| |
| |||||||
Überwachung, Datenschutz und Spam: Seltsame Zugriffe von fremden IP-Adressen aus BerlinWindows 7 Fragen zu Verschlüsselung, Spam, Datenschutz & co. sind hier erwünscht. Hier geht es um Abwehr von Keyloggern oder aderen Spionagesoftware wie Spyware und Adware. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen. |
 |
22.06.2014, 07:13
| #1 |
| |  Seltsame Zugriffe von fremden IP-Adressen aus Berlin Hallo, seit einigen Tagen versuchen mehrere IP-Adressen aus Berlin, 85.239.127.80 und aufwärts, auf meinen Rechner zuzugreifen. Ein Freund meinte dann zu mir, ich solle diese Adressen doch mit Peerblock blockieren. (hxxp://www.peerblock.com/) Außerdem habe ich mir gleich eine Liste schädlicher IPs heruntergeladen (https://www.iblocklist.com/list.php?list=de) welche ich allesamt blocken lies. Siehe da, die dubiosen IP-Adressen aus Berlin tauchten auf und sind nun Blockiert. Auf dauer kann dass ja aber keine Lösung sein. Habe alles gescannt, keine Rootkits. Ist die Sache harmlos, oder könnte da wirklich was dahinter stecken? aswMBR-Log Code:
ATTFilter aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-06-22 07:34:14
-----------------------------
07:34:14.440 OS Version: Windows x64 6.2.9200
07:34:14.440 Number of processors: 8 586 0x3A09
07:34:14.441 ComputerName: BJOERN UserName: Björn
07:34:15.192 Initialize success
07:34:15.203 VM: initialized successfully
07:34:15.205 VM: Intel CPU BiosDisabled
07:34:18.782 VM: supported disk I/O storport.sys
07:34:27.780 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000040
07:34:27.782 Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
07:34:27.936 Disk 0 MBR read successfully
07:34:27.937 Disk 0 MBR scan
07:34:27.939 Disk 0 Windows 7 default MBR code
07:34:27.941 Disk 0 Partition 1 80 (A) 0C FAT32 LBA FRDOS4.1 30710 MB offset 63
07:34:27.964 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 120415 MB offset 62896128
07:34:27.978 Disk 0 Partition 3 00 12 Compaq diag NTFS 1500 MB offset 309506048
07:34:27.981 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 801242 MB offset 312578048
07:34:28.002 Disk 0 scanning C:\Windows\system32\drivers
07:34:35.766 Service scanning
07:34:54.950 Modules scanning
07:34:54.956 Disk 0 trace - called modules:
07:34:54.989 ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll storahci.sys
07:34:54.993 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008c95060]
07:34:54.996 3 CLASSPNP.SYS[fffff88001ee1e0a] -> nt!IofCallDriver -> \Device\00000040[0xfffffa80079b67f0]
07:34:54.999 Scan finished successfully
07:35:13.993 Disk 0 MBR has been saved successfully to "C:\Users\Björn\Desktop\MBR.dat"
07:35:14.014 The log file has been saved successfully to "C:\Users\Björn\Desktop\aswMBR.txt"
Code:
ATTFilter User: Björn
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 379465
Time Elapsed: 16 min, 41 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 0
(No malicious items detected)
Physical Sectors: 0
(No malicious items detected)
(end)
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01 Ran by Björn (administrator) on BJOERN on 22-06-2014 07:40:06 Running from C:\Users\Björn\Downloads Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 10 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Atheros Commnucations) C:\Windows\System32\AdminService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (AVAST Software) C:\Users\Björn\Downloads\aswMBR.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated) HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [1044992 2012-02-26] (FileZilla Project) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] () HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.) HKLM-x32\...\Run: [] => [X] Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Björn\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.) HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [1044992 2012-02-26] (FileZilla Project) HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [GamingMouseEditor] => C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe Minimum HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC) HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom) HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\MountPoints2: {25a725b9-92b5-11e3-be93-2016d80f82be} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\MountPoints2: {fc588b8a-ab2c-11e2-be72-2016d80f82be} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083 HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\MountPoints2: {fc8e0f78-9ca9-11e2-be69-208984354e9c} - "H:\AUTORUN.EXE" ShellIconOverlayIdentifiers: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers-x32: SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4EF22A673843CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {A84AD7E5-E621-4859-B24C-943BA08844DD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} SearchScopes: HKCU - {BF86D338-B816-4013-B2BC-929CCEF7B75F} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Hosts: FireFox: ======== FF ProfilePath: C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Björn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF SearchPlugin: C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\searchplugins\yahoo_ff.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: ExHentai Easy - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2013-08-01] FF Extension: No Name - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\Extensions\staged [2014-05-28] FF Extension: Firebug - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\Extensions\firebug@software.joehewitt.com.xpi [2013-06-28] FF Extension: Adblock Plus - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-28] Chrome: ======= CHR HomePage: hxxp://google.de/ CHR StartupUrls: "hxxp://google.de/" CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll () CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () CHR Plugin: (Unity Player) - C:\Users\Björn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) CHR Extension: (Google Drive) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-10] CHR Extension: (YouTube) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-10] CHR Extension: (Sad Panda) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2013-10-12] CHR Extension: (Adblock Plus) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-12] CHR Extension: (Google-Suche) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-10] CHR Extension: (Google Wallet) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-12] CHR Extension: (Google Mail) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-10] ==================== Services (Whitelisted) ================= R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations) S3 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [632320 2012-02-26] (FileZilla Project) [File not signed] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-29] (IObit) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed] S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-11-15] () R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4787008 2013-10-03] (RealVNC Ltd) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation) R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-11-15] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2010-08-07] (Google