Zurück   Trojaner-Board > Malware entfernen > Überwachung, Datenschutz und Spam

Überwachung, Datenschutz und Spam: Seltsame Zugriffe von fremden IP-Adressen aus Berlin

Windows 7 Fragen zu Verschlüsselung, Spam, Datenschutz & co. sind hier erwünscht. Hier geht es um Abwehr von Keyloggern oder aderen Spionagesoftware wie Spyware und Adware. Themen zum "Trojaner entfernen" oder "Malware Probleme" dürfen hier nur diskutiert werden. Benötigst du Hilfe beim Trojaner entfernen oder weil du dir einen Virus eingefangen hast, erstelle ein Thema in den oberen Bereinigungsforen.

Antwort
Alt 22.06.2014, 08:13   #1
Murachacha
 
Seltsame Zugriffe von fremden IP-Adressen aus Berlin - Standard

Seltsame Zugriffe von fremden IP-Adressen aus Berlin



Hallo,

seit einigen Tagen versuchen mehrere IP-Adressen aus Berlin, 85.239.127.80 und aufwärts, auf meinen Rechner zuzugreifen. Ein Freund meinte dann zu mir, ich solle diese Adressen doch mit Peerblock blockieren. (hxxp://www.peerblock.com/) Außerdem habe ich mir gleich eine Liste schädlicher IPs heruntergeladen (https://www.iblocklist.com/list.php?list=de) welche ich allesamt blocken lies. Siehe da, die dubiosen IP-Adressen aus Berlin tauchten auf und sind nun Blockiert. Auf dauer kann dass ja aber keine Lösung sein.

Habe alles gescannt, keine Rootkits.

Ist die Sache harmlos, oder könnte da wirklich was dahinter stecken?

aswMBR-Log
Code:
ATTFilter
aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-06-22 07:34:14
-----------------------------
07:34:14.440    OS Version: Windows x64 6.2.9200 
07:34:14.440    Number of processors: 8 586 0x3A09
07:34:14.441    ComputerName: BJOERN  UserName: Björn
07:34:15.192    Initialize success
07:34:15.203    VM: initialized successfully
07:34:15.205    VM: Intel CPU BiosDisabled 
07:34:18.782    VM: supported disk I/O storport.sys
07:34:27.780    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000040
07:34:27.782    Disk 0 Vendor: ST1000LM024_HN-M101MBB 2AR10001 Size: 953869MB BusType: 11
07:34:27.936    Disk 0 MBR read successfully
07:34:27.937    Disk 0 MBR scan
07:34:27.939    Disk 0 Windows 7 default MBR code
07:34:27.941    Disk 0 Partition 1 80 (A) 0C    FAT32 LBA FRDOS4.1    30710 MB offset 63
07:34:27.964    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       120415 MB offset 62896128
07:34:27.978    Disk 0 Partition 3 00     12  Compaq diag NTFS         1500 MB offset 309506048
07:34:27.981    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       801242 MB offset 312578048
07:34:28.002    Disk 0 scanning C:\Windows\system32\drivers
07:34:35.766    Service scanning
07:34:54.950    Modules scanning
07:34:54.956    Disk 0 trace - called modules:
07:34:54.989    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll storahci.sys 
07:34:54.993    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8008c95060]
07:34:54.996    3 CLASSPNP.SYS[fffff88001ee1e0a] -> nt!IofCallDriver -> \Device\00000040[0xfffffa80079b67f0]
07:34:54.999    Scan finished successfully
07:35:13.993    Disk 0 MBR has been saved successfully to "C:\Users\Björn\Desktop\MBR.dat"
07:35:14.014    The log file has been saved successfully to "C:\Users\Björn\Desktop\aswMBR.txt"
         
MWB-Log
Code:
ATTFilter
User: Björn

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 379465
Time Elapsed: 16 min, 41 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
         
FRST-Log
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Björn (administrator) on BJOERN on 22-06-2014 07:40:06
Running from C:\Users\Björn\Downloads
Platform: Windows 8 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Users\Björn\Downloads\aswMBR.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM-x32\...\Run: [ADSK DLMSession] => C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe [1641368 2013-02-01] (Autodesk, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [1044992 2012-02-26] (FileZilla Project)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-23] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-15] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Björn\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [1044992 2012-02-26] (FileZilla Project)
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [GamingMouseEditor] => C:\Program Files (x86)\GamingMouseEditor\GamingMouseEditor\GamingMouseEditor.exe Minimum
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\MountPoints2: {25a725b9-92b5-11e3-be93-2016d80f82be} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\MountPoints2: {fc588b8a-ab2c-11e2-be72-2016d80f82be} - "F:\AutoRun.exe" {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKU\S-1-5-21-1665384598-1873612933-4217401405-1001\...\MountPoints2: {fc8e0f78-9ca9-11e2-be69-208984354e9c} - "H:\AUTORUN.EXE" 
ShellIconOverlayIdentifiers:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrivePro1 (ErrorConflict) -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro2 (SyncInProgress) -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrivePro3 (InSync) -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x4EF22A673843CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {A84AD7E5-E621-4859-B24C-943BA08844DD} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKCU - {BF86D338-B816-4013-B2BC-929CCEF7B75F} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts:

FireFox:
========
FF ProfilePath: C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Björn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ExHentai Easy - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\Extensions\jid0-db0owQRjcx0mRj5LBNH2MHAwEkc@jetpack [2013-08-01]
FF Extension: No Name - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\Extensions\staged [2014-05-28]
FF Extension: Firebug - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\Extensions\firebug@software.joehewitt.com.xpi [2013-06-28]
FF Extension: Adblock Plus - C:\Users\Björn\AppData\Roaming\Mozilla\Firefox\Profiles\eazimic5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-28]

