| Kastanije | 06.06.2014 16:42 |
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:06-06-2014
Ran by Benjamin (administrator) on BENJAMIN-PC on 06-06-2014 14:32:24
Running from C:\Users\Benjamin\Downloads
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Razer Inc.) C:\Program Files\Razer\Razer Game Booster\RzKLService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe
(AVM Berlin) C:\Program Files\avmwlanstick\FRITZWLANMini.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Spotify Ltd) C:\Users\Benjamin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Benjamin\Downloads\FRST (1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\FRITZWLANMini.exe [283136 2007-02-02] (AVM Berlin)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [747264 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [svchost] => regsvr32 /s "C:\Temp:01966E73.dat"
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3888648 2014-06-05] (AVAST Software)
HKU\S-1-5-21-3672730397-3278138862-3631354475-1000\...\Run: [Spotify Web Helper] => C:\Users\Benjamin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-05-17] (Spotify Ltd)
HKU\S-1-5-21-3672730397-3278138862-3631354475-1000\...\Run: [Spotify] => C:\Users\Benjamin\AppData\Roaming\Spotify\spotify.exe [6170168 2014-05-17] (Spotify Ltd)
HKU\S-1-5-21-3672730397-3278138862-3631354475-1000\...\Run: [svchost] => regsvr32 /s "C:\Temp:01966E73.dat"
HKU\S-1-5-21-3672730397-3278138862-3631354475-1000\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-21-3672730397-3278138862-3631354475-1000\...\MountPoints2: {3663a4cc-5c25-11e3-90b2-002522c0ba2b} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3672730397-3278138862-3631354475-1000\...\MountPoints2: {4e9bb976-4d69-11e3-925b-da2bbd1e896d} - F:\pushinst.exe
HKU\S-1-5-21-3672730397-3278138862-3631354475-1000\...\MountPoints2: {83f1cd7b-8e73-11e3-9bfd-002522c0ba2b} - F:\LaunchU3.exe -a
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x22E3B5F979E1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtB0CtD0B0AtB0B0A0FyCtDtN0D0Tzu0SyCzyzztN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=914963795&ir=
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=318&src=ds&p={searchTerms}
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchinweb.info/?l=1&q={searchTerms}&pid=1565&r=2014/01/27&hid=2488100489113532445&lg=EN&cc=DE&unqvl=47
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd1103&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtB0CtD0B0AtB0B0A0FyCtDtN0D0Tzu0SyCzyzztN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=914963795&ir=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1390821886&from=cor&uid=SAMSUNGXHD204UI_S2H7J90B702130&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=318&src=ds&p={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchinweb.info/?l=1&q={searchTerms}&pid=1565&r=2014/01/27&hid=2488100489113532445&lg=EN&cc=DE&unqvl=47
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-27]
CHR Extension: (Google Drive) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-27]
CHR Extension: (Google-Suche) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-27]
CHR Extension: (Google Wallet) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-27]
CHR Extension: (MySearchDial) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pflphaooapbgpeakohlggbpidpppgdff [2014-05-27]
CHR Extension: (Google Mail) - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-27]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-05]
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Benjamin\AppData\Local\mysearchdial-speeddial.crx [2013-11-29]
CHR HKLM\...\Chrome\Extension: [pkndmigholgfjlniaohblojbhgjbkakn] - C:\Users\Benjamin\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv2.crx [2013-11-29]
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\Benjamin\AppData\Local\mysearchdial-speeddial.crx [2013-11-29]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-05] (AVAST Software)
S3 BEService; C:\Program Files\Common Files\BattlEye\BEService.exe [49152 2014-04-01] ()
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [614416 2014-01-29] ()
R2 RzKLService; C:\Program Files\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-06-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-06-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-06-05] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-06-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-06-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-06-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-06-05] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-06-05] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-01-26] (AVM Berlin)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [932744 2014-04-20] (<Turtle Entertainment>)
