Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Multiple instanzen verschiedener Prozesse laufen, nicht killbar.

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Plagegeister aller Art und deren Bekämpfung: Multiple instanzen verschiedener Prozesse laufen, nicht killbar.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 3 1 2 3
Alt 09.05.2014, 12:19   #16
Ummgh23
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Sooo, einmal mbam log:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 09.05.2014
Suchlauf-Zeit: 07:31:49
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.09.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Kevin

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 267273
Verstrichene Zeit: 17 Min, 12 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 5
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [e7196b9558a80000607d54cf639f08f8], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [e7196b9558a80000607d54cf639f08f8], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [e7196b9558a80000607d54cf639f08f8], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [e7196b9558a80000607d54cf639f08f8], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2908868876-2045890655-3528692861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\SEARCHPROTECTINT, In Quarantäne, [2fd1e7196b95758bb029c7cab151c23e], 

Registrierungswerte: 2
PUP.Optional.NextLive.A, HKU\S-1-5-21-2908868876-2045890655-3528692861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\Kevin\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, In Quarantäne, [7987857b9e62f010d8f6252d837e7f81]
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2908868876-2045890655-3528692861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\SEARCHPROTECTINT|Install, 1, In Quarantäne, [2fd1e7196b95758bb029c7cab151c23e]

Registrierungsdaten: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-2908868876-2045890655-3528692861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3323882&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP438F07D2-38DE-4EBD-9DA1-14360CC25479&SSPV=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3323882&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP438F07D2-38DE-4EBD-9DA1-14360CC25479&SSPV=),Ersetzt,[25db8b7589775fa1d79cb28404007c84]

Ordner: 2
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me, In Quarantäne, [21df7f81af51f60a8686beaf34ce857b], 
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me\cache, In Quarantäne, [21df7f81af51f60a8686beaf34ce857b], 

Dateien: 9
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me\nengine.dll, In Quarantäne, [7987857b9e62f010d8f6252d837e7f81], 
PUP.Optional.OpenCandy, C:\Users\Kevin\Downloads\DTLite4481-0347.exe, In Quarantäne, [986820e010f0748c1b839cc705ffae52], 
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Local\genienext\nengine.dll, In Quarantäne, [8977cc344bb507f9b618c191907101ff], 
PUP.Optional.Amonetize.A, C:\Users\Kevin\Desktop\Soundboards\claptrap sb__6077_il57558.exe, In Quarantäne, [f20ee31d45bb4db34a1d79c155ab21df], 
PUP.Optional.Amonetize.A, C:\Users\Kevin\Desktop\Soundboards\JESSE PINKMAN SB__6078_il1285699.exe, In Quarantäne, [1be5d52b8f7153ad96d1ab8f35cb7f81], 
PUP.Optional.Amonetize.A, C:\Users\Kevin\Desktop\Soundboards\TREVOR SB__6148_il12744.exe, In Quarantäne, [fe0231cfc53b24dca8bf0b2f3ac623dd], 
PUP.Optional.Amonetize.A, C:\Users\Kevin\Desktop\Soundboards\WALTER WHITE sb__6077_il55463.exe, In Quarantäne, [5da3926e649ce51b97d02e0c46bae818], 
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me\nengine.cookie, In Quarantäne, [21df7f81af51f60a8686beaf34ce857b], 
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me\cache\spark.bin, In Quarantäne, [21df7f81af51f60a8686beaf34ce857b], 

Physische Sektoren: 0
(No malicious items detected)


(end)
Adwcleaner Log:

Code:
ATTFilter
# AdwCleaner v3.207 - Bericht erstellt am 09/05/2014 um 12:55:38
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Kevin - ALIENWARE
# Gestartet von : C:\Users\Kevin\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : SystemStoreService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Kevin\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Kevin\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Kevin\Documents\Mobogenie
Datei Gelöscht : C:\Users\Kevin\daemonprocess.txt
Datei Gelöscht : C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\93EA40F4CAE1A3547BC8B12F333055FE
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\93EA40F4CAE1A3547BC8B12F333055FE

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Mozilla Firefox v

[ Datei : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\prefs.js ]

Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.startfenster.de");

*************************

AdwCleaner[R0].txt - [2010 octets] - [09/05/2014 12:55:16]
AdwCleaner[S0].txt - [1813 octets] - [09/05/2014 12:55:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1873 octets] ##########
JRT Log:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8 x64
Ran by Kevin on 09.05.2014 at 13:06:22,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasmancs



~~~ Files

Successfully deleted: [File] "C:\Users\Kevin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.05.2014 at 13:09:09,73
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Und zu guter letzt FRST log:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2014 01
Ran by Kevin (administrator) on ALIENWARE on 09-05-2014 13:15:17
Running from C:\Users\Kevin\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe
(DJMASTER.COM) C:\Program Files\ONAIR\ONAIR.exe
() C:\Program Files (x86)\puush\puush.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12616 2012-01-10] (Alienware)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [ESL Wire] => C:\Program Files\EslWire\wire.exe [3620352 2014-04-02] (Turtle Entertainment GmbH)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [ONAIR] => C:\Program Files\ONAIR\ONAIR.exe [3505152 2014-03-09] (DJMASTER.COM)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-04-21] ()
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1E4DBDDE2807CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {3B5CCE57-FA96-4E1D-B691-0FA66591519E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {3B5CCE57-FA96-4E1D-B691-0FA66591519E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {05E205BA-FB3B-401C-A6FA-C384AE3B36EE} URL = hxxp://www.google.at/search?q={searchTerms}
SearchScopes: HKCU - {3B5CCE57-FA96-4E1D-B691-0FA66591519E} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:
========
FF ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Sync Video - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\Extensions\jid0-6qxNvGdS7HQG9rsoojsd0BubY84@jetpack.xpi [2014-04-05]
FF Extension: Copy Links - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\Extensions\{76C80A11-FAD4-406c-8246-F5ED4F9367B5}.xpi [2013-12-16]
FF Extension: Adblock Plus - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-29]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-08] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-03-30] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-30] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-26] (CyberLink)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-06] (Disc Soft Ltd)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2014-03-30] (<Turtle Entertainment>)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-04-15] (LogMeIn Inc.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-05-09] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-11-15] (Razer Inc)
R3 SaiK0CD7; C:\Windows\system32\DRIVERS\SaiK0CD7.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU0CD7; C:\Windows\System32\drivers\SaiU0CD7.sys [47168 2012-09-20] (Saitek)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-11-21] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2013-11-21] (Acronis International GmbH)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NTIOLib_Flash; \??\C:\Users\Kevin\AppData\Local\Temp\2WSX3EDC\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

NETSVCx32: eventsystem -> C:\Windows\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: iprip -> No ServiceDLL Path.
