|
Log-Analyse und Auswertung: LOG Auswertung, Keine Office Updates, Fragmente BKA TrojanerWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
26.12.2013, 13:26 | #1 | |||
| LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner Hi Leute, ich kann aktuelle Office2013 Updates nicht installieren, ich habe ein wenig vorarbeit geleistet und gemäß der Anleitungen des TB Forums, mit folgenden Programmen, erste LOGs erstellt. Ich habe z.B. mit JRT Fragmente gefunden, die laut Forum auf BKA Trojaner deuten. Allerdings hat Eset keine Warnmeldung ausgegeben. Zitat:
bevor ich weiter spekuliere, poste ich die bereits erstellen LOGs zur Ansicht und Auswertung. Danke euch im Voraus für euer Hilfe und weiterhin frohes Fest. JRT LOG Zitat:
GMER LOG GMER Logfile: Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net Rootkit scan 2013-12-25 06:05:59 Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000003d SAMSUNG_HM641JI rev.2AJ10001 596,17GB Running: gmer_2.1.19163.exe; Driver: C:\Users\******\AppData\Local\Temp\fgloquog.sys ---- User code sections - GMER 2.1 ---- .text C:\Windows\system32\vmms.exe[1632] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007ffc56e177a 4 bytes [6E, C5, FF, 07] .text C:\Windows\system32\vmms.exe[1632] C:\Windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007ffc56e1782 4 bytes [6E, C5, FF, 07] .text C:\Windows\Explorer.EXE[2568] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007ffb85e1532 4 bytes [5E, B8, FF, 07] .text C:\Windows\Explorer.EXE[2568] C:\Windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007ffb85e153a 4 bytes [5E, B8, FF, 07] .text C:\Windows\Explorer.EXE[2568] C:\Windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007ffb85e165a 4 bytes [5E, B8, FF, 07] .text C:\Program Files\ESET\ESET Smart Security\egui.exe[3220] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 690 000007ffb85e1532 4 bytes [5E, B8, FF, 07] .text C:\Program Files\ESET\ESET Smart Security\egui.exe[3220] C:\Windows\SYSTEM32\msimg32.dll!GradientFill + 698 000007ffb85e153a 4 bytes [5E, B8, FF, 07] .text C:\Program Files\ESET\ESET Smart Security\egui.exe[3220] C:\Windows\SYSTEM32\msimg32.dll!TransparentBlt + 246 000007ffb85e165a 4 bytes [5E, B8, FF, 07] ---- Threads - GMER 2.1 ---- Thread System [4:768] fffffa8005915630 Thread C:\Windows\system32\csrss.exe [536:560] fffff960007945e8 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Kernel\RNG@RNGAuxiliarySeed -1259165456 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd508976 Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd508976@c4731e05de87 0x78 0x0E 0x41 0x6F ... Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0009dd508976@0808c29c97e5 0xA7 0xD9 0x72 0x31 ... ---- EOF - GMER 2.1 ---- OTL LOG / Extras OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.12.2013 07:11:45 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\******\Desktop\Security 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16750) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,73 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 55,92% Memory free 7,48 Gb Paging File | 5,54 Gb Available in Paging File | 74,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 595,83 Gb Total Space | 113,22 Gb Free Space | 19,00% Space Free | Partition Type: NTFS Computer Name: ******_ACER | User Name: ****** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0B69B967-C913-414E-B469-33049E99F988}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{14B17654-E4E2-4B41-B6E6-7E7C47C0776E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{14BD8869-80F8-4499-BD47-883BAD23B1A1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp3a\wnt500x64\rpcsandrasrv.exe | "{15BA6126-0D61-4182-B4D6-96560D04A911}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1E890845-6C0C-4BC7-A87F-2E6094B27DAD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1F545C4E-9839-4657-ADCE-0D43D5C3931E}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | "{307C4718-79EB-4E52-B133-9DE6C093F2E4}" = rport=10243 | protocol=6 | dir=out | app=system | "{38480A0D-F94B-4F86-91D9-A6352285D817}" = rport=139 | protocol=6 | dir=out | app=system | "{52832964-7C80-421E-9833-B98CEA06FBB4}" = lport=137 | protocol=17 | dir=in | app=system | "{57728488-CD29-44C9-AA0D-AB5EECE19A27}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5CBDF52A-34AF-4477-9D92-4B2A377B9235}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6B8181F7-E084-4EC6-A3D9-DADF297365CF}" = lport=445 | protocol=6 | dir=in | app=system | "{728238FC-6E9C-4670-B884-3AF6F15F8CD2}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp3a\rpcagentsrv.exe | "{83DECDA6-FC75-4CEE-A26A-3CF0C68B5FE2}" = rport=138 | protocol=17 | dir=out | app=system | "{8C70855B-BE23-471A-A29E-238C15B8047C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{93F7BFCF-C323-4661-9CFC-D442C50B2F19}" = rport=445 | protocol=6 | dir=out | app=system | "{96A39704-93BF-4A91-BE23-B150FFAF9E0C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | "{B1565166-5D71-4CA7-8453-C2120990D2DB}" = lport=139 | protocol=6 | dir=in | app=system | "{B3746986-0AD1-4690-9A7F-8F0F09ADB8A9}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | "{B9CAD40E-1340-48B6-B192-0F7E76445CDF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D9AD2A58-05B7-4F14-8139-63C7C6B934C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E2D27982-A5FF-4621-85EA-F043A7DE355D}" = rport=137 | protocol=17 | dir=out | app=system | "{EE4FACB7-9388-4637-9C29-3AC970B8CA1F}" = lport=2869 | protocol=6 | dir=in | app=system | "{F2A875D3-9247-46FE-9F2D-86FF68F55C71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F9506146-8E1A-4E2B-98BB-44C9A7812D75}" = lport=10243 | protocol=6 | dir=in | app=system | "{FD03D522-2B7F-4379-B24C-801A234CD2CB}" = lport=138 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0601D271-78F0-4448-87AD-AD6D4D581403}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{10965F33-0971-4392-993B-DEE87B239EF7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{13B7241B-B33D-4AB0-8330-6191FA195868}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{152E7F15-9E30-42DB-8511-F18E341CA888}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{157CF050-1110-4464-9289-0F0CBA357D31}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{24F558E9-181D-49CA-BD8E-28F8BE02C288}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{2E739CFA-567B-45A4-BC0D-ED05A412D6AE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{2EA361C3-3110-4461-A05F-023B472A4997}" = protocol=6 | dir=out | app=system | "{2FEB5C43-A599-485E-BD6A-3A566D72A48E}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{32EA2758-57A7-43B8-953E-CEECE5606297}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3A5985E1-266F-4755-8146-763D819F1DE7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{3AAE50F7-CE99-4A5C-8CE0-3DE2F0188DF5}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{3F071E39-42EF-4A6A-87FC-86D31332AB14}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{4373FE82-3A09-4438-84B5-4EA800468FDD}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{442EEC3D-9440-469F-ABCF-50941EEC48A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{460DB205-5E17-4F6F-93D7-5D51D4A100F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5346D377-BE1C-4B00-9711-1EC670FCF297}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{534FE60A-13ED-4007-AFF4-CDAE1A070511}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{5B9410FA-E736-4B63-BC77-B46119F6DECA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{5BC18219-8E39-4475-BBB3-33B4113737DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5CC54D11-7872-4A72-8E49-1BEAD23E02C4}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{5D7AD459-64BF-4098-863D-B0A169077949}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{636AC02E-83FE-4384-8A44-5547159CF136}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{64D3FC3C-9AD7-4855-9CB5-5AC31E26FF62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{67905AD2-1E22-4AE4-AA69-B4F1667527B1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{732B4717-8AC2-493E-B1AD-FE2BF2D6E9C0}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | "{74852A99-838E-4BE6-B1DB-E44982396206}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{762E30EA-7708-4F6C-8560-94896CF1C1DC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{82E18FDA-F1A1-4895-B1AC-A3F51CB75165}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{83648A94-0824-43AD-B71F-697489195076}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{841C183E-6439-41CD-84EA-BEF664880D67}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{94A06A99-AD78-4101-9D06-944D6F144A8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9723267B-7D6F-4835-AC9B-7883BB9F83E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{985DB806-8466-4B2B-9860-D016E62F541E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9C351D59-2255-4E25-B94E-E0C3262B55FA}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{9D899732-E8BC-4D17-BF81-7029767DF063}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{9F47414C-4B2B-4D9B-AE39-7B3D5158F57D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A0A6DA1F-2591-42C6-B9BA-A0F55DAFB289}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{A2AC84D0-D763-491D-B705-2FA5D70A0AA8}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{A4358C1A-55A8-48C7-BAFE-EA52CC902BDB}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | "{B3879CCA-6868-4F9F-8CA9-C974A8741F1C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B62C0529-D1F0-4402-9BD7-8646CB1166D6}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{BD7A9018-0BA4-4955-993B-2C0C275C63B5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{BEF3B58E-AB82-4B86-B0CC-B3958338D885}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{C0555A5E-21C4-4141-8AE7-B1CF201C8DC5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{CB702152-C96F-4E5F-BF0F-FE9A9425551E}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{CB72C95B-609A-4E80-BD80-AF14E9A741D8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{D7ADFB07-7F09-4C0D-B0A6-2FD30CE35691}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{D90CA66F-2999-4BD7-B883-41D5C244AA2E}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{DC1C21C6-F61D-430E-AFDA-BA8BC6EFA8FB}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{EA9FB5D5-E0C6-40AE-A1E7-EE665D524D7F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{ECA7F3B4-8B42-4506-9922-E7E28A69773B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{ECE396C7-24DC-4120-AB9E-98AB4EE7BC94}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{F19C3A81-38DD-4541-8640-CC51D1CA44E5}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{F66CF718-58E3-4D71-8CEA-CD7B89A76B23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FB01C266-5629-4637-AD2E-82A355DC2E6D}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{FB7B3401-F630-4F72-8075-E1FB443C1BD2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "TCP Query User{0AD70F9D-1955-4ECE-858D-08F39BDB4050}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{F1F25BF9-AEBA-4C5C-851B-295291B10214}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | "UDP Query User{1D1CD301-0DBB-4E58-8966-B24FC9C0FF21}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | "UDP Query User{43E20FB4-332B-4A6D-9324-27FD777CC2D8}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit) "{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.6.6957 (3975d54) (64-bit) "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support "{427174C0-096E-40D9-9684-9C109BEE2CBF}" = iTunes "{53A97E00-7252-4ED0-A1EB-9F9712FC0AC9}" = HP webOS SDK "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013 "{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013 "{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013 "{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013 "{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013 "{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013 "{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch "{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English "{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français "{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano "{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013 "{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013 "{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013 "{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013 "{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013 "{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013 "{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013 "{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013 "{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013 "{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013 "{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013 "{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013 "{BA9A297F-0198-4EE8-90CB-F5036C180E1D}" = Novacomd "{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2013.SP3a "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{E507B0D7-A623-4F66-BB61-B31D7609B7B9}" = Nitro Pro 8 "{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}" = ESET Smart Security "0630-0716-3135-7887" = JDownloader 2 "332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) "CCleaner" = CCleaner "Ext2Ifs_for_NT6" = Ext2 IFS 1.11a for Windows Vista/2008 "Office15.PROPLUSR" = Microsoft Office Professional Plus 2013 "Sandboxie" = Sandboxie 4.06 (64-bit) "Totalcmd64" = Total Commander 64-bit (Remove or Repair) "Unlocker" = Unlocker 1.9.2 "VLC media player" = VLC media player 2.0.6 "WinRAR archiver" = WinRAR 4.20 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{065F384A-5C64-4532-814A-A24BA5374503}" = WinDFT "{0D2FC29F-980A-4BAB-BC60-1463408F521E}" = USB Playback Console "{0F1861E5-113D-46F9-B559-81587DF15C6D}" = SatChannelListEditor "{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45 "{450CFD4D-7E60-3839-D0FA-56DB08675447}" = dLAN Cockpit "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8C6E319B-4F27-4A50-B43E-79525B8AB295}" = Web Tools "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch "{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool "{D4328CA9-E332-456F-B68D-3D3DE90E50B5}" = calibre "{D9C4202E-6D51-4B06-A8F1-22316E654BCA}" = Universal Adb Driver "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "AAF Recovery tool AT700_is1" = AAF_Recovery_tool installer V4.6 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AIDA64 Engineer_is1" = AIDA64 Engineer v4.00 "Artisteer 3" = Artisteer 3 "Belarc Advisor" = Belarc Advisor 8.4 "dlancockpit" = devolo dLAN Cockpit "DokanLibrary" = Dokan Library 0.6.0 "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei) "ESET Online Scanner" = ESET Online Scanner v3 "FlashFXP 4" = FlashFXP 4 "Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 4.25 "ICE ECC" = ICE ECC v2.7 "InfraRecorder" = InfraRecorder "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{8C6E319B-4F27-4A50-B43E-79525B8AB295}" = Web Tools "KindleDRMRemoval" = Kindle DRM Removal "LinuxLive USB Creator" = LinuxLive USB Creator "Mirillis Splash PRO" = Splash PRO "Mirillis Splash PRO EX" = Splash PRO EX "Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de) "NAVIGON Fresh" = NAVIGON Fresh 3.4.1 "Notepad++" = Notepad++ "Secure Eraser_is1" = Secure Eraser "Start8" = Start8 "TeamViewer 8" = TeamViewer 8 "UFB Code SetupV2.6" = UFB Code Setup "WinPcapInst" = WinPcap 4.1.2 "Wireshark" = Wireshark 1.8.3 (64-bit) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3754388793-1346805017-1485128776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 24.07.2013 11:00:18 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 26.07.2013 15:55:20 | Computer Name = ******_Acer | Source = Application Hang | ID = 1002 Description = Programm SplashPro.exe, Version 1.13.