| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Rechner verschickt E-MailsWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
16.06.2014, 14:03
| #1 |
| |  Windows 7: Rechner verschickt E-Mails Hallo zusammen, in einem meiner Postkörbe fanden sich heute dutzende Bounce-Mails, die den Eindruck erwecken, dass von meinem Rechner aus E-Mails in alle Himmelrichtungen verschickt wurden. Dabei wurde nicht/nicht nur die Kontaktliste benutzt, sondern auch mir völlig unbekannte Adressaten. Der Inhalt der Mail ist jener einer Mail eines anderen E-Mail-Postfaches von mir -> daher vermute ich, dass nicht der Server gehighjackt wurde, sondern mein Rechner. Ich hoffe, ich habe mich soweit verständlich ausgedrückt :-/ Hier nun meine Logfiles. Da es mit bei Avira Antivir nicht möglich war, die Ereignisse zu exportieren (scheint ein Win7-Antivir-Problem zu sein), habe ich mir jede einzelne Fundmeldung anzeigen lassen und die einzelnen Meldungen in einer Text-Datei zusammengefasst. edit: und leider wird der Text zu lang, daher muss ich Logfiles anhängen :-/ Antivir: Code:
ATTFilter 20.05.2014
In der Datei 'D:\simplemail\attachments\1400566513044\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
In der Datei 'D:\simplemail\attachments\1400566512495\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
In der Datei 'D:\simplemail\attachments\1400566512072\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
Die Datei 'D:\simplemail\attachments\1400566512495\Rechnung.zip'
enthielt einen Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic].
Durchgeführte Aktion(en):
Der Fund wurde als verdächtig eingestuft.
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4d614287.qua' verschoben!
Die Datei 'D:\simplemail\attachments\1400566512072\Rechnung.zip'
enthielt einen Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic].
Durchgeführte Aktion(en):
Der Fund wurde als verdächtig eingestuft.
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '55f66d20.qua' verschoben!
In der Datei 'D:\simplemail\attachments\1400566512072\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400566512072\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
In der Datei 'D:\simplemail\attachments\1400566513044\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400566512495\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400566512495\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
In der Datei 'D:\simplemail\attachments\1400616406345\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
In der Datei 'D:\simplemail\attachments\1400616406345\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400616406345\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
21.05.2014
In der Datei 'D:\simplemail\attachments\1400689299620\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
Die Datei 'D:\simplemail\attachments\1400689299620\Rechnung.zip'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.Xpack.67231' [trojan].
Durchgeführte Aktion(en):
Der Fund wurde als verdächtig eingestuft.
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5be04df9.qua' verschoben!
In der Datei 'D:\simplemail\attachments\1400689299620\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400689299620\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
In der Datei 'D:\simplemail\attachments\1400689299620\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400689299620\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400689299620\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
22.05.2014
In der Datei 'D:\simplemail\attachments\1400765653685\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
In der Datei 'D:\simplemail\attachments\1400765653685\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400765653685\Rechnung.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400776194437\Fin_report_2205.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
Die Datei 'D:\simplemail\attachments\1400776194437\Fin_report_2205.zip'
enthielt einen Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic].
Durchgeführte Aktion(en):
Der Fund wurde als verdächtig eingestuft.
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5b5fb580.qua' verschoben!
In der Datei 'D:\simplemail\attachments\1400776194437\Fin_report_2205.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'D:\simplemail\attachments\1400776194437\Fin_report_2205.zip'
wurde ein Virus oder unerwünschtes Programm 'HIDDENEXT/Worm.Gen' [heuristic] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
10.06.2014
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Übergeben an Scanner
Die Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
enthielt einen Virus oder unerwünschtes Programm 'Adware/InstallCore.A.528' [adware].
Durchgeführte Aktion(en):
Die Datei wurde ignoriert.
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
11.06.2014
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
12.06.2014
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
Die Datei 'C:\Users\Abalone\Downloads\scp-087-1.0.exe'
enthielt einen Virus oder unerwünschtes Programm 'Adware/InstallCore.A.528' [adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '520dddff.qua' verschoben!
In der Datei 'C:\Users\Abalone\AppData\Local\Temp\ICReinstall_scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\AppData\Local\Temp\ICReinstall_scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\AppData\Local\Temp\ICReinstall_scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\AppData\Local\Temp\ICReinstall_scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff verweigern
In der Datei 'C:\Users\Abalone\AppData\Local\Temp\ICReinstall_scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
In der Datei 'C:\Users\Abalone\AppData\Local\Temp\ICReinstall_scp-087-1.0.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.A.528' [adware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
Die Datei 'C:\Users\Abalone\AppData\Local\Temp\ICReinstall_scp-087-1.0.exe'
enthielt einen Virus oder unerwünschtes Programm 'Adware/InstallCore.A.528' [adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5bf31e45.qua' verschoben!
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 13:49 on 16/06/2014 (Abalone)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by Abalone (administrator) on ELPARADISO on 16-06-2014 13:50:54
Running from C:\Users\Abalone\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(iZ3D Inc.) C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Valve Corporation) D:\Spiele\Steam\Steam.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Jing\Jing.exe
(Barracuda Networks, Inc.) C:\Users\Abalone\AppData\Roaming\Copy\CopyAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\realplay.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Abalone\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(iZ3D Inc.) C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [61440 2006-09-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-10] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [RealTray] => C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe [26112 2013-12-24] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [Copy] => C:\Users\Abalone\AppData\Roaming\Copy\CopyAgent.exe [15368336 2014-06-11] (Barracuda Networks, Inc.)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [Google Update] => C:\Users\Abalone\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-30] (Google Inc.)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [Steam] => D:\Spiele\Steam\steam.exe [1753280 2014-06-10] (Valve Corporation)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [Jing] => C:\Program Files (x86)\TechSmith\Jing\Jing.exe [2909640 2013-01-07] (TechSmith Corporation)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [Copy] => C:\Users\Abalone\AppData\Roaming\Copy\CopyAgent.exe [15368336 2014-06-11] (Barracuda Networks, Inc.)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [Monotype SkyFonts System Extension] => C:\Program Files\Monotype\SkyFonts\SkyFonts.exe [1124144 2014-05-30] (Monotype Inc.)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\MountPoints2: {4f347f58-eac7-11e2-9781-50465da085f7} - H:\iLinker.exe
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\MountPoints2: {5092de3e-cfa5-11e2-a75b-806e6f6e6963} - E:\pcwstart.exe
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\MountPoints2: {8a0e71d7-f274-11e1-84be-bc5ff41ba15c} - G:\pushinst.exe
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\MountPoints2: {f9b69591-a272-11e2-80ca-bc5ff41ba15c} - F:\pushinst.exe
Startup: C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Abalone\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x38E55447F759CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default
FF Homepage: hxxp://apod.nasa.gov/apod/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1))%20%7B%20return%20'PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "http", "130.92.70.252"
FF NetworkProxy: "http_port", 3124
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Abalone\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Abalone\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Abalone\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Simple Mail - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\simplemail@telega.phpnet.us [2014-05-11]
FF Extension: FireShot - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-06-04]
FF Extension: Add to Amazon Wish List Button - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\amznUWL2@amazon.com.xpi [2013-10-19]
FF Extension: Firebug - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\firebug@software.joehewitt.com.xpi [2012-07-01]
FF Extension: Ghostery - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\firefox@ghostery.com.xpi [2013-08-17]
FF Extension: Imgur Uploader - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\giorgio@gilestro.tk.xpi [2013-10-14]
FF Extension: Good Website Inspector - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\gwif-quality@goodwebsiteinspector.com.xpi [2012-07-01]
FF Extension: YouTube HTML5-Video - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\jid0-MXvUXM1npF7yTcY3bpZVht72AR4@jetpack.xpi [2013-06-11]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-06-21]
FF Extension: Pin It button - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\pinterest@robertnyman.com.xpi [2014-04-03]
FF Extension: Rehost Image - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\rehostimage@engy.us.xpi [2012-07-01]
FF Extension: SQLite Manager - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2013-06-12]
FF Extension: Tab Improvement Lite - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\tabimprovelite@mozillaonline.com.xpi [2013-06-11]
FF Extension: Thumbnail Zoom Plus - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-04-19]
FF Extension: YSlow - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\yslow@yahoo-inc.com.xpi [2012-07-01]
FF Extension: FireFTP - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2012-07-01]
FF Extension: IMDB Search - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{c4080853-c699-4120-b8e0-618bff8a4474}.xpi [2014-04-05]
FF Extension: Adblock Plus - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-28]
FF Extension: Download Statusbar - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-06-11]
FF Extension: DownThemAll! - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-06-11]
FF Extension: Greasemonkey - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-26]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "hxxp://apod.nasa.gov/apod/", "hxxp://www.sommerboard.de/", "https://mail.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Users\Abalone\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Abalone\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Abalone\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Abalone\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Turn Off the Lights) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2012-06-30]
CHR Extension: (YouTube) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-30]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2012-06-30]
CHR Extension: (Auf den Amazon-Wunschzettel) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2012-06-30]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2012-06-30]
CHR Extension: (Google-Suche) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-30]
CHR Extension: (Pixlr-o-matic) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2012-06-30]
CHR Extension: (backgroundPage) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-06-11]
CHR Extension: (Google Kalender) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2012-06-30]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2012-06-30]
CHR Extension: (Stylish) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2012-06-30]
CHR Extension: (AdBlock) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-06-30]
CHR Extension: (Save in Delicious) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjeaeddhdjejgdemcpdphakdohfbcnhe [2012-06-30]
CHR Extension: (Hola Besseres Internet) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2013-01-25]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2012-08-22]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-28]
CHR Extension: (Bitly | Unleash the power of the link) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2012-06-30]
CHR Extension: (Alexa Toolbar Creator) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\iahagolkpaghhinaljhjihagjgomdokb [2012-07-10]
CHR Extension: (Send to Kindle (by Klip.me)) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan [2012-06-30]
CHR Extension: (Downloads) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2012-06-30]
CHR Extension: (Shareaholic für Google Chrome) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2012-06-30]
CHR Extension: (Facebook Comment Fixer) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\khdlojihdalnfgigbcelkikecggllnlm [2012-06-30]
CHR Extension: (QUOTE.fm) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\lckmlcndmcgiemfoninonlmljcmokopk [2012-06-30]
CHR Extension: (Google Mail-Checker) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2012-06-30]
CHR Extension: (Jolidrive New Tab Page) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnohghiikijhpodcbmoephocdbjlmdhe [2013-03-14]
CHR Extension: (Erweiterung \) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2012-06-30]
CHR Extension: (Google Wallet) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-03]
CHR Extension: (Google Reader) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm [2012-08-30]
CHR Extension: (Google Mail) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-30]
CHR StartMenuInternet: Google Chrome - C:\Users\Abalone\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-08] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400 2006-09-14] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-01-08] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-01-01] ()
R2 S3DSvc32; C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe [357888 2011-06-16] (iZ3D Inc.) [File not signed]
R2 S3DSvc64; C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe [477696 2011-06-16] (iZ3D Inc.) [File not signed]
S2 SkyFontsService; C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [35120 2014-05-30] (Monotype Inc.)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-12] (VIA Technologies, Inc.)
S3 DAUpdaterSvc; D:\Spiele\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) [File not signed]
S3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
S1 hwinterface; C:\Windows\SysWOW64\Drivers\hwinterface.sys [3026 2014-06-15] (Logix4u) [File not signed]
R1 iZ3DInjectionDriver; C:\Program Files (x86)\iZ3D Driver\Win64\S3DInjectionDriver.sys [43704 2011-06-16] ()
R0 iZ3DShutterService; C:\Windows\System32\Drivers\iZ3DShutterService.sys [17464 2011-06-16] (iZ3D Inc.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 PAC207; C:\Windows\SysWOW64\DRIVERS\PFC027.SYS [162304 2005-05-27] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-16 13:50 - 2014-06-16 13:51 - 00031227 _____ () C:\Users\Abalone\Desktop\FRST.txt
2014-06-16 13:50 - 2014-06-16 13:50 - 00000000 ____D () C:\FRST
2014-06-16 13:49 - 2014-06-16 13:49 - 00000476 _____ () C:\Users\Abalone\Desktop\defogger_disable.log
2014-06-16 13:49 - 2014-06-16 13:49 - 00000000 _____ () C:\Users\Abalone\defogger_reenable
2014-06-16 13:44 - 2014-06-16 13:44 - 02081280 _____ (Farbar) C:\Users\Abalone\Desktop\FRST64.exe
2014-06-16 13:43 - 2014-06-16 13:43 - 00050477 _____ () C:\Users\Abalone\Desktop\Defogger.exe
2014-06-15 19:52 - 2014-06-15 19:52 - 02276799 _____ () C:\Users\Abalone\Downloads\MCPatcher 1.7.4.exe
2014-06-15 19:33 - 2014-06-15 19:34 - 19485429 _____ () C:\Users\Abalone\Downloads\[1.7]DokuCraft-TSC-Adrundaal.zip
2014-06-15 12:09 - 2014-06-15 14:41 - 00003026 _____ (Logix4u) C:\Windows\SysWOW64\Drivers\hwinterface.sys
2014-06-15 12:08 - 2014-06-15 18:23 - 00000000 ____D () C:\Users\Abalone\Downloads\Magician_v1.6.13-u2
2014-06-15 12:00 - 2014-06-15 12:01 - 17818056 _____ () C:\Users\Abalone\Downloads\Magician_v1.6.13-u2.zip
2014-06-13 17:12 - 2014-06-13 17:12 - 00000000 ____D () C:\Users\Abalone\Downloads\Header_alle
2014-06-13 17:11 - 2014-06-13 17:11 - 03021206 _____ () C:\Users\Abalone\Downloads\Header_alle.zip
2014-06-13 09:41 - 2014-06-13 09:41 - 00012909 _____ () C:\Users\Abalone\Downloads\Kopie Kontakte-ABI-Feier_2014_06.06.14.xlsx
2014-06-12 18:33 - 2014-06-12 18:33 - 00000218 _____ () C:\Users\Abalone\AppData\Local\recently-used.xbel
2014-06-12 18:31 - 2014-06-12 18:31 - 00000000 ____D () C:\Users\Abalone\Downloads\justvector
2014-06-12 18:30 - 2014-06-12 18:30 - 01125580 _____ () C:\Users\Abalone\Downloads\justvector.zip
2014-06-12 15:14 - 2014-06-12 15:14 - 00009085 _____ () C:\Users\Abalone\Downloads\smartcities_registration(5).csv
2014-06-12 09:20 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Adobe
2014-06-12 08:45 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 08:45 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 08:45 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 08:45 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 08:45 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 08:45 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 08:45 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 08:45 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 08:45 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 08:45 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 08:45 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 08:45 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 08:45 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 08:45 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 08:45 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 08:45 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 08:45 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-12 08:44 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 08:44 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 08:44 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 08:44 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 08:44 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 08:44 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 08:44 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 08:44 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 08:44 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 08:44 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 08:44 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 08:44 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 08:44 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 08:44 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 08:44 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 08:44 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 08:44 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 08:44 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 08:44 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 08:44 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 08:44 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 08:44 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 08:44 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 08:44 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 08:44 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 08:44 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 08:44 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 08:44 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 08:44 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 08:44 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 08:44 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 08:44 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 08:44 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 08:44 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 08:44 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 08:44 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 08:44 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 08:44 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 08:44 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 08:44 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 08:44 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 08:44 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 08:44 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 08:44 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 08:44 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 08:44 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 08:44 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 08:44 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 17:21 - 2014-06-11 17:21 - 00000000 ____D () C:\Users\Abalone\Downloads\Simple-jQuery-Responsive-Image-Zoom-Plugin-Smoothzoom
2014-06-11 17:20 - 2014-06-11 17:20 - 00792988 _____ () C:\Users\Abalone\Downloads\Simple-jQuery-Responsive-Image-Zoom-Plugin-Smoothzoom.zip
2014-06-10 15:19 - 2014-06-10 15:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\Abalone\Downloads\SCP 087 - CHIP-Installer.exe
2014-06-10 15:18 - 2014-06-10 15:18 - 32716585 _____ () C:\Users\Abalone\Downloads\scp-087-1.0 [1].exe
2014-06-10 15:16 - 2014-06-10 15:17 - 00001079 _____ () C:\Users\Abalone\Desktop\Die Installation von SCP-087 1.0 fortsetzen.lnk
2014-06-10 14:43 - 2014-06-10 14:50 - 00000000 ____D () C:\Users\Abalone\Documents\Witcher 2
2014-06-10 14:43 - 2014-06-10 14:43 - 00000000 ____D () C:\Users\Abalone\AppData\Local\The Witcher 2
2014-06-10 14:03 - 2014-06-10 14:03 - 00008774 _____ () C:\Users\Abalone\Downloads\smartcities_registration(4).csv