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR StartupUrls: "hxxp://google.de/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (Unity Player) - C:\Users\Björn\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1211151.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Drive) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-10]
CHR Extension: (YouTube) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-10]
CHR Extension: (Sad Panda) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2013-10-12]
CHR Extension: (Adblock Plus) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-10-12]
CHR Extension: (Google-Suche) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-10]
CHR Extension: (Google Wallet) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-12]
CHR Extension: (Google Mail) - C:\Users\Björn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-10]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2012-08-29] (Atheros Commnucations)
S3 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [632320 2012-02-26] (FileZilla Project) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2153792 2014-03-29] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-15] () [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-11-15] ()
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14997280 2013-08-27] (NVIDIA Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [4787008 2013-10-03] (RealVNC Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-11-15] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2010-08-07] (Google Inc)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2013-05-07] (DT Soft Ltd)
S3 ghsandroid; C:\Windows\System32\Drivers\ghsandroid.sys [38424 2011-09-20] (Google Inc)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-02-26] (LogMeIn Inc.)
S1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-12-11] (Kaspersky Lab ZAO)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [9216 2010-06-28] (HandSet Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
S3 MHIKEY10; C:\Windows\System32\Drivers\MHIKEY10x64.sys [60288 2010-09-15] (Generic USB smartcard reader)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-08-20] (NVIDIA Corporation)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 zghsdiag; C:\Windows\system32\DRIVERS\zghsdiag.sys [129304 2011-09-20] (ZTE Incorporated)
S3 zghsmdm; C:\Windows\system32\DRIVERS\zghsmdm.sys [129304 2011-09-20] (ZTE Incorporated)
S1 BdfNdisf; \??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [X]
U3 aswMBR; \??\C:\Users\BJRN~1\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\BJRN~1\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-22 07:40 - 2014-06-22 07:40 - 00025771 _____ () C:\Users\Björn\Downloads\FRST.txt
2014-06-22 07:39 - 2014-06-22 07:40 - 00000000 ____D () C:\FRST
2014-06-22 07:27 - 2014-06-22 07:27 - 00000687 _____ () C:\Users\Björn\Desktop\Neues Textdokument (3).txt
2014-06-22 07:26 - 2014-06-22 07:26 - 02083328 _____ (Farbar) C:\Users\Björn\Downloads\FRST64.exe
2014-06-22 06:43 - 2014-06-22 07:35 - 00001822 _____ () C:\Users\Björn\Desktop\aswMBR.txt
2014-06-22 06:43 - 2014-06-22 07:35 - 00000512 _____ () C:\Users\Björn\Desktop\MBR.dat
2014-06-22 06:38 - 2014-06-22 06:39 - 05185536 _____ (AVAST Software) C:\Users\Björn\Downloads\aswMBR.exe
2014-06-22 06:36 - 2014-06-22 06:36 - 00001040 _____ () C:\Users\Björn\Desktop\Scan.txt
2014-06-22 05:44 - 2014-06-22 07:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-22 05:44 - 2014-06-22 05:44 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-06-22 05:44 - 2014-06-22 05:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-06-22 05:44 - 2014-06-22 05:44 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-22 05:44 - 2014-06-22 05:44 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-06-22 05:44 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-22 05:44 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-22 05:44 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-22 05:42 - 2014-06-22 05:42 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Björn\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-21 05:34 - 2014-06-21 05:43 - 162196920 _____ () C:\Users\Björn\Downloads\STMLibrary.rar
2014-06-21 05:34 - 2014-06-21 05:43 - 125122370 _____ () C:\Users\Björn\Downloads\SpeedTree_Cinema_v.6.2.3-Win_x32_x64.rar
2014-06-21 04:54 - 2014-06-21 04:57 - 221954946 _____ () C:\Users\Björn\Downloads\SpeedTree_Cinema_v7.0.0_Win_FULL.rar
2014-06-21 04:46 - 2014-06-21 04:46 - 00000408 _____ () C:\Users\Björn\Downloads\SpeedTree_Cinema_v7.0.0_Win_FULL.rar.html
2014-06-21 04:44 - 2014-06-21 04:44 - 00000000 _____ () C:\Users\Björn\Downloads\premiumleecher.com_SpeedTree_Cinema_v7.0.0_Win_FULL.rar
2014-06-21 02:58 - 2014-06-21 02:58 - 00062418 _____ () C:\Users\Björn\Desktop\fedora-game-too-strong_o_3390577.webp
2014-06-20 20:19 - 2014-06-20 20:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r00
2014-06-20 04:37 - 2014-06-20 04:37 - 00000025 _____ () C:\Users\Björn\Desktop\Neues Textdokument (2).txt
2014-06-18 23:04 - 2014-06-17 23:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r10
2014-06-18 22:59 - 2014-06-17 23:29 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r09
2014-06-18 22:44 - 2014-06-17 23:31 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r07
2014-06-18 22:44 - 2014-06-17 23:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r08
2014-06-18 22:40 - 2014-06-18 23:04 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r06
2014-06-18 22:38 - 2014-06-17 23:23 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r05
2014-06-18 22:11 - 2014-06-18 22:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r02
2014-06-18 22:11 - 2014-06-18 22:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r01
2014-06-18 22:11 - 2014-06-18 22:39 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r03
2014-06-18 22:11 - 2014-06-18 22:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r04
2014-06-18 09:32 - 2014-06-18 09:52 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.rar
2014-06-18 09:32 - 2014-06-18 09:52 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r86
2014-06-18 09:32 - 2014-06-18 09:34 - 48783853 _____ () C:\Users\Björn\Downloads\rld-wothneor.r87
2014-06-18 09:31 - 2014-06-18 09:53 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r85
2014-06-18 08:26 - 2014-06-18 13:33 - 00000000 ____D () C:\Users\Björn\Desktop\Reaction
2014-06-18 07:06 - 2014-06-18 07:24 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r84
2014-06-18 07:01 - 2014-06-18 07:23 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r83
2014-06-18 06:54 - 2014-06-18 07:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r82
2014-06-18 06:37 - 2014-06-18 07:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r81
2014-06-18 06:32 - 2014-06-18 07:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r80
2014-06-18 06:28 - 2014-06-18 07:06 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r79
2014-06-18 06:27 - 2014-06-18 07:07 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r78
2014-06-18 06:20 - 2014-06-18 07:01 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r77
2014-06-18 06:12 - 2014-06-18 06:54 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r76