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10cc Startzeit: 01ce8a39a7da5b66 Endzeit: 1296 Anwendungspfad: C:\Program Files (x86)\Mirillis\Splash PRO\SplashPro.exe Berichts-ID: 260d03c8-f62d-11e2-bf56-b870f4dd05aa Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error - 26.07.2013 16:05:47 | Computer Name = ******_Acer | Source = Application Hang | ID = 1002 Description = Programm SplashPro.exe, Version 1.13.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1300 Startzeit: 01ce8a3af6b21b61 Endzeit: 109 Anwendungspfad: C:\Program Files (x86)\Mirillis\Splash PRO\SplashPro.exe Berichts-ID: a6a3606f-f62e-11e2-bf56-b870f4dd05aa Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error - 27.07.2013 13:31:55 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 29.07.2013 23:03:25 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 31.07.2013 13:52:15 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 31.07.2013 13:55:51 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 31.07.2013 14:06:11 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 31.07.2013 14:08:23 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 02.08.2013 03:23:27 | Computer Name = ******_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. [ System Events ] Error - 21.07.2013 05:25:03 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469) 64-Bit-Edition Error - 21.07.2013 05:25:20 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865) 64-Bit-Edition Error - 21.07.2013 08:24:47 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft Office 2013 (KB2726996) 64-Bit-Edition Error - 21.07.2013 08:24:47 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469) 64-Bit-Edition Error - 21.07.2013 08:24:47 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865) 64-Bit-Edition Error - 22.07.2013 10:29:50 | Computer Name = ******_Acer | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?21.?07.?2013 um 20:55:10 unerwartet heruntergefahren. Error - 22.07.2013 10:31:00 | Computer Name = ******_Acer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde mit folgendem Fehler beendet: %%1008 Error - 22.07.2013 10:41:16 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft Office 2013 (KB2726996) 64-Bit-Edition Error - 22.07.2013 10:41:16 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469) 64-Bit-Edition Error - 22.07.2013 10:41:16 | Computer Name = ******_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865) 64-Bit-Edition < End of report > OTL EXTRAS OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.12.2013 07:11:45 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Desktop\Security 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16750) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,73 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 55,92% Memory free 7,48 Gb Paging File | 5,54 Gb Available in Paging File | 74,12% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 595,83 Gb Total Space | 113,22 Gb Free Space | 19,00% Space Free | Partition Type: NTFS Computer Name: *****_ACER | User Name: ***** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation) Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0B69B967-C913-414E-B469-33049E99F988}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{14B17654-E4E2-4B41-B6E6-7E7C47C0776E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{14BD8869-80F8-4499-BD47-883BAD23B1A1}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp3a\wnt500x64\rpcsandrasrv.exe | "{15BA6126-0D61-4182-B4D6-96560D04A911}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{1E890845-6C0C-4BC7-A87F-2E6094B27DAD}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{1F545C4E-9839-4657-ADCE-0D43D5C3931E}" = lport=19376 | protocol=6 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | "{307C4718-79EB-4E52-B133-9DE6C093F2E4}" = rport=10243 | protocol=6 | dir=out | app=system | "{38480A0D-F94B-4F86-91D9-A6352285D817}" = rport=139 | protocol=6 | dir=out | app=system | "{52832964-7C80-421E-9833-B98CEA06FBB4}" = lport=137 | protocol=17 | dir=in | app=system | "{57728488-CD29-44C9-AA0D-AB5EECE19A27}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5CBDF52A-34AF-4477-9D92-4B2A377B9235}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6B8181F7-E084-4EC6-A3D9-DADF297365CF}" = lport=445 | protocol=6 | dir=in | app=system | "{728238FC-6E9C-4670-B884-3AF6F15F8CD2}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2013.sp3a\rpcagentsrv.exe | "{83DECDA6-FC75-4CEE-A26A-3CF0C68B5FE2}" = rport=138 | protocol=17 | dir=out | app=system | "{8C70855B-BE23-471A-A29E-238C15B8047C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{93F7BFCF-C323-4661-9CFC-D442C50B2F19}" = rport=445 | protocol=6 | dir=out | app=system | "{96A39704-93BF-4A91-BE23-B150FFAF9E0C}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe | "{B1565166-5D71-4CA7-8453-C2120990D2DB}" = lport=139 | protocol=6 | dir=in | app=system | "{B3746986-0AD1-4690-9A7F-8F0F09ADB8A9}" = lport=19375 | protocol=17 | dir=in | app=c:\program files (x86)\devolo\dlan\devolonetsvc.exe | "{B9CAD40E-1340-48B6-B192-0F7E76445CDF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{D9AD2A58-05B7-4F14-8139-63C7C6B934C7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{E2D27982-A5FF-4621-85EA-F043A7DE355D}" = rport=137 | protocol=17 | dir=out | app=system | "{EE4FACB7-9388-4637-9C29-3AC970B8CA1F}" = lport=2869 | protocol=6 | dir=in | app=system | "{F2A875D3-9247-46FE-9F2D-86FF68F55C71}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{F9506146-8E1A-4E2B-98BB-44C9A7812D75}" = lport=10243 | protocol=6 | dir=in | app=system | "{FD03D522-2B7F-4379-B24C-801A234CD2CB}" = lport=138 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0601D271-78F0-4448-87AD-AD6D4D581403}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{10965F33-0971-4392-993B-DEE87B239EF7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{13B7241B-B33D-4AB0-8330-6191FA195868}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{152E7F15-9E30-42DB-8511-F18E341CA888}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{157CF050-1110-4464-9289-0F0CBA357D31}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | "{24F558E9-181D-49CA-BD8E-28F8BE02C288}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{2E739CFA-567B-45A4-BC0D-ED05A412D6AE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | "{2EA361C3-3110-4461-A05F-023B472A4997}" = protocol=6 | dir=out | app=system | "{2FEB5C43-A599-485E-BD6A-3A566D72A48E}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | "{32EA2758-57A7-43B8-953E-CEECE5606297}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{3A5985E1-266F-4755-8146-763D819F1DE7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{3AAE50F7-CE99-4A5C-8CE0-3DE2F0188DF5}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{3F071E39-42EF-4A6A-87FC-86D31332AB14}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{4373FE82-3A09-4438-84B5-4EA800468FDD}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{442EEC3D-9440-469F-ABCF-50941EEC48A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{460DB205-5E17-4F6F-93D7-5D51D4A100F5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{5346D377-BE1C-4B00-9711-1EC670FCF297}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{534FE60A-13ED-4007-AFF4-CDAE1A070511}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{5B9410FA-E736-4B63-BC77-B46119F6DECA}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{5BC18219-8E39-4475-BBB3-33B4113737DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{5CC54D11-7872-4A72-8E49-1BEAD23E02C4}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | "{5D7AD459-64BF-4098-863D-B0A169077949}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | "{636AC02E-83FE-4384-8A44-5547159CF136}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{64D3FC3C-9AD7-4855-9CB5-5AC31E26FF62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{67905AD2-1E22-4AE4-AA69-B4F1667527B1}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{732B4717-8AC2-493E-B1AD-FE2BF2D6E9C0}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | "{74852A99-838E-4BE6-B1DB-E44982396206}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | "{762E30EA-7708-4F6C-8560-94896CF1C1DC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{82E18FDA-F1A1-4895-B1AC-A3F51CB75165}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | "{83648A94-0824-43AD-B71F-697489195076}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{841C183E-6439-41CD-84EA-BEF664880D67}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{94A06A99-AD78-4101-9D06-944D6F144A8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9723267B-7D6F-4835-AC9B-7883BB9F83E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{985DB806-8466-4B2B-9860-D016E62F541E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{9C351D59-2255-4E25-B94E-E0C3262B55FA}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{9D899732-E8BC-4D17-BF81-7029767DF063}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | "{9F47414C-4B2B-4D9B-AE39-7B3D5158F57D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A0A6DA1F-2591-42C6-B9BA-A0F55DAFB289}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | "{A2AC84D0-D763-491D-B705-2FA5D70A0AA8}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | "{A4358C1A-55A8-48C7-BAFE-EA52CC902BDB}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | "{B3879CCA-6868-4F9F-8CA9-C974A8741F1C}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B62C0529-D1F0-4402-9BD7-8646CB1166D6}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | "{BD7A9018-0BA4-4955-993B-2C0C275C63B5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{BEF3B58E-AB82-4B86-B0CC-B3958338D885}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | "{C0555A5E-21C4-4141-8AE7-B1CF201C8DC5}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{CB702152-C96F-4E5F-BF0F-FE9A9425551E}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | "{CB72C95B-609A-4E80-BD80-AF14E9A741D8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{D7ADFB07-7F09-4C0D-B0A6-2FD30CE35691}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe | "{D90CA66F-2999-4BD7-B883-41D5C244AA2E}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | "{DC1C21C6-F61D-430E-AFDA-BA8BC6EFA8FB}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | "{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | "{EA9FB5D5-E0C6-40AE-A1E7-EE665D524D7F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{ECA7F3B4-8B42-4506-9922-E7E28A69773B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe | "{ECE396C7-24DC-4120-AB9E-98AB4EE7BC94}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | "{F19C3A81-38DD-4541-8640-CC51D1CA44E5}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | "{F66CF718-58E3-4D71-8CEA-CD7B89A76B23}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{FB01C266-5629-4637-AD2E-82A355DC2E6D}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | "{FB7B3401-F630-4F72-8075-E1FB443C1BD2}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "TCP Query User{0AD70F9D-1955-4ECE-858D-08F39BDB4050}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | "TCP Query User{F1F25BF9-AEBA-4C5C-851B-295291B10214}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=6 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | "UDP Query User{1D1CD301-0DBB-4E58-8966-B24FC9C0FF21}C:\program files\jdownloader 2\jdownloader 2.exe" = protocol=17 | dir=in | app=c:\program files\jdownloader 2\jdownloader 2.exe | "UDP Query User{43E20FB4-332B-4A6D-9324-27FD777CC2D8}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit) "{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.6.6957 (3975d54) (64-bit) "{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support "{427174C0-096E-40D9-9684-9C109BEE2CBF}" = iTunes "{53A97E00-7252-4ED0-A1EB-9F9712FC0AC9}" = HP webOS SDK "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90150000-0015-0407-1000-0000000FF1CE}" = Microsoft Access MUI (German) 2013 "{90150000-0016-0407-1000-0000000FF1CE}" = Microsoft Excel MUI (German) 2013 "{90150000-0018-0407-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (German) 2013 "{90150000-0019-0407-1000-0000000FF1CE}" = Microsoft Publisher MUI (German) 2013 "{90150000-001A-0407-1000-0000000FF1CE}" = Microsoft Outlook MUI (German) 2013 "{90150000-001B-0407-1000-0000000FF1CE}" = Microsoft Word MUI (German) 2013 "{90150000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Korrekturhilfen 2013 - Deutsch "{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English "{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vérification linguistique 2013 de Microsoft Office*- Français "{90150000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Italiano "{90150000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2013 "{90150000-0044-0407-1000-0000000FF1CE}" = Microsoft InfoPath MUI (German) 2013 "{90150000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2013 "{90150000-0090-0407-1000-0000000FF1CE}" = Microsoft DCF MUI (German) 2013 "{90150000-00A1-0407-1000-0000000FF1CE}" = Microsoft OneNote MUI (German) 2013 "{90150000-00BA-0407-1000-0000000FF1CE}" = Microsoft Groove MUI (German) 2013 "{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013 "{90150000-00C1-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2013 "{90150000-00E1-0407-1000-0000000FF1CE}" = Microsoft Office OSM MUI (German) 2013 "{90150000-00E2-0407-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (German) 2013 "{90150000-012B-0407-1000-0000000FF1CE}" = Microsoft Lync MUI (German) 2013 "{91150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013 "{BA9A297F-0198-4EE8-90CB-F5036C180E1D}" = Novacomd "{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2013.SP3a "{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba "{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones "{E507B0D7-A623-4F66-BB61-B31D7609B7B9}" = Nitro Pro 8 "{F5A3E880-A737-48F2-A124-6F5D4CEA6AB4}" = ESET Smart Security "0630-0716-3135-7887" = JDownloader 2 "332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices (10/09/2009 1.0.1) "CCleaner" = CCleaner "Ext2Ifs_for_NT6" = Ext2 IFS 1.11a for Windows Vista/2008 "Office15.PROPLUSR" = Microsoft Office Professional Plus 2013 "Sandboxie" = Sandboxie 4.06 (64-bit) "Totalcmd64" = Total Commander 64-bit (Remove or Repair) "Unlocker" = Unlocker 1.9.2 "VLC media player" = VLC media player 2.0.6 "WinRAR archiver" = WinRAR 4.20 (64-Bit) [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{065F384A-5C64-4532-814A-A24BA5374503}" = WinDFT "{0D2FC29F-980A-4BAB-BC60-1463408F521E}" = USB Playback Console "{0F1861E5-113D-46F9-B559-81587DF15C6D}" = SatChannelListEditor "{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR "{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45 "{450CFD4D-7E60-3839-D0FA-56DB08675447}" = dLAN Cockpit "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 "{8C6E319B-4F27-4A50-B43E-79525B8AB295}" = Web Tools "{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195 "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch "{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool "{D4328CA9-E332-456F-B68D-3D3DE90E50B5}" = calibre "{D9C4202E-6D51-4B06-A8F1-22316E654BCA}" = Universal Adb Driver "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "AAF Recovery tool AT700_is1" = AAF_Recovery_tool installer V4.6 "Adobe AIR" = Adobe AIR "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "AIDA64 Engineer_is1" = AIDA64 Engineer v4.00 "Artisteer 3" = Artisteer 3 "Belarc Advisor" = Belarc Advisor 8.4 "dlancockpit" = devolo dLAN Cockpit "DokanLibrary" = Dokan Library 0.6.0 "DVD Decrypter" = DVD Decrypter (Remove Only) "DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei) "ESET Online Scanner" = ESET Online Scanner v3 "FlashFXP 4" = FlashFXP 4 "Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 4.25 "ICE ECC" = ICE ECC v2.7 "InfraRecorder" = InfraRecorder "InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies "InstallShield_{8C6E319B-4F27-4A50-B43E-79525B8AB295}" = Web Tools "KindleDRMRemoval" = Kindle DRM Removal "LinuxLive USB Creator" = LinuxLive USB Creator "Mirillis Splash PRO" = Splash PRO "Mirillis Splash PRO EX" = Splash PRO EX "Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de) "NAVIGON Fresh" = NAVIGON Fresh 3.4.1 "Notepad++" = Notepad++ "Secure Eraser_is1" = Secure Eraser "Start8" = Start8 "TeamViewer 8" = TeamViewer 8 "UFB Code SetupV2.6" = UFB Code Setup "WinPcapInst" = WinPcap 4.1.2 "Wireshark" = Wireshark 1.8.3 (64-bit) ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-3754388793-1346805017-1485128776-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 24.07.2013 11:00:18 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 26.07.2013 15:55:20 | Computer Name = *****_Acer | Source = Application Hang | ID = 1002 Description = Programm SplashPro.exe, Version 1.13.