2014-06-07 21:45 - 2014-06-07 21:45 - 00000000 ____D () C:\Users\Abalone\Downloads\G-B-E
2014-06-07 21:45 - 2014-06-07 21:45 - 00000000 ____D () C:\Users\Abalone\Downloads\Antiserum-Adventuremap-1-6
2014-06-07 21:43 - 2014-06-07 21:43 - 15238411 _____ () C:\Users\Abalone\Downloads\Antiserum-Adventuremap-1-6.zip
2014-06-07 21:42 - 2014-06-07 21:42 - 01512696 _____ () C:\Users\Abalone\Downloads\G-B-E.zip
2014-06-07 21:16 - 2014-06-07 21:22 - 00000000 ____D () C:\Users\Abalone\Downloads\Gestrandeter
2014-06-07 20:52 - 2014-06-07 20:52 - 00004742 _____ () C:\Users\Abalone\Downloads\Gestrandeter.zip
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Pixlromatic
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixlr
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Program Files (x86)\Pixlr
2014-06-06 13:03 - 2014-06-06 13:03 - 00000000 ____D () C:\Users\Abalone\AppData\Local\DeadMansDraw
2014-06-06 11:06 - 2014-06-06 11:24 - 00000000 ____D () C:\Users\Abalone\Downloads\Unbenannt
2014-06-06 11:06 - 2014-06-06 11:06 - 00118912 _____ () C:\Users\Abalone\Downloads\Unbenannt.zip
2014-06-04 17:44 - 2014-06-04 17:44 - 00008178 _____ () C:\Users\Abalone\Downloads\smartcities_registration(3).csv
2014-06-04 16:18 - 2014-06-04 16:18 - 00007248 _____ () C:\Users\Abalone\Desktop\here360text.txt
2014-06-04 16:15 - 2014-06-04 16:15 - 00003848 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1399880484
2014-06-03 16:04 - 2014-06-03 16:42 - 00004277 _____ () C:\Users\Abalone\Desktop\test.html
2014-06-02 11:02 - 2014-06-02 11:02 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Blizzard
2014-06-02 10:30 - 2014-06-02 10:30 - 00000755 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-06-02 10:30 - 2014-06-02 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-06-02 10:14 - 2014-06-06 18:30 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Battle.net
2014-06-02 10:14 - 2014-06-02 10:59 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Battle.net
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Blizzard Entertainment
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-02 10:07 - 2014-06-02 10:07 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-02 10:06 - 2014-06-02 10:06 - 03099552 _____ (Blizzard Entertainment) C:\Users\Abalone\Downloads\Hearthstone-Setup-deDE.exe
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Sils_ArgoBodies_BH
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Master_Head_Pack_X
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Bravo's Argonians v1.1
2014-06-01 20:30 - 2014-06-01 20:30 - 02076003 _____ () C:\Users\Abalone\Downloads\Bravo's Argonians v1.1.rar
2014-06-01 20:29 - 2014-06-01 20:30 - 01709055 _____ () C:\Users\Abalone\Downloads\Sils_ArgoBodies_BH.rar
2014-06-01 20:18 - 2014-06-01 20:21 - 75972498 _____ () C:\Users\Abalone\Downloads\Master_Head_Pack_X.7z
2014-06-01 16:15 - 2014-06-01 16:15 - 00003970 _____ () C:\Users\Abalone\Downloads\smartcities_registration(2).csv
2014-05-31 20:28 - 2014-05-31 20:28 - 00000000 ____D () C:\Users\Abalone\Downloads\Weapon_Sheaths_Ultimate
2014-05-31 20:27 - 2014-05-31 20:27 - 01429728 _____ () C:\Users\Abalone\Downloads\Weapon_Sheaths_Ultimate.rar
2014-05-30 19:44 - 2014-05-30 19:44 - 00424946 _____ () C:\Users\Abalone\Downloads\BMW Formation - Piwik › Web Analytik Berichte.htm
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Abalone\Downloads\BMW Formation - Piwik › Web Analytik Berichte-Dateien
2014-05-30 17:25 - 2014-06-01 22:35 - 00000304 _____ () C:\Warnings.txt
2014-05-30 14:47 - 2014-05-30 14:47 - 00002622 _____ () C:\Users\Abalone\Downloads\smartcities_registration(1).csv
2014-05-30 14:46 - 2014-05-30 14:46 - 00002622 _____ () C:\Users\Abalone\Downloads\smartcities_registration.csv
2014-05-30 10:03 - 2014-05-30 10:03 - 00258220 _____ () C:\Users\Abalone\Downloads\flexnav-master.zip
2014-05-30 10:03 - 2014-05-30 10:03 - 00000000 ____D () C:\Users\Abalone\Downloads\flexnav-master
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_woodelves_1.0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_Imperial_1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_breton_1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_redg_heads1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_highelf_heads_f_1_0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_dunmer_faces1_0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_orc_f_heads1
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_nord_heads_1_1
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_Imp_headp2
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_highelf2
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\emma_bret_heads3
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_bret_headp2
2014-05-29 21:56 - 2014-05-29 21:56 - 01076172 _____ () C:\Users\Abalone\Downloads\Emmas_highelf_heads_f_1_0.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00930411 _____ () C:\Users\Abalone\Downloads\Emmas_redg_heads1_0b.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00919166 _____ () C:\Users\Abalone\Downloads\Emmasheads_breton_1_0b.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00595982 _____ () C:\Users\Abalone\Downloads\Emmasheads_Imperial_1_0b.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 02201763 _____ () C:\Users\Abalone\Downloads\Emma_nord_heads_1_1.7z
2014-05-29 21:55 - 2014-05-29 21:55 - 01438432 _____ () C:\Users\Abalone\Downloads\Emma_bret_headp2.rar
2014-05-29 21:55 - 2014-05-29 21:55 - 01212278 _____ () C:\Users\Abalone\Downloads\Emmasheads_woodelves_1.0.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 01211116 _____ () C:\Users\Abalone\Downloads\Emma_Imp_headp2.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 01015770 _____ () C:\Users\Abalone\Downloads\Emmas_dunmer_faces1_0.zip
2014-05-29 21:54 - 2014-05-29 21:54 - 02095007 _____ () C:\Users\Abalone\Downloads\Emma_highelf2.rar
2014-05-29 21:54 - 2014-05-29 21:54 - 01292554 _____ () C:\Users\Abalone\Downloads\Emma_orc_f_heads1.rar
2014-05-29 21:53 - 2014-05-29 21:53 - 02021963 _____ () C:\Users\Abalone\Downloads\emma_bret_heads3.rar
2014-05-29 21:27 - 2014-05-29 21:44 - 00000000 ____D () C:\Users\Abalone\Downloads\CoM_Fix_v1
2014-05-29 21:27 - 2014-05-29 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\COM_ver2_0
2014-05-29 21:25 - 2014-05-29 21:25 - 00002520 _____ () C:\Users\Abalone\Downloads\CoM_Fix_v1.rar
2014-05-29 21:22 - 2014-05-29 21:24 - 68478871 _____ () C:\Users\Abalone\Downloads\COM_ver2_0.7z
2014-05-29 19:36 - 2014-05-29 19:36 - 00000000 ____D () C:\Users\Abalone\Downloads\dogs_of_morrowind
2014-05-29 17:45 - 2014-05-29 17:45 - 00010408 _____ () C:\Users\Abalone\Downloads\BSA unpacker-12189.7z
2014-05-29 17:45 - 2014-05-29 17:45 - 00000000 ____D () C:\Users\Abalone\Downloads\BSA unpacker-12189
2014-05-29 17:19 - 2014-05-29 17:19 - 00330820 _____ () C:\Users\Abalone\Downloads\CargoStridersBeta.zip
2014-05-29 17:11 - 2014-05-29 17:11 - 00236301 _____ () C:\Users\Abalone\Downloads\Fireflies Invade Morrowind v1.zip
2014-05-29 15:30 - 2014-05-29 15:30 - 00000000 ____D () C:\Users\Abalone\Downloads\abotWhereAreAllBirdsGoing116
2014-05-29 15:28 - 2014-05-29 15:28 - 02557485 _____ () C:\Users\Abalone\Downloads\abotWhereAreAllBirdsGoing116.zip
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind_Advanced_182
2014-05-29 13:32 - 2014-05-29 13:33 - 08160097 _____ () C:\Users\Abalone\Downloads\Morrowind_Advanced_182.7z
2014-05-29 11:24 - 2014-05-29 11:24 - 00013873 _____ () C:\Users\Abalone\Downloads\morrowind_projectiles (1).zip
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_talrivian
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_service
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_projectiles
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_daggerbooks
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_btb
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_advanced
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\firemoth1.1
2014-05-27 23:45 - 2014-05-27 23:45 - 00000000 ____D () C:\Users\Abalone\Downloads\Don Salus Faces V.3
2014-05-27 23:43 - 2014-05-27 23:43 - 00000000 ____D () C:\Users\Abalone\Downloads\Don_Salus's_Faces_V1.0
2014-05-27 23:43 - 2014-05-27 23:43 - 00000000 ____D () C:\Users\Abalone\Downloads\Don Salus Faces V.2
2014-05-27 23:42 - 2014-05-27 23:42 - 00000000 ____D () C:\Users\Abalone\Downloads\Zul_Redguards_Women__Faces_v10
2014-05-27 23:40 - 2014-05-27 23:40 - 03760922 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_3.ace
2014-05-27 23:38 - 2014-05-27 23:38 - 03792867 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_1.ace
2014-05-27 23:38 - 2014-05-27 23:38 - 01206501 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_2.ace
2014-05-27 23:36 - 2014-05-27 23:36 - 00639227 _____ () C:\Users\Abalone\Downloads\Zul_Redguards_Women__Faces_v10.7z
2014-05-27 23:07 - 2014-05-27 23:07 - 00000000 ____D () C:\Users\Abalone\Downloads\Corean_Hair_for_all_TESIII_Races
2014-05-27 23:06 - 2014-05-27 23:06 - 13047496 _____ () C:\Users\Abalone\Downloads\Corean_Hair_for_all_TESIII_Races.7z
2014-05-27 13:05 - 2014-05-27 13:05 - 00001991 _____ () C:\Users\Abalone\Desktop\untitled.mcw
2014-05-26 14:20 - 2014-05-26 14:20 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Macaw
2014-05-26 14:18 - 2014-05-26 14:18 - 00000670 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macaw.lnk
2014-05-26 14:18 - 2014-05-26 14:18 - 00000000 ____D () C:\Program Files (x86)\Macaw
2014-05-26 14:13 - 2014-05-26 14:15 - 42344448 _____ () C:\Users\Abalone\Downloads\Macaw1.0.11.msi
2014-05-25 22:03 - 2014-05-25 22:03 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_economy
2014-05-25 21:32 - 2014-05-25 21:32 - 00000000 ____D () C:\Users\Abalone\Downloads\TESC fixed for Morrowind Steam GOTY edition v161820 -- EnglishVersion-42196-1-6-1820
2014-05-25 21:31 - 2014-05-25 21:32 - 07437347 _____ () C:\Users\Abalone\Downloads\TESC fixed for Morrowind Steam GOTY edition v161820 -- EnglishVersion-42196-1-6-1820.zip
2014-05-25 21:27 - 2014-05-25 21:27 - 00001277 _____ () C:\Users\Abalone\Downloads\timemod_0531.zip
2014-05-25 21:27 - 2014-05-25 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\timemod_0531
2014-05-25 20:39 - 2014-05-25 20:39 - 00013873 _____ () C:\Users\Abalone\Downloads\morrowind_projectiles.zip
2014-05-25 20:21 - 2014-05-25 20:21 - 00467884 _____ () C:\Users\Abalone\Downloads\firemoth1.1.zip
2014-05-25 20:17 - 2014-05-25 20:18 - 02140475 _____ () C:\Users\Abalone\Downloads\morrowind_daggerbooks.zip
2014-05-25 20:09 - 2014-05-25 20:09 - 00057102 _____ () C:\Users\Abalone\Downloads\morrowind_advanced.zip
2014-05-25 20:05 - 2014-05-25 20:05 - 00164351 _____ () C:\Users\Abalone\Downloads\morrowind_service.zip
2014-05-25 20:05 - 2014-05-25 20:05 - 00002792 _____ () C:\Users\Abalone\Downloads\morrowind_talrivian.zip
2014-05-25 19:50 - 2014-05-25 19:50 - 00328671 _____ () C:\Users\Abalone\Downloads\morrowind_btb.zip
2014-05-25 14:08 - 2014-05-25 14:08 - 00106281 _____ () C:\Users\Abalone\Downloads\morrowind_economy.zip
2014-05-25 13:49 - 2014-05-25 13:56 - 206983477 _____ () C:\Users\Abalone\Downloads\1920x1200.rar
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\Downloads\siltstridersareinvvardenfell
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\WinRAR
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-25 01:11 - 2014-05-25 01:11 - 01916952 _____ () C:\Users\Abalone\Downloads\winrar-x64-51b4.exe
2014-05-25 01:11 - 2014-05-25 01:11 - 00000000 ____D () C:\Program Files\WinRAR
2014-05-25 01:05 - 2014-05-25 01:05 - 00107345 _____ () C:\Users\Abalone\Downloads\siltstridersareinvvardenfell.ace
2014-05-25 00:17 - 2014-05-25 00:17 - 00011700 _____ () C:\Users\Abalone\Downloads\SkipTutorial1.0.zip
2014-05-25 00:17 - 2014-05-25 00:17 - 00000000 ____D () C:\Users\Abalone\Downloads\SkipTutorial1.0
2014-05-25 00:09 - 2014-05-25 00:09 - 00000000 ____D () C:\Users\Abalone\Downloads\Clean_Chargen_Revamped_v2_3
2014-05-25 00:08 - 2014-05-25 00:08 - 00027206 _____ () C:\Users\Abalone\Downloads\Clean_Chargen_Revamped_v2_3.zip
2014-05-24 23:51 - 2014-05-24 23:51 - 18911147 _____ () C:\Users\Abalone\Downloads\MEL Hair Pack Final-41622.7z
2014-05-24 23:32 - 2014-05-24 23:32 - 00048840 _____ () C:\Users\Abalone\Downloads\MQE Main File 1_1-41337-1-1.rar
2014-05-24 23:13 - 2014-05-24 23:13 - 00000662 _____ () C:\Users\Abalone\Downloads\Lower First Person Sneak Mode-43108-1-0-1.zip
2014-05-24 22:59 - 2014-05-24 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NifTools
2014-05-24 22:59 - 2014-05-24 22:59 - 00000000 ____D () C:\Program Files (x86)\NifTools
2014-05-24 22:57 - 2014-05-24 22:58 - 08631751 _____ () C:\Users\Abalone\Downloads\nifskope-1.1.3.36ebfdd-windows.exe
2014-05-24 22:48 - 2014-05-24 22:53 - 00000000 ____D () C:\Users\Abalone\Downloads\BetterAlmalexia-23388
2014-05-24 22:48 - 2014-05-24 22:48 - 05600778 _____ () C:\Users\Abalone\Downloads\BetterAlmalexia-23388.rar
2014-05-24 22:23 - 2014-05-24 22:23 - 00000000 ____D () C:\Users\Abalone\Downloads\Skinned Hairs for Morrowind-42799-1-0
2014-05-24 22:21 - 2014-05-24 22:21 - 01821509 _____ () C:\Users\Abalone\Downloads\Skinned Hairs for Morrowind-42799-1-0.7z
2014-05-24 22:16 - 2014-05-24 22:23 - 00000000 ____D () C:\Users\Abalone\Downloads\DelayedDBattacks-14891
2014-05-24 22:16 - 2014-05-24 22:16 - 00002991 _____ () C:\Users\Abalone\Downloads\DelayedDBattacks-14891.zip
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 ____D () C:\Users\Abalone\Downloads\Speed and Stamina - Standard-42190-1-0
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 ____D () C:\Users\Abalone\Downloads\16x10 Version-39329-1
2014-05-24 16:00 - 2014-05-24 16:00 - 00001454 _____ () C:\Users\Abalone\Downloads\Speed and Stamina - Standard-42190-1-0.zip
2014-05-24 15:58 - 2014-05-24 16:00 - 56108041 _____ () C:\Users\Abalone\Downloads\16x10 Version-39329-1.zip
2014-05-24 15:40 - 2014-05-24 15:40 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wrye Mash
2014-05-24 15:40 - 2014-05-24 15:40 - 00000000 ____D () C:\Program Files\Bethesda Softworks
2014-05-24 15:39 - 2014-05-24 15:39 - 08038548 _____ () C:\Users\Abalone\Downloads\wrye_mash_84dcg003_install.rar
2014-05-24 15:39 - 2014-05-24 15:39 - 00000000 ____D () C:\Users\Abalone\Downloads\wrye_mash_84dcg003_install
2014-05-24 15:35 - 2014-05-24 15:35 - 00001518 _____ () C:\Users\Abalone\Desktop\Wrye Mash.txt - Verknüpfung.lnk
2014-05-24 15:32 - 2014-05-24 15:32 - 00000000 ____D () C:\Python34
2014-05-24 15:32 - 2014-05-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2014-05-24 15:30 - 2014-05-24 15:31 - 24408064 _____ () C:\Users\Abalone\Downloads\python-3.4.1.msi
2014-05-24 15:27 - 2014-05-24 15:27 - 00000000 ____D () C:\Users\Abalone\Downloads\Wrye Mash 84-27588
2014-05-24 15:26 - 2014-05-24 15:26 - 00747499 _____ () C:\Users\Abalone\Downloads\Wrye Mash 84-27588.zip
2014-05-24 15:15 - 2014-05-24 15:15 - 12012966 _____ () C:\Users\Abalone\Downloads\Divine Dagoth Ur- ddfields update-39431.zip
2014-05-24 15:10 - 2014-05-24 15:10 - 00000000 ____D () C:\Users\Abalone\Downloads\Accurate Attack v1_2-23746
2014-05-24 15:09 - 2014-05-24 15:09 - 00004636 _____ () C:\Users\Abalone\Downloads\Accurate Attack v1_2-23746.rar
2014-05-23 13:18 - 2014-05-24 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morrowind Mod Manager
2014-05-23 13:17 - 2014-05-23 13:17 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind Mod Manager-26260
2014-05-23 13:15 - 2014-05-23 13:15 - 00721497 _____ () C:\Users\Abalone\Downloads\Morrowind Mod Manager-26260.7z
2014-05-23 13:04 - 2014-05-23 13:04 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind Comes Alive-6006-8-0
2014-05-23 13:01 - 2014-05-23 13:02 - 19871102 _____ () C:\Users\Abalone\Downloads\Morrowind Comes Alive-6006-8-0.7z
2014-05-23 12:55 - 2014-05-23 12:55 - 00000000 ____D () C:\Users\Abalone\Downloads\Dwemer Mesh Impr v1-43101-1
2014-05-23 12:53 - 2014-05-23 12:54 - 00439340 _____ () C:\Users\Abalone\Downloads\Dwemer Mesh Impr v1-43101-1.zip
2014-05-22 23:24 - 2014-05-22 23:26 - 50449456 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\dotNetFx40_Full_x86_x64.exe
2014-05-22 23:23 - 2014-05-22 23:23 - 04216840 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\vcredist_x86.exe
2014-05-22 23:20 - 2014-05-22 23:25 - 100271992 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\directx_Jun2010_redist.exe
2014-05-22 23:17 - 2014-05-23 14:49 - 00000000 ____D () C:\Users\Abalone\Downloads\MGSO_3-0_Final
2014-05-22 22:03 - 2014-05-22 23:07 - 1773379811 _____ () C:\Users\Abalone\Downloads\MGSO_3-0_Final.rar
2014-05-22 21:45 - 2014-05-22 21:46 - 05756846 _____ () C:\Users\Abalone\Downloads\TES3OverhaulGer.zip
2014-05-18 10:38 - 2014-05-18 10:38 - 02734592 _____ (Python Software Foundation) C:\Windows\SysWOW64\python34.dll
2014-05-18 10:37 - 2014-05-18 10:37 - 00102912 _____ (Python Software Foundation) C:\Windows\pyw.exe
2014-05-18 10:37 - 2014-05-18 10:37 - 00102400 _____ (Python Software Foundation) C:\Windows\py.exe
==================== One Month Modified Files and Folders =======
2014-06-16 13:51 - 2014-06-16 13:50 - 00031227 _____ () C:\Users\Abalone\Desktop\FRST.txt
2014-06-16 13:51 - 2012-06-30 19:11 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Temp
2014-06-16 13:50 - 2014-06-16 13:50 - 00000000 ____D () C:\FRST
2014-06-16 13:49 - 2014-06-16 13:49 - 00000476 _____ () C:\Users\Abalone\Desktop\defogger_disable.log
2014-06-16 13:49 - 2014-06-16 13:49 - 00000000 _____ () C:\Users\Abalone\defogger_reenable
2014-06-16 13:49 - 2012-06-30 19:11 - 00000000 ____D () C:\Users\Abalone
2014-06-16 13:44 - 2014-06-16 13:44 - 02081280 _____ (Farbar) C:\Users\Abalone\Desktop\FRST64.exe
2014-06-16 13:43 - 2014-06-16 13:43 - 00050477 _____ () C:\Users\Abalone\Desktop\Defogger.exe
2014-06-16 13:30 - 2013-04-06 14:54 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Copy
2014-06-16 13:30 - 2012-07-01 10:42 - 00000000 ____D () C:\Program Files (x86)\HijackThis
2014-06-16 13:18 - 2012-06-30 19:36 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3072619532-3118682878-2417991977-1000UA.job
2014-06-16 13:15 - 2012-10-16 21:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-16 09:18 - 2012-06-30 19:35 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3072619532-3118682878-2417991977-1000Core.job
2014-06-16 08:52 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 08:52 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 08:50 - 2012-07-01 01:06 - 01953268 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 08:48 - 2012-07-01 00:08 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Dropbox
2014-06-16 08:45 - 2014-05-07 09:18 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\DropboxMaster
2014-06-16 08:43 - 2014-02-08 13:04 - 00009421 _____ () C:\Windows\setupact.log
2014-06-16 08:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 23:55 - 2013-12-18 22:41 - 00000000 ____D () C:\Users\Abalone\AppData\Local\The Witcher
2014-06-15 20:52 - 2013-10-13 20:35 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\.minecraft
2014-06-15 19:52 - 2014-06-15 19:52 - 02276799 _____ () C:\Users\Abalone\Downloads\MCPatcher 1.7.4.exe
2014-06-15 19:34 - 2014-06-15 19:33 - 19485429 _____ () C:\Users\Abalone\Downloads\[1.7]DokuCraft-TSC-Adrundaal.zip
2014-06-15 18:23 - 2014-06-15 12:08 - 00000000 ____D () C:\Users\Abalone\Downloads\Magician_v1.6.13-u2
2014-06-15 14:41 - 2014-06-15 12:09 - 00003026 _____ (Logix4u) C:\Windows\SysWOW64\Drivers\hwinterface.sys
2014-06-15 12:01 - 2014-06-15 12:00 - 17818056 _____ () C:\Users\Abalone\Downloads\Magician_v1.6.13-u2.zip
2014-06-15 10:37 - 2014-01-26 16:41 - 00000000 __RHD () C:\Users\Abalone\AppData\Roaming\Monotype
2014-06-14 12:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-13 17:12 - 2014-06-13 17:12 - 00000000 ____D () C:\Users\Abalone\Downloads\Header_alle
2014-06-13 17:11 - 2014-06-13 17:11 - 03021206 _____ () C:\Users\Abalone\Downloads\Header_alle.zip
2014-06-13 11:25 - 2013-11-09 17:59 - 00000084 _____ () C:\Windows\winamp.ini
2014-06-13 09:41 - 2014-06-13 09:41 - 00012909 _____ () C:\Users\Abalone\Downloads\Kopie Kontakte-ABI-Feier_2014_06.06.14.xlsx
2014-06-12 23:34 - 2013-08-14 23:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 23:33 - 2012-06-30 21:36 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 18:33 - 2014-06-12 18:33 - 00000218 _____ () C:\Users\Abalone\AppData\Local\recently-used.xbel
2014-06-12 18:32 - 2014-06-12 09:20 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Adobe
2014-06-12 18:31 - 2014-06-12 18:31 - 00000000 ____D () C:\Users\Abalone\Downloads\justvector
2014-06-12 18:30 - 2014-06-12 18:30 - 01125580 _____ () C:\Users\Abalone\Downloads\justvector.zip
2014-06-12 15:14 - 2014-06-12 15:14 - 00009085 _____ () C:\Users\Abalone\Downloads\smartcities_registration(5).csv
2014-06-12 08:37 - 2012-10-16 21:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 08:37 - 2012-07-03 13:42 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 08:37 - 2012-07-03 13:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 18:37 - 2012-07-01 00:41 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\vlc
2014-06-11 17:21 - 2014-06-11 17:21 - 00000000 ____D () C:\Users\Abalone\Downloads\Simple-jQuery-Responsive-Image-Zoom-Plugin-Smoothzoom
2014-06-11 17:20 - 2014-06-11 17:20 - 00792988 _____ () C:\Users\Abalone\Downloads\Simple-jQuery-Responsive-Image-Zoom-Plugin-Smoothzoom.zip
2014-06-10 15:20 - 2014-06-10 15:19 - 00961360 _____ (Chip Digital GmbH) C:\Users\Abalone\Downloads\SCP 087 - CHIP-Installer.exe
2014-06-10 15:18 - 2014-06-10 15:18 - 32716585 _____ () C:\Users\Abalone\Downloads\scp-087-1.0 [1].exe
2014-06-10 15:17 - 2014-06-10 15:16 - 00001079 _____ () C:\Users\Abalone\Desktop\Die Installation von SCP-087 1.0 fortsetzen.lnk
2014-06-10 14:50 - 2014-06-10 14:43 - 00000000 ____D () C:\Users\Abalone\Documents\Witcher 2
2014-06-10 14:43 - 2014-06-10 14:43 - 00000000 ____D () C:\Users\Abalone\AppData\Local\The Witcher 2
2014-06-10 14:42 - 2012-07-01 10:52 - 00544569 _____ () C:\Windows\DirectX.log
2014-06-10 14:03 - 2014-06-10 14:03 - 00008774 _____ () C:\Users\Abalone\Downloads\smartcities_registration(4).csv
2014-06-10 08:03 - 2012-07-16 20:47 - 00000000 ____D () C:\Users\Abalone\AppData\Local\CrashDumps
2014-06-07 21:45 - 2014-06-07 21:45 - 00000000 ____D () C:\Users\Abalone\Downloads\G-B-E
2014-06-07 21:45 - 2014-06-07 21:45 - 00000000 ____D () C:\Users\Abalone\Downloads\Antiserum-Adventuremap-1-6
2014-06-07 21:43 - 2014-06-07 21:43 - 15238411 _____ () C:\Users\Abalone\Downloads\Antiserum-Adventuremap-1-6.zip
2014-06-07 21:42 - 2014-06-07 21:42 - 01512696 _____ () C:\Users\Abalone\Downloads\G-B-E.zip
2014-06-07 21:22 - 2014-06-07 21:16 - 00000000 ____D () C:\Users\Abalone\Downloads\Gestrandeter
