Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Unicode Dateinamen in: C:\Windows\SysWOW64

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.03.2014, 22:32   #1
GameMasterMM
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Guten Abend liebes Trojaner-Board,
duch Zufall bin ich in den Ordner: C:\Windows\SysWOW64 gekommen und habe fünf Dateien mit Unicode Zeichen im Namen entdeckt:
㒯蹬–
렚孏蹬;
殹趵蹬™
㈾䢔蹬N
䣃篯蹬*

Mir dämmerts schon, das das nicht mit Virenfreien Dingen zugeht, jedoch würde ich gerne bei Experten nach Hilfe fragen.
Hier noch mein Malwarebytes Log:
Code:
ATTFilter
 Malwarebytes Anti-Malware  (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.21.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Marvin :: MARVIN-PC [Administrator]

Schutz: Deaktiviert

21.03.2014 22:25:36
mbam-log-2014-03-21 (22-25-36).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 219482
Laufzeit: 2 Minute(n), 47 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Ich hoffe auf Hilfe.
Mit vielen Grüßen,
Marvin Metz

Alt 21.03.2014, 23:12   #2
aharonov
/// TB-Ausbilder
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Hallo Marvin,

benutzt du Avira als Antivirenprogramm und sind diese Unicode-Dateien alle so ungefähr 100 MB gross?
__________________

__________________

Alt 21.03.2014, 23:56   #3
GameMasterMM
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Ja, bei beidem liegst du richtig.
__________________

Alt 21.03.2014, 23:59   #4
aharonov
/// TB-Ausbilder
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Diese Dateien wurden durch einen Bug von Avira erstellt. Du kannst sie einfach löschen.
Läuft der Rechner sonst normal oder bestehen Auffälligkeiten?
__________________
cheers,
Leo

Alt 22.03.2014, 00:01   #5
GameMasterMM
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



In dem Sinn nicht. Jedoch bekam ich vor 10 Minuten eine Meldung von Malwarebytes das ein Zugriff auf den Prozess "svchost.exe" von einer IP geblockt worden sei.


Alt 22.03.2014, 00:26   #6
aharonov
/// TB-Ausbilder
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Das kommt schon mal vor.. Kannst du die genaue Angabe von MBAM posten?
Und wir können ja mal reinschauen:


Downloade dir bitte Farbar Recovery Scan Tool 64-Bit und speichere es auf den Desktop.
  • Starte die FRST64.exe.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.
__________________
--> Unicode Dateinamen in: C:\Windows\SysWOW64

Alt 22.03.2014, 01:01   #7
GameMasterMM
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Die genaue Meldung von MWB weiß ich leider nicht mehr. Auch nicht wo ich sie finde.
Hier die Logs von FRST:

[CODE]ww
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Marvin (administrator) on MARVIN-PC on 22-03-2014 00:56:38
Running from C:\Users\Marvin\Desktop\AVS
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\eclipse\eclipse.exe
(Oracle Corporation) C:\Windows\system32\javaw.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [] - [X]
HKLM\...\Run: [Command Center Controllers] - C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-06-15] (Alienware)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-18] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924064 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3680688155-2668200437-4286530012-1000\...\MountPoints2: {b17cbd96-9e24-11e3-8a42-d4bed9269220} - E:\SWINGRUN.EXE
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148528 2014-02-08] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x244FBE3871C4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF NetworkProxy: "backup.ftp", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "backup.ftp_port", 8080
FF NetworkProxy: "backup.socks", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "backup.socks_port", 8080
FF NetworkProxy: "backup.ssl", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "backup.ssl_port", 8080
FF NetworkProxy: "ftp", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "http", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "wwwproxy.bahn-net.db.de"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: NoScript - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-21]
FF Extension: Adblock Plus - C:\Users\Marvin\AppData\Roaming\Mozilla\Firefox\Profiles\teinz99j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-21]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-22] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-14] (Avira Operations GmbH & Co. KG)
R3 dcdbas; C:\Windows\System32\DRIVERS\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-01] (Disc Soft Ltd)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2013-10-16] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2014-02-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2011-07-15] (Creative Technology Ltd.)
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-21 23:21 - 2014-03-21 23:57 - 00207707 _____ () C:\Users\Marvin\Desktop\Minigame.jar
2014-03-21 23:10 - 2014-03-21 23:10 - 07889692 _____ () C:\Users\Marvin\Downloads\latest(1).log
2014-03-21 22:52 - 2014-03-21 22:52 - 00700980 _____ () C:\Users\Marvin\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-03-21 22:52 - 2014-03-21 22:52 - 00536691 _____ () C:\Users\Marvin\Downloads\noscript-2.6.8.17.xpi.zip
2014-03-21 21:09 - 2014-03-21 21:09 - 00172024 _____ () C:\Users\Marvin\Desktop\OTL.Txt
2014-03-21 21:09 - 2014-03-21 21:09 - 00096798 _____ () C:\Users\Marvin\Desktop\Extras.Txt
2014-03-21 20:52 - 2014-03-21 20:52 - 00602112 _____ (OldTimer Tools) C:\Users\Marvin\Desktop\OTL.exe
2014-03-21 16:22 - 2014-03-21 16:22 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\com.blinkworks.IGTM
2014-03-19 15:39 - 2013-07-29 11:36 - 00024849 _____ () C:\Users\Marvin\Desktop\smilies-xenforo-extendedd.xml
2014-03-19 15:38 - 2014-03-19 15:38 - 00004812 _____ () C:\Users\Marvin\Downloads\8thos Star Ratings CSS Smilie Sprites.zip
2014-03-19 15:38 - 2014-03-19 15:38 - 00001921 _____ () C:\Users\Marvin\Downloads\smilies-xenforo-extended.zip
2014-03-19 15:37 - 2014-03-19 15:37 - 00006795 _____ () C:\Users\Marvin\Downloads\smilies-XenForo_com(1).zip
2014-03-19 15:32 - 2014-01-31 15:44 - 00025736 _____ () C:\Users\Marvin\Desktop\smilies-xenforo_extended.xml
2014-03-19 15:27 - 2014-03-19 15:27 - 00001908 _____ () C:\Users\Marvin\Downloads\smilies-xenforo_extended.zip
2014-03-19 15:25 - 2014-01-31 15:38 - 00004726 _____ () C:\Users\Marvin\Desktop\smilies-XenForo_com.xml
2014-03-19 15:20 - 2014-03-19 15:20 - 00000652 _____ () C:\Users\Marvin\Downloads\smilies-XenForo_com.zip
2014-03-19 14:59 - 2014-03-19 14:59 - 00000835 _____ () C:\Users\Marvin\AppData\Local\recently-used.xbel
2014-03-18 16:40 - 2014-03-18 16:40 - 00576778 _____ () C:\Users\Marvin\Desktop\2014-03-17-1.log.gz
2014-03-18 12:51 - 2014-03-18 12:51 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-18 12:50 - 2014-03-18 13:54 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-18 12:49 - 2014-03-18 12:50 - 10820032 _____ (SurfRight B.V.) C:\Users\Marvin\Desktop\HitmanPro_x64.exe
2014-03-18 12:48 - 2014-03-18 12:48 - 00023914 _____ () C:\Users\Marvin\Desktop\Addition.txt
2014-03-18 12:47 - 2014-03-22 00:56 - 00000000 ____D () C:\FRST
2014-03-18 12:47 - 2014-03-18 12:48 - 00043791 _____ () C:\Users\Marvin\Desktop\FRST.txt
2014-03-18 12:40 - 2014-03-18 12:29 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-18 12:31 - 2014-03-18 12:42 - 00007821 _____ () C:\zoek-results.log
2014-03-18 12:29 - 2014-03-18 12:39 - 00000000 ____D () C:\zoek_backup
2014-03-18 12:29 - 2014-03-18 12:29 - 04095370 _____ () C:\Users\Marvin\Desktop\zoek.zip
2014-03-18 12:21 - 2014-03-18 12:21 - 00000947 _____ () C:\Users\Marvin\Desktop\JRT.txt
2014-03-18 12:15 - 2014-03-18 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 12:05 - 2014-03-18 12:08 - 00000000 ____D () C:\AdwCleaner
2014-03-18 12:04 - 2014-03-22 00:56 - 00000000 ____D () C:\Users\Marvin\Desktop\AVS
2014-03-17 20:48 - 2014-03-17 20:48 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 20:48 - 2014-03-17 20:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 20:48 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-17 19:14 - 2014-03-17 19:14 - 00000000 ____D () C:\Users\Marvin\Documents\PassMark
2014-03-17 19:14 - 2014-03-17 19:14 - 00000000 ____D () C:\Users\Marvin\AppData\Local\PassMark
2014-03-17 19:14 - 2014-03-17 19:14 - 00000000 ____D () C:\ProgramData\Passmark
2014-03-17 18:39 - 2014-03-17 18:40 - 24247424 _____ (Passmark Software ) C:\Users\Marvin\Downloads\petst.exe
2014-03-17 18:34 - 2014-03-17 18:34 - 00526371 _____ () C:\Users\Marvin\Downloads\openhardwaremonitor-v0.6.0-beta.zip
2014-03-15 10:17 - 2014-03-11 15:34 - 01055727 _____ () C:\Users\Marvin\Desktop\language-Deutsch-[Du].xml
2014-03-15 10:14 - 2014-03-15 10:14 - 00148031 _____ () C:\Users\Marvin\Downloads\XenForo 1.3.0 - Deutsch [Du].zip
2014-03-15 09:52 - 2014-03-15 09:52 - 00129338 _____ () C:\Users\Marvin\Downloads\ReminePlugin.jar
2014-03-14 15:38 - 2014-03-13 17:46 - 00267099 _____ () C:\Users\Marvin\Desktop\style-UI.X.xml
2014-03-14 15:33 - 2014-03-14 15:33 - 01739221 _____ () C:\Users\Marvin\Downloads\audentio-ui_x-23_1-3-0-1.zip
2014-03-14 14:59 - 2014-03-12 17:02 - 00009309 _____ () C:\Users\Marvin\Desktop\style-UI.X-Dark.xml
2014-03-14 14:57 - 2014-03-14 14:58 - 00592429 _____ () C:\Users\Marvin\Downloads\audentio-ui_x_dark-28_1-3-0-1.zip
2014-03-13 20:04 - 2014-03-13 20:04 - 00883922 _____ () C:\Users\Marvin\Downloads\audentio-ui_x-23_1-3-0-0.zip
2014-03-13 18:16 - 2014-03-13 18:16 - 05758317 _____ () C:\Users\Marvin\Downloads\xenforo_1.3.0_3F28BEA728_upgrade.zip
2014-03-12 16:29 - 2014-03-12 16:30 - 11780577 _____ () C:\Users\Marvin\Downloads\Matix.zip
2014-03-11 19:50 - 2014-03-11 19:50 - 00373934 _____ () C:\Users\Marvin\Desktop\2014-03-11-2.log.gz
2014-03-11 18:23 - 2014-03-11 18:23 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-11 18:23 - 2014-03-11 18:23 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Skype
2014-03-11 16:30 - 2014-03-11 16:33 - 34103003 _____ () C:\Users\Marvin\Downloads\Containment Survival 2.zip
2014-03-11 16:10 - 2014-03-11 16:10 - 02642441 _____ () C:\Users\Marvin\Downloads\forge-1.7.2-10.12.0.1034-installer.jar