2014-06-18 06:02 - 2014-06-18 06:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r75
2014-06-18 05:51 - 2014-06-18 06:32 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r74
2014-06-18 05:48 - 2014-06-18 06:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r72
2014-06-18 05:48 - 2014-06-18 06:27 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r73
2014-06-18 05:38 - 2014-06-18 06:20 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r71
2014-06-18 05:19 - 2014-06-18 06:12 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r70
2014-06-18 05:15 - 2014-06-18 05:51 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r69
2014-06-18 05:09 - 2014-06-18 06:02 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r67
2014-06-18 05:09 - 2014-06-18 05:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r68
2014-06-18 04:56 - 2014-06-18 05:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r66
2014-06-18 04:43 - 2014-06-18 05:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r65
2014-06-18 04:33 - 2014-06-18 05:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r64
2014-06-18 04:26 - 2014-06-18 05:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r63
2014-06-18 04:25 - 2014-06-18 05:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r62
2014-06-18 04:17 - 2014-06-18 05:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r61
2014-06-18 04:13 - 2014-06-18 04:56 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r60
2014-06-18 04:03 - 2014-06-18 04:43 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r59
2014-06-18 03:51 - 2014-06-18 04:26 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r58
2014-06-18 03:48 - 2014-06-18 04:33 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r56
2014-06-18 03:48 - 2014-06-18 04:25 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r57
2014-06-18 03:44 - 2014-06-18 04:17 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r55
2014-06-18 03:33 - 2014-06-18 04:13 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r54
2014-06-18 03:28 - 2014-06-18 04:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r53
2014-06-18 03:14 - 2014-06-18 03:51 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r52
2014-06-18 03:12 - 2014-06-18 03:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r51
2014-06-18 03:08 - 2014-06-18 03:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r50
2014-06-18 03:04 - 2014-06-18 03:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r49
2014-06-18 02:56 - 2014-06-18 03:33 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r48
2014-06-18 02:42 - 2014-06-18 03:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r47
2014-06-18 02:25 - 2014-06-18 03:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r46
2014-06-18 02:22 - 2014-06-18 03:12 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r44
2014-06-18 02:22 - 2014-06-18 03:08 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r45
2014-06-18 02:20 - 2014-06-18 03:04 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r43
2014-06-18 02:14 - 2014-06-18 02:56 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r42
2014-06-18 02:08 - 2014-06-18 02:08 - 00000121 _____ () C:\Users\Björn\Desktop\debug.log
2014-06-18 01:55 - 2014-06-18 02:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r41
2014-06-18 01:46 - 2014-06-18 02:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r40
2014-06-18 01:45 - 2014-06-18 02:25 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r39
2014-06-18 01:42 - 2014-06-18 02:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r38
2014-06-18 01:41 - 2014-06-18 02:20 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r37
2014-06-18 01:41 - 2014-06-18 01:41 - 00269993 _____ () C:\Users\Björn\Desktop\hfg.dnd4e
2014-06-18 01:37 - 2014-06-18 02:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r36
2014-06-18 01:22 - 2014-06-18 01:55 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r35
2014-06-18 01:14 - 2014-06-18 01:46 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r34
2014-06-18 01:05 - 2014-06-18 01:45 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r33
2014-06-18 01:03 - 2014-06-18 01:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r32
2014-06-18 01:03 - 2014-06-18 01:41 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r31
2014-06-18 00:59 - 2014-06-18 01:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r30
2014-06-18 00:45 - 2014-06-18 01:05 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r29
2014-06-18 00:42 - 2014-06-18 01:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r28
2014-06-18 00:39 - 2014-06-18 01:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r27
2014-06-18 00:38 - 2014-06-18 01:13 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r26
2014-06-18 00:34 - 2014-06-18 00:59 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r25
2014-06-18 00:19 - 2014-06-18 00:45 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r24
2014-06-18 00:18 - 2014-06-18 00:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r23
2014-06-18 00:15 - 2014-06-18 00:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r22
2014-06-18 00:09 - 2014-06-18 00:34 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r21
2014-06-17 23:58 - 2014-06-18 00:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r20
2014-06-17 23:57 - 2014-06-18 00:39 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r19
2014-06-17 23:53 - 2014-06-18 00:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r18
2014-06-17 23:48 - 2014-06-18 00:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r17
2014-06-17 23:35 - 2014-06-17 23:58 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r16
2014-06-17 23:31 - 2014-06-18 00:18 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r15
2014-06-17 23:29 - 2014-06-17 23:53 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r14
2014-06-17 23:28 - 2014-06-17 23:57 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r13
2014-06-17 23:23 - 2014-06-17 23:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r12
2014-06-17 23:09 - 2014-06-17 23:35 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r11
2014-06-17 00:48 - 2014-06-17 00:48 - 763750521 _____ () C:\Windows\MEMORY.DMP
2014-06-17 00:48 - 2014-06-17 00:48 - 00329480 _____ () C:\Windows\Minidump\061714-45328-01.dmp
2014-06-16 06:08 - 2014-06-16 06:09 - 53813685 _____ () C:\Users\Björn\Downloads\RE124860_trial.zip
2014-06-14 05:30 - 2014-06-14 06:12 - 00000976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Sierra Utilities.lnk
2014-06-14 05:30 - 2014-06-14 05:30 - 00000000 ____D () C:\Windows\solcache
2014-06-14 05:28 - 2014-06-14 05:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2014-06-14 05:27 - 2014-06-14 06:12 - 00000456 _____ () C:\Windows\SIERRA.INI
2014-06-14 05:27 - 2014-06-14 06:11 - 00000000 ____D () C:\SIERRA
2014-06-14 05:27 - 2014-06-14 05:30 - 00000000 ____D () C:\Program Files (x86)\Sierra On-Line
2014-06-14 05:27 - 1998-10-30 22:21 - 01022976 _____ (Cendant Software) C:\Windows\SysWOW64\SierraNW.dll
2014-06-14 05:27 - 1998-10-30 22:21 - 00231936 _____ (Cendant Software) C:\Windows\SysWOW64\SNWValid.dll
2014-06-14 05:27 - 1997-07-14 17:42 - 00314880 _____ (InstallShield Software Corporation) C:\Windows\IsUninst.exe