2014-06-07 20:52 - 2014-06-07 20:52 - 00004742 _____ () C:\Users\Abalone\Downloads\Gestrandeter.zip
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Pixlromatic
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixlr
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Program Files (x86)\Pixlr
2014-06-07 20:42 - 2012-06-30 19:19 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-07 20:42 - 2012-06-30 19:19 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-07 20:38 - 2012-06-30 19:20 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Adobe
2014-06-07 17:57 - 2013-09-06 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-07 17:41 - 2009-07-14 06:45 - 00803592 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-06 23:56 - 2012-06-30 19:32 - 00154824 _____ () C:\Users\Abalone\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-06 18:30 - 2014-06-02 10:14 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Battle.net
2014-06-06 13:03 - 2014-06-06 13:03 - 00000000 ____D () C:\Users\Abalone\AppData\Local\DeadMansDraw
2014-06-06 11:24 - 2014-06-06 11:06 - 00000000 ____D () C:\Users\Abalone\Downloads\Unbenannt
2014-06-06 11:06 - 2014-06-06 11:06 - 00118912 _____ () C:\Users\Abalone\Downloads\Unbenannt.zip
2014-06-04 17:44 - 2014-06-04 17:44 - 00008178 _____ () C:\Users\Abalone\Downloads\smartcities_registration(3).csv
2014-06-04 16:18 - 2014-06-04 16:18 - 00007248 _____ () C:\Users\Abalone\Desktop\here360text.txt
2014-06-04 16:15 - 2014-06-04 16:15 - 00003848 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1399880484
2014-06-04 16:15 - 2014-05-12 09:41 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-04 08:17 - 2012-12-20 02:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-03 16:42 - 2014-06-03 16:04 - 00004277 _____ () C:\Users\Abalone\Desktop\test.html
2014-06-02 11:02 - 2014-06-02 11:02 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Blizzard
2014-06-02 10:59 - 2014-06-02 10:14 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Battle.net
2014-06-02 10:30 - 2014-06-02 10:30 - 00000755 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-06-02 10:30 - 2014-06-02 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Blizzard Entertainment
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-02 10:07 - 2014-06-02 10:07 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-02 10:06 - 2014-06-02 10:06 - 03099552 _____ (Blizzard Entertainment) C:\Users\Abalone\Downloads\Hearthstone-Setup-deDE.exe
2014-06-01 22:35 - 2014-05-30 17:25 - 00000304 _____ () C:\Warnings.txt
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Sils_ArgoBodies_BH
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Master_Head_Pack_X
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Bravo's Argonians v1.1
2014-06-01 20:30 - 2014-06-01 20:30 - 02076003 _____ () C:\Users\Abalone\Downloads\Bravo's Argonians v1.1.rar
2014-06-01 20:30 - 2014-06-01 20:29 - 01709055 _____ () C:\Users\Abalone\Downloads\Sils_ArgoBodies_BH.rar
2014-06-01 20:21 - 2014-06-01 20:18 - 75972498 _____ () C:\Users\Abalone\Downloads\Master_Head_Pack_X.7z
2014-06-01 16:15 - 2014-06-01 16:15 - 00003970 _____ () C:\Users\Abalone\Downloads\smartcities_registration(2).csv
2014-05-31 20:28 - 2014-05-31 20:28 - 00000000 ____D () C:\Users\Abalone\Downloads\Weapon_Sheaths_Ultimate
2014-05-31 20:27 - 2014-05-31 20:27 - 01429728 _____ () C:\Users\Abalone\Downloads\Weapon_Sheaths_Ultimate.rar
2014-05-30 19:44 - 2014-05-30 19:44 - 00424946 _____ () C:\Users\Abalone\Downloads\BMW Formation - Piwik › Web Analytik Berichte.htm
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Abalone\Downloads\BMW Formation - Piwik › Web Analytik Berichte-Dateien
2014-05-30 14:47 - 2014-05-30 14:47 - 00002622 _____ () C:\Users\Abalone\Downloads\smartcities_registration(1).csv
2014-05-30 14:46 - 2014-05-30 14:46 - 00002622 _____ () C:\Users\Abalone\Downloads\smartcities_registration.csv
2014-05-30 12:21 - 2014-06-12 08:44 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 08:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 08:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 08:44 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 08:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 08:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 08:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 08:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 08:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 08:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 08:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 08:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 08:44 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 08:44 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 08:44 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 08:44 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 08:44 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 08:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 08:44 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 08:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 08:44 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 08:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 08:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 08:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 08:44 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 08:44 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 08:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 08:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 08:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 08:44 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 08:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 08:45 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 08:44 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 08:44 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 08:44 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 08:44 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 08:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 08:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:03 - 2014-05-30 10:03 - 00258220 _____ () C:\Users\Abalone\Downloads\flexnav-master.zip
2014-05-30 10:03 - 2014-05-30 10:03 - 00000000 ____D () C:\Users\Abalone\Downloads\flexnav-master
2014-05-30 10:02 - 2014-06-12 08:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 08:44 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 08:44 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 08:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 08:44 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 08:44 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 08:44 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 08:44 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 08:44 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 08:44 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 08:45 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 08:44 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 08:44 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_woodelves_1.0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_Imperial_1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_breton_1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_redg_heads1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_highelf_heads_f_1_0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_dunmer_faces1_0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_orc_f_heads1
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_nord_heads_1_1
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_Imp_headp2
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_highelf2
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\emma_bret_heads3
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_bret_headp2
2014-05-29 21:56 - 2014-05-29 21:56 - 01076172 _____ () C:\Users\Abalone\Downloads\Emmas_highelf_heads_f_1_0.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00930411 _____ () C:\Users\Abalone\Downloads\Emmas_redg_heads1_0b.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00919166 _____ () C:\Users\Abalone\Downloads\Emmasheads_breton_1_0b.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00595982 _____ () C:\Users\Abalone\Downloads\Emmasheads_Imperial_1_0b.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 02201763 _____ () C:\Users\Abalone\Downloads\Emma_nord_heads_1_1.7z
2014-05-29 21:55 - 2014-05-29 21:55 - 01438432 _____ () C:\Users\Abalone\Downloads\Emma_bret_headp2.rar
2014-05-29 21:55 - 2014-05-29 21:55 - 01212278 _____ () C:\Users\Abalone\Downloads\Emmasheads_woodelves_1.0.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 01211116 _____ () C:\Users\Abalone\Downloads\Emma_Imp_headp2.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 01015770 _____ () C:\Users\Abalone\Downloads\Emmas_dunmer_faces1_0.zip
2014-05-29 21:54 - 2014-05-29 21:54 - 02095007 _____ () C:\Users\Abalone\Downloads\Emma_highelf2.rar
2014-05-29 21:54 - 2014-05-29 21:54 - 01292554 _____ () C:\Users\Abalone\Downloads\Emma_orc_f_heads1.rar
2014-05-29 21:53 - 2014-05-29 21:53 - 02021963 _____ () C:\Users\Abalone\Downloads\emma_bret_heads3.rar
2014-05-29 21:44 - 2014-05-29 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\CoM_Fix_v1
2014-05-29 21:27 - 2014-05-29 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\COM_ver2_0
2014-05-29 21:25 - 2014-05-29 21:25 - 00002520 _____ () C:\Users\Abalone\Downloads\CoM_Fix_v1.rar
2014-05-29 21:24 - 2014-05-29 21:22 - 68478871 _____ () C:\Users\Abalone\Downloads\COM_ver2_0.7z
2014-05-29 19:36 - 2014-05-29 19:36 - 00000000 ____D () C:\Users\Abalone\Downloads\dogs_of_morrowind
2014-05-29 17:46 - 2013-02-09 20:48 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Paint.NET
2014-05-29 17:45 - 2014-05-29 17:45 - 00010408 _____ () C:\Users\Abalone\Downloads\BSA unpacker-12189.7z
2014-05-29 17:45 - 2014-05-29 17:45 - 00000000 ____D () C:\Users\Abalone\Downloads\BSA unpacker-12189
2014-05-29 17:19 - 2014-05-29 17:19 - 00330820 _____ () C:\Users\Abalone\Downloads\CargoStridersBeta.zip
2014-05-29 17:11 - 2014-05-29 17:11 - 00236301 _____ () C:\Users\Abalone\Downloads\Fireflies Invade Morrowind v1.zip
2014-05-29 15:30 - 2014-05-29 15:30 - 00000000 ____D () C:\Users\Abalone\Downloads\abotWhereAreAllBirdsGoing116
2014-05-29 15:28 - 2014-05-29 15:28 - 02557485 _____ () C:\Users\Abalone\Downloads\abotWhereAreAllBirdsGoing116.zip
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind_Advanced_182
2014-05-29 13:33 - 2014-05-29 13:32 - 08160097 _____ () C:\Users\Abalone\Downloads\Morrowind_Advanced_182.7z
2014-05-29 11:24 - 2014-05-29 11:24 - 00013873 _____ () C:\Users\Abalone\Downloads\morrowind_projectiles (1).zip
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_talrivian
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_service
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_projectiles
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_daggerbooks
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_btb
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_advanced
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\firemoth1.1
2014-05-27 23:45 - 2014-05-27 23:45 - 00000000 ____D () C:\Users\Abalone\Downloads\Don Salus Faces V.3
2014-05-27 23:43 - 2014-05-27 23:43 - 00000000 ____D () C:\Users\Abalone\Downloads\Don_Salus's_Faces_V1.0
2014-05-27 23:43 - 2014-05-27 23:43 - 00000000 ____D () C:\Users\Abalone\Downloads\Don Salus Faces V.2
2014-05-27 23:42 - 2014-05-27 23:42 - 00000000 ____D () C:\Users\Abalone\Downloads\Zul_Redguards_Women__Faces_v10
2014-05-27 23:40 - 2014-05-27 23:40 - 03760922 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_3.ace
2014-05-27 23:38 - 2014-05-27 23:38 - 03792867 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_1.ace
2014-05-27 23:38 - 2014-05-27 23:38 - 01206501 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_2.ace
2014-05-27 23:36 - 2014-05-27 23:36 - 00639227 _____ () C:\Users\Abalone\Downloads\Zul_Redguards_Women__Faces_v10.7z
2014-05-27 23:07 - 2014-05-27 23:07 - 00000000 ____D () C:\Users\Abalone\Downloads\Corean_Hair_for_all_TESIII_Races
2014-05-27 23:06 - 2014-05-27 23:06 - 13047496 _____ () C:\Users\Abalone\Downloads\Corean_Hair_for_all_TESIII_Races.7z
2014-05-27 18:23 - 2014-05-01 19:40 - 00000000 ____D () C:\ProgramData\MumboJumbo
2014-05-27 13:05 - 2014-05-27 13:05 - 00001991 _____ () C:\Users\Abalone\Desktop\untitled.mcw
2014-05-26 14:20 - 2014-05-26 14:20 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Macaw
2014-05-26 14:18 - 2014-05-26 14:18 - 00000670 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macaw.lnk
2014-05-26 14:18 - 2014-05-26 14:18 - 00000000 ____D () C:\Program Files (x86)\Macaw
2014-05-26 14:15 - 2014-05-26 14:13 - 42344448 _____ () C:\Users\Abalone\Downloads\Macaw1.0.11.msi
2014-05-25 22:03 - 2014-05-25 22:03 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_economy
2014-05-25 21:32 - 2014-05-25 21:32 - 00000000 ____D () C:\Users\Abalone\Downloads\TESC fixed for Morrowind Steam GOTY edition v161820 -- EnglishVersion-42196-1-6-1820
2014-05-25 21:32 - 2014-05-25 21:31 - 07437347 _____ () C:\Users\Abalone\Downloads\TESC fixed for Morrowind Steam GOTY edition v161820 -- EnglishVersion-42196-1-6-1820.zip
2014-05-25 21:27 - 2014-05-25 21:27 - 00001277 _____ () C:\Users\Abalone\Downloads\timemod_0531.zip
2014-05-25 21:27 - 2014-05-25 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\timemod_0531
2014-05-25 20:39 - 2014-05-25 20:39 - 00013873 _____ () C:\Users\Abalone\Downloads\morrowind_projectiles.zip
2014-05-25 20:21 - 2014-05-25 20:21 - 00467884 _____ () C:\Users\Abalone\Downloads\firemoth1.1.zip
2014-05-25 20:18 - 2014-05-25 20:17 - 02140475 _____ () C:\Users\Abalone\Downloads\morrowind_daggerbooks.zip
2014-05-25 20:09 - 2014-05-25 20:09 - 00057102 _____ () C:\Users\Abalone\Downloads\morrowind_advanced.zip
2014-05-25 20:05 - 2014-05-25 20:05 - 00164351 _____ () C:\Users\Abalone\Downloads\morrowind_service.zip
2014-05-25 20:05 - 2014-05-25 20:05 - 00002792 _____ () C:\Users\Abalone\Downloads\morrowind_talrivian.zip
2014-05-25 19:50 - 2014-05-25 19:50 - 00328671 _____ () C:\Users\Abalone\Downloads\morrowind_btb.zip
2014-05-25 14:08 - 2014-05-25 14:08 - 00106281 _____ () C:\Users\Abalone\Downloads\morrowind_economy.zip
2014-05-25 13:56 - 2014-05-25 13:49 - 206983477 _____ () C:\Users\Abalone\Downloads\1920x1200.rar
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\Downloads\siltstridersareinvvardenfell
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\WinRAR
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-25 01:11 - 2014-05-25 01:11 - 01916952 _____ () C:\Users\Abalone\Downloads\winrar-x64-51b4.exe
2014-05-25 01:11 - 2014-05-25 01:11 - 00000000 ____D () C:\Program Files\WinRAR
2014-05-25 01:05 - 2014-05-25 01:05 - 00107345 _____ () C:\Users\Abalone\Downloads\siltstridersareinvvardenfell.ace
2014-05-25 00:17 - 2014-05-25 00:17 - 00011700 _____ () C:\Users\Abalone\Downloads\SkipTutorial1.0.zip
2014-05-25 00:17 - 2014-05-25 00:17 - 00000000 ____D () C:\Users\Abalone\Downloads\SkipTutorial1.0
2014-05-25 00:09 - 2014-05-25 00:09 - 00000000 ____D () C:\Users\Abalone\Downloads\Clean_Chargen_Revamped_v2_3
2014-05-25 00:08 - 2014-05-25 00:08 - 00027206 _____ () C:\Users\Abalone\Downloads\Clean_Chargen_Revamped_v2_3.zip
2014-05-24 23:51 - 2014-05-24 23:51 - 18911147 _____ () C:\Users\Abalone\Downloads\MEL Hair Pack Final-41622.7z
2014-05-24 23:32 - 2014-05-24 23:32 - 00048840 _____ () C:\Users\Abalone\Downloads\MQE Main File 1_1-41337-1-1.rar
2014-05-24 23:13 - 2014-05-24 23:13 - 00000662 _____ () C:\Users\Abalone\Downloads\Lower First Person Sneak Mode-43108-1-0-1.zip
2014-05-24 22:59 - 2014-05-24 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NifTools
2014-05-24 22:59 - 2014-05-24 22:59 - 00000000 ____D () C:\Program Files (x86)\NifTools
2014-05-24 22:58 - 2014-05-24 22:57 - 08631751 _____ () C:\Users\Abalone\Downloads\nifskope-1.1.3.36ebfdd-windows.exe
2014-05-24 22:53 - 2014-05-24 22:48 - 00000000 ____D () C:\Users\Abalone\Downloads\BetterAlmalexia-23388
2014-05-24 22:48 - 2014-05-24 22:48 - 05600778 _____ () C:\Users\Abalone\Downloads\BetterAlmalexia-23388.rar
2014-05-24 22:23 - 2014-05-24 22:23 - 00000000 ____D () C:\Users\Abalone\Downloads\Skinned Hairs for Morrowind-42799-1-0
2014-05-24 22:23 - 2014-05-24 22:16 - 00000000 ____D () C:\Users\Abalone\Downloads\DelayedDBattacks-14891
2014-05-24 22:21 - 2014-05-24 22:21 - 01821509 _____ () C:\Users\Abalone\Downloads\Skinned Hairs for Morrowind-42799-1-0.7z
2014-05-24 22:16 - 2014-05-24 22:16 - 00002991 _____ () C:\Users\Abalone\Downloads\DelayedDBattacks-14891.zip
2014-05-24 21:00 - 2012-07-01 00:09 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-24 21:00 - 2012-06-30 19:11 - 00000000 ___RD () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 ____D () C:\Users\Abalone\Downloads\Speed and Stamina - Standard-42190-1-0
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 ____D () C:\Users\Abalone\Downloads\16x10 Version-39329-1
2014-05-24 16:00 - 2014-05-24 16:00 - 00001454 _____ () C:\Users\Abalone\Downloads\Speed and Stamina - Standard-42190-1-0.zip
2014-05-24 16:00 - 2014-05-24 15:58 - 56108041 _____ () C:\Users\Abalone\Downloads\16x10 Version-39329-1.zip
2014-05-24 15:40 - 2014-05-24 15:40 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wrye Mash
2014-05-24 15:40 - 2014-05-24 15:40 - 00000000 ____D () C:\Program Files\Bethesda Softworks
2014-05-24 15:39 - 2014-05-24 15:39 - 08038548 _____ () C:\Users\Abalone\Downloads\wrye_mash_84dcg003_install.rar
2014-05-24 15:39 - 2014-05-24 15:39 - 00000000 ____D () C:\Users\Abalone\Downloads\wrye_mash_84dcg003_install
2014-05-24 15:35 - 2014-05-24 15:35 - 00001518 _____ () C:\Users\Abalone\Desktop\Wrye Mash.txt - Verknüpfung.lnk
2014-05-24 15:32 - 2014-05-24 15:32 - 00000000 ____D () C:\Python34
2014-05-24 15:32 - 2014-05-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2014-05-24 15:31 - 2014-05-24 15:30 - 24408064 _____ () C:\Users\Abalone\Downloads\python-3.4.1.msi
2014-05-24 15:27 - 2014-05-24 15:27 - 00000000 ____D () C:\Users\Abalone\Downloads\Wrye Mash 84-27588
2014-05-24 15:26 - 2014-05-24 15:26 - 00747499 _____ () C:\Users\Abalone\Downloads\Wrye Mash 84-27588.zip
2014-05-24 15:15 - 2014-05-24 15:15 - 12012966 _____ () C:\Users\Abalone\Downloads\Divine Dagoth Ur- ddfields update-39431.zip
2014-05-24 15:10 - 2014-05-24 15:10 - 00000000 ____D () C:\Users\Abalone\Downloads\Accurate Attack v1_2-23746
2014-05-24 15:09 - 2014-05-24 15:09 - 00004636 _____ () C:\Users\Abalone\Downloads\Accurate Attack v1_2-23746.rar
2014-05-24 10:42 - 2012-12-17 14:36 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-24 00:52 - 2012-07-01 10:52 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Skyrim
2014-05-24 00:50 - 2014-04-25 11:31 - 00000000 ____D () C:\Program Files\Free Opener
2014-05-24 00:36 - 2014-05-23 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morrowind Mod Manager
2014-05-23 14:49 - 2014-05-22 23:17 - 00000000 ____D () C:\Users\Abalone\Downloads\MGSO_3-0_Final
2014-05-23 13:17 - 2014-05-23 13:17 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind Mod Manager-26260
2014-05-23 13:15 - 2014-05-23 13:15 - 00721497 _____ () C:\Users\Abalone\Downloads\Morrowind Mod Manager-26260.7z
2014-05-23 13:04 - 2014-05-23 13:04 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind Comes Alive-6006-8-0
2014-05-23 13:02 - 2014-05-23 13:01 - 19871102 _____ () C:\Users\Abalone\Downloads\Morrowind Comes Alive-6006-8-0.7z
2014-05-23 12:55 - 2014-05-23 12:55 - 00000000 ____D () C:\Users\Abalone\Downloads\Dwemer Mesh Impr v1-43101-1
2014-05-23 12:54 - 2014-05-23 12:53 - 00439340 _____ () C:\Users\Abalone\Downloads\Dwemer Mesh Impr v1-43101-1.zip
2014-05-22 23:26 - 2014-05-22 23:24 - 50449456 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\dotNetFx40_Full_x86_x64.exe
2014-05-22 23:25 - 2014-05-22 23:20 - 100271992 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\directx_Jun2010_redist.exe
2014-05-22 23:23 - 2014-05-22 23:23 - 04216840 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\vcredist_x86.exe
2014-05-22 23:07 - 2014-05-22 22:03 - 1773379811 _____ () C:\Users\Abalone\Downloads\MGSO_3-0_Final.rar
2014-05-22 21:46 - 2014-05-22 21:45 - 05756846 _____ () C:\Users\Abalone\Downloads\TES3OverhaulGer.zip
2014-05-22 14:58 - 2013-03-29 23:31 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-22 14:58 - 2013-03-29 23:31 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-21 16:55 - 2011-04-12 09:43 - 00746754 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 16:55 - 2011-04-12 09:43 - 00167888 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 16:55 - 2009-07-14 07:13 - 01754680 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-18 10:38 - 2014-05-18 10:38 - 02734592 _____ (Python Software Foundation) C:\Windows\SysWOW64\python34.dll
2014-05-18 10:37 - 2014-05-18 10:37 - 00102912 _____ (Python Software Foundation) C:\Windows\pyw.exe
2014-05-18 10:37 - 2014-05-18 10:37 - 00102400 _____ (Python Software Foundation) C:\Windows\py.exe
Some content of TEMP:
====================
C:\Users\Abalone\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Abalone\AppData\Local\Temp\avgnt.exe
C:\Users\Abalone\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnnkxyd.dll
C:\Users\Abalone\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Abalone\AppData\Local\Temp\screenr_encoder.exe
C:\Users\Abalone\AppData\Local\Temp\som_fs.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-08 00:41
==================== End Of Log ============================
Beste Grüße Abalone |
|
16.06.2014, 14:07
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 7: Rechner verschickt E-Mails Hi und
__________________ Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
16.06.2014, 14:12
| #3 |
| | Windows 7: Rechner verschickt E-Mails Ok, mache ich :-) Hier die beiden Logs, die im zip-file stecken:
__________________Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2014
Ran by Abalone at 2014-06-16 13:51:44
Running from C:\Users\Abalone\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
3089 -- Futuristic Action RPG (HKLM-x32\...\Steam App 263360) (Version: - Phr00t's Software)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM-x32\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Acrobat 8 Professional - English, Français, Deutsch (x32 Version: 8.0.0 - Adobe Systems) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 1.0.1.1 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.002 - Adobe System Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Help Center 2.1 (x32 Version: 2.1 - Adobe Systems) Hidden
Adobe Illustrator CS2 (HKLM-x32\...\Adobe Illustrator CS2) (Version: 12.000.000 - Adobe Systems Inc.)