Inc) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-07] (DT Soft Ltd) S3 ghsandroid; C:\Windows\System32\Drivers\ghsandroid.sys [38424 2011-09-20] (Google Inc) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.) S1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-11] (Kaspersky Lab ZAO) S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [9216 2010-06-28] (HandSet Incorporated) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-22] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation) S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation) S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] () R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC) S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation) S3 zghsdiag; C:\Windows\system32\DRIVERS\zghsdiag.sys [129304 2011-09-20] (ZTE Incorporated) S3 zghsmdm; C:\Windows\system32\DRIVERS\zghsmdm.sys [129304 2011-09-20] (ZTE Incorporated) S1 BdfNdisf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [X] U3 aswMBR; \??\C:\Users\BJRN~1\AppData\Local\Temp\aswMBR.sys [X] U3 aswVmm; \??\C:\Users\BJRN~1\AppData\Local\Temp\aswVmm.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-22 07:40 - 2014-06-22 07:40 - 00025771 _____ () C:\Users\Björn\Downloads\FRST.txt 2014-06-22 07:39 - 2014-06-22 07:40 - 00000000 ____D () C:\FRST 2014-06-22 07:27 - 2014-06-22 07:27 - 00000687 _____ () C:\Users\Björn\Desktop\Neues Textdokument (3).txt 2014-06-22 07:26 - 2014-06-22 07:26 - 02083328 _____ (Farbar) C:\Users\Björn\Downloads\FRST64.exe 2014-06-22 06:43 - 2014-06-22 07:35 - 00001822 _____ () C:\Users\Björn\Desktop\aswMBR.txt 2014-06-22 06:43 - 2014-06-22 07:35 - 00000512 _____ () C:\Users\Björn\Desktop\MBR.dat 2014-06-22 06:38 - 2014-06-22 06:39 - 05185536 _____ (AVAST Software) C:\Users\Björn\Downloads\aswMBR.exe 2014-06-22 06:36 - 2014-06-22 06:36 - 00001040 _____ () C:\Users\Björn\Desktop\Scan.txt 2014-06-22 05:44 - 2014-06-22 07:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-22 05:44 - 2014-06-22 05:44 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-22 05:44 - 2014-06-22 05:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-22 05:44 - 2014-06-22 05:44 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-22 05:44 - 2014-06-22 05:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-22 05:44 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-22 05:44 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-22 05:44 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-22 05:42 - 2014-06-22 05:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Björn\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-21 05:34 - 2014-06-21 05:43 - 162196920 _____ () C:\Users\Björn\Downloads\STMLibrary.rar 2014-06-21 05:34 - 2014-06-21 05:43 - 125122370 _____ () C:\Users\Björn\Downloads\SpeedTree_Cinema_v.6.2.3-Win_x32_x64.rar 2014-06-21 04:54 - 2014-06-21 04:57 - 221954946 _____ () C:\Users\Björn\Downloads\SpeedTree_Cinema_v7.0.0_Win_FULL.rar 2014-06-21 04:46 - 2014-06-21 04:46 - 00000408 _____ () C:\Users\Björn\Downloads\SpeedTree_Cinema_v7.0.0_Win_FULL.rar.html 2014-06-21 04:44 - 2014-06-21 04:44 - 00000000 _____ () C:\Users\Björn\Downloads\premiumleecher.com_SpeedTree_Cinema_v7.0.0_Win_FULL.rar 2014-06-21 02:58 - 2014-06-21 02:58 - 00062418 _____ () C:\Users\Björn\Desktop\fedora-game-too-strong_o_3390577.webp 2014-06-20 20:19 - 2014-06-20 20:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r00 2014-06-20 04:37 - 2014-06-20 04:37 - 00000025 _____ () C:\Users\Björn\Desktop\Neues Textdokument (2).txt 2014-06-18 23:04 - 2014-06-17 23:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r10 2014-06-18 22:59 - 2014-06-17 23:29 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r09 2014-06-18 22:44 - 2014-06-17 23:31 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r07 2014-06-18 22:44 - 2014-06-17 23:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r08 2014-06-18 22:40 - 2014-06-18 23:04 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r06 2014-06-18 22:38 - 2014-06-17 23:23 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r05 2014-06-18 22:11 - 2014-06-18 22:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r02 2014-06-18 22:11 - 2014-06-18 22:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r01 2014-06-18 22:11 - 2014-06-18 22:39 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r03 2014-06-18 22:11 - 2014-06-18 22:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r04 2014-06-18 09:32 - 2014-06-18 09:52 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.rar 2014-06-18 09:32 - 2014-06-18 09:52 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r86 2014-06-18 09:32 - 2014-06-18 09:34 - 48783853 _____ () C:\Users\Björn\Downloads\rld-wothneor.r87 2014-06-18 09:31 - 2014-06-18 09:53 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r85 2014-06-18 08:26 - 2014-06-18 13:33 - 00000000 ____D () C:\Users\Björn\Desktop\Reaction 2014-06-18 07:06 - 2014-06-18 07:24 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r84 2014-06-18 07:01 - 2014-06-18 07:23 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r83 2014-06-18 06:54 - 2014-06-18 07:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r82 2014-06-18 06:37 - 2014-06-18 07:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r81 2014-06-18 06:32 - 2014-06-18 07:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r80 2014-06-18 06:28 - 2014-06-18 07:06 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r79 2014-06-18 06:27 - 2014-06-18 07:07 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r78 2014-06-18 06:20 - 2014-06-18 07:01 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r77 2014-06-18 06:12 - 2014-06-18 06:54 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r76 2014-06-18 06:02 - 2014-06-18 06:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r75 2014-06-18 05:51 - 2014-06-18 06:32 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r74 2014-06-18 05:48 - 2014-06-18 06:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r72 2014-06-18 05:48 - 2014-06-18 06:27 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r73 2014-06-18 05:38 - 2014-06-18 06:20 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r71 2014-06-18 05:19 - 2014-06-18 06:12 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r70 2014-06-18 05:15 - 2014-06-18 05:51 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r69 2014-06-18 05:09 - 2014-06-18 06:02 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r67 2014-06-18 05:09 - 2014-06-18 05:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r68 2014-06-18 04:56 - 2014-06-18 05:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r66 2014-06-18 04:43 - 2014-06-18 05:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r65 2014-06-18 04:33 - 2014-06-18 05:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r64 2014-06-18 04:26 - 2014-06-18 05:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r63 2014-06-18 04:25 - 2014-06-18 05:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r62 2014-06-18 04:17 - 2014-06-18 05:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r61 