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10cc Startzeit: 01ce8a39a7da5b66 Endzeit: 1296 Anwendungspfad: C:\Program Files (x86)\Mirillis\Splash PRO\SplashPro.exe Berichts-ID: 260d03c8-f62d-11e2-bf56-b870f4dd05aa Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error - 26.07.2013 16:05:47 | Computer Name = *****_Acer | Source = Application Hang | ID = 1002 Description = Programm SplashPro.exe, Version 1.13.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1300 Startzeit: 01ce8a3af6b21b61 Endzeit: 109 Anwendungspfad: C:\Program Files (x86)\Mirillis\Splash PRO\SplashPro.exe Berichts-ID: a6a3606f-f62e-11e2-bf56-b870f4dd05aa Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error - 27.07.2013 13:31:55 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 29.07.2013 23:03:25 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 31.07.2013 13:52:15 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 31.07.2013 13:55:51 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 31.07.2013 14:06:11 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 31.07.2013 14:08:23 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. Error - 02.08.2013 03:23:27 | Computer Name = *****_Acer | Source = SideBySide | ID = 16842830 Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest. Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest. [ System Events ] Error - 21.07.2013 05:25:03 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469) 64-Bit-Edition Error - 21.07.2013 05:25:20 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865) 64-Bit-Edition Error - 21.07.2013 08:24:47 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft Office 2013 (KB2726996) 64-Bit-Edition Error - 21.07.2013 08:24:47 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469) 64-Bit-Edition Error - 21.07.2013 08:24:47 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865) 64-Bit-Edition Error - 22.07.2013 10:29:50 | Computer Name = *****_Acer | Source = EventLog | ID = 6008 Description = Das System wurde zuvor am ?21.?07.?2013 um 20:55:10 unerwartet heruntergefahren. Error - 22.07.2013 10:31:00 | Computer Name = *****_Acer | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde mit folgendem Fehler beendet: %%1008 Error - 22.07.2013 10:41:16 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft Office 2013 (KB2726996) 64-Bit-Edition Error - 22.07.2013 10:41:16 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2817469) 64-Bit-Edition Error - 22.07.2013 10:41:16 | Computer Name = *****_Acer | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20 Description = Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070663 fehlgeschlagen: Update für Microsoft SkyDrive Pro (KB2767865) 64-Bit-Edition < End of report > MBAR Rootkit LOG Zitat:
|
26.12.2013, 13:28 | #2 |
| LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner FRST64 LOG und Addition
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013 Ran by ***** (administrator) on *****_ACER on 26-12-2013 04:21:25 Running from C:\Users\*****\Desktop\Security Windows 8 Pro (X64) OS Language: German Standard Internet Explorer Version 10 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe () C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe (ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE (Palm) C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe () C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\System32\vmms.exe (ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieCrypto.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\Windows\System32\mmc.exe () C:\Program Files (x86)\devolo\dlan\frontend\plcnetui.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\*****\AppData\Local\Google\Chrome\Application\chrome.exe (Ghisler Software GmbH) C:\Program Files\Tools\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH) C:\Program Files\Tools\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH) C:\Program Files\Tools\totalcmd\TOTALCMD64.EXE ==================== Registry (Whitelisted) ================== HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5618456 2013-09-12] (ESET) HKLM-x32\...\Run: [ITSecMng] - C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe [83336 2009-07-22] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware ] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation) HKCU\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2013-03-20] (Samsung Electronics) HKCU\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1511792 2013-03-28] (Samsung) HKCU\...\Run: [SandboxieControl] - C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2013-10-16] (Sandboxie Holdings, LLC) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xEB8C570C5E85CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {DEE2929B-E914-4764-A697-BACD6E77FCCC} hxxp://192.168.178.27/classes/AverMediaCamV_H264.cab DPF: HKLM-x32 {F140A533-BF17-4F3A-BD4E-046CDE5295AB} hxxp://192.168.178.128:5550/PCViewX.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - No File Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.235.1 Chrome: ======= CHR HomePage: CHR Plugin: (Shockwave Flash) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll No File CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\*****\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\*****\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll () CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll No File CHR Plugin: (Java(TM) Platform SE 7 U13) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) CHR Plugin: (Nitro PDF plugin for Firefox and Chrome) - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF) CHR Plugin: (Google Update) - C:\Users\*****\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll () CHR Plugin: (Java Deployment Toolkit 7.0.130.20) - C:\Windows\SysWOW64\npDeployJava1.dll No File CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File CHR Extension: (Xmarks Bookmark Sync) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.26_0 CHR Extension: (AdBlock) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0 CHR Extension: (Ghostery) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\5.0.0_0 CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 CHR Extension: (NotScripts) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0 CHR Extension: (Bitdefender QuickScan) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.131_0 CHR Extension: (Yann Arthus-Bertrand) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaekpceeonanmjojailaojkconcgofc\3_0 ==================== Services (Whitelisted) ================= R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3526136 2013-08-27] (devolo AG) R2 DokanMounter; C:\Program Files (x86)\Dokan\DokanLibrary\mounter.exe [22736 2013-06-27] () R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1337752 2013-09-12] (ESET) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software) R2 NovacomD; C:\Program Files\Palm, Inc\novacomd\amd64\novacomd.exe [72192 2011-06-24] (Palm) R2 Palm_TCP_Relay; C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe [11776 2011-12-21] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.) S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP3a\RpcAgentSrv.exe [71832 2009-04-22] (SiSoftware) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [186056 2013-10-16] (Sandboxie Holdings, LLC) R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [143624 2013-01-09] (Stardock Software, Inc) R2 vmms; C:\Windows\system32\vmms.exe [11201536 2013-06-01] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation) S3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (CSR, plc) S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2011-11-04] (www.winchiphead.com) R2 Dokan; C:\Windows\system32\drivers\dokan.sys [120408 2013-06-20] (Windows (R) Win 7 DDK provider) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [220232 2013-09-17] (ESET) R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44120 2013-09-17] (ESET) R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [62136 2013-09-17] (ESET) R1 Ext2fs; C:\Windows\System32\DRIVERS\ext2fs.sys [270272 2008-09-25] (Stephan Schreiber) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () S3 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [147232 2013-04-22] (BitDefender LLC) R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [67816 2012-10-11] (Microsoft Corporation) R1 IfsMount; C:\Windows\system32\DRIVERS\ifsmount.sys [80320 2008-08-28] (Stephan Schreiber) S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [18944 2012-07-26] (Microsoft Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.) R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-08-21] (CACE Technologies) S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [20992 2012-07-26] (Microsoft Corporation) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [200552 2013-10-16] (Sandboxie Holdings, LLC) S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [16384 2012-07-26] (Microsoft Corporation) R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [569344 2013-02-02] (Microsoft Corporation) S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [569344 2013-02-02] (Microsoft Corporation) S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [569344 2013-02-02] (Microsoft Corporation) U5 bdelam; C:\Windows\System32\Drivers\bdelam.sys [23456 2012-07-11] (Bitdefender) S3 catchme; \??\C:\ComboFix\catchme.sys [x] S3 dgderdrv; System32\drivers\dgderdrv.sys [x] U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET) U2 TMAgent; S2 VBoxDRV; \??\F:\VirtualBox\Portable-VirtualBox\app64\drivers\VBoxDrv\VBoxDrv.sys [x] S2 VBoxUSBMon; \??\F:\VirtualBox\Portable-VirtualBox\app64\drivers\USB\filter\VBoxUSBMon.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-12-26 04:21 - 2013-12-26 04:21 - 00000000 ____D C:\FRST 2013-12-26 03:18 - 2013-12-26 03:18 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-12-26 03:18 - 2013-12-26 03:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-26 03:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-12-26 02:47 - 2013-12-26 02:52 - 1468432384 _____ C:\Users\*****\Downloads\Ragazze.Costrette.avi 2013-12-25 14:57 - 2013-12-25 14:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe 2013-12-25 06:05 - 2013-12-25 06:05 - 00002515 _____ C:\Users\*****\Desktop\gmer_05.log 2013-12-25 05:52 - 2013-12-25 05:52 - 00003001 _____ C:\Users\*****\Desktop\gmer_04.log 2013-12-25 05:41 - 2013-12-25 05:41 - 00000458 _____ C:\Users\*****\Desktop\gmer_03.log 2013-12-25 05:32 - 2013-12-26 04:21 - 00000000 ____D C:\Users\*****\Desktop\Security 2013-12-25 05:11 - 2013-12-25 05:17 - 00000000 ____D C:\AdwCleaner 2013-12-25 04:49 - 2013-12-25 04:49 - 00011984 _____ C:\Users\*****\Desktop\gmer_02.log 2013-12-24 16:46 - 2013-12-24 16:46 - 00000793 _____ C:\Users\*****\Desktop\gmer_01.log 2013-12-24 13:59 - 2013-12-24 04:31 - 00377856 _____ C:\Users\*****\Desktop\gmer_2.1.19163.exe 2013-12-24 13:58 - 2013-12-24 13:58 - 00000000 ____D C:\Users\*****\Desktop\gmer 2013-12-24 11:04 - 2013-12-24 13:57 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-12-24 11:03 - 2013-12-24 11:03 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-12-24 04:22 - 2013-12-24 04:22 - 00000000 ____D C:\Users\*****\Desktop\mbar 2013-12-24 03:30 - 2013-12-24 03:30 - 00003161 _____ C:\Users\*****\Desktop\JRT.txt 2013-12-24 03:18 - 2013-12-24 03:18 - 00000000 ____D C:\Windows\ERUNT 2013-12-24 02:48 - 2013-12-24 02:48 - 03950128 _____ (Microsoft Corporation) C:\Users\*****\Downloads\stsupldloc2013-kb2726996-fullfile-x64-glb (3).exe 2013-12-24 02:39 - 2013-12-24 02:39 - 03950128 _____ (Microsoft Corporation) C:\Users\*****\Downloads\stsupldloc2013-kb2726996-fullfile-x64-glb (2).exe 2013-12-24 01:38 - 2013-12-25 17:39 - 27901952 _____ C:\Windows\system32\vmguest.iso 2013-12-23 01:37 - 2013-12-23 01:37 - 05428186 _____ C:\Users\*****\Downloads\update-134.tar.gz 2013-12-23 01:35 - 2013-12-23 01:35 - 05428186 _____ C:\Users\*****\Downloads\update-134.gz 2013-12-22 19:34 - 2013-12-22 19:34 - 00000000 ____D C:\Users\*****\Downloads\TM.2.YT.DL.v2.1.0.537 2013-12-22 19:33 - 2013-12-22 19:34 - 02237534 _____ C:\Users\*****\Downloads\TM.2.YT.DL.v2.1.0.537.rar 2013-12-22 15:39 - 2013-12-22 15:39 - 00000000 ____D C:\Users\*****\Downloads\HDD_Low_Level_Format_Tool_4.25_Software 2013-12-22 15:36 - 2013-12-22 15:36 - 01277576 _____ C:\Users\*****\Downloads\HDD_Low_Level_Format_Tool_4.25_Software.rar 2013-12-22 13:53 - 2013-12-22 13:54 - 04278747 _____ C:\Users\*****\Downloads\usb110511.zip 2013-12-22 13:38 - 2013-12-22 13:39 - 147571049 _____ C:\Users\*****\Downloads\Biffy Clyro - Opposites Live from Glasgow (2013).zip 2013-12-22 13:38 - 2013-12-22 13:38 - 00000000 ____D C:\Users\*****\Downloads\pcunlocker_trial 2013-12-22 13:34 - 2013-12-22 13:34 - 31489469 _____ C:\Users\*****\Downloads\pcunlocker_trial.zip 2013-12-22 13:31 - 2013-12-22 13:32 - 71381976 _____ (Magic Rescue CD ) C:\Users\*****\Downloads\rescueCD_setup_free_version.exe 2013-12-22 03:05 - 2013-12-22 03:10 - 1252147200 _____ C:\Users\*****\Downloads\linuxmint-16-cinnamon-dvd-64bit.iso 2013-12-22 02:31 - 2013-12-22 02:34 - 734947328 _____ C:\Users\*****\Downloads\ADRIANE-KNOPPIX_V7.2.0gCD-2013-07-28-DE.iso 2013-12-22 02:23 - 2013-12-22 02:23 - 00033590 _____ C:\Users\*****\Downloads\packagelist_kubuntu_64.txt 2013-12-22 01:08 - 2013-12-22 01:09 - 01094939 _____ (pendrivelinux.com) C:\Users\*****\Downloads\Universal-USB-Installer-1.9.5.1.exe 2013-12-21 23:54 - 2013-12-21 23:54 - 05192704 _____ (Geza Kovacs) C:\Users\*****\Downloads\unetbootin-windows-585 (3).exe 2013-12-21 23:54 - 2013-12-21 23:54 - 05192704 _____ (Geza Kovacs) C:\Users\*****\Downloads\unetbootin-windows-585 (2).exe 2013-12-21 22:54 - 2013-12-21 22:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator 2013-12-21 22:53 - 2013-12-21 22:54 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator 2013-12-21 22:51 - 2013-12-21 22:55 - 938475520 _____ C:\Users\*****\Downloads\ubuntu-13.10-desktop-i386.iso 2013-12-21 22:49 - 2013-12-21 22:50 - 04766976 _____ (LinuxLive USB Creator) C:\Users\*****\Downloads\LinuxLive USB Creator 2.8.26.exe 2013-12-21 22:28 - 2013-12-21 22:28 - 01046523 _____ (Ext2Fsd Group ) C:\Users\*****\Downloads\Ext2Fsd-0.51.exe 2013-12-21 21:49 - 2013-12-24 03:48 - 00000000 ____D C:\Users\*****\Downloads\UpdatePack_V134 2013-12-21 21:47 - 2013-12-21 21:48 - 24964514 _____ C:\Users\*****\Downloads\UpdatePack_V134.zip 2013-12-21 21:26 - 2013-12-21 21:27 - 66471052 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part15.rar 2013-12-21 21:26 - 2013-12-21 21:27 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part14.rar 2013-12-21 21:26 - 2013-12-21 21:27 