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622; C:\Program Files\Settings Manager\systemk\systemkmgrc1.cfg [31120 2014-05-18] (Aztec Media Inc)
R3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2007-01-26] (AVM GmbH)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV32.sys [105984 2009-10-27] (QUALCOMM Incorporated)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-20] (Intel Corporation)
S3 EtronHub3; System32\Drivers\EtronHub3.sys [X]
S3 EtronXHCI; System32\Drivers\EtronXHCI.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-06 14:46 - 2014-06-06 14:46 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (8).exe
2014-06-06 14:44 - 2014-06-06 14:44 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (7).exe
2014-06-06 14:37 - 2014-06-06 14:37 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (6).exe
2014-06-06 14:36 - 2014-06-06 14:36 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (5).exe
2014-06-06 14:36 - 2014-06-06 14:36 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (4).exe
2014-06-06 14:31 - 2014-06-06 14:31 - 01063424 _____ (Farbar) C:\Users\Benjamin\Downloads\FRST (1).exe
2014-06-06 14:20 - 2014-06-06 14:32 - 00000799 _____ () C:\Users\Benjamin\Desktop\FRST.txt
2014-06-06 14:19 - 2014-06-06 14:04 - 01063424 _____ (Farbar) C:\Users\Benjamin\Desktop\FRST.exe
2014-06-06 14:05 - 2014-06-06 14:47 - 00013024 _____ () C:\Users\Benjamin\Downloads\FRST.txt
2014-06-06 14:05 - 2014-06-06 14:47 - 00000000 ____D () C:\FRST
2014-06-06 14:04 - 2014-06-06 14:04 - 01063424 _____ (Farbar) C:\Users\Benjamin\Downloads\FRST.exe
2014-06-06 13:40 - 2014-06-06 13:40 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-06 13:40 - 2014-06-06 13:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-06 13:38 - 2014-06-06 13:38 - 03673664 _____ (Piriform Ltd) C:\Users\Benjamin\Downloads\ccsetup414_slim.exe
2014-06-05 16:53 - 2014-06-05 16:54 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\DropboxMaster
2014-06-05 16:53 - 2014-06-05 16:53 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-05 16:47 - 2014-06-05 16:48 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (3).exe
2014-06-05 16:47 - 2014-06-05 16:47 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (2).exe
2014-06-05 16:44 - 2014-06-05 16:44 - 00222968 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (1).exe
2014-06-05 16:42 - 2014-06-05 16:54 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\Dropbox
2014-06-05 16:36 - 2014-06-05 16:36 - 00222968 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI.exe
2014-06-05 16:32 - 2014-06-05 16:32 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\AVAST Software
2014-06-05 16:28 - 2014-06-05 16:28 - 00002123 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-05 16:28 - 2014-06-05 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-05 16:25 - 2014-06-05 16:28 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-05 16:25 - 2014-06-05 16:28 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-05 16:25 - 2014-06-05 16:28 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401978493367
2014-06-05 16:25 - 2014-06-05 16:25 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401978493367
2014-06-05 16:25 - 2014-06-05 16:25 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-05 16:25 - 2014-06-05 16:25 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-05 16:25 - 2014-06-05 16:25 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-05 16:23 - 2014-06-05 16:24 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-05 16:16 - 2014-06-05 16:19 - 94714880 _____ (AVAST Software) C:\Users\Benjamin\Downloads\avast_free_antivirus_setup_21514.exe
2014-06-04 16:29 - 2014-06-04 16:29 - 00000000 ____D () C:\OETemp
2014-06-02 17:06 - 2014-06-02 17:06 - 06209136 _____ (TeamViewer GmbH) C:\Users\Benjamin\Downloads\TeamViewer_Setup_de-ckc.exe
2014-06-02 17:06 - 2014-06-02 17:06 - 00001136 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-02 17:04 - 2014-06-02 17:04 - 00000000 ____D () C:\Program Files\TeamViewer
2014-06-02 17:03 - 2014-06-02 17:27 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\TeamViewer
2014-06-02 17:03 - 2014-06-02 17:03 - 06393104 _____ (TeamViewer) C:\Users\Benjamin\Downloads\TeamViewer_Host_Setup-ckc.exe
2014-06-02 17:02 - 2014-06-02 17:02 - 04617648 _____ (TeamViewer) C:\Users\Benjamin\Downloads\TeamViewerQS_de-ckc.exe
2014-06-01 23:24 - 2014-06-01 23:27 - 85661619 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part28.rar
2014-06-01 23:22 - 2014-06-01 23:27 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part27.rar
2014-06-01 23:22 - 2014-06-01 23:27 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part26.rar
2014-06-01 23:16 - 2014-06-01 23:22 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part25.rar
2014-06-01 23:15 - 2014-06-01 23:24 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part23.rar