2014-06-18 04:13 - 2014-06-18 04:56 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r60 2014-06-18 04:03 - 2014-06-18 04:43 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r59 2014-06-18 03:51 - 2014-06-18 04:26 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r58 2014-06-18 03:48 - 2014-06-18 04:33 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r56 2014-06-18 03:48 - 2014-06-18 04:25 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r57 2014-06-18 03:44 - 2014-06-18 04:17 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r55 2014-06-18 03:33 - 2014-06-18 04:13 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r54 2014-06-18 03:28 - 2014-06-18 04:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r53 2014-06-18 03:14 - 2014-06-18 03:51 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r52 2014-06-18 03:12 - 2014-06-18 03:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r51 2014-06-18 03:08 - 2014-06-18 03:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r50 2014-06-18 03:04 - 2014-06-18 03:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r49 2014-06-18 02:56 - 2014-06-18 03:33 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r48 2014-06-18 02:42 - 2014-06-18 03:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r47 2014-06-18 02:25 - 2014-06-18 03:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r46 2014-06-18 02:22 - 2014-06-18 03:12 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r44 2014-06-18 02:22 - 2014-06-18 03:08 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r45 2014-06-18 02:20 - 2014-06-18 03:04 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r43 2014-06-18 02:14 - 2014-06-18 02:56 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r42 2014-06-18 02:08 - 2014-06-18 02:08 - 00000121 _____ () C:\Users\Björn\Desktop\debug.log 2014-06-18 01:55 - 2014-06-18 02:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r41 2014-06-18 01:46 - 2014-06-18 02:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r40 2014-06-18 01:45 - 2014-06-18 02:25 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r39 2014-06-18 01:42 - 2014-06-18 02:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r38 2014-06-18 01:41 - 2014-06-18 02:20 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r37 2014-06-18 01:41 - 2014-06-18 01:41 - 00269993 _____ () C:\Users\Björn\Desktop\hfg.dnd4e 2014-06-18 01:37 - 2014-06-18 02:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r36 2014-06-18 01:22 - 2014-06-18 01:55 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r35 2014-06-18 01:14 - 2014-06-18 01:46 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r34 2014-06-18 01:05 - 2014-06-18 01:45 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r33 2014-06-18 01:03 - 2014-06-18 01:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r32 2014-06-18 01:03 - 2014-06-18 01:41 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r31 2014-06-18 00:59 - 2014-06-18 01:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r30 2014-06-18 00:45 - 2014-06-18 01:05 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r29 2014-06-18 00:42 - 2014-06-18 01:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r28 2014-06-18 00:39 - 2014-06-18 01:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r27 2014-06-18 00:38 - 2014-06-18 01:13 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r26 2014-06-18 00:34 - 2014-06-18 00:59 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r25 2014-06-18 00:19 - 2014-06-18 00:45 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r24 2014-06-18 00:18 - 2014-06-18 00:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r23 2014-06-18 00:15 - 2014-06-18 00:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r22 2014-06-18 00:09 - 2014-06-18 00:34 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r21 2014-06-17 23:58 - 2014-06-18 00:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r20 2014-06-17 23:57 - 2014-06-18 00:39 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r19 2014-06-17 23:53 - 2014-06-18 00:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r18 2014-06-17 23:48 - 2014-06-18 00:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r17 2014-06-17 23:35 - 2014-06-17 23:58 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r16 2014-06-17 23:31 - 2014-06-18 00:18 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r15 2014-06-17 23:29 - 2014-06-17 23:53 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r14 2014-06-17 23:28 - 2014-06-17 23:57 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r13 2014-06-17 23:23 - 2014-06-17 23:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r12 2014-06-17 23:09 - 2014-06-17 23:35 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r11 2014-06-17 00:48 - 2014-06-17 00:48 - 763750521 _____ () C:\Windows\MEMORY.DMP 2014-06-17 00:48 - 2014-06-17 00:48 - 00329480 _____ () C:\Windows\Minidump\061714-45328-01.dmp 2014-06-16 06:08 - 2014-06-16 06:09 - 53813685 _____ () C:\Users\Björn\Downloads\RE124860_trial.zip 2014-06-14 05:30 - 2014-06-14 06:12 - 00000976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Sierra Utilities.lnk 2014-06-14 05:30 - 2014-06-14 05:30 - 00000000 ____D () C:\Windows\solcache 2014-06-14 05:28 - 2014-06-14 05:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra 2014-06-14 05:27 - 2014-06-14 06:12 - 00000456 _____ () C:\Windows\SIERRA.INI 2014-06-14 05:27 - 2014-06-14 06:11 - 00000000 ____D () C:\SIERRA 2014-06-14 05:27 - 2014-06-14 05:30 - 00000000 ____D () C:\Program Files (x86)\Sierra On-Line 2014-06-14 05:27 - 1998-10-30 22:21 - 01022976 _____ (Cendant Software) C:\Windows\SysWOW64\SierraNW.dll 2014-06-14 05:27 - 1998-10-30 22:21 - 00231936 _____ (Cendant Software) C:\Windows\SysWOW64\SNWValid.dll 2014-06-14 05:27 - 1997-07-14 17:42 - 00314880 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe 2014-06-14 05:25 - 2014-06-14 05:25 - 00000000 ____D () C:\Users\Björn\Desktop\hl1 2014-06-14 04:38 - 2014-06-14 05:49 - 00000000 ____D () C:\Program Files (x86)\Half-Life 2014-06-14 04:37 - 2014-06-14 04:37 - 356680281 _____ () C:\Users\Björn\Downloads\Half-Life 1.1.1.0 Setup.exe 2014-06-14 03:09 - 2014-06-14 03:09 - 103587493 _____ () C:\Users\Björn\Downloads\Food Chain.mp4 2014-06-12 17:33 - 2014-06-22 07:31 - 00704244 _____ () C:\Windows\PFRO.log 2014-06-12 17:26 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-06-12 17:25 - 2014-06-12 17:27 - 00000000 ____D () C:\AdwCleaner 2014-06-12 17:25 - 2014-06-12 17:25 - 01333465 _____ () C:\Users\Björn\Downloads\adwcleaner_3.212.exe 2014-06-12 17:24 - 2014-06-12 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Björn\Downloads\AdwCleaner - CHIP-Installer.exe 2014-06-12 09:18 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-12 09:18 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-12 09:18 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-12 09:18 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-06-12 09:18 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-12 09:18 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-12 09:18 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-12 09:18 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-12 