NETSVCx32: netman -> C:\Windows\SysWOW64\netman.dll ==> No File.
NETSVCx32: wzcsvc -> No ServiceDLL Path.
NETSVCx32: ip6fwhlp -> No ServiceDLL Path.
NETSVCx32: WmdmPmSN -> No ServiceDLL Path.
NETSVCx32: Appinfo -> C:\Windows\SysWOW64\appinfo.dll ==> No File.
NETSVCx32: BDESVC -> C:\Windows\SysWOW64\bdesvc.dll ==> No File.
NETSVCx32: Browser -> C:\Windows\SysWOW64\browser.dll ==> No File.
NETSVCx32: DsmSvc -> C:\Windows\SysWOW64\DeviceSetupManager.dll ==> No File.
NETSVCx32: Eaphost -> C:\Windows\SysWOW64\eapsvc.dll ==> No File.
NETSVCx32: hkmsvc -> C:\Windows\SysWOW64\kmsvc.dll ==> No File.
NETSVCx32: IKEEXT -> C:\Windows\SysWOW64\ikeext.dll ==> No File.
NETSVCx32: MMCSS -> C:\Windows\SysWOW64\mmcss.dll ==> No File.
NETSVCx32: NcaSvc -> C:\Windows\SysWOW64\ncasvc.dll ==> No File.
NETSVCx32: ProfSvc -> C:\Windows\SysWOW64\profsvc.dll ==> No File.
NETSVCx32: seclogon -> %windir%\SysWOW64\seclogon.dll ==> No File.
NETSVCx32: SystemEventsBroker -> C:\Windows\SysWOW64\SystemEventsBrokerServer.dll ==> No File.
NETSVCx32: wercplsupport -> C:\Windows\SysWOW64\wercplsupport.dll ==> No File.
NETSVCx32: wlidsvc -> C:\Windows\SysWOW64\wlidsvc.dll ==> No File.

==================== One Month Created Files and Folders ========

2014-05-09 13:15 - 2014-05-09 13:15 - 00000000 ____D () C:\Users\Kevin\Downloads\FRST-OlderVersion
2014-05-09 13:09 - 2014-05-09 13:09 - 00000998 _____ () C:\Users\Kevin\Desktop\JRT.txt
2014-05-09 13:01 - 2014-05-09 13:01 - 01016261 _____ (Thisisu) C:\Users\Kevin\Desktop\JRT.exe
2014-05-09 13:01 - 2014-05-09 13:01 - 00000000 ____D () C:\Windows\ERUNT
2014-05-09 12:58 - 2014-05-09 12:58 - 00001953 _____ () C:\Users\Kevin\Desktop\AdwCleaner[S0].txt
2014-05-09 12:55 - 2014-05-09 12:55 - 00000000 ____D () C:\AdwCleaner
2014-05-09 12:54 - 2014-05-09 12:54 - 01316991 _____ () C:\Users\Kevin\Downloads\adwcleaner(1).exe
2014-05-09 12:51 - 2014-05-09 12:51 - 01316991 _____ () C:\Users\Kevin\Desktop\adwcleaner.exe
2014-05-09 12:51 - 2014-05-09 12:51 - 00000000 ____D () C:\ProgramData\Alienware
2014-05-09 12:49 - 2014-05-09 13:05 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-09 07:32 - 2014-05-09 07:32 - 00004369 _____ () C:\Users\Kevin\Desktop\mbam.txt
2014-05-09 07:07 - 2014-05-09 07:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-09 07:07 - 2014-05-09 07:07 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-09 07:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-09 07:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-09 07:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 07:06 - 2014-05-09 07:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-08 16:45 - 2014-05-08 16:45 - 00000000 ____D () C:\Program Files (x86)\Aurora
2014-05-06 23:37 - 2014-05-06 23:37 - 00000045 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE1.dat
2014-05-06 23:37 - 2014-05-06 23:37 - 00000000 ____D () C:\Users\Kevin\jagexcache1
2014-05-06 21:06 - 2014-05-06 21:06 - 00001261 _____ () C:\Users\Public\Desktop\Burnout Paradise The Ultimate Box.lnk
2014-05-06 21:06 - 2014-05-06 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burnout Paradise The Ultimate Box
2014-05-06 17:16 - 2014-05-06 17:41 - 276805015 _____ () C:\Users\Kevin\Downloads\insane-testing.zip
2014-05-06 17:16 - 2014-05-06 17:28 - 113770432 _____ () C:\Users\Kevin\Downloads\fast-crazy-downhill.zip
2014-05-06 17:16 - 2014-05-06 17:24 - 59233105 _____ () C:\Users\Kevin\Downloads\fatal-descent.rar
2014-05-06 17:15 - 2014-05-06 17:27 - 103835337 _____ () C:\Users\Kevin\Downloads\pure-grid.zip
2014-05-06 17:15 - 2014-05-06 17:19 - 26929044 _____ () C:\Users\Kevin\Downloads\Audi_A8.zip
2014-05-06 17:14 - 2014-05-06 17:20 - 31831415 _____ () C:\Users\Kevin\Downloads\Subaru-WRX-STI-dlya-BeamNG-Drive.rar
2014-05-06 17:14 - 2014-05-06 17:19 - 22952008 _____ () C:\Users\Kevin\Downloads\chevrolet-corvette-c5-r.rar
2014-05-06 17:14 - 2014-05-06 17:17 - 22770295 _____ () C:\Users\Kevin\Downloads\Dodge-Challenger.rar
2014-05-06 17:14 - 2014-05-06 17:16 - 07432843 _____ () C:\Users\Kevin\Downloads\Skoda_Octavia.zip
2014-05-06 17:14 - 2014-05-06 17:15 - 05838647 _____ () C:\Users\Kevin\Downloads\Subaru-Impreza-WRX.rar
2014-05-06 17:13 - 2014-05-06 17:14 - 05410864 _____ () C:\Users\Kevin\Downloads\Mitsubishi-Evo-8-Black-dlya.rar
2014-05-06 17:12 - 2014-05-06 17:15 - 33795546 _____ () C:\Users\Kevin\Downloads\NissanGTR-dlya-BeamNG-Drive.rar
2014-05-06 17:10 - 2014-05-06 17:15 - 55780169 _____ () C:\Users\Kevin\Downloads\brutal-slope.zip
2014-05-06 17:10 - 2014-05-06 17:12 - 15653623 _____ () C:\Users\Kevin\Downloads\Lamborghini-Aventador.rar
2014-05-06 17:08 - 2014-05-06 17:14 - 70346234 _____ () C:\Users\Kevin\Downloads\smash-your-car.zip
2014-05-06 15:46 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 15:46 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 15:46 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 15:46 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 15:46 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-05 06:59 - 2014-05-05 06:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-05-05 06:51 - 2014-05-05 06:53 - 70638408 _____ (Apple Inc.) C:\Users\Kevin\Downloads\iCloudSetup.exe
2014-05-05 06:48 - 2014-05-05 06:59 - 00000000 ____D () C:\Users\Kevin\Desktop\Verkaufen
2014-05-04 23:14 - 2014-05-04 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-04 22:20 - 2014-05-04 22:20 - 00019741 _____ () C:\ComboFix.txt
2014-05-04 21:56 - 2014-05-04 22:20 - 00000000 ____D () C:\ComboFix
2014-05-04 21:56 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-04 21:55 - 2014-05-04 21:55 - 05197895 ____R (Swearware) C:\Users\Kevin\Desktop\ComboFix.exe
2014-05-04 21:54 - 2014-05-04 21:55 - 05197895 _____ (Swearware) C:\Users\Kevin\Downloads\ComboFix.exe
2014-05-04 03:08 - 2014-05-04 03:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Octodad Dadliest Catch
2014-05-04 03:07 - 2014-05-04 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octodad Dadliest Catch
2014-05-04 03:06 - 2014-05-04 03:07 - 00000000 ____D () C:\Program Files (x86)\Octodad Dadliest Catch