2014-03-11 16:04 - 2014-03-11 16:04 - 02414389 _____ () C:\Users\Marvin\Downloads\Sea Cube Survival.zip
2014-03-11 16:04 - 2014-03-11 16:04 - 00278746 _____ () C:\Users\Marvin\Downloads\Floating islands V 1.0 By ObbolaLink.zip
2014-03-11 16:04 - 2014-03-11 16:04 - 00278746 _____ () C:\Users\Marvin\Downloads\Floating islands V 1.0 By ObbolaLink(1).zip
2014-03-11 16:03 - 2014-03-11 16:07 - 30220470 _____ () C:\Users\Marvin\Downloads\Containment Survival 2 sounds.zip
2014-03-10 23:17 - 2014-03-10 23:21 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Dev-Cpp
2014-03-10 23:16 - 2014-03-10 23:18 - 00000000 ____D () C:\Dev-Cpp
2014-03-10 23:15 - 2014-03-10 23:16 - 09326468 _____ () C:\Users\Marvin\Downloads\devcpp-4.9.9.2_setup.exe
2014-03-10 18:34 - 2014-03-10 18:34 - 00583169 _____ () C:\Users\Marvin\Downloads\audentio-ui_x_dark-28_1-2-4-0.zip
2014-03-09 01:42 - 2014-03-09 01:42 - 00008901 _____ () C:\Users\Marvin\Desktop\VOCT_Steve_HeyOo_01.ogg
2014-03-08 16:14 - 2014-03-08 16:14 - 02693317 _____ () C:\Users\Marvin\Downloads\liteloader-installer-1.7.2-04.exe
2014-03-07 23:37 - 2014-03-07 23:37 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-07 23:37 - 2014-03-07 23:37 - 00000000 ____D () C:\Windows\system32\NV
2014-03-07 23:37 - 2014-03-07 23:37 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-07 23:37 - 2014-02-08 17:18 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-07 23:32 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 18257576 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 17715784 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 15740232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-07 23:32 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-07 23:32 - 2014-02-08 19:34 - 00300320 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-03-07 23:32 - 2014-02-08 19:34 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-03-07 16:04 - 2014-03-07 16:04 - 00209469 _____ () C:\Users\Marvin\Downloads\Level 72 Borderlands 2 Characters.rar
2014-03-02 09:32 - 2014-03-02 10:00 - 00000000 ____D () C:\Users\Marvin\.VirtualBox
2014-03-02 09:32 - 2014-03-02 09:32 - 00000000 ____D () C:\Users\Marvin\VirtualBox VMs
2014-03-02 09:31 - 2014-03-02 09:31 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-03-02 09:31 - 2014-03-02 09:31 - 00000000 ____D () C:\Program Files\Oracle
2014-03-02 09:31 - 2014-02-25 18:31 - 00252704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-03-02 09:31 - 2014-02-25 18:27 - 00126752 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-03-02 09:17 - 2014-03-02 09:25 - 107234592 _____ (Oracle Corporation) C:\Users\Marvin\Downloads\VirtualBox-4.3.8-92456-Win.exe
2014-03-01 18:36 - 2014-03-01 18:36 - 244914176 _____ () C:\Users\Marvin\Desktop\SWING2000.iso
2014-03-01 18:34 - 2014-03-01 18:34 - 00001953 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-03-01 18:34 - 2014-03-01 18:34 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Canneverbe Limited
2014-03-01 18:34 - 2014-03-01 18:34 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-03-01 18:34 - 2014-03-01 18:34 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-03-01 18:33 - 2014-03-01 18:33 - 05284632 _____ (Canneverbe Limited ) C:\Users\Marvin\Downloads\cdbxp_setup_4.5.2.4478.exe
2014-03-01 18:19 - 2014-03-01 18:19 - 00000000 ____D () C:\Program Files (x86)\Software2000
2014-03-01 18:18 - 2011-12-02 22:38 - 281268624 _____ () C:\Users\Marvin\Desktop\SWING2000.bin
2014-03-01 18:18 - 2011-12-02 22:38 - 00000075 _____ () C:\Users\Marvin\Desktop\SWING2000.cue
2014-03-01 18:17 - 2014-03-01 18:19 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\DAEMON Tools Lite
2014-03-01 18:17 - 2014-03-01 18:17 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-01 18:17 - 2014-03-01 18:17 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-01 18:17 - 2014-03-01 18:17 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-01 18:15 - 2014-03-01 18:19 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-01 16:52 - 2014-03-01 18:05 - 199821809 _____ () C:\Users\Marvin\Downloads\S2000(1).rar
2014-03-01 16:48 - 2014-03-01 16:48 - 00013583 _____ () C:\Users\Marvin\Downloads\S2000.rar
2014-03-01 16:37 - 2014-03-01 16:37 - 06173737 _____ () C:\Users\Marvin\Downloads\XSwing.zip
2014-03-01 16:32 - 1998-05-07 10:57 - 00143872 _____ (Intel Corporation) C:\Windows\SysWOW64\iacenc.dll
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\BlueByte
2014-03-01 16:28 - 1998-01-23 12:20 - 00305664 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2014-03-01 16:20 - 2014-03-01 16:20 - 00003050 _____ () C:\Windows\System32\Tasks\{9CABD2A1-419D-43B7-9931-16AB25419D2F}
2014-02-28 14:41 - 2014-02-28 14:41 - 01229009 _____ () C:\Users\Marvin\Downloads\saveedit_r230.zip
2014-02-28 14:39 - 2014-02-28 14:39 - 00040084 _____ () C:\Users\Marvin\Downloads\Borderlands2.cetrainer-Update_mpgh.net.zip
2014-02-25 18:27 - 2014-02-25 18:27 - 00154912 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2014-02-25 18:27 - 2014-02-25 18:27 - 00140576 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2014-02-25 18:24 - 2014-02-25 18:24 - 00204064 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2014-02-24 16:05 - 2014-02-24 16:05 - 00000000 ____D () C:\Users\Marvin\AppData\Local\NVIDIA Corporation
2014-02-24 16:04 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-02-24 16:04 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-02-23 20:00 - 2014-02-23 20:00 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-23 20:00 - 2014-02-23 20:00 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-23 18:14 - 2014-02-23 18:14 - 02243340 _____ () C:\Users\Marvin\Desktop\r.-1.-1.mca
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 ____D () C:\Users\Marvin\Documents\ANNO 2070
2014-02-23 01:50 - 2014-03-02 18:15 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-02-23 01:50 - 2014-02-23 01:50 - 00000000 ____D () C:\Users\Marvin\AppData\Local\PunkBuster
2014-02-23 00:20 - 2014-02-23 00:20 - 00000000 ____D () C:\Users\Marvin\Documents\Rayman Legends
2014-02-22 22:25 - 2014-03-02 18:15 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-02-22 22:25 - 2014-02-25 20:48 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-22 22:25 - 2014-02-22 22:25 - 00000000 ____D () C:\Users\Marvin\Documents\Assassin's Creed III
2014-02-22 22:24 - 2014-02-22 22:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-22 22:24 - 2014-02-22 14:13 - 03123272 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-02-21 23:02 - 2014-02-21 23:07 - 169298152 _____ (Blue Byte GmbH) C:\Users\Marvin\Downloads\settlers_6_v1.7.1.exe
2014-02-21 17:11 - 2014-02-22 22:25 - 00001205 _____ () C:\Users\Marvin\Desktop\Uplay.lnk
2014-02-21 17:11 - 2014-02-21 17:11 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-21 16:59 - 2014-02-21 17:01 - 24112320 _____ () C:\Users\Marvin\Downloads\UplayInstaller208.exe
2014-02-21 16:39 - 2014-02-21 16:39 - 00000000 ____D () C:\Users\Marvin\Documents\DIE SIEDLER - Aufstieg eines Königreichs
2014-02-21 14:48 - 2014-02-22 22:58 - 00000000 ____D () C:\Users\Marvin\Documents\Settlers7
2014-02-21 14:34 - 2014-02-23 00:24 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Ubisoft Game Launcher
2014-02-21 14:31 - 2014-02-21 14:31 - 00000000 ____D () C:\ProgramData\Solidshield
2014-02-21 14:29 - 2014-02-21 14:29 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Ubisoft
2014-02-21 14:20 - 2014-02-21 14:20 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-20 21:39 - 2014-02-20 21:39 - 00000000 ____D () C:\Users\Marvin\Documents\Banished

