12-18 21:39 - 2013-12-18 21:39 - 00000000 ____D C:\Users\*****\Downloads\usbit (1)
2013-12-18 21:38 - 2013-12-18 21:38 - 00221471 _____ C:\Users\*****\Downloads\usbit (1).zip
2013-12-18 21:35 - 2013-12-18 21:35 - 00236402 _____ C:\Users\*****\Downloads\Anleitung_3_Duck-Trick_Image_USB_Stick_unter_Windows_erstellen_flor62.zip
2013-12-18 20:09 - 2013-12-18 20:09 - 00928690 _____ C:\Users\*****\Downloads\DreamUP133_11.zip
2013-12-18 20:08 - 2013-12-18 20:08 - 03847349 _____ C:\Users\*****\Downloads\CP210x_VCP_Windows.zip
2013-12-18 20:07 - 2013-12-18 20:07 - 54083533 _____ C:\Users\*****\Downloads\newnigma2-stable-dm800-v4.0.6.zip
2013-12-18 18:23 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-17 19:51 - 2013-12-17 19:51 - 04603098 _____ C:\Users\*****\Downloads\e2.ipk
2013-12-17 19:51 - 2013-12-17 19:51 - 00303096 _____ C:\Users\*****\Downloads\python-mechanize_0.2.5-r0_mips32el.ipk
2013-12-17 19:47 - 2013-12-17 19:46 - 00000000 ____D C:\Burgard
2013-12-17 19:44 - 2013-12-17 19:43 - 24509740 _____ (Macrovision Corporation) C:\Users\*****\Downloads\drivers-amp-utility.exe
2013-12-17 02:07 - 2012-10-23 21:23 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-17 02:06 - 2013-08-31 14:52 - 00000000 ____D C:\Windows\system32\MRT
2013-12-17 02:03 - 2012-12-16 12:11 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-17 02:01 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-11 21:57 - 2013-12-11 21:57 - 00018077 _____ C:\Users\*****\Downloads\Black.Mirror.S02E03.DVDRip.XviD-iNGOT.de-SubCentral.rar
2013-12-11 21:56 - 2013-12-11 21:56 - 00012208 _____ C:\Users\*****\Downloads\Black.Mirror.S02E01.DVDRip.XviD-iNGOT.de-SubCentral.rar
2013-12-11 21:56 - 2013-12-11 21:56 - 00010431 _____ C:\Users\*****\Downloads\Black.Mirror.S02E02.DVDRip.XviD-iNGOT.de-SubCentral.rar
2013-12-11 21:54 - 2013-12-11 21:54 - 00020353 _____ C:\Users\*****\Downloads\Black.Mirror.S01E03.DVDRip.XviD-TASTETV.de-SubCentral.rar
2013-12-11 21:54 - 2013-12-11 21:54 - 00020107 _____ C:\Users\*****\Downloads\Black.Mirror.S01E01.DVDRip.XviD-TASTETV.de-SubCentral.rar
2013-12-11 21:54 - 2013-12-11 21:54 - 00016848 _____ C:\Users\*****\Downloads\Black.Mirror.S01E02.DVDRip.XviD-TASTETV.de-SubCentral.rar
2013-12-11 21:54 - 2013-12-11 21:54 - 00016848 _____ C:\Users\*****\Downloads\Black.Mirror.S01E02.DVDRip.XviD-TASTETV.de-SubCentral (1).rar
2013-12-11 21:45 - 2013-12-11 21:45 - 56234802 _____ C:\Users\*****\Downloads\blckmirr-203.part4.rar
2013-12-11 21:45 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part3.rar
2013-12-11 21:45 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part2.rar
2013-12-11 21:45 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part1.rar
2013-12-11 21:44 - 2013-12-11 21:43 - 55171152 _____ C:\Users\*****\Downloads\blckmirr-202.part4.rar
2013-12-11 21:44 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part3.rar
2013-12-11 21:44 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part2.rar
2013-12-11 21:43 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part1.rar
2013-12-11 21:42 - 2013-12-11 21:42 - 55229266 _____ C:\Users\*****\Downloads\blckmirr-201.part4.rar
2013-12-11 21:42 - 2013-12-11 21:40 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part3.rar
2013-12-11 21:42 - 2013-12-11 21:40 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part1.rar
2013-12-11 21:41 - 2013-12-11 21:40 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part2.rar
2013-12-11 21:39 - 2013-12-11 21:34 - 575199387 _____ C:\Users\*****\Downloads\black.mirror.s01e02-tastetv.avi.rar
2013-12-11 21:39 - 2013-12-11 21:34 - 367141019 _____ C:\Users\*****\Downloads\black.mirror.s01e03-tastetv.avi.rar
2013-12-11 21:39 - 2013-12-11 21:34 - 365891737 _____ C:\Users\*****\Downloads\black.mirror.s01e01-tastetv.avi.rar
2013-12-10 16:43 - 2013-12-10 16:42 - 99262843 _____ C:\Users\*****\Downloads\evdeadz.part09.rar
2013-12-10 16:43 - 2013-12-10 16:42 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part08.rar
2013-12-10 16:43 - 2013-12-10 16:41 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part07.rar
2013-12-10 16:42 - 2013-12-10 16:41 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part06.rar
2013-12-10 16:42 - 2013-12-10 16:40 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part05.rar
2013-12-10 16:41 - 2013-12-10 16:40 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part04.rar
2013-12-10 16:41 - 2013-12-10 16:39 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part01.rar
2013-12-10 16:40 - 2013-12-10 16:39 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part03.rar
2013-12-10 16:40 - 2013-12-10 16:39 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part02.rar
2013-12-10 16:37 - 2013-12-10 16:36 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part08.rar
2013-12-10 16:36 - 2013-12-10 16:36 - 15845444 _____ C:\Users\*****\Downloads\DaenikenAegypten.part09.rar
2013-12-10 16:36 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part07.rar
2013-12-10 16:36 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part06.rar
2013-12-10 16:36 - 2013-12-10 16:34 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part04.rar
2013-12-10 16:35 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part05.rar
2013-12-10 16:35 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part03.rar
2013-12-10 16:35 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part02.rar
2013-12-10 16:34 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part01.rar
2013-12-10 16:33 - 2013-12-10 16:33 - 22387776 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part8.rar
2013-12-10 16:33 - 2013-12-10 16:32 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part7.rar
2013-12-10 16:33 - 2013-12-10 16:32 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part6.rar
2013-12-10 16:33 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part5.rar
2013-12-10 16:32 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part4.rar
2013-12-10 16:32 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part3.rar
2013-12-10 16:31 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part2.rar
2013-12-10 16:31 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part1.rar
2013-12-10 16:30 - 2013-12-10 16:30 - 73842964 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part7.rar
2013-12-10 16:30 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part6.rar
2013-12-10 16:30 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part5.rar
2013-12-10 16:30 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part4.rar
2013-12-10 16:29 - 2013-12-10 16:28 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part3.rar
2013-12-10 16:29 - 2013-12-10 16:28 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part2.rar
2013-12-10 16:29 - 2013-12-10 16:28 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part1.rar
2013-12-10 13:44 - 2013-12-10 13:43 - 80295200 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part6.rar