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part13.rar 2013-12-21 21:25 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part12.rar 2013-12-21 21:24 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part11.rar 2013-12-21 21:24 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part10.rar 2013-12-21 21:23 - 2013-12-21 21:25 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part09.rar 2013-12-21 21:23 - 2013-12-21 21:24 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part08.rar 2013-12-21 21:23 - 2013-12-21 21:24 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part07.rar 2013-12-21 21:22 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part06.rar 2013-12-21 21:22 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part05.rar 2013-12-21 21:22 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part04.rar 2013-12-21 21:21 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part03.rar 2013-12-21 21:21 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part02.rar 2013-12-21 21:21 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part01.rar 2013-12-21 21:06 - 2013-12-21 21:06 - 516747800 _____ C:\Windows\MEMORY.DMP 2013-12-21 21:06 - 2013-12-21 21:06 - 00296536 _____ C:\Windows\Minidump\122113-31621-01.dmp 2013-12-21 20:58 - 2013-12-21 20:58 - 00001985 _____ C:\Users\*****\Desktop\UFB Code Setup.lnk 2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\WCH.CN 2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UFB Code Setup 2013-12-21 20:58 - 2011-11-05 00:00 - 00039696 _____ (www.winchiphead.com) C:\Windows\system32\Drivers\CH341SER.SYS 2013-12-21 20:58 - 2008-12-18 00:00 - 00020089 _____ C:\Windows\system32\CH341SER.VXD 2013-12-21 20:58 - 2007-06-12 00:00 - 00019680 _____ (www.winchiphead.com) C:\Windows\system32\Drivers\CH341S98.SYS 2013-12-21 20:58 - 2005-07-30 00:00 - 00006712 _____ (www.winchiphead.com) C:\Windows\system32\CH341PT.DLL 2013-12-21 20:57 - 2013-12-21 21:04 - 00000000 ____D C:\Program Files (x86)\UFB Code Setup 2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Windows\UFB Code Setup 2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Users\*****\Downloads\UFB234_CD-Inhalt 2013-12-21 20:55 - 2013-12-21 20:55 - 17560304 _____ C:\Users\*****\Downloads\UFB234_CD-Inhalt.zip 2013-12-21 19:39 - 2013-12-21 19:39 - 67745277 _____ C:\Users\*****\Downloads\poecanmahtki.part16.rar 2013-12-21 19:39 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part15.rar 2013-12-21 19:38 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part14.rar 2013-12-21 19:38 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part13.rar 2013-12-21 19:37 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part11.rar 2013-12-21 19:37 - 2013-12-21 19:38 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part12.rar 2013-12-21 19:36 - 2013-12-21 19:38 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part09.rar 2013-12-21 19:36 - 2013-12-21 19:37 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part10.rar 2013-12-21 19:35 - 2013-12-21 19:37 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part08.rar 2013-12-21 19:35 - 2013-12-21 19:36 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part07.rar 2013-12-21 19:35 - 2013-12-21 19:36 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part06.rar 2013-12-21 19:34 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part05.rar 2013-12-21 19:33 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part04.rar 2013-12-21 19:32 - 2013-12-21 19:34 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part02.rar 2013-12-21 19:32 - 2013-12-21 19:34 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part01.rar 2013-12-21 19:32 - 2013-12-21 19:33 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part03.rar 2013-12-20 19:49 - 2013-12-20 19:49 - 00000000 ____D C:\ProgramData\ESET 2013-12-20 19:49 - 2013-12-20 19:49 - 00000000 ____D C:\Program Files\ESET 2013-12-20 19:34 - 2013-12-20 19:35 - 154561875 _____ C:\Users\*****\Downloads\eset_nod32_smart security.rar 2013-12-20 19:28 - 2013-12-20 19:28 - 00423360 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-20 19:19 - 2013-10-31 06:56 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll 2013-12-20 19:19 - 2013-10-31 06:56 - 00758784 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll 2013-12-20 19:19 - 2013-10-31 05:01 - 00550400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll 2013-12-20 19:19 - 2013-10-31 04:42 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys 2013-12-20 19:19 - 2013-10-28 06:50 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll 2013-12-20 19:19 - 2013-10-28 05:05 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll 2013-12-20 19:19 - 2013-10-13 21:49 - 00100696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2013-12-20 19:19 - 2013-08-27 06:21 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2013-12-20 19:19 - 2013-08-27 06:19 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2013-12-20 19:19 - 2013-08-26 23:29 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2013-12-20 19:19 - 2013-08-26 23:28 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2013-12-20 18:48 - 2013-12-20 18:49 - 02888335 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).flv 2013-12-20 18:48 - 2013-12-20 18:48 - 10759552 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).mp4 2013-12-20 18:48 - 2013-12-20 18:48 - 00690824 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).3gp 2013-12-20 01:22 - 2013-12-20 01:22 - 00381540 _____ C:\Users\*****\Downloads\enigma2-skin-elgato-hd_1.0.1_all.ipk 2013-12-19 01:55 - 2013-12-19 01:55 - 04513064 _____ C:\Users\*****\Downloads\npp.6.5.2.bin.7z 2013-12-19 01:53 - 2013-12-19 01:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Notepad++ 2013-12-19 01:53 - 2013-12-19 01:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2013-12-19 01:53 - 2013-12-19 01:53 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2013-12-19 01:52 - 2013-12-19 01:52 - 07549839 _____ C:\Users\*****\Downloads\npp.6.5.2.Installer.exe 2013-12-19 01:48 - 2013-12-19 01:48 - 01432078 _____ C:\Users\*****\Downloads\redate.zip 2013-12-19 00:28 - 2013-12-19 00:28 - 00000001 _____ C:\Users\*****\AppData\Local\llftool.4.40.agreement 2013-12-18 22:01 - 2013-12-18 22:01 - 02046464 _____ C:\Users\*****\Downloads\HDDLLF.4.40.exe 2013-12-18 21:39 - 2013-12-18 21:39 - 00000000 ____D C:\Users\*****\Downloads\usbit (1) 2013-12-18 21:38 - 2013-12-18 21:38 - 00221471 _____ C:\Users\*****\Downloads\usbit (1).zip 2013-12-18 21:35 - 2013-12-18 21:35 - 00236402 _____ C:\Users\*****\Downloads\Anleitung_3_Duck-Trick_Image_USB_Stick_unter_Windows_erstellen_flor62.zip 2013-12-18 20:09 - 2013-12-18 20:09 - 00928690 _____ C:\Users\*****\Downloads\DreamUP133_11.zip 2013-12-18 20:08 - 2013-12-18 20:08 - 03847349 _____ C:\Users\*****\Downloads\CP210x_VCP_Windows.zip 2013-12-18 20:07 - 2013-12-18 20:07 - 54083533 _____ C:\Users\*****\Downloads\newnigma2-stable-dm800-v4.0.6.zip 2013-12-18 19:30 - 2013-12-21 22:06 - 00000000 ____D C:\Users\*****\Downloads\BIP2 2013-12-17 19:51 - 2013-12-17 19:51 - 04603098 _____ C:\Users\*****\Downloads\e2.ipk 2013-12-17 19:51 - 2013-12-17 19:51 - 00303096 _____ C:\Users\*****\Downloads\python-mechanize_0.2.5-r0_mips32el.ipk 2013-12-17 19:46 - 2013-12-17 19:47 - 00000000 ____D C:\Burgard 2013-12-17 19:43 - 2013-12-17 19:44 - 24509740 _____ (Macrovision Corporation) C:\Users\*****\Downloads\drivers-amp-utility.exe 2013-12-17 01:52 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-17 01:52 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-17 01:52 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-17 01:52 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-17 01:52 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-17 01:52 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-17 01:52 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-17 01:52 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-17 01:52 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-17 01:52 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-17 01:51 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-17 01:51 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-17 01:51 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-17 01:51 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-17 01:50 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2013-12-17 01:50 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2013-12-17 01:50 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-12-17 01:50 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2013-12-17 01:50 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2013-12-17 01:50 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll 2013-12-17 01:50 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-17 01:50 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-17 01:50 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-17 01:50 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll 2013-12-17 01:50 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll 2013-12-17 01:50 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe 2013-12-17 01:50 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll 2013-12-17 01:50 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll 2013-12-17 01:50 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx 2013-12-17 01:50 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe 2013-12-17 01:50 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll 2013-12-17 01:50 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll 2013-12-17 01:50 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys 2013-12-11 21:57 - 2013-12-11 21:57 - 00018077 _____ C:\Users\*****\Downloads\Black.Mirror.S02E03.DVDRip.XviD-iNGOT.de-SubCentral.rar 2013-12-11 21:56 - 2013-12-11 21:56 - 00012208 _____ C:\Users\*****\Downloads\Black.Mirror.S02E01.DVDRip.XviD-iNGOT.de-SubCentral.rar 2013-12-11 21:56 - 2013-12-11 21:56 - 00010431 _____ C:\Users\*****\Downloads\Black.Mirror.S02E02.DVDRip.XviD-iNGOT.de-SubCentral.rar 2013-12-11 21:54 - 2013-12-11 21:54 - 00020353 _____ C:\Users\*****\Downloads\Black.Mirror.S01E03.DVDRip.XviD-TASTETV.de-SubCentral.rar 2013-12-11 21:54 - 2013-12-11 21:54 - 00020107 _____ C:\Users\*****\Downloads\Black.Mirror.S01E01.DVDRip.XviD-TASTETV.de-SubCentral.rar 2013-12-11 21:54 - 2013-12-11 21:54 - 00016848 _____ C:\Users\*****\Downloads\Black.Mirror.S01E02.DVDRip.XviD-TASTETV.de-SubCentral.rar 2013-12-11 21:54 - 2013-12-11 21:54 - 00016848 _____ C:\Users\*****\Downloads\Black.Mirror.S01E02.DVDRip.XviD-TASTETV.de-SubCentral (1).rar 2013-12-11 21:45 - 2013-12-11 21:45 - 56234802 _____ C:\Users\*****\Downloads\blckmirr-203.part4.rar 2013-12-11 21:44 - 2013-12-11 21:45 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part3.rar 2013-12-11 21:44 - 2013-12-11 21:45 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part2.rar 2013-12-11 21:44 - 2013-12-11 21:45 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part1.rar 2013-12-11 21:43 - 2013-12-11 21:44 - 55171152 _____ C:\Users\*****\Downloads\blckmirr-202.part4.rar 2013-12-11 21:42 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part3.rar 2013-12-11 21:42 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part2.rar 2013-12-11 21:42 - 2013-12-11 21:43 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part1.rar 2013-12-11 21:42 - 2013-12-11 21:42 - 55229266 _____ C:\Users\*****\Downloads\blckmirr-201.part4.rar 2013-12-11 21:40 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part3.rar 2013-12-11 21:40 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part1.rar 2013-12-11 21:40 - 2013-12-11 21:41 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part2.rar 2013-12-11 21:34 - 2013-12-11 21:39 - 575199387 _____ C:\Users\*****\Downloads\black.mirror.s01e02-tastetv.avi.rar 2013-12-11 21:34 - 2013-12-11 21:39 - 367141019 _____ C:\Users\*****\Downloads\black.mirror.s01e03-tastetv.avi.rar 2013-12-11 21:34 - 2013-12-11 21:39 - 365891737 _____ C:\Users\*****\Downloads\black.mirror.s01e01-tastetv.avi.rar 2013-12-10 16:42 - 2013-12-10 16:43 - 99262843 _____ C:\Users\*****\Downloads\evdeadz.part09.rar 2013-12-10 16:42 - 2013-12-10 16:43 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part08.rar 2013-12-10 16:41 - 2013-12-10 16:43 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part07.rar 2013-12-10 16:41 - 2013-12-10 16:42 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part06.rar 2013-12-10 16:40 - 2013-12-10 16:42 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part05.rar 2013-12-10 16:40 - 2013-12-10 16:41 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part04.rar 2013-12-10 16:39 - 2013-12-10 16:41 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part01.rar 2013-12-10 16:39 - 2013-12-10 16:40 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part03.rar 2013-12-10 16:39 - 2013-12-10 16:40 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part02.rar 2013-12-10 16:36 - 2013-12-10 16:37 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part08.rar 2013-12-10 16:36 - 2013-12-10 16:36 - 15845444 _____ C:\Users\*****\Downloads\DaenikenAegypten.part09.rar 2013-12-10 16:35 - 2013-12-10 16:36 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part07.rar 2013-12-10 16:35 - 2013-12-10 16:36 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part06.rar 2013-12-10 16:35 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part05.rar 2013-12-10 16:34 - 2013-12-10 16:36 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part04.rar 2013-12-10 16:33 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part03.rar 2013-12-10 16:33 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part02.rar 2013-12-10 16:33 - 2013-12-10 16:34 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part01.rar 2013-12-10 16:33 - 2013-12-10 16:33 - 22387776 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part8.rar 2013-12-10 16:32 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part7.rar 2013-12-10 16:32 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part6.rar 2013-12-10 16:31 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part5.rar 2013-12-10 16:31 - 2013-12-10 16:32 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part4.rar 2013-12-10 16:31 - 2013-12-10 16:32 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part3.rar 2013-12-10 16:30 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part2.rar 2013-12-10 16:30 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part1.rar 2013-12-10 16:30 - 2013-12-10 16:30 - 73842964 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part7.rar 2013-12-10 16:29 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part6.rar 2013-12-10 16:29 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part5.rar 2013-12-10 16:29 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part4.rar 2013-12-10 16:28 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part3.rar 2013-12-10 16:28 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part2.rar 2013-12-10 16:28 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part1.rar 2013-12-10 13:43 - 2013-12-10 13:44 - 80295200 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part6.rar 2013-12-10 13:43 - 2013-12-10 13:44 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part5.rar 2013-12-10 13:43 - 2013-12-10 13:44 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part4.rar 2013-12-10 13:42 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part3.rar 2013-12-10 13:42 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part2.rar 2013-12-10 13:42 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part1.rar 2013-12-09 13:49 - 2013-12-09 13:50 - 82071312 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part6.rar 2013-12-09 13:49 - 2013-12-09 13:50 