2014-05-04 03:04 - 2014-05-04 03:04 - 00000000 ____D () C:\Users\Kevin\Downloads\Octodad.Dadliest.Catch-CODEX
2014-05-04 02:48 - 2014-05-04 03:04 - 50765291 _____ () C:\Users\Kevin\Downloads\codex-octodad.part09.rar
2014-05-04 02:25 - 2014-05-04 02:32 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part08.rar
2014-05-04 02:16 - 2014-05-04 02:24 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part07.rar
2014-05-04 02:09 - 2014-05-04 02:16 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part06.rar
2014-05-04 01:59 - 2014-05-04 02:07 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part05.rar
2014-05-04 01:46 - 2014-05-04 01:58 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part04.rar
2014-05-04 01:37 - 2014-05-04 01:45 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part03.rar
2014-05-04 00:46 - 2014-05-07 11:50 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG.drive
2014-05-04 00:43 - 2014-05-04 00:47 - 00000000 ____D () C:\Users\Kevin\BeamNG.drive.Alpha.0.3.0.5-iND
2014-05-04 00:29 - 2014-05-04 00:38 - 112741808 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part2.rar
2014-05-03 18:30 - 2014-05-04 00:28 - 629145600 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part1.rar
2014-05-03 18:29 - 2014-05-04 01:36 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part02.rar
2014-05-03 17:31 - 2014-05-08 22:45 - 00000024 _____ () C:\Users\Kevin\jagexappletviewer.preferences
2014-05-03 17:31 - 2014-05-03 17:31 - 00002086 _____ () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00002056 _____ () C:\Users\Kevin\Desktop\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\.jagex_cache_32
2014-05-03 17:26 - 2014-05-03 17:26 - 00347816 _____ (Microsoft Corporation) C:\Users\Kevin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.333225616075749.1.2.Run.exe
2014-05-03 14:24 - 2014-05-03 14:24 - 04143997 _____ () C:\Users\Kevin\Downloads\tdsskiller.zip
2014-05-03 14:24 - 2014-04-29 18:21 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Kevin\Desktop\TDSSKiller.exe
2014-05-03 03:38 - 2014-05-09 00:12 - 00000024 _____ () C:\Users\Kevin\random.dat
2014-05-03 03:38 - 2014-05-08 22:45 - 00000044 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE.dat
2014-05-03 03:38 - 2014-05-03 17:31 - 00000000 ____D () C:\Users\Kevin\jagexcache
2014-05-03 03:06 - 2014-05-03 03:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-03 03:01 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 03:01 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 03:01 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 03:01 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 13:49 - 2014-05-02 13:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\ProgramData\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-02 13:44 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-02 13:44 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-02 13:44 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-02 12:45 - 2014-05-02 12:49 - 138607664 _____ () C:\Users\Kevin\Downloads\avira_free_antivirus614_de.exe
2014-05-02 07:07 - 2014-05-02 07:07 - 00000000 ____D () C:\Device
2014-05-02 07:07 - 2014-05-02 06:54 - 05103616 _____ () C:\Windows\system32\config\DRIVERS.bak
2014-05-02 06:51 - 2014-05-09 12:56 - 00106776 _____ () C:\Windows\PFRO.log
2014-05-02 06:47 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-02 06:47 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-02 06:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-02 06:45 - 2013-12-04 16:27 - 00010405 _____ () C:\Windows\SysWOW64\cryptsvc.dll
2014-05-02 06:42 - 2014-05-04 22:20 - 00000000 ____D () C:\Qoobox
2014-05-02 06:41 - 2014-05-04 22:12 - 00000000 ____D () C:\Windows\erdnt
2014-05-02 06:30 - 2014-05-02 06:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-02 06:29 - 2014-05-02 06:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kevin\Downloads\revosetup95.exe
2014-05-01 19:46 - 2014-05-01 19:47 - 03821064 _____ () C:\Users\Kevin\Downloads\battlelog-web-plugins_2.3.2_130.exe
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\Program Files\CPUID
2014-05-01 18:37 - 2014-05-01 18:37 - 01460512 _____ ( ) C:\Users\Kevin\Downloads\cpu-z_1.67.1-setup-en.exe
2014-04-29 17:50 - 2014-04-29 17:50 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-29 17:49 - 2014-04-29 17:49 - 07401104 _____ (TeamViewer GmbH) C:\Users\Kevin\Downloads\TeamViewer_Setup_de_9.0.27614.exe
2014-04-29 17:49 - 2014-04-29 17:49 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-04-28 15:13 - 2014-04-28 15:15 - 00052871 _____ () C:\Users\Kevin\Desktop\Addition.txt
2014-04-28 15:12 - 2014-05-09 13:15 - 00024101 _____ () C:\Users\Kevin\Downloads\FRST.txt
2014-04-28 15:09 - 2014-05-09 13:15 - 00000000 ____D () C:\FRST
2014-04-28 15:08 - 2014-05-09 13:15 - 02064384 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64.exe
2014-04-27 18:34 - 2014-04-27 18:34 - 00000000 ____D () C:\Users\Kevin\AppData\Local\My Games
2014-04-27 12:44 - 2014-04-27 12:44 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Empty Clip Studios
2014-04-27 12:13 - 2014-04-27 12:13 - 00000000 ____D () C:\Users\Kevin\Documents\IAmAlive
2014-04-27 12:11 - 2014-05-06 21:05 - 00055802 _____ () C:\Windows\DirectX.log
2014-04-27 10:30 - 2014-04-27 10:30 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-27 10:30 - 2014-04-27 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-27 10:27 - 2014-04-27 10:28 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Kevin\Downloads\SkypeSetupFull6.14.73.104.exe
2014-04-25 23:42 - 2014-04-25 23:42 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-25 20:47 - 2014-04-25 20:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\RotMG.Production
2014-04-25 20:30 - 2014-04-25 23:00 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part01.rar
2014-04-23 23:45 - 2014-04-23 23:46 - 11065618 _____ () C:\Users\Kevin\Downloads\tokens.zip
2014-04-23 23:31 - 2014-04-24 08:28 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Forge