2014-06-01 23:15 - 2014-06-01 23:22 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part24.rar
2014-06-01 21:12 - 2014-06-01 21:12 - 00000000 ____D () C:\Users\Benjamin\Documents\My Cheat Tables
2014-06-01 21:07 - 2014-06-01 21:07 - 00000000 ____D () C:\Users\Benjamin\Desktop\D
2014-06-01 21:06 - 2014-06-01 21:06 - 03643392 _____ () C:\Users\Benjamin\Downloads\[www.OldSchoolHack.de]_CSS WALLHACK.EXE
2014-06-01 18:48 - 2014-06-01 19:10 - 98747520 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part22.rar.part
2014-06-01 18:48 - 2014-06-01 19:06 - 96255884 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part21.rar.part
2014-06-01 18:48 - 2014-06-01 19:03 - 98567680 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part20.rar.part
2014-06-01 18:43 - 2014-06-01 23:15 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part18.rar
2014-06-01 18:43 - 2014-06-01 18:47 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part19.rar
2014-06-01 18:43 - 2014-06-01 18:47 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part17.rar
2014-06-01 18:38 - 2014-06-01 18:43 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part16.rar
2014-06-01 18:38 - 2014-06-01 18:43 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part15.rar
2014-06-01 18:38 - 2014-06-01 18:43 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part14.rar
2014-06-01 18:35 - 2014-06-01 18:38 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part13.rar
2014-06-01 18:31 - 2014-06-01 18:37 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part12.rar
2014-06-01 18:31 - 2014-06-01 18:37 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part11.rar
2014-06-01 18:27 - 2014-06-01 18:34 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part10.rar
2014-06-01 18:26 - 2014-06-01 18:31 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part09.rar
2014-06-01 18:26 - 2014-06-01 18:31 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part08.rar
2014-06-01 18:18 - 2014-06-01 18:26 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part07.rar
2014-06-01 18:18 - 2014-06-01 18:26 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part06.rar
2014-06-01 18:17 - 2014-06-01 18:35 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part05.rar
2014-06-01 18:14 - 2014-06-01 18:17 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part04.rar
2014-06-01 18:02 - 2014-06-01 18:14 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part03.rar
2014-06-01 18:02 - 2014-06-01 18:13 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part02.rar
2014-06-01 18:02 - 2014-06-01 18:11 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part01.rar
2014-06-01 17:53 - 2014-06-01 17:53 - 00000000 ____D () C:\Users\Benjamin\Desktop\JDownloader
2014-06-01 17:52 - 2014-06-01 17:53 - 31419822 _____ () C:\Users\Benjamin\Downloads\JDownloader.zip
2014-05-30 16:07 - 2013-05-03 13:31 - 00000000 ____D () C:\Users\Benjamin\Desktop\KC_Rebell_-_Banger_Rebellieren_(Ldt._Amazon_Edition)-2CD-DE-2013-RAF
2014-05-30 15:36 - 2014-05-30 16:02 - 258267967 _____ () C:\Users\Benjamin\Downloads\KCREBARELIAMED_MP.rar
2014-05-30 15:36 - 2014-05-30 15:36 - 00807272 _____ () C:\Users\Benjamin\Downloads\Setup (3).exe
2014-05-29 23:06 - 2014-05-29 23:06 - 00277880 _____ () C:\Users\Benjamin\Downloads\Java.exe
2014-05-28 17:28 - 2014-05-28 17:28 - 00018715 _____ () C:\Users\Benjamin\Downloads\LANGER. Kundeninformation BMW 320d Limousine IIS-Nr.328464.htm
2014-05-27 18:24 - 2014-05-27 18:24 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-27 18:24 - 2014-05-27 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-27 18:19 - 2014-06-05 15:51 - 00000000 ____D () C:\ProgramData\Avira
2014-05-27 18:19 - 2014-06-05 15:51 - 00000000 ____D () C:\Program Files\Avira
2014-05-27 18:14 - 2014-06-06 14:19 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-27 18:14 - 2014-06-06 13:12 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-27 18:11 - 2014-05-27 18:12 - 00918672 _____ (Google Inc.) C:\Users\Benjamin\Downloads\ChromeSetup.exe
2014-05-26 20:25 - 2014-05-26 20:25 - 17825285 _____ () C:\Users\Benjamin\Downloads\likeparty (2).sfw
2014-05-26 19:46 - 2014-05-26 19:47 - 00002234 _____ () C:\Windows\system32\httpsuchen.mobile.deauto-inseratopel-vectra-m%C3%BCnchen192977100.htmllang=de&pageNumber=1&__lp=46&scopeId=C&sortOption.sortBy=price.consumerGrossEuro&makeModelVariant1.searchInFreetext=false&makeModelVar.searchInFreetex.lnk
2014-05-21 18:37 - 2014-05-21 18:37 - 00000000 __SHD () C:\found.001
2014-05-19 20:16 - 2014-05-28 20:24 - 00000000 ____D () C:\ProgramData\systemk
2014-05-17 17:06 - 2014-05-17 17:06 - 17825285 _____ () C:\Users\Benjamin\Downloads\likeparty.sfw
2014-05-17 17:06 - 2014-05-17 17:06 - 17825285 _____ () C:\Users\Benjamin\Downloads\likeparty (1).sfw