2014-06-14 05:25 - 2014-06-14 05:25 - 00000000 ____D () C:\Users\Björn\Desktop\hl1
2014-06-14 04:38 - 2014-06-14 05:49 - 00000000 ____D () C:\Program Files (x86)\Half-Life
2014-06-14 04:37 - 2014-06-14 04:37 - 356680281 _____ () C:\Users\Björn\Downloads\Half-Life 1.1.1.0 Setup.exe
2014-06-14 03:09 - 2014-06-14 03:09 - 103587493 _____ () C:\Users\Björn\Downloads\Food Chain.mp4
2014-06-12 17:33 - 2014-06-22 07:31 - 00704244 _____ () C:\Windows\PFRO.log
2014-06-12 17:26 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-12 17:25 - 2014-06-12 17:27 - 00000000 ____D () C:\AdwCleaner
2014-06-12 17:25 - 2014-06-12 17:25 - 01333465 _____ () C:\Users\Björn\Downloads\adwcleaner_3.212.exe
2014-06-12 17:24 - 2014-06-12 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Björn\Downloads\AdwCleaner - CHIP-Installer.exe
2014-06-12 09:18 - 2014-05-24 04:48 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 09:18 - 2014-05-24 04:47 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 09:18 - 2014-05-24 04:47 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 09:18 - 2014-05-24 04:47 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-06-12 09:18 - 2014-05-24 04:47 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 09:18 - 2014-05-24 04:46 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 09:18 - 2014-05-24 04:45 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 09:18 - 2014-05-24 04:45 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 09:18 - 2014-05-24 04:45 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 09:18 - 2014-05-24 03:26 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 09:18 - 2014-05-24 03:26 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 09:18 - 2014-05-24 03:26 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 09:18 - 2014-05-24 03:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 09:18 - 2014-05-24 03:26 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 09:18 - 2014-05-24 03:26 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 09:18 - 2014-05-24 03:25 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 09:18 - 2014-05-24 03:25 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 09:18 - 2014-05-24 03:09 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 09:18 - 2014-05-24 03:03 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 09:18 - 2014-05-24 00:37 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-06-12 09:18 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-12 09:18 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-12 09:18 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-12 09:18 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-12 09:18 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2014-06-12 09:18 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-06-12 09:18 - 2014-04-01 00:08 - 00387268 _____ () C:\Windows\system32\ApnDatabase.xml
2014-06-12 09:18 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
2014-06-12 09:18 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2014-06-12 09:17 - 2014-05-24 03:26 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 09:17 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 09:17 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 09:17 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 01:04 - 2014-06-12 01:04 - 00450857 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - The Making of Totem.torrent
2014-06-11 17:57 - 2014-06-11 17:57 - 00128598 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - Realistic Skin with ZBrush and Keyshot.torrent
2014-06-11 16:43 - 2014-06-11 16:43 - 00028815 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - Advanced 3D Matte Painting Techniques with Garrett Fry.torrent
2014-06-11 16:42 - 2014-06-11 16:42 - 00000849 _____ () C:\Users\Björn\Desktop\PeerBlock.lnk
2014-06-11 16:38 - 2014-06-11 16:38 - 02374320 _____ (PeerBlock, LLC ) C:\Users\Björn\Downloads\PeerBlock-Setup_v1.2_r693.exe
2014-06-10 20:52 - 2014-06-10 20:52 - 00000000 ____D () C:\Users\Björn\Desktop\Objects
2014-06-10 20:46 - 2014-06-10 20:48 - 255123547 _____ () C:\Users\Björn\Downloads\CRYENGINE_SampleAssets.zip
2014-06-10 20:42 - 2014-06-10 20:42 - 00000103 _____ () C:\Windows\setupact.log
2014-06-10 20:42 - 2014-06-10 20:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-10 19:46 - 2014-06-10 19:46 - 00000000 _____ () C:\Users\Björn\Desktop\Neues Textdokument.txt
2014-06-10 16:24 - 2013-10-29 12:17 - 01961032 _____ () C:\Users\Björn\Desktop\Saloon.ma
2014-06-10 16:24 - 2013-10-04 06:36 - 00347485 _____ () C:\Users\Björn\Desktop\Polethingy.ma
2014-06-04 20:37 - 2014-06-04 20:38 - 00000000 ____D () C:\Users\Björn\Desktop\Neuer Ordner
2014-06-04 20:21 - 2014-06-04 20:22 - 78320209 _____ () C:\Users\Björn\Downloads\iLMcK-Journey-Best-DE-2014-AMb.part2.rar
2014-06-04 20:20 - 2014-06-04 20:23 - 157286400 _____ () C:\Users\Björn\Downloads\iLMcK-Journey-Best-DE-2014-AMb.part1.rar
2014-06-04 02:02 - 2014-06-04 02:02 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\LolClient
2014-06-03 23:24 - 2014-06-20 21:11 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-06-03 23:24 - 2014-06-03 23:24 - 00000000 ____D () C:\Riot Games
2014-06-03 23:24 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-06-03 23:24 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-06-03 23:24 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-06-03 23:18 - 2014-06-04 16:26 - 00000000 ____D () C:\Users\Björn\AppData\Local\PMB Files
2014-06-03 23:18 - 2014-06-03 23:18 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-03 23:18 - 2014-06-03 23:18 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-06-03 23:16 - 2014-06-03 23:17 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\Riot Games
2014-06-03 23:16 - 2014-06-03 23:16 - 34888568 _____ (Riot Games) C:\Users\Björn\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-06-03 20:51 - 2014-06-03 21:02 - 00000000 ____D () C:\Users\Björn\AppData\Local\ftblauncher
2014-06-03 05:40 - 2014-06-03 05:40 - 00000000 ____D () C:\Users\Björn\Desktop\Desks
2014-06-03 05:39 - 2014-06-20 01:27 - 00000000 ____D () C:\Users\Björn\Desktop\Schreibzeug
2014-06-03 05:37 - 2014-06-03 23:24 - 00000000 ____D () C:\Users\Björn\Desktop\03.06.14
2014-05-30 05:12 - 2014-06-22 03:58 - 01488225 _____ () C:\Windows\WindowsUpdate.log
2014-05-29 19:46 - 2014-05-29 20:38 - 00000000 ____D () C:\Users\Björn\Desktop\Wertch Dergs
2014-05-25 17:27 - 2014-05-25 17:27 - 04981160 _____ (Adobe Systems Inc.) C:\Users\Björn\Downloads\Shockwave_Installer_Slim.exe
2014-05-25 17:27 - 2014-05-25 17:27 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-05-23 22:57 - 2014-05-23 22:57 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\Documents\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\AppData\Local\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-23 22:53 - 2014-05-23 22:53 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-23 22:52 - 2014-05-23 22:52 - 00000000 ____D () C:\Users\Björn\AppData\Local\Downloaded Installations
2014-05-23 22:49 - 2014-05-23 22:49 - 30992256 _____ () C:\Users\Björn\Downloads\TomTomHOME2winlatest.exe
2014-05-23 22:08 - 2014-05-23 22:08 - 00000000 ____D () C:\Users\Björn\Desktop\FUN WP