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part5.rar 2013-12-09 13:49 - 2013-12-09 13:50 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part4.rar 2013-12-09 13:48 - 2013-12-09 13:49 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part3.rar 2013-12-09 13:48 - 2013-12-09 13:48 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part2.rar 2013-12-09 13:47 - 2013-12-09 13:49 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part1.rar 2013-12-09 13:47 - 2013-12-09 13:48 - 102291714 _____ C:\Users\*****\Downloads\dwAtlantis.part6.rar 2013-12-09 13:47 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part5.rar 2013-12-09 13:46 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part4.rar 2013-12-09 13:46 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part3.rar 2013-12-09 13:45 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part2.rar 2013-12-09 13:45 - 2013-12-09 13:46 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part1.rar 2013-12-09 13:45 - 2013-12-09 13:46 - 104857600 _____ C:\Users\*****\Downloads\atlan.part5.rar 2013-12-09 13:45 - 2013-12-09 13:45 - 42755408 _____ C:\Users\*****\Downloads\atlan.part6.rar 2013-12-09 13:44 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\atlan.part4.rar 2013-12-09 13:44 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\atlan.part3.rar 2013-12-09 13:44 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\atlan.part2.rar 2013-12-09 13:43 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\atlan.part1.rar 2013-12-09 13:42 - 2013-12-09 13:44 - 99246501 _____ C:\Users\*****\Downloads\VWAtlantisRdM.part5.rar 2013-12-09 13:42 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\VWAtlantisRdM.part1.rar 2013-12-09 13:42 - 2013-12-09 13:42 - 29707332 _____ C:\Users\*****\Downloads\FREE.Atlanta.part4.rar 2013-12-09 13:42 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part3.rar 2013-12-09 13:41 - 2013-12-09 13:42 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part11.rar 2013-12-09 13:41 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part2.rar 2013-12-09 13:41 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part1.rar 2013-12-09 13:40 - 2013-12-09 13:41 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part10.rar 2013-12-09 13:40 - 2013-12-09 13:41 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part09.rar 2013-12-09 13:39 - 2013-12-09 13:41 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part08.rar 2013-12-09 13:39 - 2013-12-09 13:40 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part07.rar 2013-12-09 13:38 - 2013-12-09 13:40 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part06.rar 2013-12-09 13:37 - 2013-12-09 13:39 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part05.rar 2013-12-09 13:37 - 2013-12-09 13:39 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part04.rar 2013-12-09 13:37 - 2013-12-09 13:38 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part03.rar 2013-12-09 13:36 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part02.rar 2013-12-09 13:36 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part01.rar 2013-12-09 13:35 - 2013-12-09 13:37 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part2.rar 2013-12-09 13:35 - 2013-12-09 13:36 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part3.rar 2013-12-09 13:35 - 2013-12-09 13:36 - 113068050 _____ C:\Users\*****\Downloads\DieAzoren.part4.rar 2013-12-09 13:34 - 2013-12-09 13:35 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part1.rar 2013-12-09 13:34 - 2013-12-09 13:35 - 110443060 _____ C:\Users\*****\Downloads\XAtlantis.part4.rar 2013-12-09 13:33 - 2013-12-09 13:35 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part3.rar 2013-12-09 13:33 - 2013-12-09 13:34 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part2.rar 2013-12-09 13:32 - 2013-12-09 13:34 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part1.rar 2013-12-09 13:32 - 2013-12-09 13:33 - 82886274 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part4.rar 2013-12-09 13:31 - 2013-12-09 13:33 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part3.rar 2013-12-09 13:31 - 2013-12-09 13:32 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part2.rar 2013-12-09 13:31 - 2013-12-09 13:32 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part1.rar 2013-12-09 13:31 - 2013-12-09 13:31 - 36734289 _____ C:\Users\*****\Downloads\BBCM-E07.part4.rar 2013-12-09 13:29 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part3.rar 2013-12-09 13:29 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part2.rar 2013-12-09 13:29 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part1.rar 2013-12-08 19:27 - 2013-12-08 19:27 - 46970212 _____ C:\Users\*****\Downloads\pt-s01e08.part3.rar 2013-12-08 19:26 - 2013-12-08 19:27 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e08.part2.rar 2013-12-08 19:26 - 2013-12-08 19:27 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e08.part1.rar 2013-12-08 19:25 - 2013-12-08 19:27 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e09.part2.rar 2013-12-08 19:25 - 2013-12-08 19:26 - 47604356 _____ C:\Users\*****\Downloads\pt-s01e09.part3.rar 2013-12-08 19:25 - 2013-12-08 19:26 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e09.part1.rar 2013-12-08 19:25 - 2013-12-08 19:25 - 47100740 _____ C:\Users\*****\Downloads\pt-s01e07.part3.rar 2013-12-08 19:24 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e07.part2.rar 2013-12-08 19:24 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e07.part1.rar 2013-12-08 19:24 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e06.part2.rar 2013-12-08 19:24 - 2013-12-08 19:24 - 47007212 _____ C:\Users\*****\Downloads\pt-s01e06.part3.rar 2013-12-08 19:23 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e06.part1.rar 2013-12-08 19:23 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e05.part2.rar 2013-12-08 19:23 - 2013-12-08 19:23 - 45389476 _____ C:\Users\*****\Downloads\pt-s01e05.part3.rar 2013-12-08 19:22 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e05.part1.rar 2013-12-08 19:22 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e04.part2.rar 2013-12-08 19:22 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e04.part1.rar 2013-12-08 19:22 - 2013-12-08 19:22 - 45668004 _____ C:\Users\*****\Downloads\pt-s01e04.part3.rar 2013-12-08 19:15 - 2013-12-08 19:15 - 48223084 _____ C:\Users\*****\Downloads\pt-s01e03.part3.rar 2013-12-08 19:15 - 2013-12-08 19:15 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e03.part2.rar 2013-12-08 19:14 - 2013-12-08 19:15 - 46095564 _____ C:\Users\*****\Downloads\pt-s01e02.part3.rar 2013-12-08 19:14 - 2013-12-08 19:15 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e03.part1.rar 2013-12-08 19:13 - 2013-12-08 19:15 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e02.part1.rar 2013-12-08 19:13 - 2013-12-08 19:14 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e02.part2.rar 2013-12-08 19:12 - 2013-12-08 19:14 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e01.part2.rar 2013-12-08 19:12 - 2013-12-08 19:13 - 47069908 _____ C:\Users\*****\Downloads\pt-s01e01.part3.rar 2013-12-08 19:12 - 2013-12-08 19:13 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e01.part1.rar 2013-12-08 16:46 - 2013-12-08 16:46 - 26169389 _____ C:\Users\*****\Downloads\historyvati.part4.rar 2013-12-08 16:44 - 2013-12-08 16:46 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part3.rar 2013-12-08 16:44 - 2013-12-08 16:46 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part2.rar 2013-12-08 16:44 - 2013-12-08 16:46 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part1.rar 2013-12-07 17:25 - 2013-12-07 17:41 - 00000000 ____D C:\Users\*****\Documents\dave 2013-12-07 17:25 - 2013-12-07 17:25 - 04712205 _____ C:\Users\*****\Documents\dave.rar 2013-12-03 19:04 - 2013-12-03 19:04 - 00000000 ____D C:\Users\*****\AppData\Local\Unattneded 2013-12-03 19:00 - 2013-12-03 19:00 - 00001087 _____ C:\Users\*****\Desktop\AAF Recovery tool AV700.lnk 2013-12-03 19:00 - 2013-12-03 19:00 - 00000000 ____D C:\Program Files (x86)\AAF Recovery tool AV700 2013-12-03 18:55 - 2013-12-03 18:55 - 28338913 _____ C:\Users\*****\Downloads\AAF_Recovery_Tool_V4.6_av700.rar 2013-12-03 18:42 - 2013-12-03 18:42 - 00120681 _____ C:\Users\*****\Downloads\CreateMini.rar 2013-12-03 18:41 - 2013-12-03 18:41 - 01245289 _____ C:\Users\*****\Downloads\Maxiboot_Installer_Setup_V15.rar 2013-12-03 18:28 - 2013-12-03 18:28 - 00098304 _____ (Hewlett-Packard Company) C:\Users\*****\Downloads\HPUSBFW_v2.2.3 (3).exe 2013-12-03 18:28 - 2013-12-03 18:28 - 00098304 _____ (Hewlett-Packard Company) C:\Users\*****\Downloads\HPUSBFW_v2.2.3 (2).exe 2013-12-03 18:21 - 2013-12-03 18:21 - 26545043 _____ C:\Users\*****\Downloads\AAF_Recovery_Tool_V4.5a_av700.rar 2013-12-03 18:19 - 2013-12-03 18:58 - 00000000 ____D C:\Users\*****\Downloads\[0000]---geier 2013-12-03 17:19 - 2013-12-03 17:23 - 18627789 _____ C:\Users\*****\Downloads\Atemio_700_TitanNit_Edition_1.45iboot.rar 2013-12-03 16:50 - 2013-12-03 16:51 - 33292288 _____ C:\Users\*****\Downloads\BP-NMP_miniFLASH_BASE-rev6011.img 2013-12-03 16:49 - 2013-12-03 16:50 - 33292288 _____ C:\Users\*****\Downloads\miniFLASH_rev4839-p191.img 2013-12-02 19:24 - 2013-12-02 19:25 - 209730560 _____ C:\Users\*****\Downloads\ASXXDDx6CE.part1 (1).rar 2013-12-02 18:35 - 2013-12-02 19:23 - 00000000 ____D C:\Users\*****\Downloads\ASXXDDx6CE.part1.rar 2013-12-02 18:03 - 2013-12-02 18:06 - 606025919 _____ C:\Users\*****\Downloads\xcite-anal.sweethearts.5.part2.rar 2013-12-02 17:59 - 2013-12-02 18:02 - 734003200 _____ C:\Users\*****\Downloads\xcite-anal.sweethearts.5.part1.rar 2013-12-01 19:53 - 2013-12-01 19:57 - 409579390 _____ C:\Users\*****\Downloads\Riddick.Ueberleben.Ist.Seine.Rache.2013.DRip.Ger.A3.DUB.x264-UPX.part2.rar 2013-12-01 19:53 - 2013-12-01 19:56 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part03.rar 2013-12-01 19:53 - 2013-12-01 19:55 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part10.rar 2013-12-01 19:53 - 2013-12-01 19:54 - 39228144 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part14.rar 2013-12-01 19:53 - 2013-12-01 19:54 - 19727295 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part3.rar 2013-12-01 19:51 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part11.rar 2013-12-01 19:51 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part08.rar 2013-12-01 19:51 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part04.rar 2013-12-01 19:51 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part02.rar 2013-12-01 19:50 - 2013-12-01 20:00 - 1072693248 _____ C:\Users\*****\Downloads\Riddick.Ueberleben.Ist.Seine.Rache.2013.DRip.Ger.A3.DUB.x264-UPX.part1.rar 2013-12-01 19:46 - 2013-12-01 19:48 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part13.rar 2013-12-01 19:44 - 2013-12-01 19:48 - 525336595 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part1.rar 2013-12-01 19:43 - 2013-12-01 19:46 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part12.rar 2013-12-01 19:43 - 2013-12-01 19:46 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part09.rar 2013-12-01 19:42 - 2013-12-01 19:48 - 525336595 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part2.rar 2013-12-01 19:42 - 2013-12-01 19:47 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part07.rar 2013-12-01 19:42 - 2013-12-01 19:46 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part05.rar 2013-12-01 19:42 - 2013-12-01 19:45 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part01.rar 2013-12-01 19:42 - 2013-12-01 19:44 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part06.rar 2013-12-01 17:05 - 2013-12-01 17:06 - 00000000 ___HD C:\$WINDOWS.~BT 2013-12-01 16:20 - 2013-12-01 16:21 - 60337803 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part36.rar 2013-12-01 16:16 - 2013-12-01 16:45 - 804946521 _____ C:\Users\*****\Downloads\FroRusWthL.part1.rar 2013-12-01 16:16 - 2013-12-01 16:42 - 803894836 _____ C:\Users\*****\Downloads\FroRusWthL.part2.rar 2013-12-01 16:11 - 2013-12-01 16:19 - 1032666462 _____ C:\Users\*****\Downloads\HMitSafFot.rar 2013-11-29 19:48 - 2013-11-29 19:48 - 41971440 _____ C:\Users\*****\Downloads\gemini2-510-dm800-20100721145005.nfi (3).zip 2013-11-29 16:18 - 2013-11-29 16:21 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part35.rar 2013-11-29 16:17 - 2013-11-29 16:21 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part34.rar 2013-11-29 16:17 - 2013-11-29 16:21 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part33.rar 2013-11-29 16:16 - 2013-11-29 16:19 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part32.rar 2013-11-29 16:15 - 2013-11-29 16:20 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part31.rar 2013-11-29 16:11 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part30.rar 2013-11-29 16:11 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part29.rar 2013-11-29 16:10 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part27.rar 2013-11-29 16:10 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part26.rar 2013-11-29 16:10 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part25.rar 2013-11-29 16:10 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part24.rar 2013-11-29 16:10 - 2013-11-29 16:17 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part28.rar 2013-11-29 16:09 - 2013-11-29 16:17 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part22.rar 2013-11-29 16:09 - 2013-11-29 16:15 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part23.rar 2013-11-29 16:07 - 2013-11-29 16:15 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part21.rar 2013-11-29 16:03 - 2013-11-29 16:11 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part20.rar 2013-11-29 16:03 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part19.rar 2013-11-29 16:02 - 2013-11-29 16:11 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part18.rar 2013-11-29 16:02 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part16.rar 2013-11-29 16:02 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part14.rar 2013-11-29 16:02 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part17.rar 2013-11-29 16:02 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part15.rar 2013-11-29 16:02 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part13.rar 2013-11-29 16:01 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part12.rar 2013-11-29 16:01 - 2013-11-29 16:07 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part11.rar 2013-11-29 15:54 - 2013-11-29 16:03 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part09.rar 2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part08.rar 2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part06.rar 2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part04.rar 2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part03.rar 2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part02.rar 2013-11-29 15:54 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part01.rar 2013-11-29 15:54 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part10.rar 2013-11-29 15:54 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part07.rar 2013-11-29 15:54 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part05.rar 2013-11-29 15:30 - 2013-11-29 15:30 - 00001458 _____ C:\Windows\PFRO.log 2013-11-29 15:21 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2013-11-29 15:21 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2013-11-29 15:21 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2013-11-29 15:21 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2013-11-29 15:21 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2013-11-29 15:21 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2013-11-29 15:21 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2013-11-29 15:21 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2013-11-29 