2014-05-17 16:56 - 2014-05-17 17:03 - 17929233 _____ () C:\Users\Benjamin\Downloads\L@k_P@rty.rar
2014-05-15 20:19 - 2014-05-15 20:19 - 00994176 _____ () C:\Users\Benjamin\Downloads\setup (2).exe
2014-05-15 20:19 - 2014-05-15 20:19 - 00994176 _____ () C:\Users\Benjamin\Downloads\setup (1).exe
2014-05-15 20:18 - 2014-05-15 20:18 - 01107456 _____ () C:\Users\Benjamin\Downloads\rauchen20_09_2005h.ppt
2014-05-10 08:50 - 2014-05-10 08:50 - 00538404 _____ () C:\Users\Benjamin\Downloads\source_nick_v10.zip
2014-05-08 20:27 - 2014-05-08 20:36 - 141153166 _____ () C:\Users\Benjamin\Downloads\Kollegah-King-DE-2014-VOiCE.rar
==================== One Month Modified Files and Folders =======
2014-06-06 14:47 - 2014-06-06 14:05 - 00013024 _____ () C:\Users\Benjamin\Downloads\FRST.txt
2014-06-06 14:47 - 2014-06-06 14:05 - 00000000 ____D () C:\FRST
2014-06-06 14:47 - 2013-11-14 22:03 - 00000000 ____D () C:\Users\Benjamin\AppData\Local\Temp
2014-06-06 14:46 - 2014-06-06 14:46 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (8).exe
2014-06-06 14:44 - 2014-06-06 14:44 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (7).exe
2014-06-06 14:42 - 2013-12-03 21:30 - 00000000 ____D () C:\Temp
2014-06-06 14:37 - 2014-06-06 14:37 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (6).exe
2014-06-06 14:36 - 2014-06-06 14:36 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (5).exe
2014-06-06 14:36 - 2014-06-06 14:36 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (4).exe
2014-06-06 14:32 - 2014-06-06 14:20 - 00000799 _____ () C:\Users\Benjamin\Desktop\FRST.txt
2014-06-06 14:31 - 2014-06-06 14:31 - 01063424 _____ (Farbar) C:\Users\Benjamin\Downloads\FRST (1).exe
2014-06-06 14:19 - 2014-05-27 18:14 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-06 14:04 - 2014-06-06 14:19 - 01063424 _____ (Farbar) C:\Users\Benjamin\Desktop\FRST.exe
2014-06-06 14:04 - 2014-06-06 14:04 - 01063424 _____ (Farbar) C:\Users\Benjamin\Downloads\FRST.exe
2014-06-06 14:02 - 2013-11-19 00:47 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\TS3Client
2014-06-06 13:58 - 2013-11-20 16:02 - 00000000 ____D () C:\Program Files\Steam
2014-06-06 13:57 - 2013-11-14 10:58 - 00000000 ____D () C:\Windows\Panther
2014-06-06 13:40 - 2014-06-06 13:40 - 00000969 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-06 13:40 - 2014-06-06 13:40 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-06 13:38 - 2014-06-06 13:38 - 03673664 _____ (Piriform Ltd) C:\Users\Benjamin\Downloads\ccsetup414_slim.exe
2014-06-06 13:32 - 2013-11-15 16:16 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\Spotify
2014-06-06 13:18 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-06 13:18 - 2009-07-14 06:34 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-06 13:14 - 2013-11-14 11:02 - 01540182 ____N () C:\Windows\WindowsUpdate.log
2014-06-06 13:12 - 2014-05-27 18:14 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-06 13:11 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-05 20:50 - 2013-11-22 17:35 - 00000000 ____D () C:\Users\Benjamin\Desktop\hacks
2014-06-05 20:04 - 2014-01-09 17:54 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\newnext.me
2014-06-05 20:04 - 2014-01-09 17:54 - 00000000 ____D () C:\Users\Benjamin\AppData\Local\genienext
2014-06-05 20:04 - 2013-11-29 17:55 - 00000000 ____D () C:\Program Files\Mobogenie
2014-06-05 19:56 - 2013-11-20 16:02 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-06-05 16:54 - 2014-06-05 16:53 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\DropboxMaster
2014-06-05 16:54 - 2014-06-05 16:42 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\Dropbox
2014-06-05 16:53 - 2014-06-05 16:53 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-06-05 16:48 - 2014-06-05 16:47 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (3).exe
2014-06-05 16:47 - 2014-06-05 16:47 - 00222976 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (2).exe
2014-06-05 16:44 - 2014-06-05 16:44 - 00222968 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI (1).exe
2014-06-05 16:36 - 2014-06-05 16:36 - 00222968 _____ () C:\Users\Benjamin\Downloads\ClickHeretoDownloadSetup-8BEhc2CI.exe
2014-06-05 16:32 - 2014-06-05 16:32 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\AVAST Software
2014-06-05 16:28 - 2014-06-05 16:28 - 00002123 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-05 16:28 - 2014-06-05 16:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-05 16:28 - 2014-06-05 16:25 - 00777488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-05 16:28 - 2014-06-05 16:25 - 00411680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-05 16:28 - 2014-06-05 16:25 - 00068312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00776976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1401978493367