==================== One Month Modified Files and Folders =======

2014-06-22 07:40 - 2014-06-22 07:40 - 00025771 _____ () C:\Users\Björn\Downloads\FRST.txt
2014-06-22 07:40 - 2014-06-22 07:39 - 00000000 ____D () C:\FRST
2014-06-22 07:36 - 2013-04-30 11:55 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1665384598-1873612933-4217401405-1001
2014-06-22 07:35 - 2014-06-22 06:43 - 00001822 _____ () C:\Users\Björn\Desktop\aswMBR.txt
2014-06-22 07:35 - 2014-06-22 06:43 - 00000512 _____ () C:\Users\Björn\Desktop\MBR.dat
2014-06-22 07:33 - 2013-12-11 20:03 - 00000000 ____D () C:\Users\Björn\AppData\Local\LogMeIn Hamachi
2014-06-22 07:32 - 2014-06-22 05:44 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-22 07:31 - 2014-06-12 17:33 - 00704244 _____ () C:\Windows\PFRO.log
2014-06-22 07:31 - 2014-02-22 08:34 - 00000000 ____D () C:\ProgramData\Norton
2014-06-22 07:31 - 2013-10-12 04:37 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-22 07:31 - 2013-05-02 23:44 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-22 07:31 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 07:28 - 2013-05-31 02:25 - 00000000 ____D () C:\Program Files\PeerBlock
2014-06-22 07:28 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-06-22 07:27 - 2014-06-22 07:27 - 00000687 _____ () C:\Users\Björn\Desktop\Neues Textdokument (3).txt
2014-06-22 07:27 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-06-22 07:27 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-06-22 07:26 - 2014-06-22 07:26 - 02083328 _____ (Farbar) C:\Users\Björn\Downloads\FRST64.exe
2014-06-22 07:26 - 2013-04-19 02:53 - 07726080 ___SH () C:\Users\Björn\Desktop\Thumbs.db
2014-06-22 07:10 - 2013-10-12 04:37 - 00001122 _____ () C:\Users\Björn\AppData\Local\JDownloader v2.0
2014-06-20 21:15 - 2014-02-28 14:37 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-06-20 21:11 - 2014-06-03 23:24 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-06-20 21:08 - 2013-04-08 00:42 - 04812288 ___SH () C:\Users\Björn\Downloads\Thumbs.db
2014-06-20 20:38 - 2014-06-20 20:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r00
2014-06-20 03:45 - 2014-06-20 03:44 - 27167987 _____ () C:\Users\Björn\AppData\Roaming\Skype
2014-06-20 01:27 - 2014-06-03 05:39 - 00000000 ____D () C:\Users\Björn\Desktop\Schreibzeug
2014-06-19 15:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-06-18 23:04 - 2014-06-18 22:40 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r06
2014-06-18 22:44 - 2014-06-18 22:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r02
2014-06-18 22:44 - 2014-06-18 22:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r01
2014-06-18 22:39 - 2014-06-18 22:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r03
2014-06-18 22:37 - 2014-06-18 22:11 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r04
2014-06-18 13:33 - 2014-06-18 08:26 - 00000000 ____D () C:\Users\Björn\Desktop\Reaction
2014-06-18 09:53 - 2014-06-18 09:31 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r85
2014-06-18 09:52 - 2014-06-18 09:32 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.rar
2014-06-18 09:52 - 2014-06-18 09:32 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r86
2014-06-18 09:34 - 2014-06-18 09:32 - 48783853 _____ () C:\Users\Björn\Downloads\rld-wothneor.r87
2014-06-18 07:24 - 2014-06-18 07:06 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r84
2014-06-18 07:23 - 2014-06-18 07:01 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r83
2014-06-18 07:22 - 2014-06-18 06:54 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r82
2014-06-18 07:15 - 2014-06-18 06:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r81
2014-06-18 07:11 - 2014-06-18 06:32 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r80
2014-06-18 07:07 - 2014-06-18 06:27 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r78
2014-06-18 07:06 - 2014-06-18 06:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r79
2014-06-18 07:01 - 2014-06-18 06:20 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r77
2014-06-18 06:54 - 2014-06-18 06:12 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r76
2014-06-18 06:37 - 2014-06-18 06:02 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r75
2014-06-18 06:32 - 2014-06-18 05:51 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r74
2014-06-18 06:28 - 2014-06-18 05:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r72
2014-06-18 06:27 - 2014-06-18 05:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r73
2014-06-18 06:20 - 2014-06-18 05:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r71
2014-06-18 06:12 - 2014-06-18 05:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r70
2014-06-18 06:02 - 2014-06-18 05:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r67
2014-06-18 05:51 - 2014-06-18 05:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r69
2014-06-18 05:48 - 2014-06-18 05:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r68
2014-06-18 05:48 - 2014-06-18 04:56 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r66
2014-06-18 05:38 - 2014-06-18 04:43 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r65
2014-06-18 05:19 - 2014-06-18 04:26 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r63
2014-06-18 05:15 - 2014-06-18 04:33 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r64
2014-06-18 05:09 - 2014-06-18 04:25 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r62
2014-06-18 05:09 - 2014-06-18 04:17 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r61
2014-06-18 04:56 - 2014-06-18 04:13 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r60
2014-06-18 04:43 - 2014-06-18 04:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r59
2014-06-18 04:33 - 2014-06-18 03:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r56
2014-06-18 04:26 - 2014-06-18 03:51 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r58
2014-06-18 04:25 - 2014-06-18 03:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r57
2014-06-18 04:17 - 2014-06-18 03:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r55
2014-06-18 04:13 - 2014-06-18 03:33 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r54
2014-06-18 04:03 - 2014-06-18 03:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r53
2014-06-18 03:51 - 2014-06-18 03:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r52
2014-06-18 03:48 - 2014-06-18 03:12 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r51
2014-06-18 03:48 - 2014-06-18 03:08 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r50
2014-06-18 03:44 - 2014-06-18 03:04 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r49
2014-06-18 03:33 - 2014-06-18 02:56 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r48
2014-06-18 03:28 - 2014-06-18 02:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r47
2014-06-18 03:14 - 2014-06-18 02:25 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r46
2014-06-18 03:12 - 2014-06-18 02:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r44
2014-06-18 03:08 - 2014-06-18 02:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r45
2014-06-18 03:04 - 2014-06-18 02:20 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r43
2014-06-18 02:56 - 2014-06-18 02:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r42
2014-06-18 02:42 - 2014-06-18 01:55 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r41
2014-06-18 02:25 - 2014-06-18 01:45 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r39
2014-06-18 02:22 - 2014-06-18 01:46 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r40
2014-06-18 02:22 - 2014-06-18 01:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r38
2014-06-18 02:20 - 2014-06-18 01:41 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r37
2014-06-18 02:14 - 2014-06-18 01:37 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r36
2014-06-18 02:08 - 2014-06-18 02:08 - 00000121 _____ () C:\Users\Björn\Desktop\debug.log
2014-06-18 01:55 - 2014-06-18 01:22 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r35
2014-06-18 01:46 - 2014-06-18 01:14 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r34
2014-06-18 01:45 - 2014-06-18 01:05 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r33
2014-06-18 01:42 - 2014-06-18 01:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r32
2014-06-18 01:41 - 2014-06-18 01:41 - 00269993 _____ () C:\Users\Björn\Desktop\hfg.dnd4e
2014-06-18 01:41 - 2014-06-18 01:03 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r31
2014-06-18 01:37 - 2014-06-18 00:59 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r30
2014-06-18 01:22 - 2014-06-18 00:42 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r28
2014-06-18 01:13 - 2014-06-18 00:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r26
2014-06-18 01:05 - 2014-06-18 00:45 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r29
2014-06-18 01:03 - 2014-06-18 00:39 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r27
2014-06-18 00:59 - 2014-06-18 00:34 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r25
2014-06-18 00:45 - 2014-06-18 00:19 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r24
2014-06-18 00:42 - 2014-06-18 00:18 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r23
2014-06-18 00:39 - 2014-06-17 23:57 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r19
2014-06-18 00:38 - 2014-06-18 00:15 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r22
2014-06-18 00:34 - 2014-06-18 00:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r21
2014-06-18 00:19 - 2014-06-17 23:58 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r20
2014-06-18 00:18 - 2014-06-17 23:31 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r15
2014-06-18 00:15 - 2014-06-17 23:53 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r18
2014-06-18 00:09 - 2014-06-17 23:48 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r17
2014-06-17 23:58 - 2014-06-17 23:35 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r16
2014-06-17 23:57 - 2014-06-17 23:28 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r13
2014-06-17 23:53 - 2014-06-17 23:29 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r14