2014-04-23 23:31 - 2014-04-23 23:31 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Forge
2014-04-23 21:03 - 2014-04-23 21:03 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\StunlockStudios
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 _____ () C:\Users\Kevin\Desktop\Achammer Protokoll, Mathe Verbesserung, Physik Verbesserung.txt
2014-04-22 23:00 - 2014-04-22 23:02 - 00000000 ____D () C:\Users\Kevin\Documents\Schule
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\Documents\CyberLink
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\CyberLink
2014-04-21 15:04 - 2014-04-21 15:05 - 00000000 ____D () C:\Program Files (x86)\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 01085440 _____ () C:\Users\Kevin\Downloads\puush.msi
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush
2014-04-21 13:46 - 2014-04-21 13:54 - 336017408 _____ () C:\Users\Kevin\Downloads\MyLittlePorny.iso
2014-04-18 23:53 - 2014-04-18 23:53 - 00448562 _____ () C:\Users\Kevin\Downloads\voxelmap-1.7.2-1.0.jar.zip
2014-04-18 23:35 - 2014-04-18 23:35 - 00064982 _____ () C:\Users\Kevin\Downloads\seus-v10.1-Preview2.zip
2014-04-18 23:20 - 2014-04-18 23:21 - 02752442 _____ () C:\Users\Kevin\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe
2014-04-18 19:17 - 2014-04-18 19:21 - 22455453 _____ () C:\Users\Kevin\Downloads\Teramia 0.9.1 Beta.zip
2014-04-18 19:14 - 2014-04-18 19:14 - 02347187 _____ () C:\Users\Kevin\Desktop\mcpatcher-4.3.2_02.exe
2014-04-18 18:04 - 2014-04-18 18:06 - 06174909 _____ () C:\Users\Kevin\Downloads\Minecraft_1.3.2.rar
2014-04-18 17:34 - 2014-04-18 17:34 - 00000000 ____D () C:\Users\Kevin\.swt
2014-04-18 17:23 - 2014-04-19 13:55 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\.minecraft
2014-04-18 17:23 - 2014-04-18 17:23 - 00675988 _____ () C:\Users\Kevin\Desktop\Minecraft.exe
2014-04-18 17:16 - 2014-04-18 17:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Sony Creative Software Inc
2014-04-18 01:53 - 2014-04-18 02:00 - 93035512 _____ () C:\Users\Kevin\Downloads\theponyway.2012.zip
2014-04-17 11:43 - 2014-04-17 11:50 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Mp3tag
2014-04-17 11:42 - 2014-04-17 11:42 - 02634152 _____ () C:\Users\Kevin\Downloads\mp3tagv258setup.exe
2014-04-17 11:42 - 2014-04-17 11:42 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-17 11:14 - 2014-04-17 11:52 - 00000000 ____D () C:\Users\Kevin\AppData\Local\easytag
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Users\Kevin\.dbus-keyrings
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyTAG
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Program Files (x86)\EasyTAG
2014-04-17 11:13 - 2014-04-17 11:13 - 08506991 _____ () C:\Users\Kevin\Downloads\easytag-2.2.0-setup.exe
2014-04-17 11:10 - 2014-04-17 11:10 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 11:10 - 2014-04-17 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-17 11:10 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-17 11:10 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-17 11:10 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-17 11:10 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmoK Exif Sorter
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\Program Files\AmoK Exif Sorter
2014-04-17 11:07 - 2014-04-17 11:07 - 01962995 _____ () C:\Users\Kevin\Downloads\AmoK_Exif_Sorter_v2.56_(Windows_64Bit)_Setup.exe
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DigitalVolcano
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner
2014-04-17 10:48 - 2014-04-17 10:48 - 05143120 _____ (DigitalVolcano Software Ltd) C:\Users\Kevin\Downloads\DuplicateCleaner_setup.exe
2014-04-17 02:08 - 2014-04-18 13:46 - 00052059 _____ () C:\Users\Kevin\Desktop\Music.txt
2014-04-17 01:58 - 2014-04-17 02:21 - 304323421 _____ () C:\Users\Kevin\Downloads\Balloon Party - After Party - MP3 320.zip
2014-04-17 01:58 - 2014-04-17 02:21 - 154256398 _____ () C:\Users\Kevin\Downloads\Balloon Party - Apple 2012 - MP3 320.zip
2014-04-17 01:57 - 2014-04-17 02:27 - 533446578 _____ () C:\Users\Kevin\Downloads\Balloon Party - 100- No Feeble Cheering - MP3 320.zip
2014-04-16 22:41 - 2014-04-17 11:45 - 00000000 ____D () C:\Backup Festplatte
2014-04-16 22:41 - 2014-04-16 22:41 - 00003008 _____ () C:\Users\Kevin\photorec.cfg
2014-04-16 22:36 - 2014-04-16 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-16 22:36 - 2014-04-16 22:36 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 21:39 - 2014-04-16 22:27 - 00097232 _____ () C:\Windows\SysWOW64\photorec.ses
2014-04-16 18:52 - 2014-04-16 18:58 - 00000000 ____D () C:\Program Files (x86)\Convar
2014-04-16 18:52 - 2014-04-16 18:52 - 03462033 _____ () C:\Users\Kevin\Downloads\pci_filerecovery.exe
2014-04-16 14:40 - 2014-04-16 14:46 - 00000000 ____D () C:\Users\Kevin\Desktop\SweetFX
2014-04-15 19:45 - 2014-04-15 19:46 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-04-15 19:45 - 2014-04-15 19:45 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-04-15 19:45 - 2014-04-15 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-04-15 17:57 - 2014-04-16 17:57 - 00773359 _____ () C:\Users\Kevin\Documents\Untitled_Windows Media Video V11_HD-720-30p-Video mit 6 Mbit-s.wmv
2014-04-15 10:46 - 2014-04-15 10:46 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-04-15 03:08 - 2014-04-15 03:12 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Beat Hazard
2014-04-15 02:06 - 2014-04-15 02:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\CrashRpt
2014-04-15 02:03 - 2014-04-15 02:03 - 03831134 _____ () C:\Users\Kevin\Downloads\Powerplays-SweetFX-X64-Win-8.1.zip
2014-04-15 01:14 - 2014-04-15 01:14 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-15 01:13 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-04-15 01:09 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-15 01:09 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-04-15 01:09 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-04-15 01:09 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-04-15 01:09 - 2013-11-22 10:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-04-14 20:23 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-14 20:23 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-13 15:36 - 2014-04-29 13:52 - 00009000 _____ () C:\Users\Kevin\Documents\TombRaider.log