2013-12-10 13:44 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part5.rar
2013-12-10 13:44 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part4.rar
2013-12-10 13:43 - 2013-12-10 13:42 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part3.rar
2013-12-10 13:43 - 2013-12-10 13:42 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part2.rar
2013-12-10 13:43 - 2013-12-10 13:42 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part1.rar
2013-12-09 13:50 - 2013-12-09 13:49 - 82071312 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part6.rar
2013-12-09 13:50 - 2013-12-09 13:49 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part5.rar
2013-12-09 13:50 - 2013-12-09 13:49 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part4.rar
2013-12-09 13:49 - 2013-12-09 13:48 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part3.rar
2013-12-09 13:49 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part1.rar
2013-12-09 13:48 - 2013-12-09 13:48 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part2.rar
2013-12-09 13:48 - 2013-12-09 13:47 - 102291714 _____ C:\Users\*****\Downloads\dwAtlantis.part6.rar
2013-12-09 13:47 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part5.rar
2013-12-09 13:47 - 2013-12-09 13:46 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part4.rar
2013-12-09 13:47 - 2013-12-09 13:46 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part3.rar
2013-12-09 13:47 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part2.rar
2013-12-09 13:46 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part1.rar
2013-12-09 13:46 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\atlan.part5.rar
2013-12-09 13:45 - 2013-12-09 13:45 - 42755408 _____ C:\Users\*****\Downloads\atlan.part6.rar
2013-12-09 13:45 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\atlan.part4.rar
2013-12-09 13:45 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\atlan.part3.rar
2013-12-09 13:45 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\atlan.part2.rar
2013-12-09 13:44 - 2013-12-09 13:43 - 104857600 _____ C:\Users\*****\Downloads\atlan.part1.rar
2013-12-09 13:44 - 2013-12-09 13:42 - 99246501 _____ C:\Users\*****\Downloads\VWAtlantisRdM.part5.rar
2013-12-09 13:44 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\VWAtlantisRdM.part1.rar
2013-12-09 13:42 - 2013-12-09 13:42 - 29707332 _____ C:\Users\*****\Downloads\FREE.Atlanta.part4.rar
2013-12-09 13:42 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part3.rar
2013-12-09 13:42 - 2013-12-09 13:41 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part11.rar
2013-12-09 13:42 - 2013-12-09 13:41 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part2.rar
2013-12-09 13:42 - 2013-12-09 13:41 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part1.rar
2013-12-09 13:41 - 2013-12-09 13:40 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part10.rar
2013-12-09 13:41 - 2013-12-09 13:40 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part09.rar
2013-12-09 13:41 - 2013-12-09 13:39 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part08.rar
2013-12-09 13:40 - 2013-12-09 13:39 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part07.rar
2013-12-09 13:40 - 2013-12-09 13:38 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part06.rar
2013-12-09 13:39 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part05.rar
2013-12-09 13:39 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part04.rar
2013-12-09 13:38 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part03.rar
2013-12-09 13:37 - 2013-12-09 13:36 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part02.rar
2013-12-09 13:37 - 2013-12-09 13:36 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part01.rar
2013-12-09 13:37 - 2013-12-09 13:35 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part2.rar
2013-12-09 13:36 - 2013-12-09 13:35 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part3.rar
2013-12-09 13:36 - 2013-12-09 13:35 - 113068050 _____ C:\Users\*****\Downloads\DieAzoren.part4.rar
2013-12-09 13:35 - 2013-12-09 13:34 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part1.rar
2013-12-09 13:35 - 2013-12-09 13:34 - 110443060 _____ C:\Users\*****\Downloads\XAtlantis.part4.rar
2013-12-09 13:35 - 2013-12-09 13:33 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part3.rar
2013-12-09 13:34 - 2013-12-09 13:33 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part2.rar
2013-12-09 13:34 - 2013-12-09 13:32 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part1.rar
2013-12-09 13:33 - 2013-12-09 13:32 - 82886274 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part4.rar
2013-12-09 13:33 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part3.rar
2013-12-09 13:32 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part2.rar
2013-12-09 13:32 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part1.rar
2013-12-09 13:31 - 2013-12-09 13:31 - 36734289 _____ C:\Users\*****\Downloads\BBCM-E07.part4.rar
2013-12-09 13:31 - 2013-12-09 13:29 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part3.rar
2013-12-09 13:31 - 2013-12-09 13:29 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part2.rar
2013-12-09 13:31 - 2013-12-09 13:29 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part1.rar
2013-12-08 19:27 - 2013-12-08 19:27 - 46970212 _____ C:\Users\*****\Downloads\pt-s01e08.part3.rar
2013-12-08 19:27 - 2013-12-08 19:26 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e08.part2.rar
2013-12-08 19:27 - 2013-12-08 19:26 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e08.part1.rar
2013-12-08 19:27 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e09.part2.rar
2013-12-08 19:26 - 2013-12-08 19:25 - 47604356 _____ C:\Users\*****\Downloads\pt-s01e09.part3.rar
2013-12-08 19:26 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e09.part1.rar
2013-12-08 19:25 - 2013-12-08 19:25 - 47100740 _____ C:\Users\*****\Downloads\pt-s01e07.part3.rar
2013-12-08 19:25 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e07.part2.rar
2013-12-08 19:25 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e07.part1.rar
2013-12-08 19:25 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e06.part2.rar
2013-12-08 19:24 - 2013-12-08 19:24 - 47007212 _____ C:\Users\*****\Downloads\pt-s01e06.part3.rar
2013-12-08 19:24 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e06.part1.rar
2013-12-08 19:24 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e05.part2.rar
2013-12-08 19:23 - 2013-12-08 19:23 - 45389476 _____ C:\Users\*****\Downloads\pt-s01e05.part3.rar
2013-12-08 19:23 - 2013-12-08 19:22 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e05.part1.rar
2013-12-08 19:23 - 2013-12-08 19:22 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e04.part2.rar
2013-12-08 19:23 - 2013-12-08 19:22 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e04.part1.rar