2014-06-05 16:25 - 2014-06-05 16:25 - 00411552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1401978493367
2014-06-05 16:25 - 2014-06-05 16:25 - 00271264 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-05 16:25 - 2014-06-05 16:25 - 00180632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00081768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-05 16:25 - 2014-06-05 16:25 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-05 16:25 - 2014-06-05 16:25 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-05 16:24 - 2014-06-05 16:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-05 16:19 - 2014-06-05 16:16 - 94714880 _____ (AVAST Software) C:\Users\Benjamin\Downloads\avast_free_antivirus_setup_21514.exe
2014-06-05 15:51 - 2014-05-27 18:19 - 00000000 ____D () C:\ProgramData\Avira
2014-06-05 15:51 - 2014-05-27 18:19 - 00000000 ____D () C:\Program Files\Avira
2014-06-04 16:29 - 2014-06-04 16:29 - 00000000 ____D () C:\OETemp
2014-06-04 16:29 - 2013-11-15 15:57 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-04 15:31 - 2013-11-15 16:17 - 00000000 ____D () C:\Users\Benjamin\AppData\Local\Spotify
2014-06-03 22:12 - 2014-04-27 23:44 - 00000000 ____D () C:\Users\Benjamin\AppData\Local\PokerStars.EU
2014-06-03 22:12 - 2014-04-27 23:43 - 00000000 ____D () C:\Program Files\PokerStars.EU
2014-06-03 13:07 - 2009-07-14 06:33 - 00272512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-02 20:50 - 2013-11-14 23:06 - 00058592 _____ () C:\Users\Benjamin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-02 17:27 - 2014-06-02 17:03 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\TeamViewer
2014-06-02 17:06 - 2014-06-02 17:06 - 06209136 _____ (TeamViewer GmbH) C:\Users\Benjamin\Downloads\TeamViewer_Setup_de-ckc.exe
2014-06-02 17:06 - 2014-06-02 17:06 - 00001136 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-06-02 17:04 - 2014-06-02 17:04 - 00000000 ____D () C:\Program Files\TeamViewer
2014-06-02 17:03 - 2014-06-02 17:03 - 06393104 _____ (TeamViewer) C:\Users\Benjamin\Downloads\TeamViewer_Host_Setup-ckc.exe
2014-06-02 17:02 - 2014-06-02 17:02 - 04617648 _____ (TeamViewer) C:\Users\Benjamin\Downloads\TeamViewerQS_de-ckc.exe
2014-06-01 23:27 - 2014-06-01 23:24 - 85661619 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part28.rar
2014-06-01 23:27 - 2014-06-01 23:22 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part27.rar
2014-06-01 23:27 - 2014-06-01 23:22 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part26.rar
2014-06-01 23:24 - 2014-06-01 23:15 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part23.rar
2014-06-01 23:22 - 2014-06-01 23:16 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part25.rar
2014-06-01 23:22 - 2014-06-01 23:15 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part24.rar
2014-06-01 23:15 - 2014-06-01 18:43 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part18.rar
2014-06-01 21:12 - 2014-06-01 21:12 - 00000000 ____D () C:\Users\Benjamin\Documents\My Cheat Tables
2014-06-01 21:07 - 2014-06-01 21:07 - 00000000 ____D () C:\Users\Benjamin\Desktop\D
2014-06-01 21:06 - 2014-06-01 21:06 - 03643392 _____ () C:\Users\Benjamin\Downloads\[www.OldSchoolHack.de]_CSS WALLHACK.EXE
2014-06-01 19:10 - 2014-06-01 18:48 - 98747520 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part22.rar.part
2014-06-01 19:06 - 2014-06-01 18:48 - 96255884 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part21.rar.part
2014-06-01 19:03 - 2014-06-01 18:48 - 98567680 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part20.rar.part
2014-06-01 18:47 - 2014-06-01 18:43 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part19.rar
2014-06-01 18:47 - 2014-06-01 18:43 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part17.rar
2014-06-01 18:43 - 2014-06-01 18:38 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part16.rar
2014-06-01 18:43 - 2014-06-01 18:38 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part15.rar
2014-06-01 18:43 - 2014-06-01 18:38 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part14.rar
2014-06-01 18:38 - 2014-06-01 18:35 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part13.rar
2014-06-01 18:37 - 2014-06-01 18:31 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part12.rar
2014-06-01 18:37 - 2014-06-01 18:31 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part11.rar
2014-06-01 18:35 - 2014-06-01 18:17 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part05.rar
2014-06-01 18:34 - 2014-06-01 18:27 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part10.rar
2014-06-01 18:31 - 2014-06-01 18:26 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part09.rar
2014-06-01 18:31 - 2014-06-01 18:26 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part08.rar
2014-06-01 18:26 - 2014-06-01 18:18 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part07.rar