2014-06-17 23:48 - 2014-06-17 23:23 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r12
2014-06-17 23:35 - 2014-06-17 23:09 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r11
2014-06-17 23:31 - 2014-06-18 22:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r07
2014-06-17 23:29 - 2014-06-18 22:59 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r09
2014-06-17 23:28 - 2014-06-18 23:04 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r10
2014-06-17 23:23 - 2014-06-18 22:38 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r05
2014-06-17 23:09 - 2014-06-18 22:44 - 500000012 _____ () C:\Users\Björn\Downloads\rld-wothneor.r08
2014-06-17 02:49 - 2014-05-05 05:49 - 00001778 _____ () C:\Windows\Sandboxie.ini
2014-06-17 01:15 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-06-17 00:48 - 2014-06-17 00:48 - 763750521 _____ () C:\Windows\MEMORY.DMP
2014-06-17 00:48 - 2014-06-17 00:48 - 00329480 _____ () C:\Windows\Minidump\061714-45328-01.dmp
2014-06-17 00:48 - 2013-10-27 07:22 - 00000000 ____D () C:\Windows\Minidump
2014-06-17 00:39 - 2014-06-17 00:39 - 00000000 ____D () C:\Users\Björn\Desktop\ughiujhoih
2014-06-16 06:09 - 2014-06-16 06:09 - 00016610 _____ () C:\Users\Björn\Downloads\[BBS.2DJGAME.NET]RJ124860.torrent
2014-06-16 06:09 - 2014-06-16 06:08 - 53813685 _____ () C:\Users\Björn\Downloads\RE124860_trial.zip
2014-06-15 21:23 - 2013-04-27 08:04 - 00000000 ____D () C:\Users\Björn\AppData\Local\VirtualStore
2014-06-14 06:12 - 2014-06-14 05:30 - 00000976 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Sierra Utilities.lnk
2014-06-14 06:12 - 2014-06-14 05:27 - 00000456 _____ () C:\Windows\SIERRA.INI
2014-06-14 06:11 - 2014-06-14 05:27 - 00000000 ____D () C:\SIERRA
2014-06-14 05:49 - 2014-06-14 04:38 - 00000000 ____D () C:\Program Files (x86)\Half-Life
2014-06-14 05:43 - 2014-03-11 02:09 - 00000000 ____D () C:\Users\Björn\AppData\Local\CrashDumps
2014-06-14 05:31 - 2014-06-14 05:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2014-06-14 05:30 - 2014-06-14 05:30 - 00000000 ____D () C:\Windows\solcache
2014-06-14 05:30 - 2014-06-14 05:27 - 00000000 ____D () C:\Program Files (x86)\Sierra On-Line
2014-06-14 05:26 - 2013-05-07 12:19 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\DAEMON Tools Lite
2014-06-14 05:25 - 2014-06-14 05:25 - 00000000 ____D () C:\Users\Björn\Desktop\hl1
2014-06-14 04:37 - 2014-06-14 04:37 - 356680281 _____ () C:\Users\Björn\Downloads\Half-Life 1.1.1.0 Setup.exe
2014-06-14 03:09 - 2014-06-14 03:09 - 103587493 _____ () C:\Users\Björn\Downloads\Food Chain.mp4
2014-06-13 20:11 - 2014-06-11 16:38 - 00001780 _____ () C:\Users\Björn\Desktop\PeerBlock.lnk
2014-06-13 19:30 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-06-13 19:28 - 2013-08-18 06:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 19:26 - 2013-04-28 09:22 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 17:27 - 2014-06-12 17:25 - 00000000 ____D () C:\AdwCleaner
2014-06-12 17:27 - 2013-10-12 04:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-12 17:27 - 2013-04-27 13:43 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-06-12 17:27 - 2013-04-27 08:05 - 00000995 _____ () C:\Users\Björn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-12 17:25 - 2014-06-12 17:25 - 01333465 _____ () C:\Users\Björn\Downloads\adwcleaner_3.212.exe
2014-06-12 17:24 - 2014-06-12 17:24 - 00961360 _____ (Chip Digital GmbH) C:\Users\Björn\Downloads\AdwCleaner - CHIP-Installer.exe
2014-06-12 01:04 - 2014-06-12 01:04 - 00450857 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - The Making of Totem.torrent
2014-06-11 17:57 - 2014-06-11 17:57 - 00128598 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - Realistic Skin with ZBrush and Keyshot.torrent
2014-06-11 16:43 - 2014-06-11 16:43 - 00028815 _____ () C:\Users\Björn\Downloads\Gnomon Workshop - Advanced 3D Matte Painting Techniques with Garrett Fry.torrent
2014-06-11 16:38 - 2014-06-11 16:38 - 02374320 _____ (PeerBlock, LLC ) C:\Users\Björn\Downloads\PeerBlock-Setup_v1.2_r693.exe
2014-06-11 16:38 - 2013-05-31 02:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2014-06-10 22:02 - 2013-11-21 22:13 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\Mikogo 4
2014-06-10 20:52 - 2014-06-10 20:52 - 00000000 ____D () C:\Users\Björn\Desktop\Objects
2014-06-10 20:51 - 2013-11-18 01:29 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\TS3Client
2014-06-10 20:48 - 2014-06-10 20:46 - 255123547 _____ () C:\Users\Björn\Downloads\CRYENGINE_SampleAssets.zip
2014-06-10 20:42 - 2014-06-10 20:42 - 00000103 _____ () C:\Windows\setupact.log
2014-06-10 20:42 - 2014-06-10 20:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-10 19:46 - 2014-06-10 19:46 - 00000000 _____ () C:\Users\Björn\Desktop\Neues Textdokument.txt
2014-06-10 03:05 - 2013-05-02 03:41 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\Unity
2014-06-04 20:38 - 2014-06-04 20:37 - 00000000 ____D () C:\Users\Björn\Desktop\Neuer Ordner
2014-06-04 20:23 - 2014-06-04 20:20 - 157286400 _____ () C:\Users\Björn\Downloads\iLMcK-Journey-Best-DE-2014-AMb.part1.rar
2014-06-04 20:22 - 2014-06-04 20:21 - 78320209 _____ () C:\Users\Björn\Downloads\iLMcK-Journey-Best-DE-2014-AMb.part2.rar
2014-06-04 16:26 - 2014-06-03 23:18 - 00000000 ____D () C:\Users\Björn\AppData\Local\PMB Files
2014-06-04 02:02 - 2014-06-04 02:02 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\LolClient
2014-06-03 23:24 - 2014-06-03 23:24 - 00000000 ____D () C:\Riot Games
2014-06-03 23:24 - 2014-06-03 05:37 - 00000000 ____D () C:\Users\Björn\Desktop\03.06.14
2014-06-03 23:18 - 2014-06-03 23:18 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-03 23:18 - 2014-06-03 23:18 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-06-03 23:17 - 2014-06-03 23:16 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\Riot Games
2014-06-03 23:16 - 2014-06-03 23:16 - 34888568 _____ (Riot Games) C:\Users\Björn\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-06-03 21:02 - 2014-06-03 20:51 - 00000000 ____D () C:\Users\Björn\AppData\Local\ftblauncher
2014-06-03 20:51 - 2014-05-20 23:09 - 00000000 ____D () C:\Program Files (x86)\authlib
2014-06-03 20:51 - 2014-05-20 22:26 - 04916349 _____ () C:\Users\Björn\Downloads\launcher^FTB_Launcher.exe
2014-06-03 20:51 - 2013-12-27 01:24 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\ftblauncher
2014-06-03 05:40 - 2014-06-03 05:40 - 00000000 ____D () C:\Users\Björn\Desktop\Desks
2014-06-02 23:06 - 2013-07-26 20:23 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2014-05-31 07:16 - 2014-04-15 20:56 - 00703992 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-31 07:16 - 2014-04-15 20:56 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-30 05:13 - 2013-05-25 20:25 - 00000000 ____D () C:\Users\Björn\Documents\My Games
2014-05-30 05:09 - 2013-05-31 03:27 - 00000000 ____D () C:\Users\Björn\AppData\Local\Ubisoft Game Launcher
2014-05-29 20:38 - 2014-05-29 19:46 - 00000000 ____D () C:\Users\Björn\Desktop\Wertch Dergs
2014-05-25 17:27 - 2014-05-25 17:27 - 04981160 _____ (Adobe Systems Inc.) C:\Users\Björn\Downloads\Shockwave_Installer_Slim.exe
2014-05-25 17:27 - 2014-05-25 17:27 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-05-24 04:48 - 2014-06-12 09:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-24 04:47 - 2014-06-12 09:18 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-24 04:47 - 2014-06-12 09:18 - 01366016 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-24 04:47 - 2014-06-12 09:18 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-05-24 04:47 - 2014-06-12 09:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 19290112 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 15368704 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 03958784 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 02650112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-24 04:46 - 2014-06-12 09:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-24 04:45 - 2014-06-12 09:18 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-24 04:45 - 2014-06-12 09:18 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-24 04:45 - 2014-06-12 09:18 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-24 03:26 - 2014-06-12 09:18 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-24 03:26 - 2014-06-12 09:18 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-24 03:26 - 2014-06-12 09:18 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-24 03:26 - 2014-06-12 09:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-24 03:26 - 2014-06-12 09:18 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-24 03:26 - 2014-06-12 09:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-05-24 03:26 - 2014-06-12 09:17 - 14365696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 13731328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 02862080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-24 03:25 - 2014-06-12 09:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-24 03:25 - 2014-06-12 09:18 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-24 03:09 - 2014-06-12 09:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-24 03:03 - 2014-06-12 09:18 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-24 00:37 - 2014-06-12 09:18 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-05-23 22:57 - 2014-05-23 22:57 - 00000000 ____D () C:\ProgramData\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\Documents\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\AppData\Roaming\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Users\Björn\AppData\Local\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2014-05-23 22:54 - 2014-05-23 22:54 - 00000000 ____D () C:\Program Files (x86)\TomTom HOME 2
2014-05-23 22:53 - 2014-05-23 22:53 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-05-23 22:52 - 2014-05-23 22:52 - 00000000 ____D () C:\Users\Björn\AppData\Local\Downloaded Installations
2014-05-23 22:49 - 2014-05-23 22:49 - 30992256 _____ () C:\Users\Björn\Downloads\TomTomHOME2winlatest.exe
2014-05-23 22:08 - 2014-05-23 22:08 - 00000000 ____D () C:\Users\Björn\Desktop\FUN WP