2013-12-08 19:22 - 2013-12-08 19:22 - 45668004 _____ C:\Users\*****\Downloads\pt-s01e04.part3.rar
2013-12-08 19:15 - 2013-12-08 19:15 - 48223084 _____ C:\Users\*****\Downloads\pt-s01e03.part3.rar
2013-12-08 19:15 - 2013-12-08 19:15 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e03.part2.rar
2013-12-08 19:15 - 2013-12-08 19:14 - 46095564 _____ C:\Users\*****\Downloads\pt-s01e02.part3.rar
2013-12-08 19:15 - 2013-12-08 19:14 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e03.part1.rar
2013-12-08 19:15 - 2013-12-08 19:13 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e02.part1.rar
2013-12-08 19:14 - 2013-12-08 19:13 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e02.part2.rar
2013-12-08 19:14 - 2013-12-08 19:12 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e01.part2.rar
2013-12-08 19:13 - 2013-12-08 19:12 - 47069908 _____ C:\Users\*****\Downloads\pt-s01e01.part3.rar
2013-12-08 19:13 - 2013-12-08 19:12 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e01.part1.rar
2013-12-08 16:46 - 2013-12-08 16:46 - 26169389 _____ C:\Users\*****\Downloads\historyvati.part4.rar
2013-12-08 16:46 - 2013-12-08 16:44 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part3.rar
2013-12-08 16:46 - 2013-12-08 16:44 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part2.rar
2013-12-08 16:46 - 2013-12-08 16:44 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part1.rar
2013-12-07 17:43 - 2012-08-29 17:50 - 00002362 _____ C:\Users\*****\Desktop\Google Chrome.lnk
2013-12-07 17:41 - 2013-12-07 17:25 - 00000000 ____D C:\Users\*****\Documents\dave
2013-12-07 17:25 - 2013-12-07 17:25 - 04712205 _____ C:\Users\*****\Documents\dave.rar
2013-12-04 01:53 - 2013-11-23 17:00 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-04 01:53 - 2013-11-23 16:59 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-03 19:04 - 2013-12-03 19:04 - 00000000 ____D C:\Users\*****\AppData\Local\Unattneded
2013-12-03 19:00 - 2013-12-03 19:00 - 00001087 _____ C:\Users\*****\Desktop\AAF Recovery tool AV700.lnk
2013-12-03 19:00 - 2013-12-03 19:00 - 00000000 ____D C:\Program Files (x86)\AAF Recovery tool AV700
2013-12-03 18:58 - 2013-12-03 18:19 - 00000000 ____D C:\Users\*****\Downloads\[0000]---geier
2013-12-03 18:55 - 2013-12-03 18:55 - 28338913 _____ C:\Users\*****\Downloads\AAF_Recovery_Tool_V4.6_av700.rar
2013-12-03 18:42 - 2013-12-03 18:42 - 00120681 _____ C:\Users\*****\Downloads\CreateMini.rar
2013-12-03 18:41 - 2013-12-03 18:41 - 01245289 _____ C:\Users\*****\Downloads\Maxiboot_Installer_Setup_V15.rar
2013-12-03 18:28 - 2013-12-03 18:28 - 00098304 _____ (Hewlett-Packard Company) C:\Users\*****\Downloads\HPUSBFW_v2.2.3 (3).exe
2013-12-03 18:28 - 2013-12-03 18:28 - 00098304 _____ (Hewlett-Packard Company) C:\Users\*****\Downloads\HPUSBFW_v2.2.3 (2).exe
2013-12-03 18:21 - 2013-12-03 18:21 - 26545043 _____ C:\Users\*****\Downloads\AAF_Recovery_Tool_V4.5a_av700.rar
2013-12-03 17:23 - 2013-12-03 17:19 - 18627789 _____ C:\Users\*****\Downloads\Atemio_700_TitanNit_Edition_1.45iboot.rar
2013-12-03 16:51 - 2013-12-03 16:50 - 33292288 _____ C:\Users\*****\Downloads\BP-NMP_miniFLASH_BASE-rev6011.img
2013-12-03 16:50 - 2013-12-03 16:49 - 33292288 _____ C:\Users\*****\Downloads\miniFLASH_rev4839-p191.img
2013-12-02 19:25 - 2013-12-02 19:24 - 209730560 _____ C:\Users\*****\Downloads\ASXXDDx6CE.part1 (1).rar
2013-12-02 19:23 - 2013-12-02 18:35 - 00000000 ____D C:\Users\*****\Downloads\ASXXDDx6CE.part1.rar
2013-12-02 18:42 - 2013-01-05 01:52 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc
2013-12-02 18:06 - 2013-12-02 18:03 - 606025919 _____ C:\Users\*****\Downloads\xcite-anal.sweethearts.5.part2.rar
2013-12-02 18:02 - 2013-12-02 17:59 - 734003200 _____ C:\Users\*****\Downloads\xcite-anal.sweethearts.5.part1.rar
2013-12-01 20:00 - 2013-12-01 19:50 - 1072693248 _____ C:\Users\*****\Downloads\Riddick.Ueberleben.Ist.Seine.Rache.2013.DRip.Ger.A3.DUB.x264-UPX.part1.rar
2013-12-01 19:57 - 2013-12-01 19:53 - 409579390 _____ C:\Users\*****\Downloads\Riddick.Ueberleben.Ist.Seine.Rache.2013.DRip.Ger.A3.DUB.x264-UPX.part2.rar
2013-12-01 19:56 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part03.rar
2013-12-01 19:55 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part10.rar
2013-12-01 19:54 - 2013-12-01 19:53 - 39228144 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part14.rar
2013-12-01 19:54 - 2013-12-01 19:53 - 19727295 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part3.rar
2013-12-01 19:53 - 2013-12-01 19:51 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part11.rar
2013-12-01 19:53 - 2013-12-01 19:51 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part08.rar
2013-12-01 19:53 - 2013-12-01 19:51 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part04.rar
2013-12-01 19:53 - 2013-12-01 19:51 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part02.rar
2013-12-01 19:48 - 2013-12-01 19:46 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part13.rar
2013-12-01 19:48 - 2013-12-01 19:44 - 525336595 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part1.rar
2013-12-01 19:48 - 2013-12-01 19:42 - 525336595 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part2.rar
2013-12-01 19:47 - 2013-12-01 19:42 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part07.rar
2013-12-01 19:46 - 2013-12-01 19:43 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part12.rar
2013-12-01 19:46 - 2013-12-01 19:43 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part09.rar
2013-12-01 19:46 - 2013-12-01 19:42 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part05.rar
2013-12-01 19:45 - 2013-12-01 19:42 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part01.rar
2013-12-01 19:44 - 2013-12-01 19:42 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part06.rar
2013-12-01 17:08 - 2012-12-28 15:10 - 00001908 _____ C:\Windows\diagwrn.xml
2013-12-01 17:08 - 2012-12-28 15:10 - 00001908 _____ C:\Windows\diagerr.xml
2013-12-01 17:06 - 2013-12-01 17:05 - 00000000 ___HD C:\$WINDOWS.~BT
2013-12-01 17:05 - 2013-07-21 10:37 - 00000000 _____ C:\Windows\setuperr.log
2013-12-01 16:45 - 2013-12-01 16:16 - 804946521 _____ C:\Users\*****\Downloads\FroRusWthL.part1.rar
2013-12-01 16:42 - 2013-12-01 16:16 - 803894836 _____ C:\Users\*****\Downloads\FroRusWthL.part2.rar
2013-12-01 16:21 - 2013-12-01 16:20 - 60337803 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part36.rar
2013-12-01 16:19 - 2013-12-01 16:11 - 1032666462 _____ C:\Users\*****\Downloads\HMitSafFot.rar
2013-11-29 19:48 - 2013-11-29 19:48 - 41971440 _____ C:\Users\*****\Downloads\gemini2-510-dm800-20100721145005.nfi (3).zip
2013-11-29 16:22 - 2012-08-28 22:38 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3754388793-1346805017-1485128776-1001
2013-11-29 16:21 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part35.rar
2013-11-29 16:21 - 2013-11-29 16:17 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part34.rar