==================== One Month Modified Files and Folders =======

2014-03-22 00:56 - 2014-03-18 12:47 - 00000000 ____D () C:\FRST
2014-03-22 00:56 - 2014-03-18 12:04 - 00000000 ____D () C:\Users\Marvin\Desktop\AVS
2014-03-22 00:21 - 2013-10-09 00:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-22 00:12 - 2013-10-09 00:44 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\.minecraft
2014-03-21 23:58 - 2013-10-09 09:23 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-21 23:57 - 2014-03-21 23:21 - 00207707 _____ () C:\Users\Marvin\Desktop\Minigame.jar
2014-03-21 23:10 - 2014-03-21 23:10 - 07889692 _____ () C:\Users\Marvin\Downloads\latest(1).log
2014-03-21 23:09 - 2013-10-09 11:13 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\FileZilla
2014-03-21 23:04 - 2013-10-11 09:46 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Eclipse
2014-03-21 23:04 - 2013-10-09 00:40 - 00000000 ____D () C:\Program Files (x86)\eclipse
2014-03-21 22:52 - 2014-03-21 22:52 - 00700980 _____ () C:\Users\Marvin\Downloads\adblock_edge-2.0.7-sm+an+tb+fx-windows.xpi
2014-03-21 22:52 - 2014-03-21 22:52 - 00536691 _____ () C:\Users\Marvin\Downloads\noscript-2.6.8.17.xpi.zip
2014-03-21 22:48 - 2013-10-08 23:39 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\TS3Client
2014-03-21 21:09 - 2014-03-21 21:09 - 00172024 _____ () C:\Users\Marvin\Desktop\OTL.Txt
2014-03-21 21:09 - 2014-03-21 21:09 - 00096798 _____ () C:\Users\Marvin\Desktop\Extras.Txt
2014-03-21 20:57 - 2013-10-09 14:08 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Skype
2014-03-21 20:52 - 2014-03-21 20:52 - 00602112 _____ (OldTimer Tools) C:\Users\Marvin\Desktop\OTL.exe
2014-03-21 16:52 - 2013-10-08 22:00 - 01471901 _____ () C:\Windows\WindowsUpdate.log
2014-03-21 16:22 - 2014-03-21 16:22 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\com.blinkworks.IGTM
2014-03-20 17:34 - 2009-07-14 05:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 17:34 - 2009-07-14 05:45 - 00021264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 17:19 - 2009-07-14 05:51 - 00089273 _____ () C:\Windows\setupact.log
2014-03-19 18:33 - 2013-12-14 13:10 - 00151722 _____ () C:\Users\Marvin\Desktop\Umsätze(2013-15).ods
2014-03-19 15:38 - 2014-03-19 15:38 - 00004812 _____ () C:\Users\Marvin\Downloads\8thos Star Ratings CSS Smilie Sprites.zip
2014-03-19 15:38 - 2014-03-19 15:38 - 00001921 _____ () C:\Users\Marvin\Downloads\smilies-xenforo-extended.zip
2014-03-19 15:37 - 2014-03-19 15:37 - 00006795 _____ () C:\Users\Marvin\Downloads\smilies-XenForo_com(1).zip
2014-03-19 15:32 - 2013-10-17 18:13 - 00000000 ____D () C:\Users\Marvin\.gimp-2.8
2014-03-19 15:27 - 2014-03-19 15:27 - 00001908 _____ () C:\Users\Marvin\Downloads\smilies-xenforo_extended.zip
2014-03-19 15:20 - 2014-03-19 15:20 - 00000652 _____ () C:\Users\Marvin\Downloads\smilies-XenForo_com.zip
2014-03-19 14:59 - 2014-03-19 14:59 - 00000835 _____ () C:\Users\Marvin\AppData\Local\recently-used.xbel
2014-03-19 14:59 - 2013-10-17 18:15 - 00000000 ____D () C:\Users\Marvin\AppData\Local\gtk-2.0
2014-03-18 16:40 - 2014-03-18 16:40 - 00576778 _____ () C:\Users\Marvin\Desktop\2014-03-17-1.log.gz
2014-03-18 14:07 - 2013-10-09 07:54 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2014-03-18 14:07 - 2013-10-09 07:54 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2014-03-18 14:07 - 2009-07-14 06:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-18 14:01 - 2013-10-08 23:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-18 14:01 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 13:54 - 2014-03-18 12:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-03-18 12:51 - 2014-03-18 12:51 - 00000000 ____D () C:\Program Files\HitmanPro
2014-03-18 12:50 - 2014-03-18 12:49 - 10820032 _____ (SurfRight B.V.) C:\Users\Marvin\Desktop\HitmanPro_x64.exe
2014-03-18 12:48 - 2014-03-18 12:48 - 00023914 _____ () C:\Users\Marvin\Desktop\Addition.txt
2014-03-18 12:48 - 2014-03-18 12:47 - 00043791 _____ () C:\Users\Marvin\Desktop\FRST.txt
2014-03-18 12:42 - 2014-03-18 12:31 - 00007821 _____ () C:\zoek-results.log
2014-03-18 12:41 - 2010-11-21 04:47 - 00410756 _____ () C:\Windows\PFRO.log
2014-03-18 12:39 - 2014-03-18 12:29 - 00000000 ____D () C:\zoek_backup
2014-03-18 12:29 - 2014-03-18 12:40 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-18 12:29 - 2014-03-18 12:29 - 04095370 _____ () C:\Users\Marvin\Desktop\zoek.zip
2014-03-18 12:21 - 2014-03-18 12:21 - 00000947 _____ () C:\Users\Marvin\Desktop\JRT.txt
2014-03-18 12:15 - 2014-03-18 12:15 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 12:08 - 2014-03-18 12:05 - 00000000 ____D () C:\AdwCleaner
2014-03-18 11:50 - 2014-01-12 00:38 - 00000000 ____D () C:\Users\Marvin\Downloads\ADW
2014-03-18 00:56 - 2013-11-28 19:49 - 00000000 ____D () C:\Program Files (x86)\ZMatrix
2014-03-18 00:56 - 2013-10-08 22:04 - 00000000 ___RD () C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-17 20:48 - 2014-03-17 20:48 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-03-17 20:48 - 2014-03-17 20:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-17 19:14 - 2014-03-17 19:14 - 00000000 ____D () C:\Users\Marvin\Documents\PassMark