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe InDesign CS2 (HKLM-x32\...\Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}) (Version: 004.000.000 - Adobe Systems Incorporated)
Adobe InDesign CS2 (x32 Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Photoshop Elements 5.0 (HKLM-x32\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (x32 Version: 5.0 - Adobe Systems, Inc.) Hidden
Adobe Premiere Pro 2.0 (HKLM-x32\...\Adobe Premiere Pro 2.0) (Version: 2.000.000 - Adobe Systems, Inc.)
Adobe Premiere Pro 2.0 (x32 Version: 2.000.000 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Stock Photos 1.0 (x32 Version: 1.0.2 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
Age of Decadence Public Beta (Release 3.2) (HKLM-x32\...\Age of Decadence Public Beta (Release 3.2)) (Version: 0.8.7.0231 - Iron Tower Studio)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - )
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{1E9871B6-7C44-9A3A-A1C0-F9729663C7F5}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aptana Studio 3 (HKLM-x32\...\Aptana Studio 3) (Version: 3.0.0 - Appcelerator, Inc.)
Ashampoo Movie Studio 2013 v.1.0.4 (HKLM-x32\...\{91B33C97-EB09-F0A4-36AC-3895F9F93DD1}_is1) (Version: 1.0.4 - Ashampoo GmbH & Co. KG)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock eXtreme Tuner v0.1.54 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - )
ASRock InstantBoot v1.26 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.642 - Avira)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: 1.2.0.0 - AVM Berlin)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version: - Overhaul Games)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Ben There, Dan That! (HKLM-x32\...\Steam App 37420) (Version: - Zombie Cow Studios)
Blockland (HKLM-x32\...\Blockland) (Version: - )
Blockscape Phase 1 (beta) (HKLM-x32\...\Blockscape_is1) (Version: - ioneo AB)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
calibre (HKLM-x32\...\{AB259D81-DE6B-4554-B4A8-DB13D321FBF2}) (Version: 0.9.18 - Kovid Goyal)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
ColdCut (HKLM-x32\...\{8944ED10-DBF2-4FA9-8B5D-D7E1B046C761}_is1) (Version: ColdCut - © Jan Brummelte)
Copy (HKLM\...\{EF3F883E-1A54-44B3-ABB7-E2DEC1C56451}) (Version: 1.28.657.0 - Barracuda Networks, Inc.)
Crazy Machines (HKLM-x32\...\Steam App 18420) (Version: - Fakt Software)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - )
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Man's Draw (HKLM-x32\...\Steam App 262450) (Version: - Stardock Entertainment)
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version: - Level Up Labs, LLC)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
Discovery! A Seek & Find Adventure (HKLM-x32\...\Steam App 16000) (Version: - MumboJumbo)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: - )
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - )
DOSBoxnoalttab (HKLM\...\{81c4a0a9-8fb0-4a2d-aec1-efce279f57a6}.sdb) (Version: - )
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
Draw a Stickman: EPIC (HKLM-x32\...\Steam App 248650) (Version: - Hitcents)
Driftmoon (HKLM-x32\...\GOGPACKDRIFTMOON_is1) (Version: 2.0.0.6 - GOG.com)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Droplitz (HKLM-x32\...\Steam App 23120) (Version: - Blitz Games Studio, Ltd.)
DVD Profiler Version 3.8.2 (HKLM-x32\...\InvelosDVDProfiler_is1) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.3.11574 - Landesfinanzdirektion Thüringen)
EMDB 1.99 (HKLM-x32\...\EMDB_is1) (Version: - Wicked & Wild Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.96 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.96 - Etron Technology) Hidden
Eufloria (HKLM-x32\...\Steam App 41210) (Version: - )
Far Cry (HKLM-x32\...\GOGPACKFARCRY_is1) (Version: 2.0.0.9 - GOG.com)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft)
ffdshow v1.3.4530 [2014-02-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4530.0 - )
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free FLV Converter V 7.4.0 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.4.0.0 - Koyote Soft)
Free Opener (HKLM\...\{A1F2C608-32D6-467D-B035-BBEF509042BA}_is1) (Version: 1.4 - EZ Freeware)
Free Video to JPG Converter version 5.0.17.825 (HKLM-x32\...\Free Video to JPG Converter_is1) (Version: 5.0.17.825 - DVDVideoSoft Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - )
Geneforge 1 (HKLM-x32\...\Steam App 200960) (Version: - )
Geneforge 2 (HKLM-x32\...\Steam App 200980) (Version: - )
Geneforge 3 (HKLM-x32\...\Steam App 200990) (Version: - )
Geneforge 4 (HKLM-x32\...\Steam App 201000) (Version: - )
Geneforge 5 (HKLM-x32\...\Steam App 201010) (Version: - )
Ghostlab (HKLM\...\{CC72A911-6786-4B1F-9991-79015BB77799}) (Version: 1.2.5 - Vanamco AG)
GOG.com Downloader version 3.5.8 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.5.8 - GOG.com)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version: - Rockstar)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version: - Dennaton Games)
IETester v0.5.2 (remove only) (HKLM-x32\...\IETester) (Version: 0.5.2 - Core Services)
Inkscape 0.48.3.1 (HKLM-x32\...\Inkscape) (Version: 0.48.3.1 - )
InsectIS 8.89 (HKLM-x32\...\InsectIS) (Version: - )
InsectIS-Laufzeitumgebung für Access 2003 (HKLM-x32\...\InsectIS-Laufzeitumgebung für Access) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.28 - Irfan Skiljan)
iZ3D Driver Remove (HKLM-x32\...\{30BEF9F2-CD3F-4B13-9E5C-BFE2F9544572}_is1) (Version: 1.13(5443) - iZ3D Inc.)
Java 3D 1.5.1 (x64) (HKLM\...\{64A9C5B3-D166-4C6D-A11E-A54473151000}) (Version: 1.5.1 - Sun Microsystems, Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version: - Blit Software)
Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation)
KAMI (HKLM-x32\...\Steam App 272040) (Version: - State of Play Games)
Kingdoms of Amalur: Reckoning™ (HKLM-x32\...\Steam App 102500) (Version: - Big Huge Games)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Last Dream (HKLM-x32\...\Steam App 266230) (Version: - White Giant RPG Studios)
Laufzeitumgebung für InsectIS (HKLM-x32\...\{16463E82-EFCF-4FEB-9DF8-DDC97090639A}) (Version: 1.0.0000 - InsectIS)
LEGO Batman: The Videogame (HKLM-x32\...\Steam App 21000) (Version: - TT Games)
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - )
LEGO® Der Herr der Ringe™ DEMO (HKLM-x32\...\{91DBD40C-B5C6-4F55-93D6-1B0B59093BEA}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LibreOffice 4.1.4.2 (HKLM-x32\...\{94E11973-ED58-47A0-907C-ABF6D95C5DD8}) (Version: 4.1.4.2 - The Document Foundation)
Luxor 2 HD (HKLM-x32\...\Steam App 234350) (Version: - MumboJumbo)
LUXOR: 5th Passage (HKLM-x32\...\Steam App 60340) (Version: - MumboJumbo)
LYNE (HKLM-x32\...\Steam App 266010) (Version: - Thomas Bowker)
Macaw (HKLM-x32\...\{44A348B2-CEB8-4670-B97C-6B6E73FCE6AA}) (Version: 1.0.11 - Macaw, LLC)
Magic: The Gathering — Duels of the Planeswalkers 2012 (HKLM-x32\...\Steam App 49470) (Version: - )
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50501 - Microsoft Corporation)
Microsoft .NET Framework 4.5 DEU Language Pack RC (Version: 4.5.50501 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access 2003 Runtime (HKLM-x32\...\{901C0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Express Edition (BWDATOOLSET) (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Tools Express Edition (x32 Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Midnight Mysteries: The Edgar Allan Poe Conspiracy (HKLM-x32\...\Steam App 32140) (Version: - MumboJumbo)
Might and Magic VI Limited Edition (HKLM-x32\...\GOGPACKMM6LE_is1) (Version: 2.0.0.41 - GOG.com)
Morrowind mod manager 0.8.4 (HKLM-x32\...\Morrowind mod manager_is1) (Version: - Timeslip)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0.6 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.6 (x86 de)) (Version: 17.0.6 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyMDb 3.6 (HKLM-x32\...\MyMDb_0) (Version: - )
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version: - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.4 - )
NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version: - Timeslip)
Obulis (HKLM-x32\...\Steam App 11330) (Version: - IonFX)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Opera Stable 22.0.1471.50 (HKLM-x32\...\Opera 22.0.1471.50) (Version: 22.0.1471.50 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PC Camer@N (HKLM-x32\...\InstallShield_{68AD7668-834F-49BC-94AB-28F94A5D93D5}) (Version: 0.1.3.8 - Teconet)
PC Camer@N (x32 Version: 0.1.3.8 - Teconet) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pixlr-o-matic (HKLM-x32\...\Pixlromatic) (Version: 2.1 - UNKNOWN)
Pixlr-o-matic (x32 Version: 2.1 - UNKNOWN) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Puzzle Quest (HKLM-x32\...\Steam App 12500) (Version: - D3)
Python 3.4.1 (HKLM-x32\...\{df32bb9e-3ed8-36b5-a649-e8c845c5f3a2}) (Version: 3.4.1150 - Python Software Foundation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RailsInstaller 2.1.0 (HKCU\...\{613C3EA5-1248-4E35-B61A-6D0B31BBC0DB}_is1) (Version: 2.1.0 - RailsInstaller Team)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Recettear: An Item Shop's Tale (HKLM-x32\...\Steam App 70400) (Version: - EasyGameStation)
RegiStax 6 (HKCU\...\RegiStax 6) (Version: - )
RegiStax 6.1.0.8 update (HKCU\...\RegiStax 6.1.0.8 update) (Version: - )
Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes )
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
Rune Classic (HKLM-x32\...\Steam App 210950) (Version: - Human Head Studios)
Sacred Gold (HKLM-x32\...\Steam App 12320) (Version: - Ascaron Entertainment ltd.)
Sawmill 8.6.2 (HKLM-x32\...\Sawmill 8) (Version: 8.6.2 - Flowerfire, Inc.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Shelter (HKLM-x32\...\Steam App 244710) (Version: - Might and Delight)
Sigil 0.6.2 (HKLM-x32\...\Sigil_is1) (Version: - John Schember)
SILKYPIX Developer Studio 3.1 SE (HKLM-x32\...\InstallShield_{0A04086B-0B71-43C3-95EF-FDFC4C18D161}) (Version: 3 - Ichikawa Soft Laboratory)
SILKYPIX Developer Studio 3.1 SE (x32 Version: 3 - Ichikawa Soft Laboratory) Hidden
Ski Challenge 14 (HKCU\...\sc14-GAMETWIST_MAIN) (Version: - )
SkyFonts™ (HKLM\...\{FF120142-9831-434A-8545-64868F254878}) (Version: 4.4.0.0 - Monotype Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpaceChem (HKLM-x32\...\Steam App 92800) (Version: - Zachtronics)
Splice (HKLM-x32\...\Steam App 209790) (Version: - Cipher Prime Studios)
StaudSoft's Synthetic World 64 Bit Version 0.1 (HKLM\...\{B23CE042-8F06-4614-8067-3AFA95E72279}_is1) (Version: 0.1 - StaudSoft)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Superbrothers: Sword & Sworcery EP (HKLM-x32\...\Steam App 204060) (Version: - Capybara)
Sweet Home 3D version 3.6 (HKLM-x32\...\Sweet Home 3D_is1) (Version: - eTeks)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Shock 2 (HKLM-x32\...\Steam App 238210) (Version: - )
The Dream Machine (HKLM-x32\...\Steam App 94300) (Version: - Cockroach Ink.)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version: - Bethesda Game Studios®)
The Elder Scrolls IV: Oblivion (HKLM-x32\...\Steam App 22330) (Version: - Bethesda Game Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version: - Outerlight Ltd.)
The Ship Tutorial (HKLM-x32\...\Steam App 2430) (Version: - Outerlight)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version: - )
Tiled - Tiled Map Editor (HKLM-x32\...\Tiled) (Version: - )
Time Gentlemen, Please! (HKLM-x32\...\Steam App 37400) (Version: - Size Five Games)
Tiny and Big - Grandpa's Leftovers (HKLM-x32\...\GOGPACKTINYANDBIG_is1) (Version: 2.0.0.8 - GOG.com)
Titan Quest (HKLM-x32\...\Steam App 4540) (Version: - IronLore)
Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version: - IronLore)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Tomb Raider 1+2+3 (HKLM-x32\...\GOGPACKTOMBRAIDER123_is1) (Version: 2.0.0.7 - GOG.com)
Tony Hawk's Pro Skater HD (HKLM-x32\...\Steam App 207210) (Version: - Robomodo)
Triple Town (HKLM-x32\...\Steam App 209950) (Version: - Spry Fox LLC)
Type:Rider (HKLM-x32\...\Steam App 258890) (Version: - Ex Nihilo)
Ulead VideoStudio 7 SE DVD (HKLM-x32\...\{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}) (Version: 7.0 - Ulead Systems, Inc.)
Ulead VideoStudio SE DVD (HKLM-x32\...\{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}) (Version: 10.0 - Ulead Systems)
Unepic (HKLM-x32\...\Unepic) (Version: - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version: - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vampire: The Masquerade - Bloodlines (HKLM-x32\...\Steam App 2600) (Version: - Troika Games)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.0.2 (HKLM-x32\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Waking Mars (HKLM-x32\...\GOGPACKWAKINGMARS_is1) (Version: 2.0.0.3 - GOG.com)
Weird Worlds: Return to Infinite Space (HKLM-x32\...\Steam App 226120) (Version: - Digital Eel)
Winamp_2.95_minimal (HKLM-x32\...\SFXTool_HSL5EG5QXH55FPOL3NSYLATLGU1EP89UV2V5MWEFQXFVOQI2) (Version: - )
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Wizardry 8 (HKLM-x32\...\Steam App 245450) (Version: - )
WorldPainter 0.9.2 (HKLM\...\4144-4862-0472-7103) (Version: 0.9.2 - pepsoft.org)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.4 - Wrye & Wrye Bash Development Team)
Wrye Mash (HKLM-x32\...\Wrye Mash) (Version: - Wrye)
X2: The Threat (HKLM-x32\...\Steam App 2800) (Version: - Egosoft)
XMedia Recode Version 3.1.2.5 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.2.5 - XMedia Recode)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Restore Points =========================
30-05-2014 07:03:42 Windows Update
03-06-2014 06:31:22 Windows Update
03-06-2014 06:42:17 Installed SkyFonts™
10-06-2014 06:25:33 Windows Update
10-06-2014 12:41:48 DirectX wurde installiert
12-06-2014 21:32:08 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0F94CFD6-5560-46E9-AAE4-6FE93D2FA960} - System32\Tasks\Opera scheduled Autoupdate 1399880484 => C:\Program Files (x86)\Opera\launcher.exe [2014-05-27] (Opera Software)
Task: {20B7E4BE-DEBB-4F12-BDDF-AAFAC0958BAA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-12] (Adobe Systems Incorporated)
Task: {5203CE37-1198-4136-80E8-41F672803001} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3072619532-3118682878-2417991977-1000Core => C:\Users\Abalone\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30] (Google Inc.)