2014-06-01 18:26 - 2014-06-01 18:18 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part06.rar
2014-06-01 18:17 - 2014-06-01 18:14 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part04.rar
2014-06-01 18:14 - 2014-06-01 18:02 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part03.rar
2014-06-01 18:13 - 2014-06-01 18:02 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part02.rar
2014-06-01 18:11 - 2014-06-01 18:02 - 111111127 _____ () C:\Users\Benjamin\Downloads\W7USP1.7601.x64.Mai.2011-PLZ.part01.rar
2014-06-01 18:09 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-01 17:53 - 2014-06-01 17:53 - 00000000 ____D () C:\Users\Benjamin\Desktop\JDownloader
2014-06-01 17:53 - 2014-06-01 17:52 - 31419822 _____ () C:\Users\Benjamin\Downloads\JDownloader.zip
2014-05-30 16:10 - 2010-11-20 23:01 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-30 16:02 - 2014-05-30 15:36 - 258267967 _____ () C:\Users\Benjamin\Downloads\KCREBARELIAMED_MP.rar
2014-05-30 15:36 - 2014-05-30 15:36 - 00807272 _____ () C:\Users\Benjamin\Downloads\Setup (3).exe
2014-05-29 23:06 - 2014-05-29 23:06 - 00277880 _____ () C:\Users\Benjamin\Downloads\Java.exe
2014-05-28 20:24 - 2014-05-19 20:16 - 00000000 ____D () C:\ProgramData\systemk
2014-05-28 17:43 - 2014-04-15 16:36 - 00000000 ____D () C:\Program Files\Linkey
2014-05-28 17:28 - 2014-05-28 17:28 - 00018715 _____ () C:\Users\Benjamin\Downloads\LANGER. Kundeninformation BMW 320d Limousine IIS-Nr.328464.htm
2014-05-27 21:45 - 2014-04-24 02:23 - 00002203 _____ () C:\Users\Benjamin\Desktop\Google Chrome.lnk
2014-05-27 18:43 - 2014-01-28 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSDCSC
2014-05-27 18:24 - 2014-05-27 18:24 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-27 18:24 - 2014-05-27 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-27 18:24 - 2013-11-15 15:38 - 00000000 ____D () C:\Program Files\Google
2014-05-27 18:12 - 2014-05-27 18:11 - 00918672 _____ (Google Inc.) C:\Users\Benjamin\Downloads\ChromeSetup.exe
2014-05-26 20:25 - 2014-05-26 20:25 - 17825285 _____ () C:\Users\Benjamin\Downloads\likeparty (2).sfw
2014-05-26 19:47 - 2014-05-26 19:46 - 00002234 _____ () C:\Windows\system32\httpsuchen.mobile.deauto-inseratopel-vectra-m%C3%BCnchen192977100.htmllang=de&pageNumber=1&__lp=46&scopeId=C&sortOption.sortBy=price.consumerGrossEuro&makeModelVariant1.searchInFreetext=false&makeModelVar.searchInFreetex.lnk
2014-05-26 19:37 - 2013-11-27 21:54 - 00000000 ____D () C:\Users\Benjamin\AppData\Local\ESL Wire Game Client
2014-05-26 19:36 - 2013-11-28 22:47 - 00000000 ____D () C:\Users\Benjamin\AppData\Roaming\Skype
2014-05-21 18:37 - 2014-05-21 18:37 - 00000000 __SHD () C:\found.001
2014-05-17 17:06 - 2014-05-17 17:06 - 17825285 _____ () C:\Users\Benjamin\Downloads\likeparty.sfw
2014-05-17 17:06 - 2014-05-17 17:06 - 17825285 _____ () C:\Users\Benjamin\Downloads\likeparty (1).sfw
2014-05-17 17:03 - 2014-05-17 16:56 - 17929233 _____ () C:\Users\Benjamin\Downloads\L@k_P@rty.rar
2014-05-15 20:19 - 2014-05-15 20:19 - 00994176 _____ () C:\Users\Benjamin\Downloads\setup (2).exe
2014-05-15 20:19 - 2014-05-15 20:19 - 00994176 _____ () C:\Users\Benjamin\Downloads\setup (1).exe
2014-05-15 20:18 - 2014-05-15 20:18 - 01107456 _____ () C:\Users\Benjamin\Downloads\rauchen20_09_2005h.ppt
2014-05-10 08:50 - 2014-05-10 08:50 - 00538404 _____ () C:\Users\Benjamin\Downloads\source_nick_v10.zip
2014-05-09 16:13 - 2013-11-29 17:55 - 00000000 ____D () C:\Users\Benjamin\AppData\Local\Mobogenie
2014-05-08 20:36 - 2014-05-08 20:27 - 141153166 _____ () C:\Users\Benjamin\Downloads\Kollegah-King-DE-2014-VOiCE.rar
Some content of TEMP:
====================
C:\Users\Benjamin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqn8nte.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-30 16:49
==================== End Of Log ============================
--- --- ---
addition
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:06-06-2014
Ran by Benjamin at 2014-06-06 14:48:07
Running from C:\Users\Benjamin\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{7C368470-3D19-24D9-4A81-697C1DEB4710}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden
avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2018 - Avast Software)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CLICK & LEARN DiDi 360° DVD (HKLM\...\{1C27F735-8AC7-4C91-954F-97522611E913}_is1) (Version: CLICK & LEARN DiDi 360° 4.2 DVD - DEGENER)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version: - Valve)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Dojotech Spotify Recorder (HKLM\...\{D149DB2E-392E-48CC-8036-88BECC09C50A}) (Version: 3.2 - Dojotech Software)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESL Wire 1.17.3 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