09:18 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-12 09:18 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-12 09:18 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-12 09:18 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-12 09:18 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-12 09:18 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-12 09:18 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-12 09:18 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-12 09:18 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-12 09:18 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-12 09:18 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-12 09:18 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-06-12 09:18 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-06-12 09:18 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-06-12 09:18 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-06-12 09:18 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-06-12 09:18 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys 2014-06-12 09:18 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys 2014-06-12 09:18 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml 2014-06-12 09:18 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe 2014-06-12 09:18 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe 2014-06-12 09:17 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-12 09:17 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 09:17 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-12 09:17 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-12 01:04 - 2014-06-12 01:04 - 00450857 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - The Making of Totem.torrent 2014-06-11 17:57 - 2014-06-11 17:57 - 00128598 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - Realistic Skin with ZBrush and Keyshot.torrent 2014-06-11 16:43 - 2014-06-11 16:43 - 00028815 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - Advanced 3D Matte Painting Techniques with Garrett Fry.torrent 2014-06-11 16:42 - 2014-06-11 16:42 - 00000849 _____ () C:\Users\Björn\Desktop\PeerBlock.lnk 2014-06-11 16:38 - 2014-06-11 16:38 - 02374320 _____ (PeerBlock, LLC ) C:\Users\Björn\Downloads\PeerBlock-Setup_v1.2_r693.exe 2014-06-10 20:52 - 2014-06-10 20:52 - 00000000 ____D () C:\Users\Björn\Desktop\Objects 2014-06-10 20:46 - 2014-06-10 20:48 - 255123547 _____ () C:\Users\Björn\Downloads\CRYENGINE_SampleAssets.zip 2014-06-10 20:42 - 2014-06-10 20:42 - 00000103 _____ () C:\Windows\setupact.log 2014-06-10 20:42 - 2014-06-10 20:42 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-10 19:46 - 2014-06-10 19:46 - 00000000 _____ () C:\Users\Björn\Desktop\Neues Textdokument.txt 2014-06-10 16:24 - 2013-10-29 12:17 - 01961032 _____ () C:\Users\Björn\Desktop\Saloon.ma 2014-06-10 16:24 - 2013-10-04 06:36 - 00347485 _____ () C:\Users\Björn\Desktop\Polethingy.ma 2014-06-04 20:37 - 2014-06-04 20:38 - 00000000 ____D () C:\Users\Björn\Desktop\Neuer Ordner 2014-06-04 20:21 - 2014-06-04 20:22 - 78320209 _____ () C:\Users\Björn\Downloads\iLMcK-Journey-Best-DE-2014-AMb.part2.rar 2014-06-04 20:20 - 2014-06-04 20:23 - 157286400 _____ () C:\Users\Björn\Downloads\iLMcK-Journey-Best-DE-2014-AMb.part1.rar 2014-06-04 02:02 - 2014-06-04 02:02 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\LolClient 2014-06-03 23:24 - 2014-06-20 21:11 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-06-03 23:24 - 2014-06-03 23:24 - 00000000 ____D () C:\Riot Games 2014-06-03 23:24 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll 2014-06-03 23:24 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll 2014-06-03 23:24 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll 2014-06-03 23:18 - 2014-06-04 16:26 - 00000000 ____D () C:\Users\Björn\AppData\Local\PMB Files 2014-06-03 23:18 - 2014-06-03 23:18 - 00000000 ____D () C:\ProgramData\PMB Files 2014-06-03 23:18 - 2014-06-03 23:18 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-06-03 23:16 - 2014-06-03 23:17 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\Riot Games 2014-06-03 23:16 - 2014-06-03 23:16 - 34888568 _____ (Riot Games) C:\Users\Björn\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2014-06-03 20:51 - 2014-06-03 21:02 - 00000000 ____D () C:\Users\Björn\AppData\Local\ftblauncher 2014-06-03 05:40 - 2014-06-03 05:40 - 00000000 ____D () C:\Users\Björn\Desktop\Desks 2014-06-03 05:39 - 2014-06-20 01:27 - 00000000 ____D () C:\Users\Björn\Desktop\Schreibzeug 2014-06-03 05:37 - 2014-06-03 23:24 - 00000000 ____D () C:\Users\Björn\Desktop\03.06.14 2014-05-30 05:12 - 2014-06-22 03:58 - 01488225 _____ () C:\Windows\WindowsUpdate.log 2014-05-29 19:46 - 2014-05-29 20:38 - 00000000 ____D () C:\Users\Björn\Desktop\Wertch Dergs 2014-05-25 17:27 - 2014-05-25 17:27 - 04981160 _____ (Adobe Systems Inc.) C:\Users\Björn\Downloads\Shockwave_Installer_Slim.exe 2014-05-25 17:27 - 2014-05-25 17:27 - 00000000 ____D () C:\Windows\SysWOW64\Adobe 2014-05-23 22:57 - 2014-05-23 22:57 - 00000000 ____D () C:\ProgramData\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\Documents\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\AppData\Local\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-05-23 22:53 - 2014-05-23 22:53 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V 2014-05-23 22:52 - 2014-05-23 22:52 - 00000000 ____D () C:\Users\Björn\AppData\Local\Downloaded Installations 2014-05-23 22:49 - 2014-05-23 22:49 - 30992256 _____ () C:\Users\Björn\Downloads\TomTomHOME2winlatest.exe 2014-05-23 22:08 - 2014-05-23 22:08 - 00000000 ____D () C:\Users\Björn\Desktop\FUN WP ==================== One Month Modified Files and Folders ======= 2014-06-22 07:40 - 2014-06-22 07:40 - 00025771 _____ () C:\Users\Björn\Downloads\FRST.txt 2014-06-22 07:40 - 2014-06-22 07:39 - 00000000 ____D () C:\FRST 2014-06-22 07:36 - 2013-04-30 11:55 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1665384598-1873612933-4217401405-1001 2014-06-22 07:35 - 2014-06-22 06:43 - 00001822 _____ () C:\Users\Björn\Desktop\aswMBR.txt 2014-06-22 07:35 - 2014-06-22 06:43 - 00000512 _____ () C:\Users\Björn\Desktop\MBR.dat 2014-06-22 07:33 - 2013-12-11 20:03 - 00000000 ____D () C:\Users\Björn\AppData\Local\LogMeIn Hamachi 2014-06-22 07:32 - 2014-06-22 05:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-22 07:31 - 2014-06-12 17:33 - 00704244 _____ () C:\Windows\PFRO.log 2014-06-22 07:31 - 2014-02-22 08:34 - 00000000 ____D () C:\ProgramData\Norton 2014-06-22 07:31 - 2013-10-12 04:37 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-22 07:31 - 2013-05-02 23:44 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-22 07:31 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-22 07:28 - 2013-05-31 02:25 - 00000000 ____D () C:\Program Files\PeerBlock 2014-06-22 07:28 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-06-22 07:27 - 2014-06-22 07:27 - 00000687 _____ () C:\Users\Björn\Desktop\Neues Textdokument (3).txt 2014-06-22 07:27 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\ELAMBKUP 2014-06-22 07:27 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM 2014-06-22 07:26 - 2014-06-22 07:26 - 02083328 _____ (Farbar) C:\Users\Björn\Downloads\FRST64.exe 