2013-11-29 16:21 - 2013-11-29 16:17 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part33.rar
2013-11-29 16:20 - 2013-11-29 16:15 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part31.rar
2013-11-29 16:19 - 2013-11-29 16:16 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part32.rar
2013-11-29 16:18 - 2013-11-29 16:11 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part30.rar
2013-11-29 16:18 - 2013-11-29 16:11 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part29.rar
2013-11-29 16:18 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part27.rar
2013-11-29 16:18 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part26.rar
2013-11-29 16:18 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part25.rar
2013-11-29 16:18 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part24.rar
2013-11-29 16:17 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part28.rar
2013-11-29 16:17 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part22.rar
2013-11-29 16:15 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part23.rar
2013-11-29 16:15 - 2013-11-29 16:07 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part21.rar
2013-11-29 16:11 - 2013-11-29 16:03 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part20.rar
2013-11-29 16:11 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part18.rar
2013-11-29 16:10 - 2013-11-29 16:03 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part19.rar
2013-11-29 16:10 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part16.rar
2013-11-29 16:10 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part14.rar
2013-11-29 16:10 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part12.rar
2013-11-29 16:09 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part17.rar
2013-11-29 16:09 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part15.rar
2013-11-29 16:09 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part13.rar
2013-11-29 16:07 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part11.rar
2013-11-29 16:03 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part09.rar
2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part08.rar
2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part06.rar
2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part04.rar
2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part03.rar
2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part02.rar
2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part01.rar
2013-11-29 16:01 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part10.rar
2013-11-29 16:01 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part07.rar
2013-11-29 16:01 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part05.rar
2013-11-29 15:30 - 2013-11-29 15:30 - 00001458 _____ C:\Windows\PFRO.log
2013-11-29 15:08 - 2013-11-29 12:41 - 00004740 _____ C:\Users\*****\Desktop\Rkill.txt
2013-11-29 14:58 - 2013-11-29 14:58 - 00014021 _____ C:\ComboFix.txt
2013-11-29 14:58 - 2013-11-29 12:42 - 00000000 ____D C:\Qoobox
2013-11-29 14:58 - 2012-07-26 06:37 - 00000000 ___RD C:\Users\Default
2013-11-29 14:52 - 2013-11-29 12:42 - 00000000 ____D C:\Windows\erdnt
2013-11-29 14:51 - 2012-07-26 06:26 - 00000215 _____ C:\Windows\system.ini
2013-11-29 12:41 - 2013-11-29 12:41 - 01059064 _____ (Bleeping Computer, LLC) C:\Users\*****\Desktop\rkill64.exe
2013-11-29 12:41 - 2013-11-29 12:41 - 00000000 ____D C:\Users\*****\Desktop\rkill
2013-11-29 12:40 - 2013-11-29 12:40 - 05150163 ____R (Swearware) C:\Users\*****\Desktop\ComboFix.exe
2013-11-29 12:40 - 2013-11-29 12:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\*****\Downloads\rkill.exe
2013-11-29 12:40 - 2013-11-29 12:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\*****\Desktop\rkill.exe
2013-11-29 12:40 - 2013-11-29 12:39 - 05150163 _____ (Swearware) C:\Users\*****\Downloads\ComboFix.exe
2013-11-29 12:31 - 2013-11-29 12:31 - 00000000 ____D C:\Users\*****\Downloads\RootkitRevealer
2013-11-29 12:30 - 2013-11-29 12:30 - 00231390 _____ C:\Users\*****\Downloads\RootkitRevealer.zip
2013-11-29 12:23 - 2013-11-29 12:23 - 00001907 _____ C:\Users\*****\Downloads\02.vbs
2013-11-29 12:19 - 2013-11-29 12:19 - 00001186 _____ C:\Users\*****\Desktop\AIDA64 Engineer.lnk
2013-11-29 12:19 - 2013-11-29 12:19 - 00000000 ____D C:\Program Files (x86)\FinalWire
2013-11-29 12:18 - 2013-11-29 12:18 - 00000000 ____D C:\Users\*****\Downloads\AA644.00.2700
2013-11-29 12:17 - 2013-11-29 12:17 - 48071965 _____ C:\Users\*****\Downloads\AA644.00.2700.rar
2013-11-29 12:12 - 2013-11-29 12:12 - 00001966 _____ C:\Users\*****\Downloads\01.vbs
2013-11-29 11:51 - 2013-11-29 11:51 - 00000000 ____D C:\Program Files (x86)\Belarc
2013-11-29 11:50 - 2013-11-29 11:49 - 03197352 _____ C:\Users\*****\Downloads\advisorinstaller.exe
2013-11-29 11:20 - 2013-11-29 11:20 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2013-11-29 11:19 - 2013-11-29 11:19 - 35890436 _____ C:\Users\*****\Downloads\Microsoft.Kekskit.250BETA1.rar
2013-11-29 10:53 - 2013-11-29 10:53 - 00005593 _____ C:\Users\*****\Downloads\wpkey_v1.4.7d (1).zip
2013-11-29 10:53 - 2013-11-29 10:53 - 00000000 ____D C:\Users\*****\Downloads\wpkey_v1.4.7d (1)
2013-11-29 09:52 - 2013-11-29 09:52 - 00009273 _____ C:\Users\*****\Downloads\Gbox Key Files 25.11.2013.rar
2013-11-29 09:51 - 2013-11-29 09:51 - 00320666 _____ C:\Users\*****\Downloads\SoftCam_Editor.zip
2013-11-28 22:46 - 2013-11-28 22:46 - 02157971 _____ C:\Users\*****\Downloads\HDD 1018.pdf.zip
2013-11-28 20:06 - 2013-01-06 20:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\TeamViewer
2013-11-28 17:29 - 2013-11-28 17:29 - 00000000 ____D C:\Users\*****\Downloads\gbox.net.git806
2013-11-28 16:30 - 2013-11-28 16:30 - 01569767 _____ C:\Users\*****\Downloads\gbox.net.git806.rar
2013-11-28 16:30 - 2013-11-28 16:30 - 00284885 _____ C:\Users\*****\Downloads\dbox2-gbox.net.git806.geshrinkt.rar
2013-11-28 16:30 - 2013-11-28 16:30 - 00284885 _____ C:\Users\*****\Downloads\dbox2-gbox.net.git806.geshrinkt (1).rar
2013-11-27 19:26 - 2013-05-15 18:05 - 00004088 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001UA1ce518e6ecec2ba
2013-11-27 19:26 - 2013-05-15 18:05 - 00003708 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001Core1ce518e6da097c5
2013-11-27 10:49 - 2013-11-27 10:49 - 00140826 _____ C:\Users\*****\Downloads\Kryptoanalyse_des_Premiere_NDS_Verschluesselungssystem.zip
2013-11-27 10:40 - 2013-11-27 10:40 - 00479365 _____ C:\Users\*****\Downloads\CSA-Rainbow-Table-Tool_V2.02_package.zip
2013-11-27 10:40 - 2013-11-27 10:40 - 00160493 _____ C:\Users\*****\Downloads\ChainAuthor.map
2013-11-27 10:40 - 2013-11-27 10:40 - 00160493 _____ C:\Users\*****\Downloads\ChainAuthor (1).map
2013-11-26 20:49 - 2013-04-12 13:47 - 00000000 ____D C:\Users\*****\Downloads\OTLPENet
2013-11-26 14:32 - 2013-11-26 14:32 - 01722190 _____ C:\Users\*****\Downloads\Anleitungen_Duck-Trick_Image (1).zip