2014-04-12 22:04 - 2014-04-13 00:25 - 02943551 _____ () C:\Users\Kevin\Desktop\Homepage Fight Runner.rar
2014-04-12 21:28 - 2014-04-12 21:28 - 02334392 _____ () C:\Users\Kevin\Desktop\tridornbirn hp_Dennis_Kevin.zip
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files\OBS
2014-04-12 21:01 - 2014-04-12 21:17 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\OBS
2014-04-12 21:01 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-04-12 21:00 - 2014-04-12 21:00 - 07888419 _____ () C:\Users\Kevin\Downloads\OBS_0_613b_Installer.exe
2014-04-12 20:47 - 2014-04-12 23:20 - 00000000 ____D () C:\Users\Kevin\Desktop\Homepage Fight Runner
2014-04-12 04:37 - 2014-04-12 04:37 - 00130509 _____ () C:\Users\Kevin\Documents\ts3_clientui-win32-1382530211-2014-04-12 04_37_42.949645.dmp
2014-04-12 03:26 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-12 03:26 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-12 03:26 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-12 03:26 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 03:26 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-12 03:26 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-12 03:26 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-12 03:26 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-12 03:26 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-12 03:26 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-12 03:26 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-12 03:26 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-12 03:26 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-12 03:26 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 03:26 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-12 03:25 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 03:25 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 03:25 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-12 03:25 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-12 03:25 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-12 03:25 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 03:25 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 03:25 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 03:25 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-12 03:25 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 03:25 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-12 03:25 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 03:25 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 03:25 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 07:07 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 07:07 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-09 07:07 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-09 07:07 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

==================== One Month Modified Files and Folders =======

2014-05-09 13:15 - 2014-05-09 13:15 - 00000000 ____D () C:\Users\Kevin\Downloads\FRST-OlderVersion
2014-05-09 13:15 - 2014-04-28 15:12 - 00024101 _____ () C:\Users\Kevin\Downloads\FRST.txt
2014-05-09 13:15 - 2014-04-28 15:09 - 00000000 ____D () C:\FRST
2014-05-09 13:15 - 2014-04-28 15:08 - 02064384 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64.exe
2014-05-09 13:15 - 2013-11-21 21:14 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Skype
2014-05-09 13:13 - 2013-11-21 21:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Last.fm
2014-05-09 13:09 - 2014-05-09 13:09 - 00000998 _____ () C:\Users\Kevin\Desktop\JRT.txt
2014-05-09 13:09 - 2013-12-08 22:35 - 01560798 _____ () C:\Windows\WindowsUpdate.log
2014-05-09 13:08 - 2014-01-08 17:39 - 00000000 ___RD () C:\Users\Kevin\Dropbox
2014-05-09 13:08 - 2014-01-08 17:37 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Dropbox
2014-05-09 13:07 - 2013-11-25 00:06 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\TS3Client
2014-05-09 13:07 - 2013-11-21 21:26 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Raptr
2014-05-09 13:06 - 2014-02-01 20:29 - 00000000 ____D () C:\Users\Kevin\AppData\Local\ESL Wire Game Client
2014-05-09 13:06 - 2013-12-18 20:45 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Overwolf
2014-05-09 13:05 - 2014-05-09 12:49 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-09 13:05 - 2013-11-21 21:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-09 13:05 - 2013-11-21 21:09 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-09 13:05 - 2013-11-21 21:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\LogMeIn Hamachi
2014-05-09 13:04 - 2013-11-20 02:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-09 13:04 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-09 13:01 - 2014-05-09 13:01 - 01016261 _____ (Thisisu) C:\Users\Kevin\Desktop\JRT.exe
2014-05-09 13:01 - 2014-05-09 13:01 - 00000000 ____D () C:\Windows\ERUNT
2014-05-09 13:00 - 2013-11-21 21:10 - 00000000 ____D () C:\ProgramData\Origin
2014-05-09 13:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-09 12:58 - 2014-05-09 12:58 - 00001953 _____ () C:\Users\Kevin\Desktop\AdwCleaner[S0].txt
2014-05-09 12:56 - 2014-05-02 06:51 - 00106776 _____ () C:\Windows\PFRO.log
2014-05-09 12:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-09 12:55 - 2014-05-09 12:55 - 00000000 ____D () C:\AdwCleaner
2014-05-09 12:55 - 2013-11-20 01:51 - 00000000 ____D () C:\Users\Kevin
2014-05-09 12:54 - 2014-05-09 12:54 - 01316991 _____ () C:\Users\Kevin\Downloads\adwcleaner(1).exe
2014-05-09 12:51 - 2014-05-09 12:51 - 01316991 _____ () C:\Users\Kevin\Desktop\adwcleaner.exe
2014-05-09 12:51 - 2014-05-09 12:51 - 00000000 ____D () C:\ProgramData\Alienware
2014-05-09 12:48 - 2013-11-21 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-09 12:22 - 2013-11-21 22:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-09 07:32 - 2014-05-09 07:32 - 00004369 _____ () C:\Users\Kevin\Desktop\mbam.txt