FINAL FANTASY XIV - A Realm Reborn (HKLM\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fotogalerie (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access 2003 Runtime (HKLM\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Mobogenie (HKLM\...\Mobogenie) (Version: - Mobogenie.com) <==== ATTENTION
Movie Maker (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
PAYDAY: The Heist (HKLM\...\Steam App 24240) (Version: - OVERKILL Software)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PokerStars.eu (HKLM\...\PokerStars.eu) (Version: - PokerStars.eu)
Razer Game Booster (HKLM\...\Razer Game Booster_is1) (Version: 4.0.68.0 - Razer Inc.)
Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Rust (HKLM\...\Steam App 252490) (Version: - Facepunch Studios)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
Silent Hill Homecoming (HKLM\...\Silent Hill Homecoming_is1) (Version: - )
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
VirtuallyJenna-025.002 (HKLM\...\VirtuallyJenna-025.002) (Version: - )
VLC media player 2.1.2 (HKLM\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 5.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
==================== Restore Points =========================
27-05-2014 16:43:17 Avira Free Antivirus - 27.05.2014 18:43
04-06-2014 14:29:21 Windows Update
05-06-2014 14:25:08 avast! antivirus system restore point
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {51B61448-6C53-45F7-B5C0-29AA8976F25F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-27] (Google Inc.)
Task: {54E179BD-2E0D-4E0B-BEE4-11DBF2DCE5FA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-05] (AVAST Software)
Task: {561AFCBC-AB37-4BA2-8330-548BBCFCA006} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {88D7275B-5922-44BA-AA62-5B8166A665C7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-05-27] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-06-05 16:38 - 2014-06-05 16:38 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14060500\algo.dll
2014-06-06 13:11 - 2014-06-06 13:11 - 02775040 _____ () C:\Program Files\AVAST Software\Avast\defs\14060600\algo.dll
2013-11-27 21:54 - 2014-01-29 19:13 - 00614416 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2013-11-27 21:54 - 2014-02-06 16:08 - 00165888 _____ () C:\Program Files\EslWire\service\NocIPC32.dll
2014-06-05 16:25 - 2014-06-05 16:25 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-20 19:33 - 2014-05-20 19:33 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-05-27 18:24 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-27 18:24 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Temp:01966E73.dat
AlternateDataStreams: C:\Temp:pid1
AlternateDataStreams: C:\Temp:pid2
AlternateDataStreams: C:\Temp:rnd.dat
AlternateDataStreams: C:\Temp:srv
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA => 1
MSCONFIG\startupreg: ESL Wire => "C:\Program Files\EslWire\wire.exe" --tray
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NextLive => C:\Windows\system32\rundll32.exe "C:\Users\Benjamin\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Overwolf => C:\Program Files\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
==================== Faulty Device Manager Devices =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/06/2014 01:33:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.25.32.45 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: bac
Startzeit: 01cf817859581b41
Endzeit: 3845
Anwendungspfad: C:\Program Files\Steam\Steam.exe
Berichts-ID: 45a50f73-ed6e-11e3-ae06-001f3f076653
Error: (06/06/2014 01:12:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2014 10:08:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2014 09:46:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x5387b8a0
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x5387b784
Ausnahmecode: 0x40000015
Fehleroffset: 0x0001f25e
ID des fehlerhaften Prozesses: 0x271c
Startzeit der fehlerhaften Anwendung: 0xcsgo.exe0
Pfad der fehlerhaften Anwendung: csgo.exe1
Pfad des fehlerhaften Moduls: csgo.exe2
Berichtskennung: csgo.exe3
Error: (06/05/2014 06:31:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x5387b8a0
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x5387b784
Ausnahmecode: 0x40000015
Fehleroffset: 0x0001f25e
ID des fehlerhaften Prozesses: 0x4b04
Startzeit der fehlerhaften Anwendung: 0xcsgo.exe0
Pfad der fehlerhaften Anwendung: csgo.exe1
Pfad des fehlerhaften Moduls: csgo.exe2
Berichtskennung: csgo.exe3
Error: (06/05/2014 04:25:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary fdclfaym.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (06/05/2014 04:25:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {53ba0a14-63c5-4e97-8363-28ae2f5f5f7d}
Error: (06/05/2014 04:14:07 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x80070008) festgestellt.