2014-06-22 07:26 - 2013-04-19 02:53 - 07726080 ___SH () C:\Users\Björn\Desktop\Thumbs.db 2014-06-22 07:10 - 2013-10-12 04:37 - 00001122 _____ () C:\Users\Björn\AppData\Local\JDownloader v2.0 2014-06-20 21:15 - 2014-02-28 14:37 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online 2014-06-20 21:11 - 2014-06-03 23:24 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-06-20 21:08 - 2013-04-08 00:42 - 04812288 ___SH () C:\Users\Björn\Downloads\Thumbs.db 2014-06-20 20:38 - 2014-06-20 20:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r00 2014-06-20 03:45 - 2014-06-20 03:44 - 27167987 _____ () C:\Users\Björn\AppData\Roaming\Skype 2014-06-20 01:27 - 2014-06-03 05:39 - 00000000 ____D () C:\Users\Björn\Desktop\Schreibzeug 2014-06-19 15:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent 2014-06-18 23:04 - 2014-06-18 22:40 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r06 2014-06-18 22:44 - 2014-06-18 22:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r02 2014-06-18 22:44 - 2014-06-18 22:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r01 2014-06-18 22:39 - 2014-06-18 22:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r03 2014-06-18 22:37 - 2014-06-18 22:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r04 2014-06-18 13:33 - 2014-06-18 08:26 - 00000000 ____D () C:\Users\Björn\Desktop\Reaction 2014-06-18 09:53 - 2014-06-18 09:31 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r85 2014-06-18 09:52 - 2014-06-18 09:32 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.rar 2014-06-18 09:52 - 2014-06-18 09:32 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r86 2014-06-18 09:34 - 2014-06-18 09:32 - 48783853 _____ () C:\Users\Björn\Downloads\rld-wothneor.r87 2014-06-18 07:24 - 2014-06-18 07:06 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r84 2014-06-18 07:23 - 2014-06-18 07:01 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r83 2014-06-18 07:22 - 2014-06-18 06:54 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r82 2014-06-18 07:15 - 2014-06-18 06:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r81 2014-06-18 07:11 - 2014-06-18 06:32 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r80 2014-06-18 07:07 - 2014-06-18 06:27 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r78 2014-06-18 07:06 - 2014-06-18 06:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r79 2014-06-18 07:01 - 2014-06-18 06:20 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r77 2014-06-18 06:54 - 2014-06-18 06:12 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r76 2014-06-18 06:37 - 2014-06-18 06:02 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r75 2014-06-18 06:32 - 2014-06-18 05:51 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r74 2014-06-18 06:28 - 2014-06-18 05:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r72 2014-06-18 06:27 - 2014-06-18 05:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r73 2014-06-18 06:20 - 2014-06-18 05:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r71 2014-06-18 06:12 - 2014-06-18 05:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r70 2014-06-18 06:02 - 2014-06-18 05:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r67 2014-06-18 05:51 - 2014-06-18 05:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r69 2014-06-18 05:48 - 2014-06-18 05:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r68 2014-06-18 05:48 - 2014-06-18 04:56 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r66 2014-06-18 05:38 - 2014-06-18 04:43 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r65 2014-06-18 05:19 - 2014-06-18 04:26 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r63 2014-06-18 05:15 - 2014-06-18 04:33 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r64 2014-06-18 05:09 - 2014-06-18 04:25 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r62 2014-06-18 05:09 - 2014-06-18 04:17 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r61 2014-06-18 04:56 - 2014-06-18 04:13 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r60 2014-06-18 04:43 - 2014-06-18 04:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r59 2014-06-18 04:33 - 2014-06-18 03:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r56 2014-06-18 04:26 - 2014-06-18 03:51 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r58 2014-06-18 04:25 - 2014-06-18 03:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r57 2014-06-18 04:17 - 2014-06-18 03:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r55 2014-06-18 04:13 - 2014-06-18 03:33 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r54 2014-06-18 04:03 - 2014-06-18 03:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r53 2014-06-18 03:51 - 2014-06-18 03:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r52 2014-06-18 03:48 - 2014-06-18 03:12 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r51 2014-06-18 03:48 - 2014-06-18 03:08 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r50 2014-06-18 03:44 - 2014-06-18 03:04 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r49 2014-06-18 03:33 - 2014-06-18 02:56 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r48 2014-06-18 03:28 - 2014-06-18 02:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r47 2014-06-18 03:14 - 2014-06-18 02:25 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r46 2014-06-18 03:12 - 2014-06-18 02:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r44 2014-06-18 03:08 - 2014-06-18 02:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r45 2014-06-18 03:04 - 2014-06-18 02:20 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r43 2014-06-18 02:56 - 2014-06-18 02:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r42 2014-06-18 02:42 - 2014-06-18 01:55 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r41 2014-06-18 02:25 - 2014-06-18 01:45 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r39 2014-06-18 02:22 - 2014-06-18 01:46 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r40 2014-06-18 02:22 - 2014-06-18 01:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r38 2014-06-18 02:20 - 2014-06-18 01:41 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r37 2014-06-18 02:14 - 2014-06-18 01:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r36 2014-06-18 02:08 - 2014-06-18 02:08 - 00000121 _____ () C:\Users\Björn\Desktop\debug.log 2014-06-18 01:55 - 2014-06-18 01:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r35 2014-06-18 01:46 - 2014-06-18 01:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r34 2014-06-18 01:45 - 2014-06-18 01:05 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r33 2014-06-18 01:42 - 2014-06-18 01:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r32 2014-06-18 01:41 - 2014-06-18 01:41 - 00269993 _____ () C:\Users\Björn\Desktop\hfg.dnd4e 2014-06-18 01:41 - 2014-06-18 01:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r31 2014-06-18 01:37 - 2014-06-18 00:59 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r30 2014-06-18 01:22 - 2014-06-18 00:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r28 2014-06-18 01:13 - 2014-06-18 00:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r26 2014-06-18 01:05 - 2014-06-18 00:45 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r29 