2014-03-17 19:14 - 2014-03-17 19:14 - 00000000 ____D () C:\Users\Marvin\AppData\Local\PassMark
2014-03-17 19:14 - 2014-03-17 19:14 - 00000000 ____D () C:\ProgramData\Passmark
2014-03-17 18:40 - 2014-03-17 18:39 - 24247424 _____ (Passmark Software ) C:\Users\Marvin\Downloads\petst.exe
2014-03-17 18:34 - 2014-03-17 18:34 - 00526371 _____ () C:\Users\Marvin\Downloads\openhardwaremonitor-v0.6.0-beta.zip
2014-03-16 17:46 - 2013-11-06 15:15 - 00000000 ____D () C:\Users\Marvin\AppData\Local\CrashDumps
2014-03-15 10:14 - 2014-03-15 10:14 - 00148031 _____ () C:\Users\Marvin\Downloads\XenForo 1.3.0 - Deutsch [Du].zip
2014-03-15 09:52 - 2014-03-15 09:52 - 00129338 _____ () C:\Users\Marvin\Downloads\ReminePlugin.jar
2014-03-14 15:33 - 2014-03-14 15:33 - 01739221 _____ () C:\Users\Marvin\Downloads\audentio-ui_x-23_1-3-0-1.zip
2014-03-14 14:58 - 2014-03-14 14:57 - 00592429 _____ () C:\Users\Marvin\Downloads\audentio-ui_x_dark-28_1-3-0-1.zip
2014-03-13 20:04 - 2014-03-13 20:04 - 00883922 _____ () C:\Users\Marvin\Downloads\audentio-ui_x-23_1-3-0-0.zip
2014-03-13 18:16 - 2014-03-13 18:16 - 05758317 _____ () C:\Users\Marvin\Downloads\xenforo_1.3.0_3F28BEA728_upgrade.zip
2014-03-13 17:46 - 2014-03-14 15:38 - 00267099 _____ () C:\Users\Marvin\Desktop\style-UI.X.xml
2014-03-12 17:02 - 2014-03-14 14:59 - 00009309 _____ () C:\Users\Marvin\Desktop\style-UI.X-Dark.xml
2014-03-12 16:58 - 2013-10-09 09:23 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 16:58 - 2013-10-09 09:23 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 16:58 - 2013-10-09 09:23 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 16:30 - 2014-03-12 16:29 - 11780577 _____ () C:\Users\Marvin\Downloads\Matix.zip
2014-03-11 19:50 - 2014-03-11 19:50 - 00373934 _____ () C:\Users\Marvin\Desktop\2014-03-11-2.log.gz
2014-03-11 18:23 - 2014-03-11 18:23 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-11 18:23 - 2014-03-11 18:23 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Skype
2014-03-11 18:23 - 2013-10-09 14:08 - 00000000 ____D () C:\ProgramData\Skype
2014-03-11 16:33 - 2014-03-11 16:30 - 34103003 _____ () C:\Users\Marvin\Downloads\Containment Survival 2.zip
2014-03-11 16:10 - 2014-03-11 16:10 - 02642441 _____ () C:\Users\Marvin\Downloads\forge-1.7.2-10.12.0.1034-installer.jar
2014-03-11 16:07 - 2014-03-11 16:03 - 30220470 _____ () C:\Users\Marvin\Downloads\Containment Survival 2 sounds.zip
2014-03-11 16:04 - 2014-03-11 16:04 - 02414389 _____ () C:\Users\Marvin\Downloads\Sea Cube Survival.zip
2014-03-11 16:04 - 2014-03-11 16:04 - 00278746 _____ () C:\Users\Marvin\Downloads\Floating islands V 1.0 By ObbolaLink.zip
2014-03-11 16:04 - 2014-03-11 16:04 - 00278746 _____ () C:\Users\Marvin\Downloads\Floating islands V 1.0 By ObbolaLink(1).zip
2014-03-11 15:34 - 2014-03-15 10:17 - 01055727 _____ () C:\Users\Marvin\Desktop\language-Deutsch-[Du].xml
2014-03-10 23:21 - 2014-03-10 23:17 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Dev-Cpp
2014-03-10 23:18 - 2014-03-10 23:16 - 00000000 ____D () C:\Dev-Cpp
2014-03-10 23:16 - 2014-03-10 23:15 - 09326468 _____ () C:\Users\Marvin\Downloads\devcpp-4.9.9.2_setup.exe
2014-03-10 18:34 - 2014-03-10 18:34 - 00583169 _____ () C:\Users\Marvin\Downloads\audentio-ui_x_dark-28_1-2-4-0.zip
2014-03-09 13:23 - 2013-10-09 00:32 - 00000000 ____D () C:\Users\Marvin\Desktop\Marvin
2014-03-09 11:30 - 2013-10-08 23:09 - 00007599 _____ () C:\Users\Marvin\AppData\Local\Resmon.ResmonCfg
2014-03-09 01:42 - 2014-03-09 01:42 - 00008901 _____ () C:\Users\Marvin\Desktop\VOCT_Steve_HeyOo_01.ogg
2014-03-08 16:14 - 2014-03-08 16:14 - 02693317 _____ () C:\Users\Marvin\Downloads\liteloader-installer-1.7.2-04.exe
2014-03-07 23:37 - 2014-03-07 23:37 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-03-07 23:37 - 2014-03-07 23:37 - 00000000 ____D () C:\Windows\system32\NV
2014-03-07 23:37 - 2014-03-07 23:37 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-07 23:37 - 2013-10-08 23:11 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-07 16:04 - 2014-03-07 16:04 - 00209469 _____ () C:\Users\Marvin\Downloads\Level 72 Borderlands 2 Characters.rar
2014-03-04 10:59 - 2013-10-12 15:31 - 00000000 ____D () C:\Users\Marvin\AppData\Local\fabi.me
2014-03-04 08:36 - 2013-12-19 22:37 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Nico Mak Computing
2014-03-02 18:15 - 2014-02-23 01:50 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-03-02 18:15 - 2014-02-22 22:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-02 10:00 - 2014-03-02 09:32 - 00000000 ____D () C:\Users\Marvin\.VirtualBox
2014-03-02 09:32 - 2014-03-02 09:32 - 00000000 ____D () C:\Users\Marvin\VirtualBox VMs
2014-03-02 09:32 - 2013-10-08 22:04 - 00000000 ____D () C:\Users\Marvin
2014-03-02 09:31 - 2014-03-02 09:31 - 00001076 _____ () C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2014-03-02 09:31 - 2014-03-02 09:31 - 00000000 ____D () C:\Program Files\Oracle
2014-03-02 09:25 - 2014-03-02 09:17 - 107234592 _____ (Oracle Corporation) C:\Users\Marvin\Downloads\VirtualBox-4.3.8-92456-Win.exe
2014-03-01 18:36 - 2014-03-01 18:36 - 244914176 _____ () C:\Users\Marvin\Desktop\SWING2000.iso