15:21 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2013-11-29 15:21 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2013-11-29 15:21 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll 2013-11-29 15:21 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2013-11-29 15:21 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2013-11-29 15:21 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys 2013-11-29 15:21 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml 2013-11-29 15:21 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS 2013-11-29 15:21 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2013-11-29 15:21 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2013-11-29 15:21 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-11-29 15:21 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll 2013-11-29 15:21 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll 2013-11-29 15:21 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll 2013-11-29 15:21 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll 2013-11-29 14:58 - 2013-11-29 14:58 - 00014021 _____ C:\ComboFix.txt 2013-11-29 12:44 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe 2013-11-29 12:44 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe 2013-11-29 12:44 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2013-11-29 12:44 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2013-11-29 12:44 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2013-11-29 12:44 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe 2013-11-29 12:44 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe 2013-11-29 12:44 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe 2013-11-29 12:44 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe 2013-11-29 12:42 - 2013-11-29 14:58 - 00000000 ____D C:\Qoobox 2013-11-29 12:42 - 2013-11-29 14:52 - 00000000 ____D C:\Windows\erdnt 2013-11-29 12:41 - 2013-11-29 15:08 - 00004740 _____ C:\Users\*****\Desktop\Rkill.txt 2013-11-29 12:41 - 2013-11-29 12:41 - 01059064 _____ (Bleeping Computer, LLC) C:\Users\*****\Desktop\rkill64.exe 2013-11-29 12:41 - 2013-11-29 12:41 - 00000000 ____D C:\Users\*****\Desktop\rkill 2013-11-29 12:40 - 2013-11-29 12:40 - 05150163 ____R (Swearware) C:\Users\*****\Desktop\ComboFix.exe 2013-11-29 12:40 - 2013-11-29 12:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\*****\Downloads\rkill.exe 2013-11-29 12:40 - 2013-11-29 12:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\*****\Desktop\rkill.exe 2013-11-29 12:39 - 2013-11-29 12:40 - 05150163 _____ (Swearware) C:\Users\*****\Downloads\ComboFix.exe 2013-11-29 12:31 - 2013-11-29 12:31 - 00000000 ____D C:\Users\*****\Downloads\RootkitRevealer 2013-11-29 12:30 - 2013-11-29 12:30 - 00231390 _____ C:\Users\*****\Downloads\RootkitRevealer.zip 2013-11-29 12:23 - 2013-11-29 12:23 - 00001907 _____ C:\Users\*****\Downloads\02.vbs 2013-11-29 12:19 - 2013-11-29 12:19 - 00001186 _____ C:\Users\*****\Desktop\AIDA64 Engineer.lnk 2013-11-29 12:19 - 2013-11-29 12:19 - 00000000 ____D C:\Program Files (x86)\FinalWire 2013-11-29 12:18 - 2013-11-29 12:18 - 00000000 ____D C:\Users\*****\Downloads\AA644.00.2700 2013-11-29 12:17 - 2013-11-29 12:17 - 48071965 _____ C:\Users\*****\Downloads\AA644.00.2700.rar 2013-11-29 12:12 - 2013-11-29 12:12 - 00001966 _____ C:\Users\*****\Downloads\01.vbs 2013-11-29 11:51 - 2013-11-29 11:51 - 00000000 ____D C:\Program Files (x86)\Belarc 2013-11-29 11:49 - 2013-11-29 11:50 - 03197352 _____ C:\Users\*****\Downloads\advisorinstaller.exe 2013-11-29 11:20 - 2013-11-29 11:20 - 00000000 ____D C:\ProgramData\Microsoft Toolkit 2013-11-29 11:19 - 2013-11-29 11:19 - 35890436 _____ C:\Users\*****\Downloads\Microsoft.Kekskit.250BETA1.rar 2013-11-29 10:53 - 2013-11-29 10:53 - 00005593 _____ C:\Users\*****\Downloads\wpkey_v1.4.7d (1).zip 2013-11-29 10:53 - 2013-11-29 10:53 - 00000000 ____D C:\Users\*****\Downloads\wpkey_v1.4.7d (1) 2013-11-29 09:52 - 2013-11-29 09:52 - 00009273 _____ C:\Users\*****\Downloads\Gbox Key Files 25.11.2013.rar 2013-11-29 09:51 - 2013-11-29 09:51 - 00320666 _____ C:\Users\*****\Downloads\SoftCam_Editor.zip 2013-11-28 22:46 - 2013-11-28 22:46 - 02157971 _____ C:\Users\*****\Downloads\HDD 1018.pdf.zip 2013-11-28 17:29 - 2013-11-28 17:29 - 00000000 ____D C:\Users\*****\Downloads\gbox.net.git806 2013-11-28 16:30 - 2013-11-28 16:30 - 01569767 _____ C:\Users\*****\Downloads\gbox.net.git806.rar 2013-11-28 16:30 - 2013-11-28 16:30 - 00284885 _____ C:\Users\*****\Downloads\dbox2-gbox.net.git806.geshrinkt.rar 2013-11-28 16:30 - 2013-11-28 16:30 - 00284885 _____ C:\Users\*****\Downloads\dbox2-gbox.net.git806.geshrinkt (1).rar 2013-11-27 10:49 - 2013-11-27 10:49 - 00140826 _____ C:\Users\*****\Downloads\Kryptoanalyse_des_Premiere_NDS_Verschluesselungssystem.zip 2013-11-27 10:40 - 2013-11-27 10:40 - 00479365 _____ C:\Users\*****\Downloads\CSA-Rainbow-Table-Tool_V2.02_package.zip 2013-11-27 10:40 - 2013-11-27 10:40 - 00160493 _____ C:\Users\*****\Downloads\ChainAuthor.map 2013-11-27 10:40 - 2013-11-27 10:40 - 00160493 _____ C:\Users\*****\Downloads\ChainAuthor (1).map 2013-11-26 14:32 - 2013-11-26 14:32 - 01722190 _____ C:\Users\*****\Downloads\Anleitungen_Duck-Trick_Image (1).zip ==================== One Month Modified Files and Folders ======= 2013-12-26 04:21 - 2013-12-26 04:21 - 00000000 ____D C:\FRST 2013-12-26 04:21 - 2013-12-25 05:32 - 00000000 ____D C:\Users\*****\Desktop\Security 2013-12-26 04:02 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru 2013-12-26 03:31 - 2013-05-15 18:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001UA1ce518e6ecec2ba.job 2013-12-26 03:24 - 2012-11-07 22:13 - 00000000 ____D C:\Program Files\JDownloader 2 2013-12-26 03:18 - 2013-12-26 03:18 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2013-12-26 03:18 - 2013-12-26 03:18 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-26 03:17 - 2012-09-26 23:32 - 00000000 ____D C:\Users\*****\AppData\Local\Mirillis 2013-12-26 02:52 - 2013-12-26 02:47 - 1468432384 _____ C:\Users\*****\Downloads\Ragazze.Costrette.avi 2013-12-26 02:26 - 2013-04-28 11:43 - 01944691 _____ C:\Windows\WindowsUpdate.log 2013-12-25 17:39 - 2013-12-24 01:38 - 27901952 _____ C:\Windows\system32\vmguest.iso 2013-12-25 17:36 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2013-12-25 17:13 - 2013-04-14 20:10 - 00000000 ____D C:\Users\*****\Downloads\! 2013-12-25 14:57 - 2013-12-25 14:57 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\*****\Downloads\mbam-setup-1.75.0.1300.exe 2013-12-25 06:05 - 2013-12-25 06:05 - 00002515 _____ C:\Users\*****\Desktop\gmer_05.log 2013-12-25 05:52 - 2013-12-25 05:52 - 00003001 _____ C:\Users\*****\Desktop\gmer_04.log 2013-12-25 05:42 - 2013-02-11 01:16 - 00001872 _____ C:\Windows\Sandboxie.ini 2013-12-25 05:41 - 2013-12-25 05:41 - 00000458 _____ C:\Users\*****\Desktop\gmer_03.log 2013-12-25 05:17 - 2013-12-25 05:11 - 00000000 ____D C:\AdwCleaner 2013-12-25 04:49 - 2013-12-25 04:49 - 00011984 _____ C:\Users\*****\Desktop\gmer_02.log 2013-12-24 16:46 - 2013-12-24 16:46 - 00000793 _____ C:\Users\*****\Desktop\gmer_01.log 2013-12-24 13:58 - 2013-12-24 13:58 - 00000000 ____D C:\Users\*****\Desktop\gmer 2013-12-24 13:57 - 2013-12-24 11:04 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-12-24 11:03 - 2013-12-24 11:03 - 00089304 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2013-12-24 04:31 - 2013-12-24 13:59 - 00377856 _____ C:\Users\*****\Desktop\gmer_2.1.19163.exe 2013-12-24 04:22 - 2013-12-24 04:22 - 00000000 ____D C:\Users\*****\Desktop\mbar 2013-12-24 03:48 - 2013-12-21 21:49 - 00000000 ____D C:\Users\*****\Downloads\UpdatePack_V134 2013-12-24 03:30 - 2013-12-24 03:30 - 00003161 _____ C:\Users\*****\Desktop\JRT.txt 2013-12-24 03:18 - 2013-12-24 03:18 - 00000000 ____D C:\Windows\ERUNT 2013-12-24 02:48 - 2013-12-24 02:48 - 03950128 _____ (Microsoft Corporation) C:\Users\*****\Downloads\stsupldloc2013-kb2726996-fullfile-x64-glb (3).exe 2013-12-24 02:39 - 2013-12-24 02:39 - 03950128 _____ (Microsoft Corporation) C:\Users\*****\Downloads\stsupldloc2013-kb2726996-fullfile-x64-glb (2).exe 2013-12-23 04:14 - 2012-10-24 18:48 - 00000000 ____D C:\Users\*****\Documents\Outlook-Dateien 2013-12-23 03:42 - 2012-07-26 11:27 - 00756916 _____ C:\Windows\system32\perfh007.dat 2013-12-23 03:42 - 2012-07-26 11:27 - 00157052 _____ C:\Windows\system32\perfc007.dat 2013-12-23 03:42 - 2012-07-26 08:28 - 01754216 _____ C:\Windows\system32\PerfStringBackup.INI 2013-12-23 01:37 - 2013-12-23 01:37 - 05428186 _____ C:\Users\*****\Downloads\update-134.tar.gz 2013-12-23 01:35 - 2013-12-23 01:35 - 05428186 _____ C:\Users\*****\Downloads\update-134.gz 2013-12-22 19:34 - 2013-12-22 19:34 - 00000000 ____D C:\Users\*****\Downloads\TM.2.YT.DL.v2.1.0.537 2013-12-22 19:34 - 2013-12-22 19:33 - 02237534 _____ C:\Users\*****\Downloads\TM.2.YT.DL.v2.1.0.537.rar 2013-12-22 19:31 - 2013-05-15 18:05 - 00001090 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001Core1ce518e6da097c5.job 2013-12-22 15:41 - 2013-11-02 10:28 - 00000000 ____D C:\Program Files (x86)\HDDGURU LLF Tool 2013-12-22 15:40 - 2013-11-02 10:28 - 00001060 _____ C:\Users\*****\Desktop\Hard Disk Low Level Format Tool.lnk 2013-12-22 15:39 - 2013-12-22 15:39 - 00000000 ____D C:\Users\*****\Downloads\HDD_Low_Level_Format_Tool_4.25_Software 2013-12-22 15:36 - 2013-12-22 15:36 - 01277576 _____ C:\Users\*****\Downloads\HDD_Low_Level_Format_Tool_4.25_Software.rar 2013-12-22 13:54 - 2013-12-22 13:53 - 04278747 _____ C:\Users\*****\Downloads\usb110511.zip 2013-12-22 13:39 - 2013-12-22 13:38 - 147571049 _____ C:\Users\*****\Downloads\Biffy Clyro - Opposites Live from Glasgow (2013).zip 2013-12-22 13:38 - 2013-12-22 13:38 - 00000000 ____D C:\Users\*****\Downloads\pcunlocker_trial 2013-12-22 13:34 - 2013-12-22 13:34 - 31489469 _____ C:\Users\*****\Downloads\pcunlocker_trial.zip 2013-12-22 13:32 - 2013-12-22 13:31 - 71381976 _____ (Magic Rescue CD ) C:\Users\*****\Downloads\rescueCD_setup_free_version.exe 2013-12-22 03:10 - 2013-12-22 03:05 - 1252147200 _____ C:\Users\*****\Downloads\linuxmint-16-cinnamon-dvd-64bit.iso 2013-12-22 02:34 - 2013-12-22 02:31 - 734947328 _____ C:\Users\*****\Downloads\ADRIANE-KNOPPIX_V7.2.0gCD-2013-07-28-DE.iso 2013-12-22 02:23 - 2013-12-22 02:23 - 00033590 _____ C:\Users\*****\Downloads\packagelist_kubuntu_64.txt 2013-12-22 01:09 - 2013-12-22 01:08 - 01094939 _____ (pendrivelinux.com) C:\Users\*****\Downloads\Universal-USB-Installer-1.9.5.1.exe 2013-12-22 00:23 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI 2013-12-21 23:54 - 2013-12-21 23:54 - 05192704 _____ (Geza Kovacs) C:\Users\*****\Downloads\unetbootin-windows-585 (3).exe 2013-12-21 23:54 - 2013-12-21 23:54 - 05192704 _____ (Geza Kovacs) C:\Users\*****\Downloads\unetbootin-windows-585 (2).exe 2013-12-21 22:55 - 2013-12-21 22:51 - 938475520 _____ C:\Users\*****\Downloads\ubuntu-13.10-desktop-i386.iso 2013-12-21 22:54 - 2013-12-21 22:54 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator 2013-12-21 22:54 - 2013-12-21 22:53 - 00000000 ____D C:\Program Files (x86)\LinuxLive USB Creator 2013-12-21 22:50 - 2013-12-21 22:49 - 04766976 _____ (LinuxLive USB Creator) C:\Users\*****\Downloads\LinuxLive USB Creator 2.8.26.exe 2013-12-21 22:28 - 2013-12-21 22:28 - 01046523 _____ (Ext2Fsd Group ) C:\Users\*****\Downloads\Ext2Fsd-0.51.exe 2013-12-21 22:06 - 2013-12-18 19:30 - 00000000 ____D C:\Users\*****\Downloads\BIP2 2013-12-21 21:48 - 2013-12-21 21:47 - 24964514 _____ C:\Users\*****\Downloads\UpdatePack_V134.zip 2013-12-21 21:36 - 2013-07-21 10:37 - 00002664 _____ C:\Windows\setupact.log 2013-12-21 21:27 - 2013-12-21 21:26 - 66471052 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part15.rar 2013-12-21 21:27 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part14.rar 2013-12-21 21:27 - 2013-12-21 21:26 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part13.rar 2013-12-21 21:27 - 2013-01-06 21:04 - 00000000 ____D C:\Users\*****\Downloads\extracted 2013-12-21 21:26 - 2013-12-21 21:25 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part12.rar 2013-12-21 21:26 - 2013-12-21 21:24 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part11.rar 2013-12-21 21:26 - 2013-12-21 21:24 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part10.rar 2013-12-21 21:25 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part09.rar 2013-12-21 21:24 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part08.rar 2013-12-21 21:24 - 2013-12-21 21:23 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part07.rar 2013-12-21 21:23 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part06.rar 2013-12-21 21:23 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part05.rar 2013-12-21 21:23 - 2013-12-21 21:22 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part04.rar 2013-12-21 21:22 - 2013-12-21 21:21 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part03.rar 2013-12-21 21:22 - 2013-12-21 21:21 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part02.rar 2013-12-21 21:22 - 2013-12-21 21:21 - 107857600 _____ C:\Users\*****\Downloads\DJ.CHEOPS.part01.rar 2013-12-21 21:06 - 2013-12-21 21:06 - 516747800 _____ C:\Windows\MEMORY.DMP 2013-12-21 21:06 - 2013-12-21 21:06 - 00296536 _____ C:\Windows\Minidump\122113-31621-01.dmp 2013-12-21 21:06 - 2013-01-14 22:52 - 00000000 ____D C:\Windows\Minidump 2013-12-21 21:04 - 2013-12-21 20:57 - 00000000 ____D C:\Program Files (x86)\UFB Code Setup 2013-12-21 20:58 - 2013-12-21 20:58 - 00001985 _____ C:\Users\*****\Desktop\UFB Code Setup.lnk 2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\WCH.CN 2013-12-21 20:58 - 2013-12-21 20:58 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UFB Code Setup 2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Windows\UFB Code Setup 2013-12-21 20:57 - 2013-12-21 20:57 - 00000000 ____D C:\Users\*****\Downloads\UFB234_CD-Inhalt 2013-12-21 20:55 - 2013-12-21 20:55 - 17560304 _____ C:\Users\*****\Downloads\UFB234_CD-Inhalt.zip 2013-12-21 19:39 - 2013-12-21 19:39 - 67745277 _____ C:\Users\*****\Downloads\poecanmahtki.part16.rar 2013-12-21 19:39 - 2013-12-21 19:39 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part15.rar 2013-12-21 19:39 - 2013-12-21 19:38 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part14.rar 2013-12-21 19:39 - 2013-12-21 19:38 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part13.rar 2013-12-21 19:39 - 2013-12-21 19:37 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part11.rar 2013-12-21 19:38 - 2013-12-21 19:37 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part12.rar 2013-12-21 19:38 - 2013-12-21 19:36 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part09.rar 2013-12-21 19:37 - 2013-12-21 19:36 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part10.rar 2013-12-21 19:37 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part08.rar 2013-12-21 19:36 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part07.rar 2013-12-21 19:36 - 2013-12-21 19:35 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part06.rar 2013-12-21 19:35 - 2013-12-21 19:34 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part05.rar 2013-12-21 19:35 - 2013-12-21 19:33 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part04.rar 2013-12-21 19:34 - 2013-12-21 19:32 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part02.rar 2013-12-21 19:34 - 2013-12-21 19:32 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part01.rar 2013-12-21 19:33 - 2013-12-21 19:32 - 110100480 _____ C:\Users\*****\Downloads\poecanmahtki.part03.rar 2013-12-21 19:15 - 2013-05-21 12:31 - 00130560 ___SH C:\Users\*****\Downloads\Thumbs.db 2013-12-20 22:50 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache 2013-12-20 19:49 - 2013-12-20 19:49 - 00000000 ____D C:\ProgramData\ESET 2013-12-20 19:49 - 2013-12-20 19:49 - 00000000 ____D C:\Program Files\ESET 2013-12-20 19:35 - 2013-12-20 19:34 - 154561875 _____ C:\Users\*****\Downloads\eset_nod32_smart security.rar 2013-12-20 19:28 - 2013-12-20 19:28 - 00423360 _____ C:\Windows\system32\FNTCACHE.DAT 2013-12-20 19:15 - 2013-05-06 10:42 - 00000000 ____D C:\Users\*****\Downloads\utopia-ccf-s04e15-xvid 2013-12-20 19:15 - 2012-11-07 18:00 - 00000000 ____D C:\Users\*****\Downloads\[0000]---Abarbeiten--- 2013-12-20 19:15 - 2012-09-27 18:54 - 00000000 ____D C:\Users\*****\Downloads\[0000]---UFS910 Aufnahmen--- 2013-12-20 19:15 - 2012-09-03 20:33 - 00000000 ____D C:\Users\*****\Downloads\[0000]---JD-Load-entpackt 2013-12-20 18:49 - 2013-12-20 18:48 - 02888335 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).flv 2013-12-20 18:48 - 2013-12-20 18:48 - 10759552 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).mp4 2013-12-20 18:48 - 2013-12-20 18:48 - 00690824 _____ C:\Users\*****\Downloads\Greetings from Chuck (The epic christmas split).3gp 2013-12-20 16:09 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates 2013-12-20 01:22 - 2013-12-20 01:22 - 00381540 _____ C:\Users\*****\Downloads\enigma2-skin-elgato-hd_1.0.1_all.ipk 2013-12-19 04:20 - 2013-04-29 13:26 - 00000000 ____D C:\Users\*****\Downloads\HrnOvr40_29 2013-12-19 04:20 - 2012-12-04 14:18 - 00000000 ____D C:\Users\*****\Downloads\!