Task: {BE052A01-C8DF-4E71-BD6F-A31638BBAD5F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3072619532-3118682878-2417991977-1000UA => C:\Users\Abalone\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-30] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3072619532-3118682878-2417991977-1000Core.job => C:\Users\Abalone\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3072619532-3118682878-2417991977-1000UA.job => C:\Users\Abalone\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2006-09-14 08:56 - 2006-09-14 08:56 - 00102400 _____ () C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
2013-01-01 00:01 - 2013-01-01 00:01 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-04-06 14:54 - 2014-06-11 21:12 - 08212480 _____ () C:\Users\Abalone\AppData\Roaming\Copy\overlay\Brt.dll
2013-03-06 12:48 - 2014-06-11 21:12 - 02092544 _____ () C:\Users\Abalone\AppData\Roaming\Copy\Gui.dll
2013-03-06 13:09 - 2014-06-11 21:12 - 08212480 _____ () C:\Users\Abalone\AppData\Roaming\Copy\Brt.dll
2013-12-11 21:20 - 2014-06-11 21:12 - 09200128 _____ () C:\Users\Abalone\AppData\Roaming\Copy\AgentSync.dll
2013-03-06 12:52 - 2014-06-11 21:12 - 05322240 _____ () C:\Users\Abalone\AppData\Roaming\Copy\CloudSync.dll
2013-06-07 21:33 - 2011-12-06 19:58 - 00078448 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-06-07 21:33 - 2011-12-06 19:58 - 00386160 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-05-01 09:30 - 2014-05-31 03:27 - 01116672 _____ () D:\Spiele\Steam\libavcodec-55.dll
2014-03-05 01:06 - 2014-05-31 03:27 - 00438784 _____ () D:\Spiele\Steam\libavutil-53.dll
2014-05-01 09:30 - 2014-05-31 03:27 - 00399360 _____ () D:\Spiele\Steam\libavformat-55.dll
2013-12-14 01:51 - 2014-05-31 03:27 - 00331264 _____ () D:\Spiele\Steam\libavresample-1.dll
2013-03-12 18:10 - 2014-06-05 06:24 - 00756736 _____ () D:\Spiele\Steam\SDL2.dll
2014-05-01 09:30 - 2014-06-10 01:41 - 02141376 _____ () D:\Spiele\Steam\video.dll
2014-05-01 09:30 - 2014-04-29 02:37 - 00519168 _____ () D:\Spiele\Steam\libswscale-2.dll
2012-07-01 00:22 - 2014-06-10 01:41 - 01116864 _____ () D:\Spiele\Steam\bin\chromehtml.DLL
2012-07-01 00:22 - 2014-05-02 01:35 - 20628160 _____ () D:\Spiele\Steam\bin\libcef.dll
2012-07-01 00:22 - 2013-06-15 01:49 - 01100800 _____ () D:\Spiele\Steam\bin\avcodec-53.dll
2012-07-01 00:22 - 2013-06-15 01:49 - 00124416 _____ () D:\Spiele\Steam\bin\avutil-51.dll
2012-07-01 00:22 - 2013-06-15 01:49 - 00192000 _____ () D:\Spiele\Steam\bin\avformat-53.dll
2014-06-16 08:44 - 2014-06-16 08:44 - 00043008 _____ () c:\users\abalone\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnnkxyd.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Abalone\AppData\Roaming\Dropbox\bin\libcef.dll
2014-05-09 22:39 - 2014-05-09 22:39 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/16/2014 08:44:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/15/2014 10:38:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/14/2014 10:12:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/13/2014 09:23:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IETester.exe, Version 0.5.2.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1414
Startzeit: 01cf86d69ea2fa2b
Endzeit: 10
Anwendungspfad: C:\Program Files (x86)\Core Services\IETester\IETester.exe
Berichts-ID: ab0b1179-f2cb-11e3-80a3-50465da085f7
Error: (06/13/2014 08:31:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2014 08:33:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/11/2014 08:38:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/10/2014 08:03:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Monotype.SkyFonts.Service.exe, Version: 1.0.5263.36015, Zeitstempel: 0x538892fd
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18409, Zeitstempel: 0x5315a05a
Ausnahmecode: 0xe0434352
Fehleroffset: 0x000000000000940d
ID des fehlerhaften Prozesses: 0xa34
Startzeit der fehlerhaften Anwendung: 0xMonotype.SkyFonts.Service.exe0
Pfad der fehlerhaften Anwendung: Monotype.SkyFonts.Service.exe1
Pfad des fehlerhaften Moduls: Monotype.SkyFonts.Service.exe2
Berichtskennung: Monotype.SkyFonts.Service.exe3
Error: (06/10/2014 08:02:42 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Monotype.SkyFonts.Service.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei System.ServiceProcess.ServiceController.Start(System.String[])
bei Monotype.SkyFonts.Service.SkyFontsService.eval_c()
bei Monotype.SkyFonts.Service.SkyFontsService.Main(System.String[])
Error: (06/10/2014 08:01:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/16/2014 08:44:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
hwinterface
Error: (06/16/2014 08:43:49 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SkyFontsService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/16/2014 08:43:49 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SkyFontsService erreicht.
Error: (06/16/2014 08:43:03 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\hwinterface.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/15/2014 02:41:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "hwinterface" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (06/15/2014 02:41:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\hwinterface.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/15/2014 02:41:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "hwinterface" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (06/15/2014 02:41:09 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\hwinterface.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (06/15/2014 01:14:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "hwinterface" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (06/15/2014 01:14:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\hwinterface.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office Sessions:
=========================
Error: (06/16/2014 08:44:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/15/2014 10:38:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/14/2014 10:12:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/13/2014 09:23:54 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IETester.exe0.5.2.0141401cf86d69ea2fa2b10C:\Program Files (x86)\Core Services\IETester\IETester.exeab0b1179-f2cb-11e3-80a3-50465da085f7
Error: (06/13/2014 08:31:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2014 08:33:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/11/2014 08:38:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/10/2014 08:03:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Monotype.SkyFonts.Service.exe1.0.5263.36015538892fdKERNELBASE.dll6.1.7601.184095315a05ae0434352000000000000940da3401cf84716f05b22bC:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exeC:\Windows\system32\KERNELBASE.dlle102cd35-f064-11e3-8e7a-50465da085f7
Error: (06/10/2014 08:02:42 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Monotype.SkyFonts.Service.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei System.ServiceProcess.ServiceController.Start(System.String[])
bei Monotype.SkyFonts.Service.SkyFontsService.eval_c()
bei Monotype.SkyFonts.Service.SkyFontsService.Main(System.String[])
Error: (06/10/2014 08:01:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 19%
Total physical RAM: 16317.47 MB
Available physical RAM: 13159.69 MB
Total Pagefile: 32633.13 MB
Available Pagefile: 29403.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.31 GB) (Free:81.74 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:736.2 GB) (Free:114.86 GB) NTFS
Drive e: (PCWELT_2_2014) (CDROM) (Total:2.04 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 6E012E8D)
Partition 1: (Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=736 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-06-16 14:06:00
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 ST1000DM005_HD103SJ rev.1AJ10001 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\Abalone\AppData\Local\Temp\kwliypow.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\SysWOW64\PnkBstrA.exe[1984] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000072091a22 2 bytes [09, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1984] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000072091ad0 2 bytes [09, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1984] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000072091b08 2 bytes [09, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1984] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000072091bba 2 bytes [09, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1984] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000072091bda 2 bytes [09, 72]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000762a1465 2 bytes [2A, 76]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1984] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762a14bb 2 bytes [2A, 76]
.text ... * 2
.text C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[1444] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000762a1465 2 bytes [2A, 76]
.text C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[1444] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000762a14bb 2 bytes [2A, 76]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1828] 0000000077182e65
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1840] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1844] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1848] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1852] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1856] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1860] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1864] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1868] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1872] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1876] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1884] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1888] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1892] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1896] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1900] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1904] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1912] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1920] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1924] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1928] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1932] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1956] 0000000077183e85
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1968] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:1976] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:2044] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:648] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:348] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:2152] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:2164] 0000000072c429e1
Thread C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [1792:3068] 0000000077183e85
---- Processes - GMER 2.1 ----
Library C:\Users\Abalone\AppData\Roaming\Copy\overlay\CopyShExt.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [2056] (Copy Shell Extensions/Barracuda Networks, Inc.)(2013-04-06 12:54:04) 000007fef7620000
Library C:\Users\Abalone\AppData\Roaming\Copy\overlay\Brt.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [2056](2013-04-06 12:54:04) 000007fef5990000
---- EOF - GMER 2.1 ----
Ciao Abalone |
|
16.06.2014, 14:17
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Rechner verschickt E-Mails Ist das ein gewerblich genutztes System?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
16.06.2014, 14:19
| #5 |
| | Windows 7: Rechner verschickt E-Mails Jein - Privat-Rechner und Arbeitsgerät für meine selbständige Tätigkeit. Gibt es für Arbeitsrechner keine Hilfe? |
|
16.06.2014, 14:22
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Rechner verschickt E-Mails Bitte dazu das hier lesen => http://www.trojaner-board.de/108422-...-anfragen.html
__________________ --> Windows 7: Rechner verschickt E-Mails |
|
16.06.2014, 14:32
| #7 |
| | Windows 7: Rechner verschickt E-Mails Nun, ich bin eine Einzel-Person, es gibt daher keine IT-Abteilung. Und die Logs sollten unkritisch sein, was sensible Daten betrifft. Eine kleine Spende sollte auch kein Problem sein :-) Wollt ihr/willst du noch, oder ist hier Schluß? |
|
16.06.2014, 14:36
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Rechner verschickt E-Mails Adware/Junkware/Toolbars entfernen 1. Schritt: Malwarebytes Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
3. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
4. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.06.2014, 15:33
| #9 |
| | Windows 7: Rechner verschickt E-Mails Ok, danke schon mal, hier die Logs: mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 16.06.2014 Suchlauf-Zeit: 15:56:46 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.06.16.04 Rootkit Datenbank: v2014.06.02.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Abalone Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 287436 Verstrichene Zeit: 7 Min, 41 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.212 - Bericht erstellt am 16/06/2014 um 16:10:40
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Abalone - ELPARADISO
# Gestartet von : C:\Users\Abalone\Downloads\adwcleaner_3.212.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Abalone\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Abalone\Documents\Updater
Ordner Gelöscht : C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic
Datei Gelöscht : C:\END
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Jing]
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\Freeze.com
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}
Gelöscht [Search Provider] : hxxp://www.newscientist.com/search?query={searchTerms}&doSearch=true
Gelöscht [Extension] : iabeihobmhlgpkcgjiloemdbofjbdcic
*************************
AdwCleaner[R0].txt - [2089 octets] - [02/11/2013 19:21:41]
AdwCleaner[R1].txt - [1163 octets] - [07/02/2014 15:26:20]
AdwCleaner[R2].txt - [1909 octets] - [16/06/2014 16:09:29]
AdwCleaner[S0].txt - [2110 octets] - [02/11/2013 19:24:56]
AdwCleaner[S1].txt - [1734 octets] - [16/06/2014 16:10:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1794 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Abalone on 16.06.2014 at 16:19:20,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\apn"
~~~ FireFox
Successfully deleted the following from C:\Users\Abalone\AppData\Roaming\mozilla\firefox\profiles\tdxldm6j.default\prefs.js
user_pref("extensions.TBPLATFORM_NS_PH.searchconf", "{\n \"google\" : {\n \"urlexp\" : \"hxxp(s)?:\\\\/\\\\/www\\\\.google\\\\..*\\\\/.*[?#&]q=([^&]+)\",\n \"rankomet
Emptied folder: C:\Users\Abalone\AppData\Roaming\mozilla\firefox\profiles\tdxldm6j.default\minidumps [25 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.06.2014 at 16:22:46,28
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-06-2014
Ran by Abalone (administrator) on ELPARADISO on 16-06-2014 16:28:02
Running from C:\Users\Abalone\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
() C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(iZ3D Inc.) C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe
(Monotype Inc.) C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\Pac207\Monitor.exe
(Valve Corporation) D:\Spiele\Steam\Steam.exe
(Monotype Inc.) C:\Program Files\Monotype\SkyFonts\SkyFonts.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\realplay.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Abalone\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(iZ3D Inc.) C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Macrovision Europe Ltd.) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
(Microsoft) C:\Program Files\Monotype\SkyFonts\SkyFonts.Monitor.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RunDLLEntry] => C:\Windows\system32\AmbRunE.dll [17920 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC207\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [61440 2006-09-14] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-23] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UVS10 Preload] => C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe [36864 2006-08-09] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-10] (VIA)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [RealTray] => C:\Program Files (x86)\Real\RealPlayer\RealPlay.exe [26112 2013-12-24] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\.DEFAULT\...\Run: [Copy] => C:\Users\Abalone\AppData\Roaming\Copy\CopyAgent.exe [15368336 2014-06-11] (Barracuda Networks, Inc.)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [Google Update] => C:\Users\Abalone\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-30] (Google Inc.)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [Steam] => D:\Spiele\Steam\steam.exe [1753280 2014-06-10] (Valve Corporation)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [Copy] => C:\Users\Abalone\AppData\Roaming\Copy\CopyAgent.exe [15368336 2014-06-11] (Barracuda Networks, Inc.)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\Run: [Monotype SkyFonts System Extension] => C:\Program Files\Monotype\SkyFonts\SkyFonts.exe [1124144 2014-05-30] (Monotype Inc.)
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\MountPoints2: {4f347f58-eac7-11e2-9781-50465da085f7} - H:\iLinker.exe
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\MountPoints2: {5092de3e-cfa5-11e2-a75b-806e6f6e6963} - E:\pcwstart.exe
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\MountPoints2: {8a0e71d7-f274-11e1-84be-bc5ff41ba15c} - G:\pushinst.exe
HKU\S-1-5-21-3072619532-3118682878-2417991977-1000\...\MountPoints2: {f9b69591-a272-11e2-80ca-bc5ff41ba15c} - F:\pushinst.exe
Startup: C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Abalone\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat - Schnellstart.lnk
ShortcutTarget: Adobe Acrobat - Schnellstart.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
ShortcutTarget: Adobe Reader Synchronizer.lnk -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x38E55447F759CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default
FF Homepage: hxxp://apod.nasa.gov/apod/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1))%20%7B%20return%20'PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "http", "130.92.70.252"
FF NetworkProxy: "http_port", 3124
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Abalone\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Abalone\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Abalone\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\searchplugins\imdb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Simple Mail - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\simplemail@telega.phpnet.us [2014-05-11]
FF Extension: FireShot - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2014-06-04]
FF Extension: Add to Amazon Wish List Button - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\amznUWL2@amazon.com.xpi [2013-10-19]
FF Extension: Firebug - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\firebug@software.joehewitt.com.xpi [2012-07-01]
FF Extension: Ghostery - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\firefox@ghostery.com.xpi [2013-08-17]
FF Extension: Imgur Uploader - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\giorgio@gilestro.tk.xpi [2013-10-14]
FF Extension: Good Website Inspector - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\gwif-quality@goodwebsiteinspector.com.xpi [2012-07-01]
FF Extension: YouTube HTML5-Video - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\jid0-MXvUXM1npF7yTcY3bpZVht72AR4@jetpack.xpi [2013-06-11]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-06-21]
FF Extension: Pin It button - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\pinterest@robertnyman.com.xpi [2014-04-03]
FF Extension: Rehost Image - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\rehostimage@engy.us.xpi [2012-07-01]
FF Extension: SQLite Manager - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2013-06-12]
FF Extension: Tab Improvement Lite - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\tabimprovelite@mozillaonline.com.xpi [2013-06-11]
FF Extension: Thumbnail Zoom Plus - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2014-04-19]
FF Extension: YSlow - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\yslow@yahoo-inc.com.xpi [2012-07-01]
FF Extension: FireFTP - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2012-07-01]
FF Extension: IMDB Search - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{c4080853-c699-4120-b8e0-618bff8a4474}.xpi [2014-04-05]
FF Extension: Adblock Plus - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-28]
FF Extension: Download Statusbar - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2013-06-11]
FF Extension: DownThemAll! - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-06-11]
FF Extension: Greasemonkey - C:\Users\Abalone\AppData\Roaming\Mozilla\Firefox\Profiles\tdxldm6j.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-26]
Chrome:
=======
CHR HomePage: hxxp://www.google.de/
CHR StartupUrls: "hxxp://apod.nasa.gov/apod/",
"hxxp://www.sommerboard.de/",
"https://mail.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Users\Abalone\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Abalone\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Abalone\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\Abalone\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.110.21) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Turn Off the Lights) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2012-06-30]
CHR Extension: (YouTube) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-30]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2012-06-30]
CHR Extension: (Auf den Amazon-Wunschzettel) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2012-06-30]
CHR Extension: (Webseiten-Screenshot - Webpage Screenshot) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ckibcdccnfeookdmbahgiakhnjcddpki [2012-06-30]
CHR Extension: (Google-Suche) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-30]
CHR Extension: (Pixlr-o-matic) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj [2012-06-30]
CHR Extension: (backgroundPage) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-06-11]
CHR Extension: (Google Kalender) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2012-06-30]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2012-06-30]
CHR Extension: (Stylish) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2012-06-30]
CHR Extension: (AdBlock) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-06-30]
CHR Extension: (Save in Delicious) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjeaeddhdjejgdemcpdphakdohfbcnhe [2012-06-30]
CHR Extension: (Hola Besseres Internet) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2013-01-25]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2012-08-22]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2013-03-28]
CHR Extension: (No Name) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2012-06-30]
CHR Extension: (Alexa Toolbar Creator) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\iahagolkpaghhinaljhjihagjgomdokb [2012-07-10]
CHR Extension: (Send to Kindle (by Klip.me)) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipkfnchcgalnafehpglfbommidgmalan [2012-06-30]
CHR Extension: (Downloads) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfchnphgogjhineanplmfkofljiagjfb [2012-06-30]
CHR Extension: (Shareaholic für Google Chrome) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmipnjdeifmobkhgogdnomkihhgojep [2012-06-30]
CHR Extension: (Facebook Comment Fixer) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\khdlojihdalnfgigbcelkikecggllnlm [2012-06-30]
CHR Extension: (QUOTE.fm) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\lckmlcndmcgiemfoninonlmljcmokopk [2012-06-30]
CHR Extension: (Google Mail-Checker) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2012-06-30]
CHR Extension: (Jolidrive New Tab Page) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnohghiikijhpodcbmoephocdbjlmdhe [2013-03-14]
CHR Extension: (Erweiterung \) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2012-06-30]
CHR Extension: (Google Wallet) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-03]
CHR Extension: (Google Reader) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm [2012-08-30]
CHR Extension: (Google Mail) - C:\Users\Abalone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-30]
CHR StartMenuInternet: Google Chrome - C:\Users\Abalone\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-08] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400 2006-09-14] () [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-22] (Avira Operations GmbH & Co. KG)
R3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2013-01-08] (Macrovision Europe Ltd.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-01-01] ()
R2 S3DSvc32; C:\Program Files (x86)\iZ3D Driver\Win32\S3DCService.exe [357888 2011-06-16] (iZ3D Inc.) [File not signed]
R2 S3DSvc64; C:\Program Files (x86)\iZ3D Driver\Win64\S3DCService.exe [477696 2011-06-16] (iZ3D Inc.) [File not signed]
R2 SkyFontsService; C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [35120 2014-05-30] (Monotype Inc.)
R2 UleadBurningHelper; C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-09-28] (Ulead Systems, Inc.) [File not signed]
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-12] (VIA Technologies, Inc.)
S3 DAUpdaterSvc; D:\Spiele\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-22] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2012-04-25] (AVM Berlin)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) [File not signed]
S3 fwlanusb5; C:\Windows\System32\DRIVERS\fwlanusb5.sys [982784 2012-08-21] (AVM GmbH)
S1 hwinterface; C:\Windows\SysWOW64\Drivers\hwinterface.sys [3026 2014-06-15] (Logix4u) [File not signed]
R1 iZ3DInjectionDriver; C:\Program Files (x86)\iZ3D Driver\Win64\S3DInjectionDriver.sys [43704 2011-06-16] ()
R0 iZ3DShutterService; C:\Windows\System32\Drivers\iZ3DShutterService.sys [17464 2011-06-16] (iZ3D Inc.)
S3 PAC207; C:\Windows\System32\DRIVERS\PFC027.SYS [572416 2006-12-05] (PixArt Imaging Inc.)