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\temp\GLB1A2B.EXE
C:\Users\*****\AppData\Local\temp\pyl1D11.tmp.exe
C:\Users\*****\AppData\Local\temp\pylBEBC.tmp.exe
C:\Users\*****\AppData\Local\temp\Quarantine.exe
C:\Users\*****\AppData\Local\temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-18 16:03

==================== End Of Log ============================
         
--- --- ---
__________________


Alt 26.12.2013, 13:29   #3
candelaver
 
LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner - Standard

LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner



Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-12-2013
Ran by ****** at 2013-12-26 04:28:52
Running from C:\Users\******\Desktop\Security
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Antivirus (Disabled - Out of date) {9B5F5313-CAF9-DD97-C460-E778420237B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Disabled - Out of date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
AS: ESET Smart Security 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: Bitdefender Firewall (Disabled) {A364D236-8096-DCCF-EF3F-4E4DBCD170CF}
FW: ESET Personal Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
AAF_Recovery_tool installer V4.6 (x32)
Adobe AIR (x32 Version: 3.5.0.1060)
Adobe Flash Player 11 Plugin (x32 Version: 11.5.502.135)
Adobe Reader XI - Deutsch (x32 Version: 11.0.00)
AIDA64 Engineer v4.00 (x32 Version: 4.00)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
Artisteer 3 (x32 Version: 3.0)
Bluetooth Stack for Windows by Toshiba (Version: v8.00.02(T))
calibre (x32 Version: 0.9.34)
CCleaner (Version: 3.25)
dLAN Cockpit (x32 Version: 3.2.28)
Dokan Library 0.6.0 (x32)
DVD Decrypter (Remove Only) (x32)
DVD Shrink 3.2 deutsch (DeCSS-frei) (x32)
ESET Online Scanner v3 (x32)
ESET Smart Security (Version: 7.0.302.26)
FlashFXP 4 (x32 Version: 4.4.2.2022)
Google Chrome (HKCU Version: 31.0.1650.63)
Hard Disk Low Level Format Tool 4.25 (x32)
HP webOS SDK (Version: 3.0.676)
ICE ECC v2.7 (x32 Version: v2.7)
InfraRecorder (x32)
iTunes (Version: 11.0.5.5)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
JDownloader 2 (Version: 2)
Kindle DRM Removal (x32 Version: 1.4.1)
LinuxLive USB Creator (x32 Version: 2.8)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017)
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017)
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017)
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017)
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017)
Mozilla Thunderbird 16.0.1 (x86 de) (x32 Version: 16.0.1)
MPC-HC 1.6.6.6957 (3975d54) (64-bit) (Version: 1.6.6.6957)
NAVIGON Fresh 3.4.1 (x32 Version: 3.4.1)
Nitro Pro 8 (Version: 8.5.2.10)
Notepad++ (x32 Version: 6.5.2)
Novacomd (Version: 1.0.0.76)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017)
Samsung Kies (x32 Version: 2.5.0.12094_28)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.22.0)
Sandboxie 4.06 (64-bit) (Version: 4.06)
SatChannelListEditor (x32 Version: 4.4.0)
Secure Eraser (x32 Version: 4.2.0.1)
SiSoftware Sandra Lite 2013.SP3a (Version: 19.44.2013.5)
Splash PRO (x32 Version: 1.13.1)
Splash PRO EX (x32 Version: 1.13.1)
Start8 (x32 Version: 1.10)
TeamViewer 8 (x32 Version: 8.0.22298)
Total Commander 64-bit (Remove or Repair) (Version: 8.01)
UFB Code Setup (x32 Version: V2.6)
Universal Adb Driver (x32 Version: 1.0.0)
Unlocker 1.9.2 (Version: 1.9.2)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition
Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition
Update for Microsoft Office 2013 (KB2727009) 64-Bit Edition
Update for Microsoft Office 2013 (KB2752100) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition
Update for Microsoft Office 2013 (KB2760624) 64-Bit Edition
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition
Update for Microsoft SkyDrive Pro (KB2768356) 64-Bit Edition
Update for Microsoft Word 2013 (KB2738044) 64-Bit Edition
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition
USB Playback Console (x32)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
VLC media player 2.0.6 (Version: 2.0.6)
Web Tools (x32 Version: 7.9.0.0029)
WinDFT (x32 Version: 1.0.0)
Windows 7 USB/DVD Download Tool (x32 Version: 1.0.30)
Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) (Version: 10/09/2009 1.0.1)
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
Wireshark 1.8.3 (64-bit) (x32 Version: 1.8.3)