2014-03-01 18:34 - 2014-03-01 18:34 - 00001953 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-03-01 18:34 - 2014-03-01 18:34 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Canneverbe Limited
2014-03-01 18:34 - 2014-03-01 18:34 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-03-01 18:34 - 2014-03-01 18:34 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-03-01 18:33 - 2014-03-01 18:33 - 05284632 _____ (Canneverbe Limited ) C:\Users\Marvin\Downloads\cdbxp_setup_4.5.2.4478.exe
2014-03-01 18:19 - 2014-03-01 18:19 - 00000000 ____D () C:\Program Files (x86)\Software2000
2014-03-01 18:19 - 2014-03-01 18:17 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\DAEMON Tools Lite
2014-03-01 18:19 - 2014-03-01 18:15 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-03-01 18:17 - 2014-03-01 18:17 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-03-01 18:17 - 2014-03-01 18:17 - 00001954 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-03-01 18:17 - 2014-03-01 18:17 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-03-01 18:05 - 2014-03-01 16:52 - 199821809 _____ () C:\Users\Marvin\Downloads\S2000(1).rar
2014-03-01 16:48 - 2014-03-01 16:48 - 00013583 _____ () C:\Users\Marvin\Downloads\S2000.rar
2014-03-01 16:37 - 2014-03-01 16:37 - 06173737 _____ () C:\Users\Marvin\Downloads\XSwing.zip
2014-03-01 16:28 - 2014-03-01 16:28 - 00000000 ____D () C:\BlueByte
2014-03-01 16:20 - 2014-03-01 16:20 - 00003050 _____ () C:\Windows\System32\Tasks\{9CABD2A1-419D-43B7-9931-16AB25419D2F}
2014-02-28 14:41 - 2014-02-28 14:41 - 01229009 _____ () C:\Users\Marvin\Downloads\saveedit_r230.zip
2014-02-28 14:39 - 2014-02-28 14:39 - 00040084 _____ () C:\Users\Marvin\Downloads\Borderlands2.cetrainer-Update_mpgh.net.zip
2014-02-26 23:07 - 2014-02-12 15:40 - 00072368 _____ () C:\Users\Marvin\Desktop\ChatClient.jar
2014-02-25 20:48 - 2014-02-22 22:25 - 00281688 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-02-25 18:31 - 2014-03-02 09:31 - 00252704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2014-02-25 18:27 - 2014-03-02 09:31 - 00126752 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2014-02-25 18:27 - 2014-02-25 18:27 - 00154912 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetFlt.sys
2014-02-25 18:27 - 2014-02-25 18:27 - 00140576 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp.sys
2014-02-25 18:24 - 2014-02-25 18:24 - 00204064 _____ (Oracle Corporation) C:\Windows\system32\VBoxNetFltNobj.dll
2014-02-24 16:07 - 2013-10-09 01:05 - 00000000 ____D () C:\Users\Marvin\AppData\Local\NVIDIA
2014-02-24 16:05 - 2014-02-24 16:05 - 00000000 ____D () C:\Users\Marvin\AppData\Local\NVIDIA Corporation
2014-02-24 16:05 - 2013-10-08 23:11 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-02-24 16:04 - 2013-10-08 23:11 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-23 20:00 - 2014-02-23 20:00 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-02-23 20:00 - 2014-02-23 20:00 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-02-23 18:14 - 2014-02-23 18:14 - 02243340 _____ () C:\Users\Marvin\Desktop\r.-1.-1.mca
2014-02-23 12:26 - 2014-02-23 12:26 - 00000000 ____D () C:\Users\Marvin\Documents\ANNO 2070
2014-02-23 01:50 - 2014-02-23 01:50 - 00000000 ____D () C:\Users\Marvin\AppData\Local\PunkBuster
2014-02-23 01:49 - 2014-02-08 17:52 - 00000000 ____D () C:\Users\Marvin\Documents\My Games
2014-02-23 00:24 - 2014-02-21 14:34 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Ubisoft Game Launcher
2014-02-23 00:20 - 2014-02-23 00:20 - 00000000 ____D () C:\Users\Marvin\Documents\Rayman Legends
2014-02-22 22:58 - 2014-02-21 14:48 - 00000000 ____D () C:\Users\Marvin\Documents\Settlers7
2014-02-22 22:51 - 2014-02-22 22:24 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-22 22:50 - 2013-10-09 01:03 - 00098264 _____ () C:\Windows\DirectX.log
2014-02-22 22:25 - 2014-02-22 22:25 - 00000000 ____D () C:\Users\Marvin\Documents\Assassin's Creed III
2014-02-22 22:25 - 2014-02-21 17:11 - 00001205 _____ () C:\Users\Marvin\Desktop\Uplay.lnk
2014-02-22 14:13 - 2014-02-22 22:24 - 03123272 _____ () C:\Windows\SysWOW64\pbsvc.exe
2014-02-21 23:07 - 2014-02-21 23:02 - 169298152 _____ (Blue Byte GmbH) C:\Users\Marvin\Downloads\settlers_6_v1.7.1.exe
2014-02-21 17:18 - 2013-10-08 23:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-21 17:11 - 2014-02-21 17:11 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-02-21 17:01 - 2014-02-21 16:59 - 24112320 _____ () C:\Users\Marvin\Downloads\UplayInstaller208.exe
2014-02-21 16:39 - 2014-02-21 16:39 - 00000000 ____D () C:\Users\Marvin\Documents\DIE SIEDLER - Aufstieg eines Königreichs
2014-02-21 14:31 - 2014-02-21 14:31 - 00000000 ____D () C:\ProgramData\Solidshield
2014-02-21 14:29 - 2014-02-21 14:29 - 00000000 ____D () C:\Users\Marvin\AppData\Roaming\Ubisoft
2014-02-21 14:20 - 2014-02-21 14:20 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-02-21 14:20 - 2013-10-08 23:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-20 21:39 - 2014-02-20 21:39 - 00000000 ____D () C:\Users\Marvin\Documents\Banished
2014-02-20 21:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-02-20 16:29 - 2014-02-19 20:15 - 00000000 ____D () C:\Users\Marvin\AppData\Local\Warframe