-Mui Importante 2013-12-19 04:19 - 2013-09-09 19:10 - 00000000 ____D C:\Users\*****\Downloads\!! 2013-12-19 03:01 - 2013-03-04 15:18 - 00000000 ____D C:\Users\*****\Documents\[0000]---dream800--- 2013-12-19 02:15 - 2012-08-28 21:49 - 00000000 ____D C:\Users\*****\AppData\Roaming\QuickScan 2013-12-19 01:55 - 2013-12-19 01:55 - 04513064 _____ C:\Users\*****\Downloads\npp.6.5.2.bin.7z 2013-12-19 01:54 - 2013-12-19 01:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\Notepad++ 2013-12-19 01:53 - 2013-12-19 01:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2013-12-19 01:53 - 2013-12-19 01:53 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2013-12-19 01:52 - 2013-12-19 01:52 - 07549839 _____ C:\Users\*****\Downloads\npp.6.5.2.Installer.exe 2013-12-19 01:48 - 2013-12-19 01:48 - 01432078 _____ C:\Users\*****\Downloads\redate.zip 2013-12-19 00:28 - 2013-12-19 00:28 - 00000001 _____ C:\Users\*****\AppData\Local\llftool.4.40.agreement 2013-12-18 22:01 - 2013-12-18 22:01 - 02046464 _____ C:\Users\*****\Downloads\HDDLLF.4.40.exe 2013-12-18 21:39 - 2013-12-18 21:39 - 00000000 ____D C:\Users\*****\Downloads\usbit (1) 2013-12-18 21:38 - 2013-12-18 21:38 - 00221471 _____ C:\Users\*****\Downloads\usbit (1).zip 2013-12-18 21:35 - 2013-12-18 21:35 - 00236402 _____ C:\Users\*****\Downloads\Anleitung_3_Duck-Trick_Image_USB_Stick_unter_Windows_erstellen_flor62.zip 2013-12-18 20:09 - 2013-12-18 20:09 - 00928690 _____ C:\Users\*****\Downloads\DreamUP133_11.zip 2013-12-18 20:08 - 2013-12-18 20:08 - 03847349 _____ C:\Users\*****\Downloads\CP210x_VCP_Windows.zip 2013-12-18 20:07 - 2013-12-18 20:07 - 54083533 _____ C:\Users\*****\Downloads\newnigma2-stable-dm800-v4.0.6.zip 2013-12-18 18:23 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent 2013-12-17 19:51 - 2013-12-17 19:51 - 04603098 _____ C:\Users\*****\Downloads\e2.ipk 2013-12-17 19:51 - 2013-12-17 19:51 - 00303096 _____ C:\Users\*****\Downloads\python-mechanize_0.2.5-r0_mips32el.ipk 2013-12-17 19:47 - 2013-12-17 19:46 - 00000000 ____D C:\Burgard 2013-12-17 19:44 - 2013-12-17 19:43 - 24509740 _____ (Macrovision Corporation) C:\Users\*****\Downloads\drivers-amp-utility.exe 2013-12-17 02:07 - 2012-10-23 21:23 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-12-17 02:06 - 2013-08-31 14:52 - 00000000 ____D C:\Windows\system32\MRT 2013-12-17 02:03 - 2012-12-16 12:11 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2013-12-17 02:01 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe 2013-12-11 21:57 - 2013-12-11 21:57 - 00018077 _____ C:\Users\*****\Downloads\Black.Mirror.S02E03.DVDRip.XviD-iNGOT.de-SubCentral.rar 2013-12-11 21:56 - 2013-12-11 21:56 - 00012208 _____ C:\Users\*****\Downloads\Black.Mirror.S02E01.DVDRip.XviD-iNGOT.de-SubCentral.rar 2013-12-11 21:56 - 2013-12-11 21:56 - 00010431 _____ C:\Users\*****\Downloads\Black.Mirror.S02E02.DVDRip.XviD-iNGOT.de-SubCentral.rar 2013-12-11 21:54 - 2013-12-11 21:54 - 00020353 _____ C:\Users\*****\Downloads\Black.Mirror.S01E03.DVDRip.XviD-TASTETV.de-SubCentral.rar 2013-12-11 21:54 - 2013-12-11 21:54 - 00020107 _____ C:\Users\*****\Downloads\Black.Mirror.S01E01.DVDRip.XviD-TASTETV.de-SubCentral.rar 2013-12-11 21:54 - 2013-12-11 21:54 - 00016848 _____ C:\Users\*****\Downloads\Black.Mirror.S01E02.DVDRip.XviD-TASTETV.de-SubCentral.rar 2013-12-11 21:54 - 2013-12-11 21:54 - 00016848 _____ C:\Users\*****\Downloads\Black.Mirror.S01E02.DVDRip.XviD-TASTETV.de-SubCentral (1).rar 2013-12-11 21:45 - 2013-12-11 21:45 - 56234802 _____ C:\Users\*****\Downloads\blckmirr-203.part4.rar 2013-12-11 21:45 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part3.rar 2013-12-11 21:45 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part2.rar 2013-12-11 21:45 - 2013-12-11 21:44 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-203.part1.rar 2013-12-11 21:44 - 2013-12-11 21:43 - 55171152 _____ C:\Users\*****\Downloads\blckmirr-202.part4.rar 2013-12-11 21:44 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part3.rar 2013-12-11 21:44 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part2.rar 2013-12-11 21:43 - 2013-12-11 21:42 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-202.part1.rar 2013-12-11 21:42 - 2013-12-11 21:42 - 55229266 _____ C:\Users\*****\Downloads\blckmirr-201.part4.rar 2013-12-11 21:42 - 2013-12-11 21:40 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part3.rar 2013-12-11 21:42 - 2013-12-11 21:40 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part1.rar 2013-12-11 21:41 - 2013-12-11 21:40 - 105906176 _____ C:\Users\*****\Downloads\blckmirr-201.part2.rar 2013-12-11 21:39 - 2013-12-11 21:34 - 575199387 _____ C:\Users\*****\Downloads\black.mirror.s01e02-tastetv.avi.rar 2013-12-11 21:39 - 2013-12-11 21:34 - 367141019 _____ C:\Users\*****\Downloads\black.mirror.s01e03-tastetv.avi.rar 2013-12-11 21:39 - 2013-12-11 21:34 - 365891737 _____ C:\Users\*****\Downloads\black.mirror.s01e01-tastetv.avi.rar 2013-12-10 16:43 - 2013-12-10 16:42 - 99262843 _____ C:\Users\*****\Downloads\evdeadz.part09.rar 2013-12-10 16:43 - 2013-12-10 16:42 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part08.rar 2013-12-10 16:43 - 2013-12-10 16:41 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part07.rar 2013-12-10 16:42 - 2013-12-10 16:41 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part06.rar 2013-12-10 16:42 - 2013-12-10 16:40 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part05.rar 2013-12-10 16:41 - 2013-12-10 16:40 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part04.rar 2013-12-10 16:41 - 2013-12-10 16:39 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part01.rar 2013-12-10 16:40 - 2013-12-10 16:39 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part03.rar 2013-12-10 16:40 - 2013-12-10 16:39 - 100431872 _____ C:\Users\*****\Downloads\evdeadz.part02.rar 2013-12-10 16:37 - 2013-12-10 16:36 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part08.rar 2013-12-10 16:36 - 2013-12-10 16:36 - 15845444 _____ C:\Users\*****\Downloads\DaenikenAegypten.part09.rar 2013-12-10 16:36 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part07.rar 2013-12-10 16:36 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part06.rar 2013-12-10 16:36 - 2013-12-10 16:34 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part04.rar 2013-12-10 16:35 - 2013-12-10 16:35 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part05.rar 2013-12-10 16:35 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part03.rar 2013-12-10 16:35 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part02.rar 2013-12-10 16:34 - 2013-12-10 16:33 - 100000000 _____ C:\Users\*****\Downloads\DaenikenAegypten.part01.rar 2013-12-10 16:33 - 2013-12-10 16:33 - 22387776 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part8.rar 2013-12-10 16:33 - 2013-12-10 16:32 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part7.rar 2013-12-10 16:33 - 2013-12-10 16:32 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part6.rar 2013-12-10 16:33 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part5.rar 2013-12-10 16:32 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part4.rar 2013-12-10 16:32 - 2013-12-10 16:31 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part3.rar 2013-12-10 16:31 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part2.rar 2013-12-10 16:31 - 2013-12-10 16:30 - 100000000 _____ C:\Users\*****\Downloads\DaenikenRaetsel.part1.rar 2013-12-10 16:30 - 2013-12-10 16:30 - 73842964 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part7.rar 2013-12-10 16:30 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part6.rar 2013-12-10 16:30 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part5.rar 2013-12-10 16:30 - 2013-12-10 16:29 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part4.rar 2013-12-10 16:29 - 2013-12-10 16:28 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part3.rar 2013-12-10 16:29 - 2013-12-10 16:28 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part2.rar 2013-12-10 16:29 - 2013-12-10 16:28 - 100000000 _____ C:\Users\*****\Downloads\DaenikenGoetterdaemmerung.part1.rar 2013-12-10 13:44 - 2013-12-10 13:43 - 80295200 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part6.rar 2013-12-10 13:44 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part5.rar 2013-12-10 13:44 - 2013-12-10 13:43 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part4.rar 2013-12-10 13:43 - 2013-12-10 13:42 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part3.rar 2013-12-10 13:43 - 2013-12-10 13:42 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part2.rar 2013-12-10 13:43 - 2013-12-10 13:42 - 104857600 _____ C:\Users\*****\Downloads\DGrRtsl05DiScVoToMe.part1.rar 2013-12-09 13:50 - 2013-12-09 13:49 - 82071312 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part6.rar 2013-12-09 13:50 - 2013-12-09 13:49 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part5.rar 2013-12-09 13:50 - 2013-12-09 13:49 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part4.rar 2013-12-09 13:49 - 2013-12-09 13:48 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part3.rar 2013-12-09 13:49 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part1.rar 2013-12-09 13:48 - 2013-12-09 13:48 - 104857600 _____ C:\Users\*****\Downloads\Atl-DrVersKont.part2.rar 2013-12-09 13:48 - 2013-12-09 13:47 - 102291714 _____ C:\Users\*****\Downloads\dwAtlantis.part6.rar 2013-12-09 13:47 - 2013-12-09 13:47 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part5.rar 2013-12-09 13:47 - 2013-12-09 13:46 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part4.rar 2013-12-09 13:47 - 2013-12-09 13:46 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part3.rar 2013-12-09 13:47 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part2.rar 2013-12-09 13:46 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\dwAtlantis.part1.rar 2013-12-09 13:46 - 2013-12-09 13:45 - 104857600 _____ C:\Users\*****\Downloads\atlan.part5.rar 2013-12-09 13:45 - 2013-12-09 13:45 - 42755408 _____ C:\Users\*****\Downloads\atlan.part6.rar 2013-12-09 13:45 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\atlan.part4.rar 2013-12-09 13:45 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\atlan.part3.rar 2013-12-09 13:45 - 2013-12-09 13:44 - 104857600 _____ C:\Users\*****\Downloads\atlan.part2.rar 2013-12-09 13:44 - 2013-12-09 13:43 - 104857600 _____ C:\Users\*****\Downloads\atlan.part1.rar 2013-12-09 13:44 - 2013-12-09 13:42 - 99246501 _____ C:\Users\*****\Downloads\VWAtlantisRdM.part5.rar 2013-12-09 13:44 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\VWAtlantisRdM.part1.rar 2013-12-09 13:42 - 2013-12-09 13:42 - 29707332 _____ C:\Users\*****\Downloads\FREE.Atlanta.part4.rar 2013-12-09 13:42 - 2013-12-09 13:42 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part3.rar 2013-12-09 13:42 - 2013-12-09 13:41 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part11.rar 2013-12-09 13:42 - 2013-12-09 13:41 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part2.rar 2013-12-09 13:42 - 2013-12-09 13:41 - 104857600 _____ C:\Users\*****\Downloads\FREE.Atlanta.part1.rar 2013-12-09 13:41 - 2013-12-09 13:40 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part10.rar 2013-12-09 13:41 - 2013-12-09 13:40 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part09.rar 2013-12-09 13:41 - 2013-12-09 13:39 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part08.rar 2013-12-09 13:40 - 2013-12-09 13:39 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part07.rar 2013-12-09 13:40 - 2013-12-09 13:38 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part06.rar 2013-12-09 13:39 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part05.rar 2013-12-09 13:39 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part04.rar 2013-12-09 13:38 - 2013-12-09 13:37 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part03.rar 2013-12-09 13:37 - 2013-12-09 13:36 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part02.rar 2013-12-09 13:37 - 2013-12-09 13:36 - 110100480 _____ C:\Users\*****\Downloads\DieSucheAtlantis.part01.rar 2013-12-09 13:37 - 2013-12-09 13:35 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part2.rar 2013-12-09 13:36 - 2013-12-09 13:35 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part3.rar 2013-12-09 13:36 - 2013-12-09 13:35 - 113068050 _____ C:\Users\*****\Downloads\DieAzoren.part4.rar 2013-12-09 13:35 - 2013-12-09 13:34 - 115000000 _____ C:\Users\*****\Downloads\DieAzoren.part1.rar 2013-12-09 13:35 - 2013-12-09 13:34 - 110443060 _____ C:\Users\*****\Downloads\XAtlantis.part4.rar 2013-12-09 13:35 - 2013-12-09 13:33 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part3.rar 2013-12-09 13:34 - 2013-12-09 13:33 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part2.rar 2013-12-09 13:34 - 2013-12-09 13:32 - 115000000 _____ C:\Users\*****\Downloads\XAtlantis.part1.rar 2013-12-09 13:33 - 2013-12-09 13:32 - 82886274 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part4.rar 2013-12-09 13:33 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part3.rar 2013-12-09 13:32 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part2.rar 2013-12-09 13:32 - 2013-12-09 13:31 - 115000000 _____ C:\Users\*****\Downloads\sucheatlantishdtv.part1.rar 2013-12-09 13:31 - 2013-12-09 13:31 - 36734289 _____ C:\Users\*****\Downloads\BBCM-E07.part4.rar 2013-12-09 13:31 - 2013-12-09 13:29 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part3.rar 2013-12-09 13:31 - 2013-12-09 13:29 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part2.rar 2013-12-09 13:31 - 2013-12-09 13:29 - 115000000 _____ C:\Users\*****\Downloads\BBCM-E07.part1.rar 2013-12-08 19:27 - 2013-12-08 19:27 - 46970212 _____ C:\Users\*****\Downloads\pt-s01e08.part3.rar 2013-12-08 19:27 - 2013-12-08 19:26 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e08.part2.rar 2013-12-08 19:27 - 2013-12-08 19:26 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e08.part1.rar 2013-12-08 19:27 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e09.part2.rar 2013-12-08 19:26 - 2013-12-08 19:25 - 47604356 _____ C:\Users\*****\Downloads\pt-s01e09.part3.rar 2013-12-08 19:26 - 2013-12-08 19:25 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e09.part1.rar 2013-12-08 19:25 - 2013-12-08 19:25 - 47100740 _____ C:\Users\*****\Downloads\pt-s01e07.part3.rar 2013-12-08 19:25 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e07.part2.rar 2013-12-08 19:25 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e07.part1.rar 2013-12-08 19:25 - 2013-12-08 19:24 