==================== Restore Points =========================

07-12-2013 16:11:54 Windows Update
11-12-2013 14:50:25 Windows Update
17-12-2013 00:58:30 Windows Update
20-12-2013 15:29:47 Windows Update
22-12-2013 00:45:46 Removed Bonjour
25-12-2013 03:47:14 Windows Update

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-12-23 22:47 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {51617BAF-1D14-435A-BDE8-4D46A8F7E9DB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {66336D5B-3B43-445C-A08C-867AC8C56E80} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001Core1ce518e6da097c5 => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-29] (Google Inc.)
Task: {756D9581-6F0D-4BBE-9E38-0F36CED34D10} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001UA1ce518e6ecec2ba => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-29] (Google Inc.)
Task: {7DC0AD0C-BDB1-44E1-8286-91C48A5357DA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\microsoft shared\OFFICE15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {A04185F0-F830-4528-B426-5FA3D087CD99} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D515E923-D15A-4156-963B-AE339DBF0231} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001Core1ce518e6da097c5.job => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001UA1ce518e6ecec2ba.job => C:\Users\******\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-02 10:25 - 2012-09-07 16:57 - 00559424 _____ () C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-07 17:43 - 2013-12-04 03:47 - 00702416 _____ () C:\Users\******\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-07 17:43 - 2013-12-04 03:47 - 00099792 _____ () C:\Users\******\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-07 17:43 - 2013-12-04 03:48 - 04055504 _____ () C:\Users\******\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-07 17:43 - 2013-12-04 03:48 - 00399312 _____ () C:\Users\******\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-07 17:43 - 2013-12-04 03:47 - 01619408 _____ () C:\Users\******\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Windows\SysWOW64\AudioDec.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\AvsAudioCodec.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\AvsCodec51.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\decode.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\G723Codec.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\ijl15.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\IPCDCore.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\IPCHD10.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\IPCJD20.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\IPCMD10.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\IPCXD10.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\NetworkAPI.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\NVDHE50.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\NVDME50.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\postprocess.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\RTClientSDK71.dll:BDU
AlternateDataStreams: C:\Windows\SysWOW64\Xrypassd.dll:BDU
AlternateDataStreams: C:\Users\******\Downloads\12-10_vista_win7_win8_32-64_raid.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\12-10_vista_win7_win8_32-64_sb.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\amddriverdownloader.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\bitdefender_is_2013_32b.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\bitdefender_is_2013_64b.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\bitdefender_tsecurity2013.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\bitdefender_ts_2013_32b.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\bitdefender_ts_2013_64b.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\bitdefender_w8se_2013_64b.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\ChromeStandaloneSetup (1).exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\ChromeStandaloneSetup.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\ClassicShellSetup_3_6_2 (1).exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\ClassicShellSetup_3_6_5.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\FRITZ!Box-Fernzugang einrichten (1).exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\FRITZ!Box-Fernzugang einrichten.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\FRITZ!VPN64_German.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\groove2013-kb2760358-fullfile-x64-glb.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\HWVendorDetection.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\install_flash_player.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\jre-7u13-windows-i586.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\jre-7u13-windows-x64.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Kies_2.3.3.12085_7_5.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Kies_2.5.0.12094_28_8.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\LiveUpdater.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\mb_bios_ga-890gpa-ud3h_v2.x_fe.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\mb_bios_ga-890gpa-ud3h_v2.x_ff.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\mb_driver_amd_sataraid_ahci_win8.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\mb_utility_3tb_unlock.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\mb_utility_3tb_unlock_f6.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\motherboard_utility_xr2.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\PortableApps.com_Platform_Setup_11.2.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\QuickTimeInstaller.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\SandboxieInstall.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\setup_phc_standard_6_9_0_2841.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\splash_pro_1_13_1_setup (1).exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\splash_pro_1_13_1_setup.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\splash_pro_ex_1_13_1_setup.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\spybotsd162.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Start8_setup.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\StartButton8_Setup_4_47_freeware (1).exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\StartButton8_Setup_4_47_freeware.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\StartButton8_Setup_4_53_freeware.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\tazusb.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\TeamViewer_Setup_de.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Thunderbird Setup 16.0.1.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Ti_60_HE_SIA_EWEB.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\tweaking.com_windows_repair_aio_setup.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Universal-USB-Installer-1.9.2.4.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\UsenetNLSetup_427156f.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Win64OpenSSL_Light-1_0_1c.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Windows_7_IE8.part01.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Windows_XP_IE6 (1).exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Windows_XP_IE6.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\Wireshark-win64-1.8.3.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\wmpfirefoxplugin.exe:BDU
AlternateDataStreams: C:\Users\******\Downloads\ZendServer-CE-php-5.3.14-5.6.0-SP4-Windows_x86.exe:BDU