Error: (06/05/2014 03:53:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/04/2014 10:43:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: csgo.exe, Version: 0.0.0.0, Zeitstempel: 0x53628ca7
Name des fehlerhaften Moduls: tier0.dll, Version: 0.0.0.0, Zeitstempel: 0x5362c098
Ausnahmecode: 0x40000015
Fehleroffset: 0x0002181e
ID des fehlerhaften Prozesses: 0xa4
Startzeit der fehlerhaften Anwendung: 0xcsgo.exe0
Pfad der fehlerhaften Anwendung: csgo.exe1
Pfad des fehlerhaften Moduls: csgo.exe2
Berichtskennung: csgo.exe3
System errors:
=============
Error: (06/05/2014 10:06:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.06.2014 um 21:54:38 unerwartet heruntergefahren.
Error: (06/03/2014 10:06:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.06.2014 um 22:05:18 unerwartet heruntergefahren.
Error: (06/02/2014 06:37:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
Error: (06/02/2014 06:36:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/02/2014 06:35:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TeamViewer 9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 2000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/01/2014 09:13:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/01/2014 09:13:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/01/2014 06:06:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (05/31/2014 06:20:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (05/31/2014 06:19:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 31.05.2014 um 18:18:31 unerwartet heruntergefahren.
Microsoft Office Sessions:
=========================
Error: (06/06/2014 01:33:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.25.32.45bac01cf817859581b413845C:\Program Files\Steam\Steam.exe45a50f73-ed6e-11e3-ae06-001f3f076653
Error: (06/06/2014 01:12:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2014 10:08:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/05/2014 09:46:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: csgo.exe0.0.0.05387b8a0tier0.dll0.0.0.05387b784400000150001f25e271c01cf80dbe17b5055C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exeC:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll1be2671a-ecea-11e3-bdda-002522c0ba2b
Error: (06/05/2014 06:31:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: csgo.exe0.0.0.05387b8a0tier0.dll0.0.0.05387b784400000150001f25e4b0401cf80cfaa64c96dC:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exeC:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dlld0cbdf04-ecce-11e3-bdda-002522c0ba2b
Error: (06/05/2014 04:25:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary fdclfaym.
System Error:
Das System kann die angegebene Datei nicht finden.
Error: (06/05/2014 04:25:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {53ba0a14-63c5-4e97-8363-28ae2f5f5f7d}
Error: (06/05/2014 04:14:07 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: 0x80070008
Error: (06/05/2014 03:53:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/04/2014 10:43:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: csgo.exe0.0.0.053628ca7tier0.dll0.0.0.05362c098400000150002181ea401cf802b4575f3d9C:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exeC:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dlld86e45a1-ec28-11e3-ab97-001f3f076653
==================== Memory info ===========================
Percentage of memory in use: 73%
Total physical RAM: 3062.68 MB
Available physical RAM: 823.04 MB
Total Pagefile: 6591.84 MB
Available Pagefile: 1426.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1892.38 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:946.47 GB) (Free:819.9 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:916.45 GB) (Free:891.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 6D4FF8C5)
Partition 1: (Active) - (Size=946 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=916 GB) - (Type=07 NTFS)
==================== End Of Log ============================
--- --- --- |
FRST 32-Bit | FRST 64-Bit