Some content of TEMP:
====================
C:\Users\Marvin\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 18:21

==================== End Of Log ============================
         
--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Marvin at 2014-03-22 00:57:51
Running from C:\Users\Marvin\Desktop\AVS
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

10,000,000 (HKLM-x32\...\Steam App 227580) (Version:  - EightyEightGames)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.870 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alienware Command Center (HKLM-x32\...\InstallShield_{FD1AE10F-163C-4D4B-9FCE-AC667AF1DC6E}) (Version: 2.8.8.0 - Alienware Corp.)
Alienware Command Center (Version: 2.8.8.0 - Alienware Corp.) Hidden
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin’s Creed® III (HKLM-x32\...\Steam App 208480) (Version:  - Ubisoft Montreal)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
AudioCon (HKLM-x32\...\AudioCon) (Version: 1.0 - Basement Softworks)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Democracy 3 (HKLM-x32\...\Steam App 245470) (Version:  - Positech Games)
Dev-C++ 5 beta 9 release (4.9.9.2) (HKLM-x32\...\Dev-C++) (Version:  - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FormatFactory 3.2.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.2.1.0 - Free Time)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.17.1125 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.17.1125 - DVDVideoSoft Ltd.)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 1.2.3.0 - GitHub, Inc.)
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version:  - IO Interactive)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version:  - IO Interactive)
Hitman: Codename 47 (HKLM-x32\...\Steam App 6900) (Version:  - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.5.0.001 - HTC Corporation)
HTC Sync (HKLM-x32\...\{CBDAE89D-8ABD-4DC5-9309-C2C58696B371}) (Version: 3.3.63 - HTC Corporation)
Indie Game: The Movie (HKLM-x32\...\Steam App 207080) (Version:  - BlinkWorks Media)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Java SE Development Kit 7 Update 40 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170400}) (Version: 1.7.0.400 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Minecolony floorplan editor 3.0c (HKCU\...\bd1bb547bd04472c) (Version: 1.0.0.1 - Lilleman)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5 - Notepad++ Team)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.8 (HKLM\...\{5D328A41-BFF8-4B78-B45E-5BEE1D133EF5}) (Version: 4.3.8 - Oracle Corporation)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.5 (64-bit) (HKLM\...\{DBDD570E-0952-475F-9453-AB88F3DD565A}) (Version: 2.7.5150 - Python Software Foundation)
Rayman Legends (HKLM-x32\...\Steam App 242550) (Version:  - )
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Siedler3 (HKLM-x32\...\Siedler3Deinstall) (Version:  - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SWING (HKLM-x32\...\SWING) (Version:  - )
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
The Settlers 7: Paths to a Kingdom - Gold Edition (HKLM-x32\...\Steam App 48210) (Version:  - Blue Byte)
The Settlers: Rise of an Empire Gold Edition   (HKLM-x32\...\Steam App 19930) (Version:  - Blue Byte)
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version:  - Outerlight Ltd.)
The Ship Tutorial (HKLM-x32\...\Steam App 2430) (Version:  - Outerlight)
TV3D SDK 6.5 Prerelease (HKLM-x32\...\TV3D SDK 6.5 Prerelease_is1) (Version:  - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WhiteCap (HKLM-x32\...\WhiteCap) (Version: 6.1.2 - SoundSpectrum)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wireshark 1.10.3 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.3 - The Wireshark developer community, hxxp://www.wireshark.org)

==================== Restore Points  =========================

21-03-2014 19:59:18 OTL Restore Point - 21.03.2014 20:59:17

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0F963D41-3193-49AA-83CA-2244E89906B0} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2013-09-03] ()
Task: {6C47460D-9773-4247-B3EC-AB1F89D9DD1E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-10-08 10:42 - 2014-02-08 19:34 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-09 00:37 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-12-17 12:53 - 2010-12-17 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-12-27 23:44 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-02-22 22:24 - 2014-02-22 22:51 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-27 13:15 - 2013-09-27 13:15 - 00302056 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2013-09-27 13:15 - 2013-09-27 13:15 - 00320488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2013-09-27 13:15 - 2013-09-27 13:15 - 00186344 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2013-09-27 13:15 - 2013-09-27 13:15 - 00565224 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-27 13:15 - 2013-09-27 13:15 - 00700904 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2013-10-09 00:40 - 2013-02-04 13:05 - 00312320 _____ () C:\Program Files (x86)\eclipse\eclipse.exe
2013-10-27 23:46 - 2012-10-03 11:58 - 00057344 _____ () C:\Program Files (x86)\eclipse\plugins\org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20120913-144807\eclipse_1503.dll
2013-10-09 00:40 - 2013-02-17 01:07 - 00048128 _____ () C:\Program Files (x86)\eclipse\configuration\org.eclipse.osgi\bundles\72\1\.cp\os\win32\x86_64\localfile_1_0_0.dll
2013-10-09 00:40 - 2013-02-17 00:59 - 00044032 _____ () C:\Program Files (x86)\eclipse\configuration\org.eclipse.osgi\bundles\75\1\.cp\jWinHttp-1.0.0.dll
2013-10-30 16:01 - 2013-10-30 16:01 - 00055720 _____ () C:\Program Files\Java\jre7\bin\prism-d3d.dll
2013-10-30 16:01 - 2013-10-30 16:01 - 00197544 _____ () C:\Program Files\Java\jre7\bin\glass.dll
2013-10-30 16:01 - 2013-10-30 16:01 - 00590760 _____ () C:\Program Files\Java\jre7\bin\libxml2.dll
2013-10-30 16:01 - 2013-10-30 16:01 - 00202664 _____ () C:\Program Files\Java\jre7\bin\libxslt.dll
2013-10-30 16:01 - 2013-10-30 16:01 - 14863784 _____ () C:\Program Files\Java\jre7\bin\jfxwebkit.dll
2013-10-30 16:01 - 2013-10-30 16:01 - 00319912 _____ () C:\Program Files\Java\jre7\bin\javafx-font.dll
2014-03-21 23:22 - 2014-03-21 23:22 - 00306176 _____ () C:\Users\Marvin\AppData\Roaming\.minecraft\versions\1.7.2-Forge10.12.0.1034\1.7.2-Forge10.12.0.1034-natives-292827464080255\lwjgl64.dll
2014-03-21 23:22 - 2014-03-21 23:22 - 00382464 _____ () C:\Users\Marvin\AppData\Roaming\.minecraft\versions\1.7.2-Forge10.12.0.1034\1.7.2-Forge10.12.0.1034-natives-292827464080255\OpenAL64.dll
2013-10-08 22:07 - 2013-07-31 20:54 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-06 21:50 - 2014-02-08 19:34 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2011-07-18 22:07 - 2011-07-18 22:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2011-09-21 21:46 - 2011-09-21 21:46 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2014-02-15 14:23 - 2014-02-15 14:23 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2010-01-02 15:42 - 2010-01-02 15:42 - 00018207 _____ () C:\Program Files (x86)\FileZilla FTP Client\mingwm10.dll
2014-01-11 16:31 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-11 16:31 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-08-21 13:18 - 2014-02-11 03:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-10-04 15:54 - 2014-02-25 22:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-09-10 13:20 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 14:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PCI-Gerät
Description: PCI-Gerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2014 00:22:06 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/20/2014 10:21:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5070

Error: (03/20/2014 10:21:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5070

Error: (03/20/2014 10:21:41 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/20/2014 10:21:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4072

Error: (03/20/2014 10:21:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4072

Error: (03/20/2014 10:21:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/20/2014 10:21:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3073

Error: (03/20/2014 10:21:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3073

Error: (03/20/2014 10:21:39 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/18/2014 00:37:59 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/18/2014 00:37:58 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/18/2014 00:37:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/18/2014 00:37:56 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (03/18/2014 00:37:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================
Error: (03/22/2014 00:22:06 AM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (03/20/2014 10:21:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5070

Error: (03/20/2014 10:21:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5070

Error: (03/20/2014 10:21:41 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/20/2014 10:21:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4072

Error: (03/20/2014 10:21:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4072

Error: (03/20/2014 10:21:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/20/2014 10:21:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3073

Error: (03/20/2014 10:21:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3073

Error: (03/20/2014 10:21:39 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 8139.86 MB
Available physical RAM: 2994.49 MB
Total Pagefile: 16277.9 MB
Available Pagefile: 10067.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:698.54 GB) (Free:430.9 GB) NTFS
Drive e: (SWING2000) (CDROM) (Total:0.23 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: CE8E25DA)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 22.03.2014, 01:09   #8
aharonov
/// TB-Ausbilder
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Zitat:
Auch nicht wo ich sie finde.
Im Reiter "Logs".