2014-06-18 01:03 - 2014-06-18 00:39 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r27 2014-06-18 00:59 - 2014-06-18 00:34 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r25 2014-06-18 00:45 - 2014-06-18 00:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r24 2014-06-18 00:42 - 2014-06-18 00:18 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r23 2014-06-18 00:39 - 2014-06-17 23:57 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r19 2014-06-18 00:38 - 2014-06-18 00:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r22 2014-06-18 00:34 - 2014-06-18 00:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r21 2014-06-18 00:19 - 2014-06-17 23:58 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r20 2014-06-18 00:18 - 2014-06-17 23:31 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r15 2014-06-18 00:15 - 2014-06-17 23:53 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r18 2014-06-18 00:09 - 2014-06-17 23:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r17 2014-06-17 23:58 - 2014-06-17 23:35 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r16 2014-06-17 23:57 - 2014-06-17 23:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r13 2014-06-17 23:53 - 2014-06-17 23:29 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r14 2014-06-17 23:48 - 2014-06-17 23:23 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r12 2014-06-17 23:35 - 2014-06-17 23:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r11 2014-06-17 23:31 - 2014-06-18 22:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r07 2014-06-17 23:29 - 2014-06-18 22:59 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r09 2014-06-17 23:28 - 2014-06-18 23:04 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r10 2014-06-17 23:23 - 2014-06-18 22:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r05 2014-06-17 23:09 - 2014-06-18 22:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r08 2014-06-17 02:49 - 2014-05-05 05:49 - 00001778 _____ () C:\Windows\Sandboxie.ini 2014-06-17 01:15 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache 2014-06-17 00:48 - 2014-06-17 00:48 - 763750521 _____ () C:\Windows\MEMORY.DMP 2014-06-17 00:48 - 2014-06-17 00:48 - 00329480 _____ () C:\Windows\Minidump\061714-45328-01.dmp 2014-06-17 00:48 - 2013-10-27 07:22 - 00000000 ____D () C:\Windows\Minidump 2014-06-17 00:39 - 2014-06-17 00:39 - 00000000 ____D () C:\Users\Björn\Desktop\ughiujhoih 2014-06-16 06:09 - 2014-06-16 06:09 - 00016610 _____ () C:\Users\Björn\Downloads\[BBS.2DJGAME.NET]RJ124860.torrent 2014-06-16 06:09 - 2014-06-16 06:08 - 53813685 _____ () C:\Users\Björn\Downloads\RE124860_trial.zip 2014-06-15 21:23 - 2013-04-27 08:04 - 00000000 ____D () C:\Users\Björn\AppData\Local\VirtualStore 2014-06-14 06:12 - 2014-06-14 05:30 - 00000976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Sierra Utilities.lnk 2014-06-14 06:12 - 2014-06-14 05:27 - 00000456 _____ () C:\Windows\SIERRA.INI 2014-06-14 06:11 - 2014-06-14 05:27 - 00000000 ____D () C:\SIERRA 2014-06-14 05:49 - 2014-06-14 04:38 - 00000000 ____D () C:\Program Files (x86)\Half-Life 2014-06-14 05:43 - 2014-03-11 02:09 - 00000000 ____D () C:\Users\Björn\AppData\Local\CrashDumps 2014-06-14 05:31 - 2014-06-14 05:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra 2014-06-14 05:30 - 2014-06-14 05:30 - 00000000 ____D () C:\Windows\solcache 2014-06-14 05:30 - 2014-06-14 05:27 - 00000000 ____D () C:\Program Files (x86)\Sierra On-Line 2014-06-14 05:26 - 2013-05-07 12:19 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\DAEMON Tools Lite 2014-06-14 05:25 - 2014-06-14 05:25 - 00000000 ____D () C:\Users\Björn\Desktop\hl1 2014-06-14 04:37 - 2014-06-14 04:37 - 356680281 _____ () C:\Users\Björn\Downloads\Half-Life 1.1.1.0 Setup.exe 2014-06-14 03:09 - 2014-06-14 03:09 - 103587493 _____ () C:\Users\Björn\Downloads\Food Chain.mp4 2014-06-13 20:11 - 2014-06-11 16:38 - 00001780 _____ () C:\Users\Björn\Desktop\PeerBlock.lnk 2014-06-13 19:30 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp 2014-06-13 19:28 - 2013-08-18 06:04 - 00000000 ____D () C:\Windows\system32\MRT 2014-06-13 19:26 - 2013-04-28 09:22 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-06-12 17:27 - 2014-06-12 17:25 - 00000000 ____D () C:\AdwCleaner 2014-06-12 17:27 - 2013-10-12 04:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-12 17:27 - 2013-04-27 13:43 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-12 17:27 - 2013-04-27 08:05 - 00000995 _____ () C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-12 17:25 - 2014-06-12 17:25 - 01333465 _____ () C:\Users\Björn\Downloads\adwcleaner_3.212.exe 2014-06-12 17:24 - 2014-06-12 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Björn\Downloads\AdwCleaner - CHIP-Installer.exe 2014-06-12 01:04 - 2014-06-12 01:04 - 00450857 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - The Making of Totem.torrent 2014-06-11 17:57 - 2014-06-11 17:57 - 00128598 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - Realistic Skin with ZBrush and Keyshot.torrent 2014-06-11 16:43 - 2014-06-11 16:43 - 00028815 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - Advanced 3D Matte Painting Techniques with Garrett Fry.torrent 2014-06-11 16:38 - 2014-06-11 16:38 - 02374320 _____ (PeerBlock, LLC ) C:\Users\Björn\Downloads\PeerBlock-Setup_v1.2_r693.exe 2014-06-11 16:38 - 2013-05-31 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock 2014-06-10 22:02 - 2013-11-21 22:13 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\Mikogo 4 2014-06-10 20:52 - 2014-06-10 20:52 - 00000000 ____D () C:\Users\Björn\Desktop\Objects 2014-06-10 20:51 - 2013-11-18 01:29 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\TS3Client 2014-06-10 20:48 - 2014-06-10 20:46 - 255123547 _____ () C:\Users\Björn\Downloads\CRYENGINE_SampleAssets.zip 2014-06-10 20:42 - 2014-06-10 20:42 - 00000103 _____ () C:\Windows\setupact.log 2014-06-10 20:42 - 2014-06-10 20:42 - 00000000 _____ () C:\Windows\setuperr.log 2014-06-10 19:46 - 2014-06-10 19:46 - 00000000 _____ () C:\Users\Björn\Desktop\Neues Textdokument.txt 2014-06-10 03:05 - 2013-05-02 03:41 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\Unity 2014-06-04 20:38 - 2014-06-04 20:37 - 00000000 ____D () C:\Users\Björn\Desktop\Neuer Ordner 2014-06-04 20:23 - 2014-06-04 20:20 - 157286400 _____ () C:\Users\Björn\Downloads\iLMcK-Journey-Best-DE-2014-AMb.part1.rar 2014-06-04 20:22 - 2014-06-04 20:21 - 78320209 _____ () C:\Users\Björn\Downloads\iLMcK-Journey-Best-DE-2014-AMb.part2.rar 2014-06-04 16:26 - 2014-06-03 23:18 - 00000000 ____D () C:\Users\Björn\AppData\Local\PMB Files 2014-06-04 02:02 - 2014-06-04 02:02 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\LolClient 2014-06-03 23:24 - 2014-06-03 23:24 - 00000000 ____D () C:\Riot Games 2014-06-03 23:24 - 2014-06-03 05:37 - 00000000 ____D () C:\Users\Björn\Desktop\03.06.14 2014-06-03 23:18 - 2014-06-03 23:18 - 00000000 ____D () C:\ProgramData\PMB Files 2014-06-03 23:18 - 2014-06-03 23:18 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-06-03 23:17 - 2014-06-03 23:16 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\Riot Games 2014-06-03 23:16 - 2014-06-03 23:16 - 34888568 _____ (Riot