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: WAN-Miniport (IP)
Description: WAN-Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
Description: Qualcomm Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN-Miniport (IPv6)
Description: WAN-Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #6
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (12/25/2013 05:38:58 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WINWORD.EXE, Version: 15.0.4420.1017, Zeitstempel: 0x506742de
Name des fehlerhaften Moduls: wwlib.dll, Version: 15.0.4420.1017, Zeitstempel: 0x50674337
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000072e0
ID des fehlerhaften Prozesses: 0x928
Startzeit der fehlerhaften Anwendung: 0xWINWORD.EXE0
Pfad der fehlerhaften Anwendung: WINWORD.EXE1
Pfad des fehlerhaften Moduls: WINWORD.EXE2
Berichtskennung: WINWORD.EXE3
Vollständiger Name des fehlerhaften Pakets: WINWORD.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WINWORD.EXE5

Error: (12/25/2013 05:34:58 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: aswMBR.exe, Version: 0.9.9.1771, Zeitstempel: 0x5147644e
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00051f81
ID des fehlerhaften Prozesses: 0x5b4
Startzeit der fehlerhaften Anwendung: 0xaswMBR.exe0
Pfad der fehlerhaften Anwendung: aswMBR.exe1
Pfad des fehlerhaften Moduls: aswMBR.exe2
Berichtskennung: aswMBR.exe3
Vollständiger Name des fehlerhaften Pakets: aswMBR.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: aswMBR.exe5

Error: (12/25/2013 05:29:18 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: aswMBR.exe, Version: 0.9.9.1771, Zeitstempel: 0x5147644e
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16578, Zeitstempel: 0x515fac6e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00051f81
ID des fehlerhaften Prozesses: 0x390
Startzeit der fehlerhaften Anwendung: 0xaswMBR.exe0
Pfad der fehlerhaften Anwendung: aswMBR.exe1
Pfad des fehlerhaften Moduls: aswMBR.exe2
Berichtskennung: aswMBR.exe3
Vollständiger Name des fehlerhaften Pakets: aswMBR.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: aswMBR.exe5

Error: (12/25/2013 05:16:59 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 31.0.1650.63, Zeitstempel: 0x529e8b45
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000008
Fehleroffset: 0xba0e4c39
ID des fehlerhaften Prozesses: 0x12a0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/25/2013 05:16:59 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 31.0.1650.63, Zeitstempel: 0x529e8b45
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000008
Fehleroffset: 0xba0e4c39
ID des fehlerhaften Prozesses: 0x1564
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/25/2013 05:16:59 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 31.0.1650.63, Zeitstempel: 0x529e8b45
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000008
Fehleroffset: 0xba0e4c39
ID des fehlerhaften Prozesses: 0xe9c
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/25/2013 05:16:59 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 31.0.1650.63, Zeitstempel: 0x529e8b45
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000008
Fehleroffset: 0xba0e4c39
ID des fehlerhaften Prozesses: 0x16d0
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/25/2013 05:16:59 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 31.0.1650.63, Zeitstempel: 0x529e8b45
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000008
Fehleroffset: 0xba0e4c39
ID des fehlerhaften Prozesses: 0xf94
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/24/2013 04:10:48 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: chrome.exe, Version: 31.0.1650.63, Zeitstempel: 0x529e8b45
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000008
Fehleroffset: 0xba0e4c39
ID des fehlerhaften Prozesses: 0x12a4
Startzeit der fehlerhaften Anwendung: 0xchrome.exe0
Pfad der fehlerhaften Anwendung: chrome.exe1
Pfad des fehlerhaften Moduls: chrome.exe2
Berichtskennung: chrome.exe3
Vollständiger Name des fehlerhaften Pakets: chrome.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: chrome.exe5

Error: (12/24/2013 10:49:24 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.


System errors:
=============
Error: (12/25/2013 06:08:02 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (12/25/2013 05:37:04 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde mit folgendem Fehler beendet:
%%1008

Error: (12/25/2013 05:36:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PortableVBoxUSBMon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (12/25/2013 05:36:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PortableVBoxDRV" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (12/25/2013 05:04:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2837652) 64-Bit-Edition

Error: (12/25/2013 05:04:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817495) 64-Bit-Edition

Error: (12/25/2013 05:04:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft Office 2013 (KB2726996) 64-Bit-Edition

Error: (12/25/2013 07:45:34 AM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.

Error: (12/25/2013 05:19:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PortableVBoxUSBMon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (12/25/2013 05:19:35 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PortableVBoxDRV" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3


Microsoft Office Sessions:
=========================
Error: (12/25/2013 05:38:58 AM) (Source: Application Error)(User: )
Description: WINWORD.EXE15.0.4420.1017506742dewwlib.dll15.0.4420.101750674337c000000500000000000072e092801cf012b29819d65C:\Program Files\Microsoft Office\Office15\WINWORD.EXEC:\Program Files\Microsoft Office\Office15\wwlib.dll77cca901-6d1e-11e3-bf88-b870f4dd05aa

Error: (12/25/2013 05:34:58 AM) (Source: Application Error)(User: )
Description: aswMBR.exe0.9.9.17715147644entdll.dll6.2.9200.16578515fac6ec000000500051f815b401cf012a06f316a2C:\Users\******\Desktop\aswMBR.exeC:\Windows\SYSTEM32\nt dll.dlle8d654b2-6d1d-11e3-bf88-b870f4dd05aa

Error: (12/25/2013 05:29:18 AM) (Source: Application Error)(User: )
Description: aswMBR.exe0.9.9.17715147644entdll.dll6.2.9200.16578515fac6ec000000500051f8139001cf01290f5e1698C:\Users\******\Downloads\aswMBR.exeC:\Windows\SYSTEM32\ ntdll.dll1db6a0d9-6d1d-11e3-bf88-b870f4dd05aa