2014-05-09 07:32 - 2014-03-21 13:47 - 00000000 ____D () C:\Users\Kevin\Desktop\Soundboards
2014-05-09 07:14 - 2014-05-09 07:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-09 07:07 - 2014-05-09 07:07 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-09 07:06 - 2014-05-09 07:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-09 00:12 - 2014-05-03 03:38 - 00000024 _____ () C:\Users\Kevin\random.dat
2014-05-09 00:10 - 2013-11-21 21:10 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Battle.net
2014-05-08 22:45 - 2014-05-03 17:31 - 00000024 _____ () C:\Users\Kevin\jagexappletviewer.preferences
2014-05-08 22:45 - 2014-05-03 03:38 - 00000044 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE.dat
2014-05-08 21:34 - 2013-11-23 20:29 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-08 16:45 - 2014-05-08 16:45 - 00000000 ____D () C:\Program Files (x86)\Aurora
2014-05-07 16:24 - 2013-11-20 10:44 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-05-07 16:24 - 2013-11-20 10:44 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-05-07 16:24 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-07 14:17 - 2013-11-20 02:04 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Apps\2.0
2014-05-07 13:33 - 2013-11-20 01:57 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2908868876-2045890655-3528692861-1001
2014-05-07 13:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-07 11:50 - 2014-05-04 00:46 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG.drive
2014-05-06 23:37 - 2014-05-06 23:37 - 00000045 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE1.dat
2014-05-06 23:37 - 2014-05-06 23:37 - 00000000 ____D () C:\Users\Kevin\jagexcache1
2014-05-06 21:06 - 2014-05-06 21:06 - 00001261 _____ () C:\Users\Public\Desktop\Burnout Paradise The Ultimate Box.lnk
2014-05-06 21:06 - 2014-05-06 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burnout Paradise The Ultimate Box
2014-05-06 21:05 - 2014-04-27 12:11 - 00055802 _____ () C:\Windows\DirectX.log
2014-05-06 17:41 - 2014-05-06 17:16 - 276805015 _____ () C:\Users\Kevin\Downloads\insane-testing.zip
2014-05-06 17:28 - 2014-05-06 17:16 - 113770432 _____ () C:\Users\Kevin\Downloads\fast-crazy-downhill.zip
2014-05-06 17:27 - 2014-05-06 17:15 - 103835337 _____ () C:\Users\Kevin\Downloads\pure-grid.zip
2014-05-06 17:24 - 2014-05-06 17:16 - 59233105 _____ () C:\Users\Kevin\Downloads\fatal-descent.rar
2014-05-06 17:20 - 2014-05-06 17:14 - 31831415 _____ () C:\Users\Kevin\Downloads\Subaru-WRX-STI-dlya-BeamNG-Drive.rar
2014-05-06 17:19 - 2014-05-06 17:15 - 26929044 _____ () C:\Users\Kevin\Downloads\Audi_A8.zip
2014-05-06 17:19 - 2014-05-06 17:14 - 22952008 _____ () C:\Users\Kevin\Downloads\chevrolet-corvette-c5-r.rar
2014-05-06 17:17 - 2014-05-06 17:14 - 22770295 _____ () C:\Users\Kevin\Downloads\Dodge-Challenger.rar
2014-05-06 17:16 - 2014-05-06 17:14 - 07432843 _____ () C:\Users\Kevin\Downloads\Skoda_Octavia.zip
2014-05-06 17:15 - 2014-05-06 17:14 - 05838647 _____ () C:\Users\Kevin\Downloads\Subaru-Impreza-WRX.rar
2014-05-06 17:15 - 2014-05-06 17:12 - 33795546 _____ () C:\Users\Kevin\Downloads\NissanGTR-dlya-BeamNG-Drive.rar
2014-05-06 17:15 - 2014-05-06 17:10 - 55780169 _____ () C:\Users\Kevin\Downloads\brutal-slope.zip
2014-05-06 17:14 - 2014-05-06 17:13 - 05410864 _____ () C:\Users\Kevin\Downloads\Mitsubishi-Evo-8-Black-dlya.rar
2014-05-06 17:14 - 2014-05-06 17:08 - 70346234 _____ () C:\Users\Kevin\Downloads\smash-your-car.zip
2014-05-06 17:12 - 2014-05-06 17:10 - 15653623 _____ () C:\Users\Kevin\Downloads\Lamborghini-Aventador.rar
2014-05-06 17:02 - 2013-11-23 19:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-05 16:06 - 2013-11-21 22:28 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Apple Computer
2014-05-05 06:59 - 2014-05-05 06:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-05-05 06:59 - 2014-05-05 06:48 - 00000000 ____D () C:\Users\Kevin\Desktop\Verkaufen
2014-05-05 06:59 - 2013-11-21 22:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-05 06:53 - 2014-05-05 06:51 - 70638408 _____ (Apple Inc.) C:\Users\Kevin\Downloads\iCloudSetup.exe
2014-05-04 23:33 - 2013-12-23 02:45 - 198948224 _____ (Sony Creative Software Inc.) C:\Users\Kevin\Downloads\vegaspro12.0.770.exe
2014-05-04 23:14 - 2014-05-04 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-04 23:14 - 2014-02-10 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-05-04 23:14 - 2014-02-10 17:35 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-05-04 23:13 - 2013-12-16 21:10 - 00000000 ____D () C:\Program Files\VDownloader
2014-05-04 22:20 - 2014-05-04 22:20 - 00019741 _____ () C:\ComboFix.txt
2014-05-04 22:20 - 2014-05-04 21:56 - 00000000 ____D () C:\ComboFix
2014-05-04 22:20 - 2014-05-02 06:42 - 00000000 ____D () C:\Qoobox
2014-05-04 22:12 - 2014-05-02 06:41 - 00000000 ____D () C:\Windows\erdnt
2014-05-04 22:07 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-05-04 21:55 - 2014-05-04 21:55 - 05197895 ____R (Swearware) C:\Users\Kevin\Desktop\ComboFix.exe
2014-05-04 21:55 - 2014-05-04 21:54 - 05197895 _____ (Swearware) C:\Users\Kevin\Downloads\ComboFix.exe
2014-05-04 20:48 - 2013-11-23 20:29 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-04 20:08 - 2013-11-21 00:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-04 03:08 - 2014-05-04 03:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Octodad Dadliest Catch
2014-05-04 03:07 - 2014-05-04 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octodad Dadliest Catch
2014-05-04 03:07 - 2014-05-04 03:06 - 00000000 ____D () C:\Program Files (x86)\Octodad Dadliest Catch
2014-05-04 03:04 - 2014-05-04 03:04 - 00000000 ____D () C:\Users\Kevin\Downloads\Octodad.Dadliest.Catch-CODEX
2014-05-04 03:04 - 2014-05-04 02:48 - 50765291 _____ () C:\Users\Kevin\Downloads\codex-octodad.part09.rar
2014-05-04 02:32 - 2014-05-04 02:25 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part08.rar
2014-05-04 02:24 - 2014-05-04 02:16 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part07.rar