Sieht soweit unauffällig aus.
__________________
cheers,
Leo

Alt 22.03.2014, 11:10   #9
GameMasterMM
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Unter "Logs" finde ich nur die Scanlogs. Die von mir erwähnte Meldung war jedoch ein Pop-up über dem Aktiven MWB Symbol.
Ich schaue, ob ich diese Meldung nochmal bekomme und mache ein Screenshot davon.

Alt 22.03.2014, 11:22   #10
aharonov
/// TB-Ausbilder
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Eigentlich müsste diese Meldung in einem Protection-Log unter "Logs" gespeichert sein.
__________________
cheers,
Leo

Alt 22.03.2014, 12:55   #11
GameMasterMM
 
Unicode Dateinamen in: C:\Windows\SysWOW64 - Standard

Unicode Dateinamen in: C:\Windows\SysWOW64



Stimmt vielen Dank:

Zitat:
2014/03/22 01:46:46 +0100 MARVIN-PC Marvin IP-BLOCK 121.10.204.149 (Type: incoming, Port: 5000, Process: svchost.exe)
2014/03/22 01:46:47 +0100 MARVIN-PC Marvin IP-BLOCK 121.10.204.149 (Type: incoming, Port: 5000, Process: svchost.exe)
2014/03/22 01:46:47 +0100 MARVIN-PC Marvin IP-BLOCK 121.10.204.149 (Type: incoming, Port: 5000, Process: svchost.exe)
2014/03/22 12:53:27 +0100 MARVIN-PC Marvin IP-BLOCK 121.10.204.149 (Type: outgoing, Port: 56475, Process: avwebgrd.exe)
2014/03/22 12:53:27 +0100 MARVIN-PC Marvin IP-BLOCK 121.10.204.149 (Type: outgoing, Port: 56478, Process: avwebgrd.exe)
2014/03/22 12:53:35 +0100 MARVIN-PC Marvin IP-BLOCK 121.10.204.149 (Type: outgoing, Port: 56479, Process: firefox.exe)
2014/03/22 12:53:35 +0100 MARVIN-PC Marvin IP-BLOCK 121.10.204.149 (Type: outgoing, Port: 56480, Process: firefox.exe)
Das waren die Einträge von heute.

Antwort

Themen zu Unicode Dateinamen in: C:\Windows\SysWOW64
administrator, anti-malware, autostart, c:\windows, datei, dateien, dateiname, dateinamen, dinge, entdeck, entdeckt, experten, explorer, frage, gen, guten, log, malwarebytes, namen, ordner, service, speicher, version, windows, zeichen



Ähnliche Themen: Unicode Dateinamen in: C:\Windows\SysWOW64


  1. Windows 8.1: Runtime Errror c:\windows\syswow64\rundll32.exe und Update-Fehler bei Windows
    Log-Analyse und Auswertung - 24.11.2015 (14)
  2. Troj/AndroMem-B in C:\Windows\SysWOW64\msiexec.exe
    Plagegeister aller Art und deren Bekämpfung - 02.11.2015 (11)
  3. Windows 7 Trojan.Agent, C:\Windows\SysWOW64\rlls.dll
    Log-Analyse und Auswertung - 26.08.2015 (7)
  4. C:\WINDOWS\SysWOW64\RunDll32.exe Virus?
    Plagegeister aller Art und deren Bekämpfung - 14.01.2015 (33)
  5. C:\Windows\SysWow64\CScript.exe
    Log-Analyse und Auswertung - 01.03.2014 (11)
  6. C:\Windows\SysWow64\CScript.exe
    Alles rund um Windows - 19.02.2014 (5)
  7. Windows 7: u.A. Lange Bootzeit / Verdächtige Dateien im Ordner Windows/SysWOW64
    Log-Analyse und Auswertung - 23.09.2013 (21)
  8. TR/Click.Age.245760 in C:\Windows\SysWOW64\SUSB.exe
    Log-Analyse und Auswertung - 02.09.2013 (11)
  9. Unicode-Bug lässt iOS- und OS-X-Apps abstürzen
    Nachrichten - 30.08.2013 (0)
  10. OTL-Scan: Veränderungen in Windows\SysNative und Windows\SysWow64
    Log-Analyse und Auswertung - 25.03.2013 (0)
  11. Win32/Cryptor in c:\Windows\SysWOW64\C_7370.dll
    Plagegeister aller Art und deren Bekämpfung - 12.11.2012 (24)
  12. Mein Online-Banking wurde ausspioniert!! / Fehler in C:\Windows\SysWOW64\rundll32.exe. Folgender Eintrag fehlt: FQ10 (Beim Windows-Start)
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (2)
  13. Windows Verschlüsselungs Trojaner schlägt zu: Dateinamen unverändert, lassen sich aber nicht öffnen
    Log-Analyse und Auswertung - 08.06.2012 (1)
  14. Virus korwbrkrr.dll in C:\Windows\SysWOW64
    Log-Analyse und Auswertung - 30.06.2011 (11)
  15. Trojaner: TR/SPY.KeyLogger.ilw in C:\Windows\SysWOW64\msnuncer-.dll
    Plagegeister aller Art und deren Bekämpfung - 27.02.2011 (9)
  16. Umstellen von ANSI auf UNICODE
    Alles rund um Windows - 26.11.2006 (2)
  17. Unicode Zeichen In Einer Anmeldung Nutzen
    Alles rund um Windows - 25.08.2004 (10)

Zum Thema Unicode Dateinamen in: C:\Windows\SysWOW64 - Guten Abend liebes Trojaner-Board, duch Zufall bin ich in den Ordner: C:\Windows\SysWOW64 gekommen und habe fünf Dateien mit Unicode Zeichen im Namen entdeckt: 㒯蹬– 렚孏蹬; 殹趵蹬™ ㈾䢔蹬N 䣃篯蹬* Mir dämmerts - Unicode Dateinamen in: C:\Windows\SysWOW64...
Archiv
Du betrachtest: Unicode Dateinamen in: C:\Windows\SysWOW64 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.