Some content of TEMP:
====================
C:\Users\Björn\AppData\Local\Temp\proxy_vole1692994253489030762.dll
C:\Users\Björn\AppData\Local\Temp\Quarantine.exe
C:\Users\Björn\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Björn\AppData\Local\Temp\swt-win32-3349.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-19 03:38

==================== End Of Log ============================
         
Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-06-2014 01
Ran by Björn at 2014-06-22 07:40:53
Running from C:\Users\Björn\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.224 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcaniA - Gothic 4 (HKLM-x32\...\ArcaniA) (Version:  - JoWooD Entertainment AG)
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.0.420.0 - Autodesk)
Autodesk 3ds Max 2014 (Version: 16.0.420.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk Backburner 2014 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 14.0.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Download Manager (HKLM-x32\...\{2F48C80C-3A76-495A-A4B5-C0CC946FEEBD}) (Version: 2.0.6.0 - Autodesk, Inc.)
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk MatchMover 2014 (HKLM\...\{B151ECD3-2DBE-45E9-816E-F8AA6238F6A8}) (Version: 14.00.0000 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk Maya 2014 (HKLM\...\Autodesk Maya 2014) (Version: 16.0.0.0 - Autodesk)
Autodesk Maya 2014 (Version: 16.0.0.0 - Autodesk) Hidden
Autodesk Mudbox 2014 (HKLM\...\Autodesk Mudbox 2014) (Version: 8.0.0.1010 - Autodesk)
Autodesk Mudbox 2014 (Version: 8.0.0.1010 - Autodesk) Hidden
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
BeamNG.drive-0.3 (remove only) (HKCU\...\BeamNG.drive-0.3) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon RAW Codec (HKLM-x32\...\Canon RAW Codec) (Version: 1.8.0.68 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
Don't Starve (HKLM-x32\...\Don't Starve_is1) (Version:  - Klei Entertainment)
FileZilla Client 3.7.3 (HKCU\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.41 - FileZilla Project)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Free Mp3 Wma Converter V 2.2 (HKLM-x32\...\Free Mp3 Wma Converter_is1) (Version: 2.2.0.0 - Koyote Lab Inc.)
Gaming Mouse Editor (HKLM-x32\...\GamingMouseEditor) (Version: 12.08.0004 - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GeForce Experience NvStream Client Components (Version: 0.1.87 - NVIDIA Corporation) Hidden
Giana Sisters - Twisted Dreams (HKLM-x32\...\Giana Sisters - Twisted Dreams) (Version: 1.0 - Black Forest Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Handset software update tool (HKLM-x32\...\{78EAE810-3692-42DC-9B03-F8902811CE46}) (Version: 2.0.3.0 - ZTE)
Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2066.1.9B05 - )
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{F13921D6-AE6D-41BF-807A-17BD99C0A4FD}) (Version: 15.5.5.0480 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{962E1735-D2E0-4813-AB9F-C6CBA09E759A}) (Version: 15.05.7000.1709 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MediaMonkey 4.0 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.0 - Ventis Media Inc.)
mental ray renderer for Autodesk Maya 2014 (HKLM\...\{4F5AD3FF-38C6-43FB-BB6F-8EF830DEDF16}) (Version: 13.0.0.0 - mental ray)
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mikogo 4 (HKCU\...\Mikogo 4) (Version: 4.7 - BeamYourScreen GmbH)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
NVIDIA 3D Vision Treiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.58 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.58 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.58 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.902 - NVIDIA Corporation) Hidden
NVIDIA Optimus 8.3.14 (Version: 8.3.14 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3158 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.58 (Version: 331.58 - NVIDIA Corporation) Hidden
NVIDIA Update 8.3.14 (Version: 8.3.14 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 8.3.14 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation)
OpenRL Runtime 1.3.1000.14 x64 (HKLM\...\{250C8D22-1757-11E3-818E-1803734DBB4F}) (Version: 1.3.1000.14 - Caustic Graphics, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39029 - Realtek Semiconductor Corp.)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Secure Download Manager (HKLM-x32\...\{531E35C7-B4E7-418C-A2CD-C1205D9C8AC9}) (Version: 3.1.20 - Kivuto Solutions Inc.)
SHIELD Streaming (Version: 1.05.28 - NVIDIA Corporation) Hidden
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version:  - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.6 (HKLM\...\{6C9365EB-1F9E-4893-9196-3EC77C88D0C5}) (Version: 2.6.2.0 - Intel)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unreal Development Kit: 2013-07 (HKLM\...\UDK-60d9d1fd-84bf-4c2a-8f40-c5fe2352ec00) (Version:  - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
VNC Server 5.0.6 (HKLM\...\RealVNC_is1) (Version: 5.0.6 - RealVNC Ltd)
VNC Viewer 5.0.6 (HKLM\...\RealVNCViewer_is1) (Version: 5.0.6 - RealVNC Ltd)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WildStar (HKLM-x32\...\WildStar) (Version: 1.0.0.6525 - NCSOFT)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version:  - )
xNormal 3.18.6 (HKLM\...\xNormal 3.18.6) (Version:  - Santiago Orgaz)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
ZTE 3GPhone USB Driver 5.2066.1.6 (HKLM\...\{8472455A-0658-4A6A-98F8-EF3FF6163B59}_is1) (Version: 5.2066.1.6 - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version:  - ZTE Corporation)

==================== Restore Points  =========================

03-06-2014 21:20:22 Microsoft Visual C++ 2005 Redistributable wird installiert
11-06-2014 04:03:40 Geplanter Prüfpunkt
20-06-2014 19:10:11 Removed League of Legends

==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-10-10 23:22 - 00000894 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {303385AC-EB3D-4B7F-B0D7-3CD9416838A8} - System32\Tasks\AutoPico Daily Restart => C:\Users\Björn\Desktop\KMSpico
Task: {7D9C9225-C904-426A-AE88-F027E5DE7D95} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: {80484D6F-DB93-477B-AEEE-791D1F2D253E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8989AECB-F45E-4970-AA62-79AFA8616FD1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-06-13] (Microsoft Corporation)
Task: {B1BEA659-E0F0-4F0A-AD4B-6BB363574FA3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B1EB1529-A621-41C7-A678-C6BC5753D50D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CA612067-8360-4E42-94B7-999463581EAB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {D7AB06E5-4A90-4EC0-8684-C5D0BF7F132A} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-02 23:43 - 2013-10-16 02:48 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-05-02 23:44 - 2013-10-15 23:47 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-09-15 06:19 - 2011-09-15 06:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2012-12-14 02:42 - 2012-12-14 02:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-18 14:27 - 2013-12-04 18:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2013-05-07 13:13 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2013-05-02 23:43 - 2013-10-16 02:48 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-21 11:16 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Björn\Downloads\DivXInstaller.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\HWGPCI-54-V3.3.0.1.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\NIS-TW-21.1.0-GE.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\pro637-6.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\Samsung_USB_Driver_for_Mobile_Phones_v1.5.14.0.exe:BDU
AlternateDataStreams: C:\Users\Björn\Downloads\view.php.html:BDU

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "ADSK DLMSession"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SearchSettings"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "DivXMediaServer"
HKLM\...\StartupApproved\Run32: => "DivXUpdate"
HKCU\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKCU\...\StartupApproved\Run: => "FileZilla Server Interface"

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4563

Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4563

Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/21/2014 08:33:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3422

Error: (06/21/2014 08:33:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3422