2014-05-04 02:16 - 2014-05-04 02:09 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part06.rar
2014-05-04 02:07 - 2014-05-04 01:59 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part05.rar
2014-05-04 01:58 - 2014-05-04 01:46 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part04.rar
2014-05-04 01:45 - 2014-05-04 01:37 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part03.rar
2014-05-04 01:36 - 2014-05-03 18:29 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part02.rar
2014-05-04 00:47 - 2014-05-04 00:43 - 00000000 ____D () C:\Users\Kevin\BeamNG.drive.Alpha.0.3.0.5-iND
2014-05-04 00:38 - 2014-05-04 00:29 - 112741808 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part2.rar
2014-05-04 00:28 - 2014-05-03 18:30 - 629145600 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part1.rar
2014-05-03 20:20 - 2013-12-16 18:31 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-05-03 18:08 - 2014-01-28 17:59 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-05-03 17:51 - 2013-11-21 21:10 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-03 17:31 - 2014-05-03 17:31 - 00002086 _____ () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00002056 _____ () C:\Users\Kevin\Desktop\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\.jagex_cache_32
2014-05-03 17:31 - 2014-05-03 03:38 - 00000000 ____D () C:\Users\Kevin\jagexcache
2014-05-03 17:26 - 2014-05-03 17:26 - 00347816 _____ (Microsoft Corporation) C:\Users\Kevin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.333225616075749.1.2.Run.exe
2014-05-03 14:24 - 2014-05-03 14:24 - 04143997 _____ () C:\Users\Kevin\Downloads\tdsskiller.zip
2014-05-03 03:06 - 2014-05-03 03:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-02 13:49 - 2014-05-02 13:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\ProgramData\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-02 12:49 - 2014-05-02 12:45 - 138607664 _____ () C:\Users\Kevin\Downloads\avira_free_antivirus614_de.exe
2014-05-02 07:16 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-05-02 07:07 - 2014-05-02 07:07 - 00000000 ____D () C:\Device
2014-05-02 07:07 - 2012-07-26 07:26 - 70778880 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 13893632 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-05-02 06:54 - 2014-05-02 07:07 - 05103616 _____ () C:\Windows\system32\config\DRIVERS.bak
2014-05-02 06:52 - 2014-03-15 14:38 - 05152168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-02 06:36 - 2013-11-20 01:52 - 00000000 ___RD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 06:30 - 2014-05-02 06:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-02 06:29 - 2014-05-02 06:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kevin\Downloads\revosetup95.exe
2014-05-02 06:26 - 2013-11-20 02:04 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Deployment
2014-05-01 19:47 - 2014-05-01 19:46 - 03821064 _____ () C:\Users\Kevin\Downloads\battlelog-web-plugins_2.3.2_130.exe
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\Program Files\CPUID
2014-05-01 18:37 - 2014-05-01 18:37 - 01460512 _____ ( ) C:\Users\Kevin\Downloads\cpu-z_1.67.1-setup-en.exe
2014-04-29 18:21 - 2014-05-03 14:24 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Kevin\Desktop\TDSSKiller.exe
2014-04-29 17:50 - 2014-04-29 17:50 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-29 17:49 - 2014-04-29 17:49 - 07401104 _____ (TeamViewer GmbH) C:\Users\Kevin\Downloads\TeamViewer_Setup_de_9.0.27614.exe
2014-04-29 17:49 - 2014-04-29 17:49 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-04-29 16:14 - 2014-05-03 03:01 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-03 03:01 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-03 03:01 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-03 03:01 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 13:52 - 2014-04-13 15:36 - 00009000 _____ () C:\Users\Kevin\Documents\TombRaider.log
2014-04-29 07:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-28 19:22 - 2013-11-21 22:14 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 15:15 - 2014-04-28 15:13 - 00052871 _____ () C:\Users\Kevin\Desktop\Addition.txt
2014-04-27 18:34 - 2014-04-27 18:34 - 00000000 ____D () C:\Users\Kevin\AppData\Local\My Games
2014-04-27 18:34 - 2013-12-10 20:50 - 00000000 ____D () C:\Users\Kevin\Documents\My Games
2014-04-27 12:44 - 2014-04-27 12:44 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Empty Clip Studios
2014-04-27 12:13 - 2014-04-27 12:13 - 00000000 ____D () C:\Users\Kevin\Documents\IAmAlive
2014-04-27 10:30 - 2014-04-27 10:30 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-27 10:30 - 2014-04-27 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-27 10:30 - 2014-03-20 17:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-27 10:30 - 2013-11-21 21:14 - 00000000 ____D () C:\ProgramData\Skype
2014-04-27 10:28 - 2014-04-27 10:27 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Kevin\Downloads\SkypeSetupFull6.14.73.104.exe
2014-04-25 23:42 - 2014-04-25 23:42 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-25 23:42 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-25 23:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-25 23:00 - 2014-04-25 20:30 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part01.rar
2014-04-25 21:02 - 2013-11-21 00:54 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Adobe
2014-04-25 20:57 - 2014-03-06 17:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DAEMON Tools Lite
2014-04-25 20:57 - 2013-12-23 02:44 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Sony
2014-04-25 20:47 - 2014-04-25 20:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\RotMG.Production
2014-04-25 13:56 - 2014-03-07 17:51 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\vlc
2014-04-24 08:28 - 2014-04-23 23:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Forge
2014-04-23 23:46 - 2014-04-23 23:45 - 11065618 _____ () C:\Users\Kevin\Downloads\tokens.zip
2014-04-23 23:31 - 2014-04-23 23:31 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Forge