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e06.part2.rar 2013-12-08 19:24 - 2013-12-08 19:24 - 47007212 _____ C:\Users\*****\Downloads\pt-s01e06.part3.rar 2013-12-08 19:24 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e06.part1.rar 2013-12-08 19:24 - 2013-12-08 19:23 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e05.part2.rar 2013-12-08 19:23 - 2013-12-08 19:23 - 45389476 _____ C:\Users\*****\Downloads\pt-s01e05.part3.rar 2013-12-08 19:23 - 2013-12-08 19:22 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e05.part1.rar 2013-12-08 19:23 - 2013-12-08 19:22 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e04.part2.rar 2013-12-08 19:23 - 2013-12-08 19:22 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e04.part1.rar 2013-12-08 19:22 - 2013-12-08 19:22 - 45668004 _____ C:\Users\*****\Downloads\pt-s01e04.part3.rar 2013-12-08 19:15 - 2013-12-08 19:15 - 48223084 _____ C:\Users\*****\Downloads\pt-s01e03.part3.rar 2013-12-08 19:15 - 2013-12-08 19:15 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e03.part2.rar 2013-12-08 19:15 - 2013-12-08 19:14 - 46095564 _____ C:\Users\*****\Downloads\pt-s01e02.part3.rar 2013-12-08 19:15 - 2013-12-08 19:14 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e03.part1.rar 2013-12-08 19:15 - 2013-12-08 19:13 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e02.part1.rar 2013-12-08 19:14 - 2013-12-08 19:13 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e02.part2.rar 2013-12-08 19:14 - 2013-12-08 19:12 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e01.part2.rar 2013-12-08 19:13 - 2013-12-08 19:12 - 47069908 _____ C:\Users\*****\Downloads\pt-s01e01.part3.rar 2013-12-08 19:13 - 2013-12-08 19:12 - 106857600 _____ C:\Users\*****\Downloads\pt-s01e01.part1.rar 2013-12-08 16:46 - 2013-12-08 16:46 - 26169389 _____ C:\Users\*****\Downloads\historyvati.part4.rar 2013-12-08 16:46 - 2013-12-08 16:44 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part3.rar 2013-12-08 16:46 - 2013-12-08 16:44 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part2.rar 2013-12-08 16:46 - 2013-12-08 16:44 - 115000000 _____ C:\Users\*****\Downloads\historyvati.part1.rar 2013-12-07 17:43 - 2012-08-29 17:50 - 00002362 _____ C:\Users\*****\Desktop\Google Chrome.lnk 2013-12-07 17:41 - 2013-12-07 17:25 - 00000000 ____D C:\Users\*****\Documents\dave 2013-12-07 17:25 - 2013-12-07 17:25 - 04712205 _____ C:\Users\*****\Documents\dave.rar 2013-12-04 01:53 - 2013-11-23 17:00 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-12-04 01:53 - 2013-11-23 16:59 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-12-03 19:04 - 2013-12-03 19:04 - 00000000 ____D C:\Users\*****\AppData\Local\Unattneded 2013-12-03 19:00 - 2013-12-03 19:00 - 00001087 _____ C:\Users\*****\Desktop\AAF Recovery tool AV700.lnk 2013-12-03 19:00 - 2013-12-03 19:00 - 00000000 ____D C:\Program Files (x86)\AAF Recovery tool AV700 2013-12-03 18:58 - 2013-12-03 18:19 - 00000000 ____D C:\Users\*****\Downloads\[0000]---geier 2013-12-03 18:55 - 2013-12-03 18:55 - 28338913 _____ C:\Users\*****\Downloads\AAF_Recovery_Tool_V4.6_av700.rar 2013-12-03 18:42 - 2013-12-03 18:42 - 00120681 _____ C:\Users\*****\Downloads\CreateMini.rar 2013-12-03 18:41 - 2013-12-03 18:41 - 01245289 _____ C:\Users\*****\Downloads\Maxiboot_Installer_Setup_V15.rar 2013-12-03 18:28 - 2013-12-03 18:28 - 00098304 _____ (Hewlett-Packard Company) C:\Users\*****\Downloads\HPUSBFW_v2.2.3 (3).exe 2013-12-03 18:28 - 2013-12-03 18:28 - 00098304 _____ (Hewlett-Packard Company) C:\Users\*****\Downloads\HPUSBFW_v2.2.3 (2).exe 2013-12-03 18:21 - 2013-12-03 18:21 - 26545043 _____ C:\Users\*****\Downloads\AAF_Recovery_Tool_V4.5a_av700.rar 2013-12-03 17:23 - 2013-12-03 17:19 - 18627789 _____ C:\Users\*****\Downloads\Atemio_700_TitanNit_Edition_1.45iboot.rar 2013-12-03 16:51 - 2013-12-03 16:50 - 33292288 _____ C:\Users\*****\Downloads\BP-NMP_miniFLASH_BASE-rev6011.img 2013-12-03 16:50 - 2013-12-03 16:49 - 33292288 _____ C:\Users\*****\Downloads\miniFLASH_rev4839-p191.img 2013-12-02 19:25 - 2013-12-02 19:24 - 209730560 _____ C:\Users\*****\Downloads\ASXXDDx6CE.part1 (1).rar 2013-12-02 19:23 - 2013-12-02 18:35 - 00000000 ____D C:\Users\*****\Downloads\ASXXDDx6CE.part1.rar 2013-12-02 18:42 - 2013-01-05 01:52 - 00000000 ____D C:\Users\*****\AppData\Roaming\vlc 2013-12-02 18:06 - 2013-12-02 18:03 - 606025919 _____ C:\Users\*****\Downloads\xcite-anal.sweethearts.5.part2.rar 2013-12-02 18:02 - 2013-12-02 17:59 - 734003200 _____ C:\Users\*****\Downloads\xcite-anal.sweethearts.5.part1.rar 2013-12-01 20:00 - 2013-12-01 19:50 - 1072693248 _____ C:\Users\*****\Downloads\Riddick.Ueberleben.Ist.Seine.Rache.2013.DRip.Ger.A3.DUB.x264-UPX.part1.rar 2013-12-01 19:57 - 2013-12-01 19:53 - 409579390 _____ C:\Users\*****\Downloads\Riddick.Ueberleben.Ist.Seine.Rache.2013.DRip.Ger.A3.DUB.x264-UPX.part2.rar 2013-12-01 19:56 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part03.rar 2013-12-01 19:55 - 2013-12-01 19:53 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part10.rar 2013-12-01 19:54 - 2013-12-01 19:53 - 39228144 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part14.rar 2013-12-01 19:54 - 2013-12-01 19:53 - 19727295 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part3.rar 2013-12-01 19:53 - 2013-12-01 19:51 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part11.rar 2013-12-01 19:53 - 2013-12-01 19:51 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part08.rar 2013-12-01 19:53 - 2013-12-01 19:51 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part04.rar 2013-12-01 19:53 - 2013-12-01 19:51 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part02.rar 2013-12-01 19:48 - 2013-12-01 19:46 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part13.rar 2013-12-01 19:48 - 2013-12-01 19:44 - 525336595 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part1.rar 2013-12-01 19:48 - 2013-12-01 19:42 - 525336595 _____ C:\Users\*****\Downloads\tod-jackass-tsld.part2.rar 2013-12-01 19:47 - 2013-12-01 19:42 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part07.rar 2013-12-01 19:46 - 2013-12-01 19:43 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part12.rar 2013-12-01 19:46 - 2013-12-01 19:43 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part09.rar 2013-12-01 19:46 - 2013-12-01 19:42 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part05.rar 2013-12-01 19:45 - 2013-12-01 19:42 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part01.rar 2013-12-01 19:44 - 2013-12-01 19:42 - 107000000 _____ C:\Users\*****\Downloads\SRis21GBRA3XM.part06.rar 2013-12-01 17:08 - 2012-12-28 15:10 - 00001908 _____ C:\Windows\diagwrn.xml 2013-12-01 17:08 - 2012-12-28 15:10 - 00001908 _____ C:\Windows\diagerr.xml 2013-12-01 17:06 - 2013-12-01 17:05 - 00000000 ___HD C:\$WINDOWS.~BT 2013-12-01 17:05 - 2013-07-21 10:37 - 00000000 _____ C:\Windows\setuperr.log 2013-12-01 16:45 - 2013-12-01 16:16 - 804946521 _____ C:\Users\*****\Downloads\FroRusWthL.part1.rar 2013-12-01 16:42 - 2013-12-01 16:16 - 803894836 _____ C:\Users\*****\Downloads\FroRusWthL.part2.rar 2013-12-01 16:21 - 2013-12-01 16:20 - 60337803 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part36.rar 2013-12-01 16:19 - 2013-12-01 16:11 - 1032666462 _____ C:\Users\*****\Downloads\HMitSafFot.rar 2013-11-29 19:48 - 2013-11-29 19:48 - 41971440 _____ C:\Users\*****\Downloads\gemini2-510-dm800-20100721145005.nfi (3).zip 2013-11-29 16:22 - 2012-08-28 22:38 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3754388793-1346805017-1485128776-1001 2013-11-29 16:21 - 2013-11-29 16:18 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part35.rar 2013-11-29 16:21 - 2013-11-29 16:17 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part34.rar 2013-11-29 16:21 - 2013-11-29 16:17 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part33.rar 2013-11-29 16:20 - 2013-11-29 16:15 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part31.rar 2013-11-29 16:19 - 2013-11-29 16:16 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part32.rar 2013-11-29 16:18 - 2013-11-29 16:11 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part30.rar 2013-11-29 16:18 - 2013-11-29 16:11 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part29.rar 2013-11-29 16:18 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part27.rar 2013-11-29 16:18 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part26.rar 2013-11-29 16:18 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part25.rar 2013-11-29 16:18 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part24.rar 2013-11-29 16:17 - 2013-11-29 16:10 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part28.rar 2013-11-29 16:17 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part22.rar 2013-11-29 16:15 - 2013-11-29 16:09 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part23.rar 2013-11-29 16:15 - 2013-11-29 16:07 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part21.rar 2013-11-29 16:11 - 2013-11-29 16:03 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part20.rar 2013-11-29 16:11 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part18.rar 2013-11-29 16:10 - 2013-11-29 16:03 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part19.rar 2013-11-29 16:10 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part16.rar 2013-11-29 16:10 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part14.rar 2013-11-29 16:10 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part12.rar 2013-11-29 16:09 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part17.rar 2013-11-29 16:09 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part15.rar 2013-11-29 16:09 - 2013-11-29 16:02 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part13.rar 2013-11-29 16:07 - 2013-11-29 16:01 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part11.rar 2013-11-29 16:03 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part09.rar 2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part08.rar 2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part06.rar 2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part04.rar 2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part03.rar 2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part02.rar 2013-11-29 16:02 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part01.rar 2013-11-29 16:01 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part10.rar 2013-11-29 16:01 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part07.rar 2013-11-29 16:01 - 2013-11-29 15:54 - 111111111 _____ C:\Users\*****\Downloads\W81.x64.9600.DEU.MSDN.2707227.part05.rar 2013-11-29 15:30 - 2013-11-29 15:30 - 00001458 _____ C:\Windows\PFRO.log 2013-11-29 15:08 - 2013-11-29 12:41 - 00004740 _____ C:\Users\*****\Desktop\Rkill.txt 2013-11-29 14:58 - 2013-11-29 14:58 - 00014021 _____ C:\ComboFix.txt 2013-11-29 14:58 - 2013-11-29 12:42 - 00000000 ____D C:\Qoobox 2013-11-29 14:58 - 2012-07-26 06:37 - 00000000 ___RD C:\Users\Default 2013-11-29 14:52 - 2013-11-29 12:42 - 00000000 ____D C:\Windows\erdnt 2013-11-29 14:51 - 2012-07-26 06:26 - 00000215 _____ C:\Windows\system.ini 2013-11-29 12:41 - 2013-11-29 12:41 - 01059064 _____ (Bleeping Computer, LLC) C:\Users\*****\Desktop\rkill64.exe 2013-11-29 12:41 - 2013-11-29 12:41 - 00000000 ____D C:\Users\*****\Desktop\rkill 2013-11-29 12:40 - 2013-11-29 12:40 - 05150163 ____R (Swearware) C:\Users\*****\Desktop\ComboFix.exe 2013-11-29 12:40 - 2013-11-29 12:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\*****\Downloads\rkill.exe 2013-11-29 12:40 - 2013-11-29 12:40 - 01937144 _____ (Bleeping Computer, LLC) C:\Users\*****\Desktop\rkill.exe 2013-11-29 12:40 - 2013-11-29 12:39 - 05150163 _____ (Swearware) C:\Users\*****\Downloads\ComboFix.exe 2013-11-29 12:31 - 2013-11-29 12:31 - 00000000 ____D C:\Users\*****\Downloads\RootkitRevealer 2013-11-29 12:30 - 2013-11-29 12:30 - 00231390 _____ C:\Users\*****\Downloads\RootkitRevealer.zip 2013-11-29 12:23 - 2013-11-29 12:23 - 00001907 _____ C:\Users\*****\Downloads\02.vbs 2013-11-29 12:19 - 2013-11-29 12:19 - 00001186 _____ C:\Users\*****\Desktop\AIDA64 Engineer.lnk 2013-11-29 12:19 - 2013-11-29 12:19 - 00000000 ____D C:\Program Files (x86)\FinalWire 2013-11-29 12:18 - 2013-11-29 12:18 - 00000000 ____D C:\Users\*****\Downloads\AA644.00.2700 2013-11-29 12:17 - 2013-11-29 12:17 - 48071965 _____ C:\Users\*****\Downloads\AA644.00.2700.rar 2013-11-29 12:12 - 2013-11-29 12:12 - 00001966 _____ C:\Users\*****\Downloads\01.vbs 2013-11-29 11:51 - 2013-11-29 11:51 - 00000000 ____D C:\Program Files (x86)\Belarc 2013-11-29 11:50 - 2013-11-29 11:49 - 03197352 _____ C:\Users\*****\Downloads\advisorinstaller.exe 2013-11-29 11:20 - 2013-11-29 11:20 - 00000000 ____D C:\ProgramData\Microsoft Toolkit 2013-11-29 11:19 - 2013-11-29 11:19 - 35890436 _____ C:\Users\*****\Downloads\Microsoft.Kekskit.250BETA1.rar 2013-11-29 10:53 - 2013-11-29 10:53 - 00005593 _____ C:\Users\*****\Downloads\wpkey_v1.4.7d (1).zip 2013-11-29 10:53 - 2013-11-29 10:53 - 00000000 ____D C:\Users\*****\Downloads\wpkey_v1.4.7d (1) 2013-11-29 09:52 - 2013-11-29 09:52 - 00009273 _____ C:\Users\*****\Downloads\Gbox Key Files 25.11.2013.rar 2013-11-29 09:51 - 2013-11-29 09:51 - 00320666 _____ C:\Users\*****\Downloads\SoftCam_Editor.zip 2013-11-28 22:46 - 2013-11-28 22:46 - 02157971 _____ C:\Users\*****\Downloads\HDD 1018.pdf.zip 2013-11-28 20:06 - 2013-01-06 20:53 - 00000000 ____D C:\Users\*****\AppData\Roaming\TeamViewer 2013-11-28 17:29 - 2013-11-28 17:29 - 00000000 ____D C:\Users\*****\Downloads\gbox.net.git806 2013-11-28 16:30 - 2013-11-28 16:30 - 01569767 _____ C:\Users\*****\Downloads\gbox.net.git806.rar 2013-11-28 16:30 - 2013-11-28 16:30 - 00284885 _____ C:\Users\*****\Downloads\dbox2-gbox.net.git806.geshrinkt.rar 2013-11-28 16:30 - 2013-11-28 16:30 - 00284885 _____ C:\Users\*****\Downloads\dbox2-gbox.net.git806.geshrinkt (1).rar 2013-11-27 19:26 - 2013-05-15 18:05 - 00004088 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001UA1ce518e6ecec2ba 2013-11-27 19:26 - 2013-05-15 18:05 - 00003708 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3754388793-1346805017-1485128776-1001Core1ce518e6da097c5 2013-11-27 10:49 - 2013-11-27 10:49 - 00140826 _____ C:\Users\*****\Downloads\Kryptoanalyse_des_Premiere_NDS_Verschluesselungssystem.zip 2013-11-27 10:40 - 2013-11-27 10:40 - 00479365 _____ C:\Users\*****\Downloads\CSA-Rainbow-Table-Tool_V2.02_package.zip 2013-11-27 10:40 - 2013-11-27 10:40 - 00160493 _____ C:\Users\*****\Downloads\ChainAuthor.map 2013-11-27 10:40 - 2013-11-27 10:40 - 00160493 _____ C:\Users\*****\Downloads\ChainAuthor (1).map 2013-11-26 20:49 - 2013-04-12 13:47 - 00000000 ____D C:\Users\*****\Downloads\OTLPENet 2013-11-26 14:32 - 2013-11-26 14:32 - 01722190 _____ C:\Users\*****\Downloads\Anleitungen_Duck-Trick_Image (1).zip Some content of TEMP: ==================== C:\Users\*****\AppData\Local\temp\GLB1A2B.EXE C:\Users\*****\AppData\Local\temp\pyl1D11.tmp.exe C:\Users\*****\AppData\Local\temp\pylBEBC.tmp.exe C:\Users\*****\AppData\Local\temp\Quarantine.exe C:\Users\*****\AppData\Local\temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-12-18 16:03 ==================== End Of Log ============================ |
26.12.2013, 13:29 | #3 | ||
| LOG Auswertung, Keine Office Updates, Fragmente BKA TrojanerZitat:
MBAM Pro LOG Zitat:
|
10.01.2014, 23:23 | #4 | |
/// the machine /// TB-Ausbilder | LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner hi, Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu LOG Auswertung, Keine Office Updates, Fragmente BKA Trojaner |
7-zip, adobe reader xi, desktop, error, excel, fehler, firefox, flash player, format, google, homepage, iexplore.exe, install.exe, internet, internet explorer, logfile, mozilla, registry, richtlinie, rundll, security, software, svchost.exe, system, tcp, total commander, trojaner, updates, usb, version., windows |