Error: (12/25/2013 05:16:59 AM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.63529e8b45unknown0.0.0.000000000c0000008ba0e4c3912a001cf0126dff4d848C:\Users\******\AppData\Local\Google\Chrome\Application\chrome .exeunknown6597e646-6d1b-11e3-bf87-b870f4dd05aa

Error: (12/25/2013 05:16:59 AM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.63529e8b45unknown0.0.0.000000000c0000008ba0e4c39156401cf01277312fe1dC:\Users\******\AppData\Local\Google\Chrome\Application\chrome .exeunknown659a477a-6d1b-11e3-bf87-b870f4dd05aa

Error: (12/25/2013 05:16:59 AM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.63529e8b45unknown0.0.0.000000000c0000008ba0e4c39e9c01cf0126e004b6e9C:\Users\******\AppData\Local\Google\Chrome\Application\chrome. exeunknown659584d5-6d1b-11e3-bf87-b870f4dd05aa

Error: (12/25/2013 05:16:59 AM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.63529e8b45unknown0.0.0.000000000c0000008ba0e4c3916d001cf0127dc2cc2aeC:\Users\******\AppData\Local\Google\Chrome\Application\chrome .exeunknown65873c9f-6d1b-11e3-bf87-b870f4dd05aa

Error: (12/25/2013 05:16:59 AM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.63529e8b45unknown0.0.0.000000000c0000008ba0e4c39f9401cf0126dfdbe0f4C:\Users\******\AppData\Local\Google\Chrome\Application\chrome. exeunknown658bff25-6d1b-11e3-bf87-b870f4dd05aa

Error: (12/24/2013 04:10:48 PM) (Source: Application Error)(User: )
Description: chrome.exe31.0.1650.63529e8b45unknown0.0.0.000000000c0000008ba0e4c3912a401cf00b7b00b9303C:\Users\******\AppData\Local\Google\Chrome\Application\chrome .exeunknown9124dcfd-6cad-11e3-bf87-b870f4dd05aa

Error: (12/24/2013 10:49:24 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe


CodeIntegrity Errors:
===================================
Date: 2013-11-29 13:00:26.154
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-04-11 13:08:34.279
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wwapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-03-29 23:06:32.583
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-03-29 23:06:30.487
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-03-29 23:06:28.372
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-03-29 23:06:26.264
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-03-29 23:06:24.164
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-03-29 23:06:22.050
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-02-11 14:12:11.687
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Windows 8 Security\active virus control\Avc3_00177_002\avcuf64.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-02-11 14:10:21.736
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender Windows 8 Security\active virus control\Avc3_00177_002\avcuf64.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 57%
Total physical RAM: 3818.9 MB
Available physical RAM: 1637.25 MB
Total Pagefile: 7658.9 MB
Available Pagefile: 5219.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:595.83 GB) (Free:111.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: BA29BD2B)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596 GB) - (Type=07 NTFS)

==================== End Of Log ============================

MBAM Pro LOG

Zitat:
Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.26.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
****** :: ******_ACER [Administrator]

Schutz: Aktiviert

26.12.2013 04:14:07
mbam-log-2013-12-26 (04-14-07).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 243015
Laufzeit: 33 Minute(n), 31 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\******\Downloads\55.rar (RiskWare.Tool.CK) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
__________________

Alt 10.01.2014, 23:23   #4
schrauber
/// the machine
/// TB-Ausbilder
 

LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner - Standard

LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner



hi,
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner
7-zip, adobe reader xi, desktop, error, excel, fehler, firefox, flash player, format, google, homepage, iexplore.exe, install.exe, internet, internet explorer, logfile, mozilla, registry, richtlinie, rundll, security, software, svchost.exe, system, tcp, total commander, trojaner, updates, usb, version., windows



Ähnliche Themen: LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner


  1. Win XP: Nach bereinigung mit MBAM lassen sich keine Office-Dateien öffnen
    Plagegeister aller Art und deren Bekämpfung - 29.06.2015 (4)
  2. Nach Adware Cleaner Meldung: "Keine Internetverbindung". Keine Updates, kein Skype u.ä. mehr möglich!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.01.2015 (15)
  3. Windows 8.1 macht nach Vierenbefall/Trojaner keine Updates mehr
    Log-Analyse und Auswertung - 06.08.2014 (11)
  4. Keine Installationen/Updates möglich
    Alles rund um Windows - 30.06.2014 (5)
  5. Keine Downloads Internet möglich, Office 2013 funktioniert nicht
    Plagegeister aller Art und deren Bekämpfung - 03.06.2014 (41)
  6. Windows 7 Starter startet nach Updates nicht mehr (Microsoft Office Updates)
    Log-Analyse und Auswertung - 31.03.2014 (15)
  7. Trojaner der den Zugang zur Windows-Homepage blockiert und keine Updates zulässt
    Log-Analyse und Auswertung - 21.01.2014 (19)
  8. Win 7 64 bit- Kaspersky IS 2013-keine Updates-keine Aktivierung nach Neuinstallation-Fehler 2 Arbeitsstationsdienst
    Log-Analyse und Auswertung - 27.09.2013 (34)
  9. Updates für Mac Office 2004, 2008 und 2011
    Nachrichten - 15.06.2011 (0)
  10. MS-Patchday: Updates für Office und Forefront
    Nachrichten - 05.11.2010 (0)
  11. alte office (2003) dateien mit explorer oder win comander in office 2010 öffnen
    Alles rund um Windows - 06.08.2010 (10)
  12. Keine Updates mehr
    Plagegeister aller Art und deren Bekämpfung - 10.05.2009 (14)
  13. Hilfe! Keine Updates funktionieren! Trojaner?
    Log-Analyse und Auswertung - 18.04.2009 (0)
  14. Keine .exe, Keine Updates, Keine https
    Log-Analyse und Auswertung - 09.09.2008 (16)
  15. Fehlermeldung beim Öffnen von worddokume in office xp und office 2003
    Alles rund um Windows - 24.08.2006 (7)
  16. Fragmente
    Plagegeister aller Art und deren Bekämpfung - 28.06.2006 (3)

Zum Thema LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner - Hi Leute, ich kann aktuelle Office2013 Updates nicht installieren, ich habe ein wenig vorarbeit geleistet und gemäß der Anleitungen des TB Forums, mit folgenden Programmen, erste LOGs erstellt. Ich habe - LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner...
Archiv
Du betrachtest: LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.