S3 PAC207; C:\Windows\SysWOW64\DRIVERS\PFC027.SYS [162304 2005-05-27] () [File not signed]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-16 16:22 - 2014-06-16 16:23 - 00001120 _____ () C:\Users\Abalone\Desktop\JRT.txt
2014-06-16 16:18 - 2014-06-16 16:18 - 01016261 _____ (Thisisu) C:\Users\Abalone\Downloads\JRT.exe
2014-06-16 16:12 - 2014-06-16 16:12 - 00001874 _____ () C:\Users\Abalone\Desktop\AdwCleaner[S1].txt
2014-06-16 16:09 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-16 16:07 - 2014-06-16 16:07 - 01333465 _____ () C:\Users\Abalone\Downloads\adwcleaner_3.212.exe
2014-06-16 16:07 - 2014-06-16 16:07 - 00001157 _____ () C:\Users\Abalone\Desktop\mbam.txt
2014-06-16 15:56 - 2014-06-16 15:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-16 15:56 - 2014-06-16 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-16 15:56 - 2014-06-16 15:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-16 15:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-16 15:56 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-16 15:39 - 2014-06-16 15:40 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Abalone\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-16 14:59 - 2014-06-16 14:59 - 00014034 _____ () C:\Users\Abalone\Desktop\logfiles.zip
2014-06-16 14:27 - 2014-06-16 14:27 - 00013861 _____ () C:\Users\Abalone\Desktop\antivir.txt
2014-06-16 14:06 - 2014-06-16 14:06 - 00009887 _____ () C:\Users\Abalone\Desktop\Gmer.txt
2014-06-16 13:53 - 2014-06-16 13:53 - 00380416 _____ () C:\Users\Abalone\Desktop\Gmer-19357.exe
2014-06-16 13:50 - 2014-06-16 16:28 - 00030953 _____ () C:\Users\Abalone\Desktop\FRST.txt
2014-06-16 13:50 - 2014-06-16 16:28 - 00000000 ____D () C:\FRST
2014-06-16 13:49 - 2014-06-16 13:49 - 00000476 _____ () C:\Users\Abalone\Desktop\defogger_disable.log
2014-06-16 13:49 - 2014-06-16 13:49 - 00000000 _____ () C:\Users\Abalone\defogger_reenable
2014-06-16 13:44 - 2014-06-16 13:44 - 02081280 _____ (Farbar) C:\Users\Abalone\Desktop\FRST64.exe
2014-06-16 13:43 - 2014-06-16 13:43 - 00050477 _____ () C:\Users\Abalone\Desktop\Defogger.exe
2014-06-15 19:52 - 2014-06-15 19:52 - 02276799 _____ () C:\Users\Abalone\Downloads\MCPatcher 1.7.4.exe
2014-06-15 19:33 - 2014-06-15 19:34 - 19485429 _____ () C:\Users\Abalone\Downloads\[1.7]DokuCraft-TSC-Adrundaal.zip
2014-06-15 12:09 - 2014-06-15 14:41 - 00003026 _____ (Logix4u) C:\Windows\SysWOW64\Drivers\hwinterface.sys
2014-06-15 12:08 - 2014-06-15 18:23 - 00000000 ____D () C:\Users\Abalone\Downloads\Magician_v1.6.13-u2
2014-06-15 12:00 - 2014-06-15 12:01 - 17818056 _____ () C:\Users\Abalone\Downloads\Magician_v1.6.13-u2.zip
2014-06-13 17:12 - 2014-06-13 17:12 - 00000000 ____D () C:\Users\Abalone\Downloads\Header_alle
2014-06-13 17:11 - 2014-06-13 17:11 - 03021206 _____ () C:\Users\Abalone\Downloads\Header_alle.zip
2014-06-13 09:41 - 2014-06-13 09:41 - 00012909 _____ () C:\Users\Abalone\Downloads\Kopie Kontakte-ABI-Feier_2014_06.06.14.xlsx
2014-06-12 18:33 - 2014-06-12 18:33 - 00000218 _____ () C:\Users\Abalone\AppData\Local\recently-used.xbel
2014-06-12 18:31 - 2014-06-12 18:31 - 00000000 ____D () C:\Users\Abalone\Downloads\justvector
2014-06-12 18:30 - 2014-06-12 18:30 - 01125580 _____ () C:\Users\Abalone\Downloads\justvector.zip
2014-06-12 15:14 - 2014-06-12 15:14 - 00009085 _____ () C:\Users\Abalone\Downloads\smartcities_registration(5).csv
2014-06-12 09:20 - 2014-06-12 18:32 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Adobe
2014-06-12 08:45 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 08:45 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 08:45 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 08:45 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 08:45 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 08:45 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 08:45 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 08:45 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 08:45 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 08:45 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 08:45 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 08:45 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 08:45 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 08:45 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 08:45 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 08:45 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 08:45 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-12 08:44 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 08:44 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 08:44 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 08:44 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 08:44 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 08:44 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 08:44 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 08:44 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 08:44 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 08:44 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 08:44 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 08:44 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 08:44 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 08:44 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 08:44 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 08:44 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 08:44 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 08:44 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 08:44 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 08:44 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 08:44 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 08:44 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 08:44 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 08:44 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 08:44 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 08:44 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 08:44 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 08:44 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 08:44 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 08:44 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 08:44 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 08:44 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 08:44 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 08:44 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 08:44 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 08:44 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 08:44 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 08:44 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 08:44 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 08:44 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 08:44 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 08:44 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 08:44 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 08:44 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 08:44 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 08:44 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 08:44 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 08:44 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 17:21 - 2014-06-11 17:21 - 00000000 ____D () C:\Users\Abalone\Downloads\Simple-jQuery-Responsive-Image-Zoom-Plugin-Smoothzoom
2014-06-11 17:20 - 2014-06-11 17:20 - 00792988 _____ () C:\Users\Abalone\Downloads\Simple-jQuery-Responsive-Image-Zoom-Plugin-Smoothzoom.zip
2014-06-10 15:19 - 2014-06-10 15:20 - 00961360 _____ (Chip Digital GmbH) C:\Users\Abalone\Downloads\SCP 087 - CHIP-Installer.exe
2014-06-10 15:18 - 2014-06-10 15:18 - 32716585 _____ () C:\Users\Abalone\Downloads\scp-087-1.0 [1].exe
2014-06-10 15:16 - 2014-06-10 15:17 - 00001079 _____ () C:\Users\Abalone\Desktop\Die Installation von SCP-087 1.0 fortsetzen.lnk
2014-06-10 14:43 - 2014-06-10 14:50 - 00000000 ____D () C:\Users\Abalone\Documents\Witcher 2
2014-06-10 14:43 - 2014-06-10 14:43 - 00000000 ____D () C:\Users\Abalone\AppData\Local\The Witcher 2
2014-06-10 14:03 - 2014-06-10 14:03 - 00008774 _____ () C:\Users\Abalone\Downloads\smartcities_registration(4).csv
2014-06-07 21:45 - 2014-06-07 21:45 - 00000000 ____D () C:\Users\Abalone\Downloads\G-B-E
2014-06-07 21:45 - 2014-06-07 21:45 - 00000000 ____D () C:\Users\Abalone\Downloads\Antiserum-Adventuremap-1-6
2014-06-07 21:43 - 2014-06-07 21:43 - 15238411 _____ () C:\Users\Abalone\Downloads\Antiserum-Adventuremap-1-6.zip
2014-06-07 21:42 - 2014-06-07 21:42 - 01512696 _____ () C:\Users\Abalone\Downloads\G-B-E.zip
2014-06-07 21:16 - 2014-06-07 21:22 - 00000000 ____D () C:\Users\Abalone\Downloads\Gestrandeter
2014-06-07 20:52 - 2014-06-07 20:52 - 00004742 _____ () C:\Users\Abalone\Downloads\Gestrandeter.zip
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Pixlromatic
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixlr
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Program Files (x86)\Pixlr
2014-06-06 13:03 - 2014-06-06 13:03 - 00000000 ____D () C:\Users\Abalone\AppData\Local\DeadMansDraw
2014-06-06 11:06 - 2014-06-06 11:24 - 00000000 ____D () C:\Users\Abalone\Downloads\Unbenannt
2014-06-06 11:06 - 2014-06-06 11:06 - 00118912 _____ () C:\Users\Abalone\Downloads\Unbenannt.zip
2014-06-04 17:44 - 2014-06-04 17:44 - 00008178 _____ () C:\Users\Abalone\Downloads\smartcities_registration(3).csv
2014-06-04 16:18 - 2014-06-04 16:18 - 00007248 _____ () C:\Users\Abalone\Desktop\here360text.txt
2014-06-04 16:15 - 2014-06-04 16:15 - 00003848 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1399880484
2014-06-03 16:04 - 2014-06-03 16:42 - 00004277 _____ () C:\Users\Abalone\Desktop\test.html
2014-06-02 11:02 - 2014-06-02 11:02 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Blizzard
2014-06-02 10:30 - 2014-06-02 10:30 - 00000755 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-06-02 10:30 - 2014-06-02 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-06-02 10:14 - 2014-06-06 18:30 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Battle.net
2014-06-02 10:14 - 2014-06-02 10:59 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Battle.net
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Blizzard Entertainment
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-02 10:07 - 2014-06-02 10:07 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-02 10:06 - 2014-06-02 10:06 - 03099552 _____ (Blizzard Entertainment) C:\Users\Abalone\Downloads\Hearthstone-Setup-deDE.exe
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Sils_ArgoBodies_BH
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Master_Head_Pack_X
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Bravo's Argonians v1.1
2014-06-01 20:30 - 2014-06-01 20:30 - 02076003 _____ () C:\Users\Abalone\Downloads\Bravo's Argonians v1.1.rar
2014-06-01 20:29 - 2014-06-01 20:30 - 01709055 _____ () C:\Users\Abalone\Downloads\Sils_ArgoBodies_BH.rar
2014-06-01 20:18 - 2014-06-01 20:21 - 75972498 _____ () C:\Users\Abalone\Downloads\Master_Head_Pack_X.7z
2014-06-01 16:15 - 2014-06-01 16:15 - 00003970 _____ () C:\Users\Abalone\Downloads\smartcities_registration(2).csv
2014-05-31 20:28 - 2014-05-31 20:28 - 00000000 ____D () C:\Users\Abalone\Downloads\Weapon_Sheaths_Ultimate
2014-05-31 20:27 - 2014-05-31 20:27 - 01429728 _____ () C:\Users\Abalone\Downloads\Weapon_Sheaths_Ultimate.rar
2014-05-30 19:44 - 2014-05-30 19:44 - 00424946 _____ () C:\Users\Abalone\Downloads\BMW Formation - Piwik › Web Analytik Berichte.htm
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Abalone\Downloads\BMW Formation - Piwik › Web Analytik Berichte-Dateien
2014-05-30 17:25 - 2014-06-01 22:35 - 00000304 _____ () C:\Warnings.txt
2014-05-30 14:47 - 2014-05-30 14:47 - 00002622 _____ () C:\Users\Abalone\Downloads\smartcities_registration(1).csv
2014-05-30 14:46 - 2014-05-30 14:46 - 00002622 _____ () C:\Users\Abalone\Downloads\smartcities_registration.csv
2014-05-30 10:03 - 2014-05-30 10:03 - 00258220 _____ () C:\Users\Abalone\Downloads\flexnav-master.zip
2014-05-30 10:03 - 2014-05-30 10:03 - 00000000 ____D () C:\Users\Abalone\Downloads\flexnav-master
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_woodelves_1.0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_Imperial_1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_breton_1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_redg_heads1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_highelf_heads_f_1_0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_dunmer_faces1_0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_orc_f_heads1
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_nord_heads_1_1
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_Imp_headp2
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_highelf2
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\emma_bret_heads3
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_bret_headp2
2014-05-29 21:56 - 2014-05-29 21:56 - 01076172 _____ () C:\Users\Abalone\Downloads\Emmas_highelf_heads_f_1_0.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00930411 _____ () C:\Users\Abalone\Downloads\Emmas_redg_heads1_0b.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00919166 _____ () C:\Users\Abalone\Downloads\Emmasheads_breton_1_0b.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00595982 _____ () C:\Users\Abalone\Downloads\Emmasheads_Imperial_1_0b.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 02201763 _____ () C:\Users\Abalone\Downloads\Emma_nord_heads_1_1.7z
2014-05-29 21:55 - 2014-05-29 21:55 - 01438432 _____ () C:\Users\Abalone\Downloads\Emma_bret_headp2.rar
2014-05-29 21:55 - 2014-05-29 21:55 - 01212278 _____ () C:\Users\Abalone\Downloads\Emmasheads_woodelves_1.0.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 01211116 _____ () C:\Users\Abalone\Downloads\Emma_Imp_headp2.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 01015770 _____ () C:\Users\Abalone\Downloads\Emmas_dunmer_faces1_0.zip
2014-05-29 21:54 - 2014-05-29 21:54 - 02095007 _____ () C:\Users\Abalone\Downloads\Emma_highelf2.rar
2014-05-29 21:54 - 2014-05-29 21:54 - 01292554 _____ () C:\Users\Abalone\Downloads\Emma_orc_f_heads1.rar
2014-05-29 21:53 - 2014-05-29 21:53 - 02021963 _____ () C:\Users\Abalone\Downloads\emma_bret_heads3.rar
2014-05-29 21:27 - 2014-05-29 21:44 - 00000000 ____D () C:\Users\Abalone\Downloads\CoM_Fix_v1
2014-05-29 21:27 - 2014-05-29 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\COM_ver2_0
2014-05-29 21:25 - 2014-05-29 21:25 - 00002520 _____ () C:\Users\Abalone\Downloads\CoM_Fix_v1.rar
2014-05-29 21:22 - 2014-05-29 21:24 - 68478871 _____ () C:\Users\Abalone\Downloads\COM_ver2_0.7z
2014-05-29 19:36 - 2014-05-29 19:36 - 00000000 ____D () C:\Users\Abalone\Downloads\dogs_of_morrowind
2014-05-29 17:45 - 2014-05-29 17:45 - 00010408 _____ () C:\Users\Abalone\Downloads\BSA unpacker-12189.7z
2014-05-29 17:45 - 2014-05-29 17:45 - 00000000 ____D () C:\Users\Abalone\Downloads\BSA unpacker-12189
2014-05-29 17:19 - 2014-05-29 17:19 - 00330820 _____ () C:\Users\Abalone\Downloads\CargoStridersBeta.zip
2014-05-29 17:11 - 2014-05-29 17:11 - 00236301 _____ () C:\Users\Abalone\Downloads\Fireflies Invade Morrowind v1.zip
2014-05-29 15:30 - 2014-05-29 15:30 - 00000000 ____D () C:\Users\Abalone\Downloads\abotWhereAreAllBirdsGoing116
2014-05-29 15:28 - 2014-05-29 15:28 - 02557485 _____ () C:\Users\Abalone\Downloads\abotWhereAreAllBirdsGoing116.zip
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind_Advanced_182
2014-05-29 13:32 - 2014-05-29 13:33 - 08160097 _____ () C:\Users\Abalone\Downloads\Morrowind_Advanced_182.7z
2014-05-29 11:24 - 2014-05-29 11:24 - 00013873 _____ () C:\Users\Abalone\Downloads\morrowind_projectiles (1).zip
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_talrivian
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_service
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_projectiles
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_daggerbooks
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_btb
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_advanced
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\firemoth1.1
2014-05-27 23:45 - 2014-05-27 23:45 - 00000000 ____D () C:\Users\Abalone\Downloads\Don Salus Faces V.3
2014-05-27 23:43 - 2014-05-27 23:43 - 00000000 ____D () C:\Users\Abalone\Downloads\Don_Salus's_Faces_V1.0
2014-05-27 23:43 - 2014-05-27 23:43 - 00000000 ____D () C:\Users\Abalone\Downloads\Don Salus Faces V.2
2014-05-27 23:42 - 2014-05-27 23:42 - 00000000 ____D () C:\Users\Abalone\Downloads\Zul_Redguards_Women__Faces_v10
2014-05-27 23:40 - 2014-05-27 23:40 - 03760922 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_3.ace
2014-05-27 23:38 - 2014-05-27 23:38 - 03792867 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_1.ace
2014-05-27 23:38 - 2014-05-27 23:38 - 01206501 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_2.ace
2014-05-27 23:36 - 2014-05-27 23:36 - 00639227 _____ () C:\Users\Abalone\Downloads\Zul_Redguards_Women__Faces_v10.7z
2014-05-27 23:07 - 2014-05-27 23:07 - 00000000 ____D () C:\Users\Abalone\Downloads\Corean_Hair_for_all_TESIII_Races
2014-05-27 23:06 - 2014-05-27 23:06 - 13047496 _____ () C:\Users\Abalone\Downloads\Corean_Hair_for_all_TESIII_Races.7z
2014-05-27 13:05 - 2014-05-27 13:05 - 00001991 _____ () C:\Users\Abalone\Desktop\untitled.mcw
2014-05-26 14:20 - 2014-05-26 14:20 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Macaw
2014-05-26 14:18 - 2014-05-26 14:18 - 00000670 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macaw.lnk
2014-05-26 14:18 - 2014-05-26 14:18 - 00000000 ____D () C:\Program Files (x86)\Macaw
2014-05-26 14:13 - 2014-05-26 14:15 - 42344448 _____ () C:\Users\Abalone\Downloads\Macaw1.0.11.msi
2014-05-25 22:03 - 2014-05-25 22:03 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_economy
2014-05-25 21:32 - 2014-05-25 21:32 - 00000000 ____D () C:\Users\Abalone\Downloads\TESC fixed for Morrowind Steam GOTY edition v161820 -- EnglishVersion-42196-1-6-1820
2014-05-25 21:31 - 2014-05-25 21:32 - 07437347 _____ () C:\Users\Abalone\Downloads\TESC fixed for Morrowind Steam GOTY edition v161820 -- EnglishVersion-42196-1-6-1820.zip
2014-05-25 21:27 - 2014-05-25 21:27 - 00001277 _____ () C:\Users\Abalone\Downloads\timemod_0531.zip
2014-05-25 21:27 - 2014-05-25 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\timemod_0531
2014-05-25 20:39 - 2014-05-25 20:39 - 00013873 _____ () C:\Users\Abalone\Downloads\morrowind_projectiles.zip
2014-05-25 20:21 - 2014-05-25 20:21 - 00467884 _____ () C:\Users\Abalone\Downloads\firemoth1.1.zip
2014-05-25 20:17 - 2014-05-25 20:18 - 02140475 _____ () C:\Users\Abalone\Downloads\morrowind_daggerbooks.zip
2014-05-25 20:09 - 2014-05-25 20:09 - 00057102 _____ () C:\Users\Abalone\Downloads\morrowind_advanced.zip
2014-05-25 20:05 - 2014-05-25 20:05 - 00164351 _____ () C:\Users\Abalone\Downloads\morrowind_service.zip
2014-05-25 20:05 - 2014-05-25 20:05 - 00002792 _____ () C:\Users\Abalone\Downloads\morrowind_talrivian.zip
2014-05-25 19:50 - 2014-05-25 19:50 - 00328671 _____ () C:\Users\Abalone\Downloads\morrowind_btb.zip
2014-05-25 14:08 - 2014-05-25 14:08 - 00106281 _____ () C:\Users\Abalone\Downloads\morrowind_economy.zip
2014-05-25 13:49 - 2014-05-25 13:56 - 206983477 _____ () C:\Users\Abalone\Downloads\1920x1200.rar
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\Downloads\siltstridersareinvvardenfell
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\WinRAR
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-25 01:11 - 2014-05-25 01:11 - 01916952 _____ () C:\Users\Abalone\Downloads\winrar-x64-51b4.exe
2014-05-25 01:11 - 2014-05-25 01:11 - 00000000 ____D () C:\Program Files\WinRAR
2014-05-25 01:05 - 2014-05-25 01:05 - 00107345 _____ () C:\Users\Abalone\Downloads\siltstridersareinvvardenfell.ace