Games) C:\Users\Björn\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2014-06-03 21:02 - 2014-06-03 20:51 - 00000000 ____D () C:\Users\Björn\AppData\Local\ftblauncher 2014-06-03 20:51 - 2014-05-20 23:09 - 00000000 ____D () C:\Program Files (x86)\authlib 2014-06-03 20:51 - 2014-05-20 22:26 - 04916349 _____ () C:\Users\Björn\Downloads\launcher^FTB_Launcher.exe 2014-06-03 20:51 - 2013-12-27 01:24 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\ftblauncher 2014-06-03 05:40 - 2014-06-03 05:40 - 00000000 ____D () C:\Users\Björn\Desktop\Desks 2014-06-02 23:06 - 2013-07-26 20:23 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2 2014-05-31 07:16 - 2014-04-15 20:56 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-31 07:16 - 2014-04-15 20:56 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-30 05:13 - 2013-05-25 20:25 - 00000000 ____D () C:\Users\Björn\Documents\My Games 2014-05-30 05:09 - 2013-05-31 03:27 - 00000000 ____D () C:\Users\Björn\AppData\Local\Ubisoft Game Launcher 2014-05-29 20:38 - 2014-05-29 19:46 - 00000000 ____D () C:\Users\Björn\Desktop\Wertch Dergs 2014-05-25 17:27 - 2014-05-25 17:27 - 04981160 _____ (Adobe Systems Inc.) C:\Users\Björn\Downloads\Shockwave_Installer_Slim.exe 2014-05-25 17:27 - 2014-05-25 17:27 - 00000000 ____D () C:\Windows\SysWOW64\Adobe 2014-05-24 04:48 - 2014-06-12 09:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-24 04:47 - 2014-06-12 09:18 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-24 04:47 - 2014-06-12 09:18 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-24 04:47 - 2014-06-12 09:18 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2014-05-24 04:47 - 2014-06-12 09:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-24 04:46 - 2014-06-12 09:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-24 04:45 - 2014-06-12 09:18 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-24 04:45 - 2014-06-12 09:18 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-24 04:45 - 2014-06-12 09:18 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-24 03:26 - 2014-06-12 09:18 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-24 03:26 - 2014-06-12 09:18 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-24 03:26 - 2014-06-12 09:18 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-24 03:26 - 2014-06-12 09:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-24 03:26 - 2014-06-12 09:18 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-24 03:26 - 2014-06-12 09:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll 2014-05-24 03:26 - 2014-06-12 09:17 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-24 03:25 - 2014-06-12 09:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-24 03:25 - 2014-06-12 09:18 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-24 03:09 - 2014-06-12 09:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-24 03:03 - 2014-06-12 09:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-24 00:37 - 2014-06-12 09:18 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll 2014-05-23 22:57 - 2014-05-23 22:57 - 00000000 ____D () C:\ProgramData\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\Documents\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\AppData\Local\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom 2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2 2014-05-23 22:53 - 2014-05-23 22:53 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V 2014-05-23 22:52 - 2014-05-23 22:52 - 00000000 ____D () C:\Users\Björn\AppData\Local\Downloaded Installations 2014-05-23 22:49 - 2014-05-23 22:49 - 30992256 _____ () C:\Users\Björn\Downloads\TomTomHOME2winlatest.exe 2014-05-23 22:08 - 2014-05-23 22:08 - 00000000 ____D () C:\Users\Björn\Desktop\FUN WP Some content of TEMP: ==================== C:\Users\Björn\AppData\Local\Temp\proxy_vole1692994253489030762.dll C:\Users\Björn\AppData\Local\Temp\Quarantine.exe C:\Users\Björn\AppData\Local\Temp\SkypeSetup.exe C:\Users\Björn\AppData\Local\Temp\swt-win32-3349.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-19 03:38 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Björn at 2014-06-22 07:40:53
Running from C:\Users\Björn\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcaniA - Gothic 4 (HKLM-x32\...\ArcaniA) (Version: - JoWooD Entertainment AG)
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.0.420.0 - Autodesk)
Autodesk 3ds Max 2014 (Version: 16.0.420.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{2F48C80C-3A76-495A-A4B5-C0CC946FEEBD}) (Version: 2.0.6.0 - Autodesk, Inc.)
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
Autodesk Mudbox 2014 (HKLM\...\Autodesk Mudbox 2014) (Version: 8.0.0.1010 - Autodesk)
Autodesk Mudbox 2014 (Version: 8.0.0.1010 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
BeamNG.drive-0.3 (remove only) (HKCU\...\BeamNG.drive-0.3) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon RAW Codec (HKLM-x32\...\Canon RAW Codec) (Version: 1.8.0.68 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Don't Starve (HKLM-x32\...\Don't Starve_is1) (Version: - Klei Entertainment)
FileZilla Client 3.7.3 (HKCU\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.41 - FileZilla Project)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Lab Inc.)
Gaming Mouse Editor (HKLM-x32\...\GamingMouseEditor) (Version: 12.08.0004 - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden
Giana Sisters - Twisted Dreams (HKLM-x32\...\Giana Sisters - Twisted Dreams) (Version: 1.0 - Black Forest Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Handset software update tool (HKLM-x32\...\{78EAE810-3692-42DC-9B03-F8902811CE46}) (Version: 2.0.3.0 - ZTE)
Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.9B05 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{F13921D6-AE6D-41BF-807A-17BD99C0A4FD}) (Version: 15.5.5.0480 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{962E1735-D2E0-4813-AB9F-C6CBA09E759A}) (Version: 15.05.7000.1709 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{4F5AD3FF-38C6-43FB-BB6F-8EF830DEDF16}) (Version: 13.0.0.0 - mental ray)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mikogo 4 (HKCU\...\Mikogo 4) (Version: 4.7 - BeamYourScreen GmbH)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version: - No More Room in Hell Team)
NVIDIA 3D Vision Treiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.58 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.58 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.902 - NVIDIA Corporation) Hidden
NVIDIA Optimus 8.3.14 (Version: 8.3.14 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3158 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.58 (Version: 331.58 - NVIDIA Corporation) Hidden
NVIDIA Update 8.3.14 (Version: 8.3.14 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 8.3.14 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation)
OpenRL Runtime 1.3.1000.14 x64 (HKLM\...\{250C8D22-1757-11E3-818E-1803734DBB4F}) (Version: 1.3.1000.14 - Caustic Graphics, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39029 - Realtek Semiconductor Corp.)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Secure Download Manager (HKLM-x32\...\{531E35C7-B4E7-418C-A2CD-C1205D9C8AC9}) (Version: 3.1.20 - Kivuto Solutions Inc.)