System errors:
=============
Error: (06/22/2014 07:32:26 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: PBR_DRV\Device\HarddiskVolume33

Error: (06/22/2014 07:31:58 AM) (Source: DCOM) (EventID: 10016) (User: BJOERN)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}BJOERNBjörnS-1-5-21-1665384598-1873612933-4217401405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/22/2014 07:31:58 AM) (Source: DCOM) (EventID: 10016) (User: BJOERN)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}BJOERNBjörnS-1-5-21-1665384598-1873612933-4217401405-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/22/2014 06:05:27 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: PBR_DRV\Device\HarddiskVolume33

Error: (06/17/2014 00:49:56 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: PBR_DRV\Device\HarddiskVolume33

Error: (06/17/2014 00:48:54 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000009f (0x0000000000000003, 0xfffffa8007b12060, 0xfffff88002c8e7f0, 0xfffffa8008ba3e10)C:\Windows\MEMORY.DMP061714-45328-01

Error: (06/14/2014 03:59:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/14/2014 03:59:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (06/13/2014 07:24:49 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT-AUTORITÄT)
Description: Der Zeitdienst hat festgestellt, dass die Systemzeit um -86420 Sekunden geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->65.55.56.206:123) ordnungsgemäß ausgeführt wird.

Error: (06/12/2014 05:34:40 PM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT-AUTORITÄT)
Description: PBR_DRV\Device\HarddiskVolume33


Microsoft Office Sessions:
=========================

Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4563

Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4563

Error: (06/21/2014 08:33:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/21/2014 08:33:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3422

Error: (06/21/2014 08:33:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3422


==================== Memory info =========================== 

Percentage of memory in use: 24%
Total physical RAM: 8053.6 MB
Available physical RAM: 6040.42 MB
Total Pagefile: 16245.6 MB
Available Pagefile: 13825.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:782.46 GB) (Free:149.54 GB) NTFS
Drive d: () (Fixed) (Total:117.59 GB) (Free:40.37 GB) NTFS
Drive e: (Disc) (CDROM) (Total:4.15 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 9ED40981)
Partition 1: (Active) - (Size=30 GB) - (Type=0C)
Partition 2: (Not Active) - (Size=118 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1 GB) - (Type=12)
Partition 4: (Not Active) - (Size=782 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Vielen Dank im Vorraus, ich hoffe ihr könnt mich beruhigen oder helfen

Alt 22.06.2014, 21:09   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seltsame Zugriffe von fremden IP-Adressen aus Berlin - Standard

Seltsame Zugriffe von fremden IP-Adressen aus Berlin



Hi und

Zitat:
System32\Tasks\AutoPico Daily Restart => C:\Users\Björn\Desktop\KMSpico
Nun, wenn man gecrackte Software am Start hat, sollte man sich nicht wundern, wenn der Rechner rumspinnt. In diesem Fall ist das ein Office-Crack.

Du hast nicht noch mehr Gecracktes drauf? Software von Autodesk?

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________

__________________

Alt 23.06.2014, 04:29   #3
Murachacha
 
Seltsame Zugriffe von fremden IP-Adressen aus Berlin - Standard

Seltsame Zugriffe von fremden IP-Adressen aus Berlin



Danke für den netten Empfang, trotz KMS Pico

Bin gerade dabei es zu entfernen, verstehe nur noch nicht so ganz wie ichs aus der registry bekomme.

Bei Autodesk Produkten kann ich dich beruhigen, das sind Studentenversionen die ich über die Uni bekommen hab.

Ich nehme an ich soll die neuen Logs posten wenn ich fertig bin?

Vielen Dank übrigens nochmal, dass du mich darauf aufmerksam gemacht hast, und die Hilfe nicht sofort verweigerst
__________________

Alt 23.06.2014, 10:19   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Seltsame Zugriffe von fremden IP-Adressen aus Berlin - Standard

Seltsame Zugriffe von fremden IP-Adressen aus Berlin



Lösch sogut es geht. Deinstalliere auch das illegale MS-Office und etwaig andere gecrackte Software. Anschließend frische FRST-Logs erstellen und posten.

Hast du noch weitere Virenscanner-Logs? Mit Funden? Oder gab es nie Funde?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Seltsame Zugriffe von fremden IP-Adressen aus Berlin
association, classpnp.sys, computer, hal.dll, koyote, log file, maximal, sierra, tablet, windows, wscript.exe



Ähnliche Themen: Seltsame Zugriffe von fremden IP-Adressen aus Berlin


  1. Fremden Zugriff auf PC orten
    Plagegeister aller Art und deren Bekämpfung - 04.03.2015 (5)
  2. Abuse Brief Telekom: unerwünschte Zugriffe über Internet Zugang
    Plagegeister aller Art und deren Bekämpfung - 10.08.2013 (9)
  3. unererklärliche mail delivery fails und Zugriffe von unbekannter IP-Adresse auf Facebook-Account
    Plagegeister aller Art und deren Bekämpfung - 02.01.2013 (1)
  4. Fremden Provider von meiner Website aussperren
    Alles rund um Windows - 20.08.2012 (10)
  5. Live Security Platinum 3.6.1 verweigert auf alles Zugriffe, Hilfe
    Plagegeister aller Art und deren Bekämpfung - 19.08.2012 (26)
  6. Google-Suchergebnisse führen zu fremden Seiten
    Plagegeister aller Art und deren Bekämpfung - 21.04.2012 (30)
  7. möglicher Internetzugriff einer fremden Person
    Alles rund um Windows - 21.06.2011 (15)
  8. EMails werden von Fremden verschickt
    Plagegeister aller Art und deren Bekämpfung - 23.05.2011 (13)
  9. trojaner mittels fremden stick eingefangen !
    Plagegeister aller Art und deren Bekämpfung - 05.07.2010 (5)
  10. zugriffe auf meinen PC und wird immer langsamer
    Plagegeister aller Art und deren Bekämpfung - 27.03.2009 (15)
  11. Berlin.exe
    Plagegeister aller Art und deren Bekämpfung - 18.11.2007 (4)
  12. Online-Überweisung mit meiner IP vom fremden Rechner aus möglich?
    Plagegeister aller Art und deren Bekämpfung - 16.10.2007 (1)
  13. W-LAN Zugriffe protokollieren
    Netzwerk und Hardware - 25.09.2007 (19)
  14. 4000 Zugriffe laut Zonealarm?!?!
    Antiviren-, Firewall- und andere Schutzprogramme - 21.04.2007 (2)
  15. bitte Hilfe...Virus/Trojaner? kaum Zugriffe auf Internet & Monitor exe
    Plagegeister aller Art und deren Bekämpfung - 18.04.2007 (6)
  16. HILFE! Unbekannte zugriffe
    Log-Analyse und Auswertung - 10.01.2006 (6)
  17. Kerio nimmt Bonbons von Fremden
    Antiviren-, Firewall- und andere Schutzprogramme - 22.05.2003 (11)

Zum Thema Seltsame Zugriffe von fremden IP-Adressen aus Berlin - Hallo, seit einigen Tagen versuchen mehrere IP-Adressen aus Berlin, 85.239.127.80 und aufwärts, auf meinen Rechner zuzugreifen. Ein Freund meinte dann zu mir, ich solle diese Adressen doch mit Peerblock blockieren. - Seltsame Zugriffe von fremden IP-Adressen aus Berlin...
Archiv
Du betrachtest: Seltsame Zugriffe von fremden IP-Adressen aus Berlin auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.