2014-05-25 00:17 - 2014-05-25 00:17 - 00011700 _____ () C:\Users\Abalone\Downloads\SkipTutorial1.0.zip
2014-05-25 00:17 - 2014-05-25 00:17 - 00000000 ____D () C:\Users\Abalone\Downloads\SkipTutorial1.0
2014-05-25 00:09 - 2014-05-25 00:09 - 00000000 ____D () C:\Users\Abalone\Downloads\Clean_Chargen_Revamped_v2_3
2014-05-25 00:08 - 2014-05-25 00:08 - 00027206 _____ () C:\Users\Abalone\Downloads\Clean_Chargen_Revamped_v2_3.zip
2014-05-24 23:51 - 2014-05-24 23:51 - 18911147 _____ () C:\Users\Abalone\Downloads\MEL Hair Pack Final-41622.7z
2014-05-24 23:32 - 2014-05-24 23:32 - 00048840 _____ () C:\Users\Abalone\Downloads\MQE Main File 1_1-41337-1-1.rar
2014-05-24 23:13 - 2014-05-24 23:13 - 00000662 _____ () C:\Users\Abalone\Downloads\Lower First Person Sneak Mode-43108-1-0-1.zip
2014-05-24 22:59 - 2014-05-24 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NifTools
2014-05-24 22:59 - 2014-05-24 22:59 - 00000000 ____D () C:\Program Files (x86)\NifTools
2014-05-24 22:57 - 2014-05-24 22:58 - 08631751 _____ () C:\Users\Abalone\Downloads\nifskope-1.1.3.36ebfdd-windows.exe
2014-05-24 22:48 - 2014-05-24 22:53 - 00000000 ____D () C:\Users\Abalone\Downloads\BetterAlmalexia-23388
2014-05-24 22:48 - 2014-05-24 22:48 - 05600778 _____ () C:\Users\Abalone\Downloads\BetterAlmalexia-23388.rar
2014-05-24 22:23 - 2014-05-24 22:23 - 00000000 ____D () C:\Users\Abalone\Downloads\Skinned Hairs for Morrowind-42799-1-0
2014-05-24 22:21 - 2014-05-24 22:21 - 01821509 _____ () C:\Users\Abalone\Downloads\Skinned Hairs for Morrowind-42799-1-0.7z
2014-05-24 22:16 - 2014-05-24 22:23 - 00000000 ____D () C:\Users\Abalone\Downloads\DelayedDBattacks-14891
2014-05-24 22:16 - 2014-05-24 22:16 - 00002991 _____ () C:\Users\Abalone\Downloads\DelayedDBattacks-14891.zip
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 ____D () C:\Users\Abalone\Downloads\Speed and Stamina - Standard-42190-1-0
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 ____D () C:\Users\Abalone\Downloads\16x10 Version-39329-1
2014-05-24 16:00 - 2014-05-24 16:00 - 00001454 _____ () C:\Users\Abalone\Downloads\Speed and Stamina - Standard-42190-1-0.zip
2014-05-24 15:58 - 2014-05-24 16:00 - 56108041 _____ () C:\Users\Abalone\Downloads\16x10 Version-39329-1.zip
2014-05-24 15:40 - 2014-05-24 15:40 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wrye Mash
2014-05-24 15:40 - 2014-05-24 15:40 - 00000000 ____D () C:\Program Files\Bethesda Softworks
2014-05-24 15:39 - 2014-05-24 15:39 - 08038548 _____ () C:\Users\Abalone\Downloads\wrye_mash_84dcg003_install.rar
2014-05-24 15:39 - 2014-05-24 15:39 - 00000000 ____D () C:\Users\Abalone\Downloads\wrye_mash_84dcg003_install
2014-05-24 15:35 - 2014-05-24 15:35 - 00001518 _____ () C:\Users\Abalone\Desktop\Wrye Mash.txt - Verknüpfung.lnk
2014-05-24 15:32 - 2014-05-24 15:32 - 00000000 ____D () C:\Python34
2014-05-24 15:32 - 2014-05-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2014-05-24 15:30 - 2014-05-24 15:31 - 24408064 _____ () C:\Users\Abalone\Downloads\python-3.4.1.msi
2014-05-24 15:27 - 2014-05-24 15:27 - 00000000 ____D () C:\Users\Abalone\Downloads\Wrye Mash 84-27588
2014-05-24 15:26 - 2014-05-24 15:26 - 00747499 _____ () C:\Users\Abalone\Downloads\Wrye Mash 84-27588.zip
2014-05-24 15:15 - 2014-05-24 15:15 - 12012966 _____ () C:\Users\Abalone\Downloads\Divine Dagoth Ur- ddfields update-39431.zip
2014-05-24 15:10 - 2014-05-24 15:10 - 00000000 ____D () C:\Users\Abalone\Downloads\Accurate Attack v1_2-23746
2014-05-24 15:09 - 2014-05-24 15:09 - 00004636 _____ () C:\Users\Abalone\Downloads\Accurate Attack v1_2-23746.rar
2014-05-23 13:18 - 2014-05-24 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morrowind Mod Manager
2014-05-23 13:17 - 2014-05-23 13:17 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind Mod Manager-26260
2014-05-23 13:15 - 2014-05-23 13:15 - 00721497 _____ () C:\Users\Abalone\Downloads\Morrowind Mod Manager-26260.7z
2014-05-23 13:04 - 2014-05-23 13:04 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind Comes Alive-6006-8-0
2014-05-23 13:01 - 2014-05-23 13:02 - 19871102 _____ () C:\Users\Abalone\Downloads\Morrowind Comes Alive-6006-8-0.7z
2014-05-23 12:55 - 2014-05-23 12:55 - 00000000 ____D () C:\Users\Abalone\Downloads\Dwemer Mesh Impr v1-43101-1
2014-05-23 12:53 - 2014-05-23 12:54 - 00439340 _____ () C:\Users\Abalone\Downloads\Dwemer Mesh Impr v1-43101-1.zip
2014-05-22 23:24 - 2014-05-22 23:26 - 50449456 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\dotNetFx40_Full_x86_x64.exe
2014-05-22 23:23 - 2014-05-22 23:23 - 04216840 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\vcredist_x86.exe
2014-05-22 23:20 - 2014-05-22 23:25 - 100271992 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\directx_Jun2010_redist.exe
2014-05-22 23:17 - 2014-05-23 14:49 - 00000000 ____D () C:\Users\Abalone\Downloads\MGSO_3-0_Final
2014-05-22 22:03 - 2014-05-22 23:07 - 1773379811 _____ () C:\Users\Abalone\Downloads\MGSO_3-0_Final.rar
2014-05-22 21:45 - 2014-05-22 21:46 - 05756846 _____ () C:\Users\Abalone\Downloads\TES3OverhaulGer.zip
2014-05-18 10:38 - 2014-05-18 10:38 - 02734592 _____ (Python Software Foundation) C:\Windows\SysWOW64\python34.dll
2014-05-18 10:37 - 2014-05-18 10:37 - 00102912 _____ (Python Software Foundation) C:\Windows\pyw.exe
2014-05-18 10:37 - 2014-05-18 10:37 - 00102400 _____ (Python Software Foundation) C:\Windows\py.exe
==================== One Month Modified Files and Folders =======
2014-06-16 16:28 - 2014-06-16 13:50 - 00030953 _____ () C:\Users\Abalone\Desktop\FRST.txt
2014-06-16 16:28 - 2014-06-16 13:50 - 00000000 ____D () C:\FRST
2014-06-16 16:28 - 2012-06-30 19:11 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Temp
2014-06-16 16:23 - 2014-06-16 16:22 - 00001120 _____ () C:\Users\Abalone\Desktop\JRT.txt
2014-06-16 16:22 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 16:22 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 16:20 - 2013-04-06 14:54 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Copy
2014-06-16 16:18 - 2014-06-16 16:18 - 01016261 _____ (Thisisu) C:\Users\Abalone\Downloads\JRT.exe
2014-06-16 16:18 - 2012-07-01 01:06 - 01965837 _____ () C:\Windows\WindowsUpdate.log
2014-06-16 16:18 - 2012-06-30 19:36 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3072619532-3118682878-2417991977-1000UA.job
2014-06-16 16:17 - 2012-07-01 00:08 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Dropbox
2014-06-16 16:15 - 2012-10-16 21:02 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-16 16:14 - 2014-05-07 09:18 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\DropboxMaster
2014-06-16 16:14 - 2014-01-26 16:41 - 00000000 __RHD () C:\Users\Abalone\AppData\Roaming\Monotype
2014-06-16 16:12 - 2014-06-16 16:12 - 00001874 _____ () C:\Users\Abalone\Desktop\AdwCleaner[S1].txt
2014-06-16 16:11 - 2014-02-08 13:04 - 00009477 _____ () C:\Windows\setupact.log
2014-06-16 16:11 - 2010-11-21 05:47 - 00500174 _____ () C:\Windows\PFRO.log
2014-06-16 16:11 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-16 16:10 - 2013-11-02 19:21 - 00000000 ____D () C:\AdwCleaner
2014-06-16 16:07 - 2014-06-16 16:07 - 01333465 _____ () C:\Users\Abalone\Downloads\adwcleaner_3.212.exe
2014-06-16 16:07 - 2014-06-16 16:07 - 00001157 _____ () C:\Users\Abalone\Desktop\mbam.txt
2014-06-16 15:56 - 2014-06-16 15:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-16 15:56 - 2014-06-16 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-06-16 15:56 - 2014-06-16 15:56 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-06-16 15:56 - 2013-11-02 19:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-16 15:40 - 2014-06-16 15:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Abalone\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-16 14:59 - 2014-06-16 14:59 - 00014034 _____ () C:\Users\Abalone\Desktop\logfiles.zip
2014-06-16 14:27 - 2014-06-16 14:27 - 00013861 _____ () C:\Users\Abalone\Desktop\antivir.txt
2014-06-16 14:06 - 2014-06-16 14:06 - 00009887 _____ () C:\Users\Abalone\Desktop\Gmer.txt
2014-06-16 13:53 - 2014-06-16 13:53 - 00380416 _____ () C:\Users\Abalone\Desktop\Gmer-19357.exe
2014-06-16 13:49 - 2014-06-16 13:49 - 00000476 _____ () C:\Users\Abalone\Desktop\defogger_disable.log
2014-06-16 13:49 - 2014-06-16 13:49 - 00000000 _____ () C:\Users\Abalone\defogger_reenable
2014-06-16 13:49 - 2012-06-30 19:11 - 00000000 ____D () C:\Users\Abalone
2014-06-16 13:44 - 2014-06-16 13:44 - 02081280 _____ (Farbar) C:\Users\Abalone\Desktop\FRST64.exe
2014-06-16 13:43 - 2014-06-16 13:43 - 00050477 _____ () C:\Users\Abalone\Desktop\Defogger.exe
2014-06-16 13:30 - 2012-07-01 10:42 - 00000000 ____D () C:\Program Files (x86)\HijackThis
2014-06-16 09:18 - 2012-06-30 19:35 - 00001076 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3072619532-3118682878-2417991977-1000Core.job
2014-06-15 23:55 - 2013-12-18 22:41 - 00000000 ____D () C:\Users\Abalone\AppData\Local\The Witcher
2014-06-15 20:52 - 2013-10-13 20:35 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\.minecraft
2014-06-15 19:52 - 2014-06-15 19:52 - 02276799 _____ () C:\Users\Abalone\Downloads\MCPatcher 1.7.4.exe
2014-06-15 19:34 - 2014-06-15 19:33 - 19485429 _____ () C:\Users\Abalone\Downloads\[1.7]DokuCraft-TSC-Adrundaal.zip
2014-06-15 18:23 - 2014-06-15 12:08 - 00000000 ____D () C:\Users\Abalone\Downloads\Magician_v1.6.13-u2
2014-06-15 14:41 - 2014-06-15 12:09 - 00003026 _____ (Logix4u) C:\Windows\SysWOW64\Drivers\hwinterface.sys
2014-06-15 12:01 - 2014-06-15 12:00 - 17818056 _____ () C:\Users\Abalone\Downloads\Magician_v1.6.13-u2.zip
2014-06-14 12:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-13 17:12 - 2014-06-13 17:12 - 00000000 ____D () C:\Users\Abalone\Downloads\Header_alle
2014-06-13 17:11 - 2014-06-13 17:11 - 03021206 _____ () C:\Users\Abalone\Downloads\Header_alle.zip
2014-06-13 11:25 - 2013-11-09 17:59 - 00000084 _____ () C:\Windows\winamp.ini
2014-06-13 09:41 - 2014-06-13 09:41 - 00012909 _____ () C:\Users\Abalone\Downloads\Kopie Kontakte-ABI-Feier_2014_06.06.14.xlsx
2014-06-12 23:34 - 2013-08-14 23:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 23:33 - 2012-06-30 21:36 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-12 18:33 - 2014-06-12 18:33 - 00000218 _____ () C:\Users\Abalone\AppData\Local\recently-used.xbel
2014-06-12 18:32 - 2014-06-12 09:20 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Adobe
2014-06-12 18:31 - 2014-06-12 18:31 - 00000000 ____D () C:\Users\Abalone\Downloads\justvector
2014-06-12 18:30 - 2014-06-12 18:30 - 01125580 _____ () C:\Users\Abalone\Downloads\justvector.zip
2014-06-12 15:14 - 2014-06-12 15:14 - 00009085 _____ () C:\Users\Abalone\Downloads\smartcities_registration(5).csv
2014-06-12 08:37 - 2012-10-16 21:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-12 08:37 - 2012-07-03 13:42 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-12 08:37 - 2012-07-03 13:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-11 18:37 - 2012-07-01 00:41 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\vlc
2014-06-11 17:21 - 2014-06-11 17:21 - 00000000 ____D () C:\Users\Abalone\Downloads\Simple-jQuery-Responsive-Image-Zoom-Plugin-Smoothzoom
2014-06-11 17:20 - 2014-06-11 17:20 - 00792988 _____ () C:\Users\Abalone\Downloads\Simple-jQuery-Responsive-Image-Zoom-Plugin-Smoothzoom.zip
2014-06-10 15:20 - 2014-06-10 15:19 - 00961360 _____ (Chip Digital GmbH) C:\Users\Abalone\Downloads\SCP 087 - CHIP-Installer.exe
2014-06-10 15:18 - 2014-06-10 15:18 - 32716585 _____ () C:\Users\Abalone\Downloads\scp-087-1.0 [1].exe
2014-06-10 15:17 - 2014-06-10 15:16 - 00001079 _____ () C:\Users\Abalone\Desktop\Die Installation von SCP-087 1.0 fortsetzen.lnk
2014-06-10 14:50 - 2014-06-10 14:43 - 00000000 ____D () C:\Users\Abalone\Documents\Witcher 2
2014-06-10 14:43 - 2014-06-10 14:43 - 00000000 ____D () C:\Users\Abalone\AppData\Local\The Witcher 2
2014-06-10 14:42 - 2012-07-01 10:52 - 00544569 _____ () C:\Windows\DirectX.log
2014-06-10 14:03 - 2014-06-10 14:03 - 00008774 _____ () C:\Users\Abalone\Downloads\smartcities_registration(4).csv
2014-06-10 08:03 - 2012-07-16 20:47 - 00000000 ____D () C:\Users\Abalone\AppData\Local\CrashDumps
2014-06-07 21:45 - 2014-06-07 21:45 - 00000000 ____D () C:\Users\Abalone\Downloads\G-B-E
2014-06-07 21:45 - 2014-06-07 21:45 - 00000000 ____D () C:\Users\Abalone\Downloads\Antiserum-Adventuremap-1-6
2014-06-07 21:43 - 2014-06-07 21:43 - 15238411 _____ () C:\Users\Abalone\Downloads\Antiserum-Adventuremap-1-6.zip
2014-06-07 21:42 - 2014-06-07 21:42 - 01512696 _____ () C:\Users\Abalone\Downloads\G-B-E.zip
2014-06-07 21:22 - 2014-06-07 21:16 - 00000000 ____D () C:\Users\Abalone\Downloads\Gestrandeter
2014-06-07 20:52 - 2014-06-07 20:52 - 00004742 _____ () C:\Users\Abalone\Downloads\Gestrandeter.zip
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Pixlromatic
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pixlr
2014-06-07 20:42 - 2014-06-07 20:42 - 00000000 ____D () C:\Program Files (x86)\Pixlr
2014-06-07 20:42 - 2012-06-30 19:19 - 00000000 ____D () C:\ProgramData\Adobe
2014-06-07 20:42 - 2012-06-30 19:19 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-06-07 20:38 - 2012-06-30 19:20 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Adobe
2014-06-07 17:57 - 2013-09-06 19:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-07 17:41 - 2009-07-14 06:45 - 00803592 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-06 23:56 - 2012-06-30 19:32 - 00154824 _____ () C:\Users\Abalone\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-06 18:30 - 2014-06-02 10:14 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Battle.net
2014-06-06 13:03 - 2014-06-06 13:03 - 00000000 ____D () C:\Users\Abalone\AppData\Local\DeadMansDraw
2014-06-06 11:24 - 2014-06-06 11:06 - 00000000 ____D () C:\Users\Abalone\Downloads\Unbenannt
2014-06-06 11:06 - 2014-06-06 11:06 - 00118912 _____ () C:\Users\Abalone\Downloads\Unbenannt.zip
2014-06-04 17:44 - 2014-06-04 17:44 - 00008178 _____ () C:\Users\Abalone\Downloads\smartcities_registration(3).csv
2014-06-04 16:18 - 2014-06-04 16:18 - 00007248 _____ () C:\Users\Abalone\Desktop\here360text.txt
2014-06-04 16:15 - 2014-06-04 16:15 - 00003848 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1399880484
2014-06-04 16:15 - 2014-05-12 09:41 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-04 08:17 - 2012-12-20 02:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-03 16:42 - 2014-06-03 16:04 - 00004277 _____ () C:\Users\Abalone\Desktop\test.html
2014-06-02 11:02 - 2014-06-02 11:02 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Blizzard
2014-06-02 10:59 - 2014-06-02 10:14 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Battle.net
2014-06-02 10:30 - 2014-06-02 10:30 - 00000755 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-06-02 10:30 - 2014-06-02 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Blizzard Entertainment
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-06-02 10:14 - 2014-06-02 10:14 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-06-02 10:07 - 2014-06-02 10:07 - 00000000 ____D () C:\ProgramData\Battle.net
2014-06-02 10:06 - 2014-06-02 10:06 - 03099552 _____ (Blizzard Entertainment) C:\Users\Abalone\Downloads\Hearthstone-Setup-deDE.exe
2014-06-01 22:35 - 2014-05-30 17:25 - 00000304 _____ () C:\Warnings.txt
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Sils_ArgoBodies_BH
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Master_Head_Pack_X
2014-06-01 20:48 - 2014-06-01 20:48 - 00000000 ____D () C:\Users\Abalone\Downloads\Bravo's Argonians v1.1
2014-06-01 20:30 - 2014-06-01 20:30 - 02076003 _____ () C:\Users\Abalone\Downloads\Bravo's Argonians v1.1.rar
2014-06-01 20:30 - 2014-06-01 20:29 - 01709055 _____ () C:\Users\Abalone\Downloads\Sils_ArgoBodies_BH.rar
2014-06-01 20:21 - 2014-06-01 20:18 - 75972498 _____ () C:\Users\Abalone\Downloads\Master_Head_Pack_X.7z
2014-06-01 16:15 - 2014-06-01 16:15 - 00003970 _____ () C:\Users\Abalone\Downloads\smartcities_registration(2).csv
2014-05-31 20:28 - 2014-05-31 20:28 - 00000000 ____D () C:\Users\Abalone\Downloads\Weapon_Sheaths_Ultimate
2014-05-31 20:27 - 2014-05-31 20:27 - 01429728 _____ () C:\Users\Abalone\Downloads\Weapon_Sheaths_Ultimate.rar
2014-05-30 19:44 - 2014-05-30 19:44 - 00424946 _____ () C:\Users\Abalone\Downloads\BMW Formation - Piwik › Web Analytik Berichte.htm
2014-05-30 19:44 - 2014-05-30 19:44 - 00000000 ____D () C:\Users\Abalone\Downloads\BMW Formation - Piwik › Web Analytik Berichte-Dateien
2014-05-30 14:47 - 2014-05-30 14:47 - 00002622 _____ () C:\Users\Abalone\Downloads\smartcities_registration(1).csv
2014-05-30 14:46 - 2014-05-30 14:46 - 00002622 _____ () C:\Users\Abalone\Downloads\smartcities_registration.csv
2014-05-30 12:21 - 2014-06-12 08:44 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 08:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 08:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 08:44 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 08:44 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 08:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 08:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 08:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 08:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 08:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 08:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 08:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 08:44 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 08:44 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 08:44 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 08:44 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 08:44 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 08:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 08:44 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 08:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 08:44 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 08:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 08:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 08:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 08:45 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 08:44 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 08:44 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 08:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 08:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 08:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 08:44 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 08:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 08:45 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 08:44 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 08:44 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 08:44 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 08:44 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 08:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 08:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:03 - 2014-05-30 10:03 - 00258220 _____ () C:\Users\Abalone\Downloads\flexnav-master.zip
2014-05-30 10:03 - 2014-05-30 10:03 - 00000000 ____D () C:\Users\Abalone\Downloads\flexnav-master
2014-05-30 10:02 - 2014-06-12 08:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 08:44 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 08:44 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 08:44 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 08:44 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 08:44 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 08:44 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 08:44 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 08:44 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 08:44 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 08:45 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 08:44 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 08:44 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_woodelves_1.0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_Imperial_1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmasheads_breton_1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_redg_heads1_0b