SHIELD Streaming (Version: 1.05.28 - NVIDIA Corporation) Hidden
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version: - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unreal Development Kit: 2013-07 (HKLM\...\UDK-60d9d1fd-84bf-4c2a-8f40-c5fe2352ec00) (Version: - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VNC Server 5.0.6 (HKLM\...\RealVNC_is1) (Version: 5.0.6 - RealVNC Ltd)
VNC Viewer 5.0.6 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.6 - RealVNC Ltd)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WildStar (HKLM-x32\...\WildStar) (Version: 1.0.0.6525 - NCSOFT)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version: - )
xNormal 3.18.6 (HKLM\...\xNormal 3.18.6) (Version: - Santiago Orgaz)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
ZTE 3GPhone USB Driver 5.2066.1.6 (HKLM\...\{8472455A-0658-4A6A-98F8-EF3FF6163B59}_is1) (Version: 5.2066.1.6 - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
==================== Restore Points =========================
03-06-2014 21:20:22 Microsoft Visual C++ 2005 Redistributable wird installiert
11-06-2014 04:03:40 Geplanter Prüfpunkt
20-06-2014 19:10:11 Removed League of Legends
==================== Hosts content: ==========================
2012-07-26 07:26 - 2013-10-10 23:22 - 00000894 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {303385AC-EB3D-4B7F-B0D7-3CD9416838A8} - System32\Tasks\AutoPico Daily Restart => C:\Users\Björn\Desktop\KMSpico
Task: {7D9C9225-C904-426A-AE88-F027E5DE7D95} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {80484D6F-DB93-477B-AEEE-791D1F2D253E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8989AECB-F45E-4970-AA62-79AFA8616FD1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-13] (Microsoft Corporation)
Task: {B1BEA659-E0F0-4F0A-AD4B-6BB363574FA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B1EB1529-A621-41C7-A678-C6BC5753D50D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CA612067-8360-4E42-94B7-999463581EAB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D7AB06E5-4A90-4EC0-8684-C5D0BF7F132A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-05-02 23:43 - 2013-10-16 02:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-05-02 23:44 - 2013-10-15 23:47 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-09-15 06:19 - 2011-09-15 06:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-18 14:27 - 2013-12-04 18:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-05-07 13:13 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2013-05-02 23:43 - 2013-10-16 02:48 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Björn\Downloads\DivXInstaller.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\HWGPCI-54-V3.3.0.1.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\NIS-TW-21.1.0-GE.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\pro637-6.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\Samsung_USB_Driver_for_Mobile_Phones_v1.5.14.0.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\view.php.html:BDU
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "ADSK DLMSession"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SearchSettings"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKCU\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKCU\...\StartupApproved\Run: => "FileZilla Server Interface"
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4563
Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4563
Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/21/2014 08:33:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3422
Error: (06/21/2014 08:33:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3422
System errors:
=============
Error: (06/22/2014 07:32:26 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: PBR_DRV\Device\HarddiskVolume33
Error: (06/22/2014 07:31:58 AM) (Source: DCOM) (EventID: 10016) (User: BJOERN)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}BJOERNBjörnS-1-5-21-1665384598-1873612933-4217401405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (06/22/2014 07:31:58 AM) (Source: DCOM) (EventID: 10016) (User: BJOERN)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}BJOERNBjörnS-1-5-21-1665384598-1873612933-4217401405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (06/22/2014 06:05:27 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: PBR_DRV\Device\HarddiskVolume33
Error: (06/17/2014 00:49:56 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: PBR_DRV\Device\HarddiskVolume33
Error: (06/17/2014 00:48:54 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa8007b12060, 0xfffff88002c8e7f0, 0xfffffa8008ba3e10)C:\Windows\MEMORY.DMP061714-45328-01
Error: (06/14/2014 03:59:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/14/2014 03:59:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/13/2014 07:24:49 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT-AUTORITÄT)
Description: Der Zeitdienst hat festgestellt, dass die Systemzeit um -86420 Sekunden geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.56.206:123) ordnungsgemäß ausgeführt wird.
Error: (06/12/2014 05:34:40 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: PBR_DRV\Device\HarddiskVolume33
Microsoft Office Sessions:
=========================
Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4563
Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4563
Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/21/2014 08:33:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3422
Error: (06/21/2014 08:33:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3422
==================== Memory info ===========================
Percentage of memory in use: 24%
Total physical RAM: 8053.6 MB
Available physical RAM: 6040.42 MB
Total Pagefile: 16245.6 MB
Available Pagefile: 13825.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:782.46 GB) (Free:149.54 GB) NTFS
Drive d: () (Fixed) (Total:117.59 GB) (Free:40.37 GB) NTFS
Drive e: (Disc) (CDROM) (Total:4.15 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9ED40981)
Partition 1: (Active) - (Size=30 GB) - (Type=0C)
Partition 2: (Not Active) - (Size=118 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1 GB) - (Type=12)
Partition 4: (Not Active) - (Size=782 GB) - (Type=07 NTFS)
==================== End Of Log ============================
 |
|
22.06.2014, 20:09
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Seltsame Zugriffe von fremden IP-Adressen aus Berlin Hi und
__________________ Zitat:
Du hast nicht noch mehr Gecracktes drauf? Software von Autodesk? Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ |
|
23.06.2014, 03:29
| #3 |
| | Seltsame Zugriffe von fremden IP-Adressen aus Berlin Danke für den netten Empfang, trotz KMS Pico
__________________ Bin gerade dabei es zu entfernen, verstehe nur noch nicht so ganz wie ichs aus der registry bekomme. Bei Autodesk Produkten kann ich dich beruhigen, das sind Studentenversionen die ich über die Uni bekommen hab. Ich nehme an ich soll die neuen Logs posten wenn ich fertig bin? Vielen Dank übrigens nochmal, dass du mich darauf aufmerksam gemacht hast, und die Hilfe nicht sofort verweigerst |
|
23.06.2014, 09:19
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Seltsame Zugriffe von fremden IP-Adressen aus Berlin Lösch sogut es geht. Deinstalliere auch das illegale MS-Office und etwaig andere gecrackte Software. Anschließend frische FRST-Logs erstellen und posten. Hast du noch weitere Virenscanner-Logs? Mit Funden? Oder gab es nie Funde?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Seltsame Zugriffe von fremden IP-Adressen aus Berlin |
| association, classpnp.sys, computer, hal.dll, koyote, log file, maximal, sierra, tablet, windows, wscript.exe |
Seltsame Zugriffe von fremden IP-Adressen aus Berlin
Linear-Darstellung