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_highelf_heads_f_1_0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emmas_dunmer_faces1_0
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_orc_f_heads1
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_nord_heads_1_1
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_Imp_headp2
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_highelf2
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\emma_bret_heads3
2014-05-29 21:57 - 2014-05-29 21:57 - 00000000 ____D () C:\Users\Abalone\Downloads\Emma_bret_headp2
2014-05-29 21:56 - 2014-05-29 21:56 - 01076172 _____ () C:\Users\Abalone\Downloads\Emmas_highelf_heads_f_1_0.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00930411 _____ () C:\Users\Abalone\Downloads\Emmas_redg_heads1_0b.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00919166 _____ () C:\Users\Abalone\Downloads\Emmasheads_breton_1_0b.zip
2014-05-29 21:56 - 2014-05-29 21:56 - 00595982 _____ () C:\Users\Abalone\Downloads\Emmasheads_Imperial_1_0b.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 02201763 _____ () C:\Users\Abalone\Downloads\Emma_nord_heads_1_1.7z
2014-05-29 21:55 - 2014-05-29 21:55 - 01438432 _____ () C:\Users\Abalone\Downloads\Emma_bret_headp2.rar
2014-05-29 21:55 - 2014-05-29 21:55 - 01212278 _____ () C:\Users\Abalone\Downloads\Emmasheads_woodelves_1.0.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 01211116 _____ () C:\Users\Abalone\Downloads\Emma_Imp_headp2.zip
2014-05-29 21:55 - 2014-05-29 21:55 - 01015770 _____ () C:\Users\Abalone\Downloads\Emmas_dunmer_faces1_0.zip
2014-05-29 21:54 - 2014-05-29 21:54 - 02095007 _____ () C:\Users\Abalone\Downloads\Emma_highelf2.rar
2014-05-29 21:54 - 2014-05-29 21:54 - 01292554 _____ () C:\Users\Abalone\Downloads\Emma_orc_f_heads1.rar
2014-05-29 21:53 - 2014-05-29 21:53 - 02021963 _____ () C:\Users\Abalone\Downloads\emma_bret_heads3.rar
2014-05-29 21:44 - 2014-05-29 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\CoM_Fix_v1
2014-05-29 21:27 - 2014-05-29 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\COM_ver2_0
2014-05-29 21:25 - 2014-05-29 21:25 - 00002520 _____ () C:\Users\Abalone\Downloads\CoM_Fix_v1.rar
2014-05-29 21:24 - 2014-05-29 21:22 - 68478871 _____ () C:\Users\Abalone\Downloads\COM_ver2_0.7z
2014-05-29 19:36 - 2014-05-29 19:36 - 00000000 ____D () C:\Users\Abalone\Downloads\dogs_of_morrowind
2014-05-29 17:46 - 2013-02-09 20:48 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Paint.NET
2014-05-29 17:45 - 2014-05-29 17:45 - 00010408 _____ () C:\Users\Abalone\Downloads\BSA unpacker-12189.7z
2014-05-29 17:45 - 2014-05-29 17:45 - 00000000 ____D () C:\Users\Abalone\Downloads\BSA unpacker-12189
2014-05-29 17:19 - 2014-05-29 17:19 - 00330820 _____ () C:\Users\Abalone\Downloads\CargoStridersBeta.zip
2014-05-29 17:11 - 2014-05-29 17:11 - 00236301 _____ () C:\Users\Abalone\Downloads\Fireflies Invade Morrowind v1.zip
2014-05-29 15:30 - 2014-05-29 15:30 - 00000000 ____D () C:\Users\Abalone\Downloads\abotWhereAreAllBirdsGoing116
2014-05-29 15:28 - 2014-05-29 15:28 - 02557485 _____ () C:\Users\Abalone\Downloads\abotWhereAreAllBirdsGoing116.zip
2014-05-29 13:35 - 2014-05-29 13:35 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind_Advanced_182
2014-05-29 13:33 - 2014-05-29 13:32 - 08160097 _____ () C:\Users\Abalone\Downloads\Morrowind_Advanced_182.7z
2014-05-29 11:24 - 2014-05-29 11:24 - 00013873 _____ () C:\Users\Abalone\Downloads\morrowind_projectiles (1).zip
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_talrivian
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_service
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_projectiles
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_daggerbooks
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_btb
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_advanced
2014-05-28 23:20 - 2014-05-28 23:20 - 00000000 ____D () C:\Users\Abalone\Downloads\firemoth1.1
2014-05-27 23:45 - 2014-05-27 23:45 - 00000000 ____D () C:\Users\Abalone\Downloads\Don Salus Faces V.3
2014-05-27 23:43 - 2014-05-27 23:43 - 00000000 ____D () C:\Users\Abalone\Downloads\Don_Salus's_Faces_V1.0
2014-05-27 23:43 - 2014-05-27 23:43 - 00000000 ____D () C:\Users\Abalone\Downloads\Don Salus Faces V.2
2014-05-27 23:42 - 2014-05-27 23:42 - 00000000 ____D () C:\Users\Abalone\Downloads\Zul_Redguards_Women__Faces_v10
2014-05-27 23:40 - 2014-05-27 23:40 - 03760922 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_3.ace
2014-05-27 23:38 - 2014-05-27 23:38 - 03792867 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_1.ace
2014-05-27 23:38 - 2014-05-27 23:38 - 01206501 _____ () C:\Users\Abalone\Downloads\Don_Salus_Faces_2.ace
2014-05-27 23:36 - 2014-05-27 23:36 - 00639227 _____ () C:\Users\Abalone\Downloads\Zul_Redguards_Women__Faces_v10.7z
2014-05-27 23:07 - 2014-05-27 23:07 - 00000000 ____D () C:\Users\Abalone\Downloads\Corean_Hair_for_all_TESIII_Races
2014-05-27 23:06 - 2014-05-27 23:06 - 13047496 _____ () C:\Users\Abalone\Downloads\Corean_Hair_for_all_TESIII_Races.7z
2014-05-27 18:23 - 2014-05-01 19:40 - 00000000 ____D () C:\ProgramData\MumboJumbo
2014-05-27 13:05 - 2014-05-27 13:05 - 00001991 _____ () C:\Users\Abalone\Desktop\untitled.mcw
2014-05-26 14:20 - 2014-05-26 14:20 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Macaw
2014-05-26 14:18 - 2014-05-26 14:18 - 00000670 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macaw.lnk
2014-05-26 14:18 - 2014-05-26 14:18 - 00000000 ____D () C:\Program Files (x86)\Macaw
2014-05-26 14:15 - 2014-05-26 14:13 - 42344448 _____ () C:\Users\Abalone\Downloads\Macaw1.0.11.msi
2014-05-25 22:03 - 2014-05-25 22:03 - 00000000 ____D () C:\Users\Abalone\Downloads\morrowind_economy
2014-05-25 21:32 - 2014-05-25 21:32 - 00000000 ____D () C:\Users\Abalone\Downloads\TESC fixed for Morrowind Steam GOTY edition v161820 -- EnglishVersion-42196-1-6-1820
2014-05-25 21:32 - 2014-05-25 21:31 - 07437347 _____ () C:\Users\Abalone\Downloads\TESC fixed for Morrowind Steam GOTY edition v161820 -- EnglishVersion-42196-1-6-1820.zip
2014-05-25 21:27 - 2014-05-25 21:27 - 00001277 _____ () C:\Users\Abalone\Downloads\timemod_0531.zip
2014-05-25 21:27 - 2014-05-25 21:27 - 00000000 ____D () C:\Users\Abalone\Downloads\timemod_0531
2014-05-25 20:39 - 2014-05-25 20:39 - 00013873 _____ () C:\Users\Abalone\Downloads\morrowind_projectiles.zip
2014-05-25 20:21 - 2014-05-25 20:21 - 00467884 _____ () C:\Users\Abalone\Downloads\firemoth1.1.zip
2014-05-25 20:18 - 2014-05-25 20:17 - 02140475 _____ () C:\Users\Abalone\Downloads\morrowind_daggerbooks.zip
2014-05-25 20:09 - 2014-05-25 20:09 - 00057102 _____ () C:\Users\Abalone\Downloads\morrowind_advanced.zip
2014-05-25 20:05 - 2014-05-25 20:05 - 00164351 _____ () C:\Users\Abalone\Downloads\morrowind_service.zip
2014-05-25 20:05 - 2014-05-25 20:05 - 00002792 _____ () C:\Users\Abalone\Downloads\morrowind_talrivian.zip
2014-05-25 19:50 - 2014-05-25 19:50 - 00328671 _____ () C:\Users\Abalone\Downloads\morrowind_btb.zip
2014-05-25 14:08 - 2014-05-25 14:08 - 00106281 _____ () C:\Users\Abalone\Downloads\morrowind_economy.zip
2014-05-25 13:56 - 2014-05-25 13:49 - 206983477 _____ () C:\Users\Abalone\Downloads\1920x1200.rar
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\Downloads\siltstridersareinvvardenfell
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\WinRAR
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-25 01:12 - 2014-05-25 01:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-05-25 01:11 - 2014-05-25 01:11 - 01916952 _____ () C:\Users\Abalone\Downloads\winrar-x64-51b4.exe
2014-05-25 01:11 - 2014-05-25 01:11 - 00000000 ____D () C:\Program Files\WinRAR
2014-05-25 01:05 - 2014-05-25 01:05 - 00107345 _____ () C:\Users\Abalone\Downloads\siltstridersareinvvardenfell.ace
2014-05-25 00:17 - 2014-05-25 00:17 - 00011700 _____ () C:\Users\Abalone\Downloads\SkipTutorial1.0.zip
2014-05-25 00:17 - 2014-05-25 00:17 - 00000000 ____D () C:\Users\Abalone\Downloads\SkipTutorial1.0
2014-05-25 00:09 - 2014-05-25 00:09 - 00000000 ____D () C:\Users\Abalone\Downloads\Clean_Chargen_Revamped_v2_3
2014-05-25 00:08 - 2014-05-25 00:08 - 00027206 _____ () C:\Users\Abalone\Downloads\Clean_Chargen_Revamped_v2_3.zip
2014-05-24 23:51 - 2014-05-24 23:51 - 18911147 _____ () C:\Users\Abalone\Downloads\MEL Hair Pack Final-41622.7z
2014-05-24 23:32 - 2014-05-24 23:32 - 00048840 _____ () C:\Users\Abalone\Downloads\MQE Main File 1_1-41337-1-1.rar
2014-05-24 23:13 - 2014-05-24 23:13 - 00000662 _____ () C:\Users\Abalone\Downloads\Lower First Person Sneak Mode-43108-1-0-1.zip
2014-05-24 22:59 - 2014-05-24 22:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NifTools
2014-05-24 22:59 - 2014-05-24 22:59 - 00000000 ____D () C:\Program Files (x86)\NifTools
2014-05-24 22:58 - 2014-05-24 22:57 - 08631751 _____ () C:\Users\Abalone\Downloads\nifskope-1.1.3.36ebfdd-windows.exe
2014-05-24 22:53 - 2014-05-24 22:48 - 00000000 ____D () C:\Users\Abalone\Downloads\BetterAlmalexia-23388
2014-05-24 22:48 - 2014-05-24 22:48 - 05600778 _____ () C:\Users\Abalone\Downloads\BetterAlmalexia-23388.rar
2014-05-24 22:23 - 2014-05-24 22:23 - 00000000 ____D () C:\Users\Abalone\Downloads\Skinned Hairs for Morrowind-42799-1-0
2014-05-24 22:23 - 2014-05-24 22:16 - 00000000 ____D () C:\Users\Abalone\Downloads\DelayedDBattacks-14891
2014-05-24 22:21 - 2014-05-24 22:21 - 01821509 _____ () C:\Users\Abalone\Downloads\Skinned Hairs for Morrowind-42799-1-0.7z
2014-05-24 22:16 - 2014-05-24 22:16 - 00002991 _____ () C:\Users\Abalone\Downloads\DelayedDBattacks-14891.zip
2014-05-24 21:00 - 2012-07-01 00:09 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-24 21:00 - 2012-06-30 19:11 - 00000000 ___RD () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 ____D () C:\Users\Abalone\Downloads\Speed and Stamina - Standard-42190-1-0
2014-05-24 16:04 - 2014-05-24 16:04 - 00000000 ____D () C:\Users\Abalone\Downloads\16x10 Version-39329-1
2014-05-24 16:00 - 2014-05-24 16:00 - 00001454 _____ () C:\Users\Abalone\Downloads\Speed and Stamina - Standard-42190-1-0.zip
2014-05-24 16:00 - 2014-05-24 15:58 - 56108041 _____ () C:\Users\Abalone\Downloads\16x10 Version-39329-1.zip
2014-05-24 15:40 - 2014-05-24 15:40 - 00000000 ____D () C:\Users\Abalone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wrye Mash
2014-05-24 15:40 - 2014-05-24 15:40 - 00000000 ____D () C:\Program Files\Bethesda Softworks
2014-05-24 15:39 - 2014-05-24 15:39 - 08038548 _____ () C:\Users\Abalone\Downloads\wrye_mash_84dcg003_install.rar
2014-05-24 15:39 - 2014-05-24 15:39 - 00000000 ____D () C:\Users\Abalone\Downloads\wrye_mash_84dcg003_install
2014-05-24 15:35 - 2014-05-24 15:35 - 00001518 _____ () C:\Users\Abalone\Desktop\Wrye Mash.txt - Verknüpfung.lnk
2014-05-24 15:32 - 2014-05-24 15:32 - 00000000 ____D () C:\Python34
2014-05-24 15:32 - 2014-05-24 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2014-05-24 15:31 - 2014-05-24 15:30 - 24408064 _____ () C:\Users\Abalone\Downloads\python-3.4.1.msi
2014-05-24 15:27 - 2014-05-24 15:27 - 00000000 ____D () C:\Users\Abalone\Downloads\Wrye Mash 84-27588
2014-05-24 15:26 - 2014-05-24 15:26 - 00747499 _____ () C:\Users\Abalone\Downloads\Wrye Mash 84-27588.zip
2014-05-24 15:15 - 2014-05-24 15:15 - 12012966 _____ () C:\Users\Abalone\Downloads\Divine Dagoth Ur- ddfields update-39431.zip
2014-05-24 15:10 - 2014-05-24 15:10 - 00000000 ____D () C:\Users\Abalone\Downloads\Accurate Attack v1_2-23746
2014-05-24 15:09 - 2014-05-24 15:09 - 00004636 _____ () C:\Users\Abalone\Downloads\Accurate Attack v1_2-23746.rar
2014-05-24 10:42 - 2012-12-17 14:36 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-24 00:52 - 2012-07-01 10:52 - 00000000 ____D () C:\Users\Abalone\AppData\Local\Skyrim
2014-05-24 00:50 - 2014-04-25 11:31 - 00000000 ____D () C:\Program Files\Free Opener
2014-05-24 00:36 - 2014-05-23 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Morrowind Mod Manager
2014-05-23 14:49 - 2014-05-22 23:17 - 00000000 ____D () C:\Users\Abalone\Downloads\MGSO_3-0_Final
2014-05-23 13:17 - 2014-05-23 13:17 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind Mod Manager-26260
2014-05-23 13:15 - 2014-05-23 13:15 - 00721497 _____ () C:\Users\Abalone\Downloads\Morrowind Mod Manager-26260.7z
2014-05-23 13:04 - 2014-05-23 13:04 - 00000000 ____D () C:\Users\Abalone\Downloads\Morrowind Comes Alive-6006-8-0
2014-05-23 13:02 - 2014-05-23 13:01 - 19871102 _____ () C:\Users\Abalone\Downloads\Morrowind Comes Alive-6006-8-0.7z
2014-05-23 12:55 - 2014-05-23 12:55 - 00000000 ____D () C:\Users\Abalone\Downloads\Dwemer Mesh Impr v1-43101-1
2014-05-23 12:54 - 2014-05-23 12:53 - 00439340 _____ () C:\Users\Abalone\Downloads\Dwemer Mesh Impr v1-43101-1.zip
2014-05-22 23:26 - 2014-05-22 23:24 - 50449456 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\dotNetFx40_Full_x86_x64.exe
2014-05-22 23:25 - 2014-05-22 23:20 - 100271992 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\directx_Jun2010_redist.exe
2014-05-22 23:23 - 2014-05-22 23:23 - 04216840 _____ (Microsoft Corporation) C:\Users\Abalone\Downloads\vcredist_x86.exe
2014-05-22 23:07 - 2014-05-22 22:03 - 1773379811 _____ () C:\Users\Abalone\Downloads\MGSO_3-0_Final.rar
2014-05-22 21:46 - 2014-05-22 21:45 - 05756846 _____ () C:\Users\Abalone\Downloads\TES3OverhaulGer.zip
2014-05-22 14:58 - 2013-03-29 23:31 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-22 14:58 - 2013-03-29 23:31 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-21 16:55 - 2011-04-12 09:43 - 00746754 _____ () C:\Windows\system32\perfh007.dat
2014-05-21 16:55 - 2011-04-12 09:43 - 00167888 _____ () C:\Windows\system32\perfc007.dat
2014-05-21 16:55 - 2009-07-14 07:13 - 01754680 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-18 10:38 - 2014-05-18 10:38 - 02734592 _____ (Python Software Foundation) C:\Windows\SysWOW64\python34.dll
2014-05-18 10:37 - 2014-05-18 10:37 - 00102912 _____ (Python Software Foundation) C:\Windows\pyw.exe
2014-05-18 10:37 - 2014-05-18 10:37 - 00102400 _____ (Python Software Foundation) C:\Windows\py.exe
Some content of TEMP:
====================
C:\Users\Abalone\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Abalone\AppData\Local\Temp\avgnt.exe
C:\Users\Abalone\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpftbcvr.dll
C:\Users\Abalone\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Abalone\AppData\Local\Temp\Quarantine.exe
C:\Users\Abalone\AppData\Local\Temp\screenr_encoder.exe
C:\Users\Abalone\AppData\Local\Temp\som_fs.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-08 00:41
==================== End Of Log ============================
Ciao Abalone |
|
16.06.2014, 22:45
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Rechner verschickt E-Mails Okay, dann jetzt einen Kontrollscan mit ESET bitte: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.06.2014, 07:54
| #11 |
| | Windows 7: Rechner verschickt E-Mails Guten Morgen Habe den Scan heute Nacht mal laufen lassen, hier das Ergebnis: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=0e4f547bbb177c4987a6cbc7bc5f17db
# engine=18747
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-17 12:39:43
# local_time=2014-06-17 02:39:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 21067 147517761 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 231668 154595433 0 0
# scanned=756066
# found=15
# cleaned=0
# scan_time=8869
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=16068B8977B4DC562AE782D91BC009472667E331 ft=1 fh=c3b5a87b7d152749 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Abalone\AppData\Local\Temp\OCS\ocs_v71a.exe.vir"
sh=99F97AD369E8621AB4D17DF53E80E60FEE99C727 ft=1 fh=42567613b862d846 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Abalone\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=E60AACF3385D92FA680BEEF4506CE05EE78ABA94 ft=1 fh=d2bae08e72c42df0 vn="Win32/InstallIQ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Abalone\AppData\Local\Temp\OCS\Downloads\fc14996dfa99adfc7baae624196888c5\3cbaf55056582fe6680d63e8c6ed1ae6\freeopener2.0.1.0.exe.vir"
sh=71435DDB11E00D0243380C4902324853FE4ECE8F ft=1 fh=12b0cd2dde452d65 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apnic.dll"
sh=1A3F14C0A66F9AF050D1F34FBACBAADC31751A07 ft=1 fh=2704a03a0f47b728 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\Avira\AntiVir Desktop\Offercast_AVIRAV7_.exe"
sh=44554E882D1DD6FBF71B6550B0687E3D9FD73711 ft=1 fh=b0638f029680e22d vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Abalone\AppData\Local\Temp\AskPIP_FF_.exe"
sh=6F59892BB8ACC7323E8A7256AE3169E7A09CCEA6 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Abalone\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\4651cadc-2f234e72"
sh=732E11F53021D41E4DEF9578388D8CE1A879F06D ft=1 fh=0695a500a3275bf5 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Abalone\Downloads\FFSetup3.3.2.0.exe"
sh=702D40FD98BC1FACF378708685B7A55FE69F6E22 ft=1 fh=3feb82d5be449f23 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Abalone\Downloads\Free Opener - CHIP-Downloader.exe"
sh=DE0AA1C770B3736BC991F0F1F898046C223BF689 ft=1 fh=021f2f24658b7d25 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Abalone\Downloads\SCP 087 - CHIP-Installer.exe"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M\ApnIC[1].0"
sh=40E49124AD0B55A25F947333CA88E9D0BC30A7E3 ft=1 fh=e26ad988592b2af9 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\Temp\AskSLib.dll"
Abalone |
|
17.06.2014, 11:10
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Rechner verschickt E-Mails Nur Überbleibsel und irrelevantes Zeug... TFC - Temp File Cleaner Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.06.2014, 18:46
| #13 |
| | Windows 7: Rechner verschickt E-Mails Hallo cosinus, TFC ist gelaufen und hat nochmal ein wenig Platz geschafft :-) Ghostery nutze ich bereits, aber die Hosts-Datei hol ich mir dann auch mal. Also, bis jetzt sind keine weiteren Bounces aufgelaufen, ich hoffe mal, das Problem ist erledigt. Kann natürlich sein, dass die Adresse noch von irgendwelchen Spammern als Absender benutzt wird, aber so blöd es auch ist, dagegen kann man ja nichts tun. Hauptsache, der Rechner ist sauber und tut nichts, was er nicht tun soll :-) Vielen Dank für die Hilfe! Werde dann gleich mal den Spenden-Button betätigen :-) Ich wünsche noch alles Gute und viel Kraft für die vielen weiteren blöden Ömmels wie mich ;-p Ciao Abalone |
|
17.06.2014, 21:02
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Rechner verschickt E-Mails Dann wären wir durch! Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden. Es empfiehlt sich Malwarebytes Anti-Malware zu behalten und damit wöchentlich nach Malware zu scannen. Helfen kann dir dabei delfix: Die Reihenfolge ist hier entscheidend.
Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden. Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern. Microsoftupdate Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren. Windows Vista/7: Start, Systemsteuerung, Windows-Update PDF-Reader aktualisieren Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast) Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader. Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers: Prüfen => Adobe - Flash Player Downloadlinks findest du hier => Browsers and Plugins - FilePony.de Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind. Java-Update Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Windows 7: Rechner verschickt E-Mails |
| adware/installcore.a.528, antivir, downloader, e-mail, firefox, flash player, hiddenext/worm.gen, home, hängen, icreinstall, installation, programm, realtek, software, svchost.exe, tr/crypt.xpack.67231, vcredist, verschickt e-mails, win32/bundled.toolbar.ask, win32/bundled.toolbar.ask.d, win32/downloadsponsor.a, win32/hao123.a, win32/toolbar.conduit, windows |
Linear-Darstellung