2014-04-23 21:03 - 2014-04-23 21:03 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\StunlockStudios
2014-04-23 06:34 - 2014-01-08 17:38 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-23 01:47 - 2013-11-20 06:44 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2013-11-20 06:44 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 _____ () C:\Users\Kevin\Desktop\Achammer Protokoll, Mathe Verbesserung, Physik Verbesserung.txt
2014-04-22 23:02 - 2014-04-22 23:00 - 00000000 ____D () C:\Users\Kevin\Documents\Schule
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\Documents\CyberLink
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\CyberLink
2014-04-21 15:09 - 2013-11-21 01:51 - 00000000 ____D () C:\ProgramData\CyberLink
2014-04-21 15:05 - 2014-04-21 15:04 - 00000000 ____D () C:\Program Files (x86)\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 01085440 _____ () C:\Users\Kevin\Downloads\puush.msi
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush
2014-04-21 13:54 - 2014-04-21 13:46 - 336017408 _____ () C:\Users\Kevin\Downloads\MyLittlePorny.iso
2014-04-19 14:04 - 2013-12-30 16:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Skyrim
2014-04-19 13:55 - 2014-04-18 17:23 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\.minecraft
2014-04-19 11:39 - 2014-05-06 15:46 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 15:46 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 15:46 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 15:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 15:46 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 23:53 - 2014-04-18 23:53 - 00448562 _____ () C:\Users\Kevin\Downloads\voxelmap-1.7.2-1.0.jar.zip
2014-04-18 23:35 - 2014-04-18 23:35 - 00064982 _____ () C:\Users\Kevin\Downloads\seus-v10.1-Preview2.zip
2014-04-18 23:21 - 2014-04-18 23:20 - 02752442 _____ () C:\Users\Kevin\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe
2014-04-18 19:21 - 2014-04-18 19:17 - 22455453 _____ () C:\Users\Kevin\Downloads\Teramia 0.9.1 Beta.zip
2014-04-18 19:14 - 2014-04-18 19:14 - 02347187 _____ () C:\Users\Kevin\Desktop\mcpatcher-4.3.2_02.exe
2014-04-18 18:06 - 2014-04-18 18:04 - 06174909 _____ () C:\Users\Kevin\Downloads\Minecraft_1.3.2.rar
2014-04-18 17:34 - 2014-04-18 17:34 - 00000000 ____D () C:\Users\Kevin\.swt
2014-04-18 17:23 - 2014-04-18 17:23 - 00675988 _____ () C:\Users\Kevin\Desktop\Minecraft.exe
2014-04-18 17:16 - 2014-04-18 17:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Sony Creative Software Inc
2014-04-18 13:46 - 2014-04-17 02:08 - 00052059 _____ () C:\Users\Kevin\Desktop\Music.txt
2014-04-18 02:00 - 2014-04-18 01:53 - 93035512 _____ () C:\Users\Kevin\Downloads\theponyway.2012.zip
2014-04-17 11:52 - 2014-04-17 11:14 - 00000000 ____D () C:\Users\Kevin\AppData\Local\easytag
2014-04-17 11:50 - 2014-04-17 11:43 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Mp3tag
2014-04-17 11:45 - 2014-04-16 22:41 - 00000000 ____D () C:\Backup Festplatte
2014-04-17 11:42 - 2014-04-17 11:42 - 02634152 _____ () C:\Users\Kevin\Downloads\mp3tagv258setup.exe
2014-04-17 11:42 - 2014-04-17 11:42 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Users\Kevin\.dbus-keyrings
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyTAG
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Program Files (x86)\EasyTAG
2014-04-17 11:13 - 2014-04-17 11:13 - 08506991 _____ () C:\Users\Kevin\Downloads\easytag-2.2.0-setup.exe
2014-04-17 11:11 - 2013-11-21 01:06 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 11:10 - 2014-04-17 11:10 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 11:10 - 2014-04-17 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-17 11:10 - 2013-11-21 01:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmoK Exif Sorter
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\Program Files\AmoK Exif Sorter
2014-04-17 11:07 - 2014-04-17 11:07 - 01962995 _____ () C:\Users\Kevin\Downloads\AmoK_Exif_Sorter_v2.56_(Windows_64Bit)_Setup.exe
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DigitalVolcano
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner
2014-04-17 10:48 - 2014-04-17 10:48 - 05143120 _____ (DigitalVolcano Software Ltd) C:\Users\Kevin\Downloads\DuplicateCleaner_setup.exe
2014-04-17 02:27 - 2014-04-17 01:57 - 533446578 _____ () C:\Users\Kevin\Downloads\Balloon Party - 100- No Feeble Cheering - MP3 320.zip
2014-04-17 02:21 - 2014-04-17 01:58 - 304323421 _____ () C:\Users\Kevin\Downloads\Balloon Party - After Party - MP3 320.zip
2014-04-17 02:21 - 2014-04-17 01:58 - 154256398 _____ () C:\Users\Kevin\Downloads\Balloon Party - Apple 2012 - MP3 320.zip
2014-04-16 22:41 - 2014-04-16 22:41 - 00003008 _____ () C:\Users\Kevin\photorec.cfg
2014-04-16 22:36 - 2014-04-16 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-16 22:36 - 2014-04-16 22:36 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 22:27 - 2014-04-16 21:39 - 00097232 _____ () C:\Windows\SysWOW64\photorec.ses
2014-04-16 18:58 - 2014-04-16 18:52 - 00000000 ____D () C:\Program Files (x86)\Convar
2014-04-16 18:52 - 2014-04-16 18:52 - 03462033 _____ () C:\Users\Kevin\Downloads\pci_filerecovery.exe
2014-04-16 17:57 - 2014-04-15 17:57 - 00773359 _____ () C:\Users\Kevin\Documents\Untitled_Windows Media Video V11_HD-720-30p-Video mit 6 Mbit-s.wmv
2014-04-16 14:46 - 2014-04-16 14:40 - 00000000 ____D () C:\Users\Kevin\Desktop\SweetFX
2014-04-15 19:46 - 2014-04-15 19:45 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-04-15 19:45 - 2014-04-15 19:45 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-04-15 19:45 - 2014-04-15 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-04-15 10:46 - 2014-04-15 10:46 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-04-15 03:12 - 2014-04-15 03:08 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Beat Hazard
2014-04-15 02:06 - 2014-04-15 02:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\CrashRpt
2014-04-15 02:03 - 2014-04-15 02:03 - 03831134 _____ () C:\Users\Kevin\Downloads\Powerplays-SweetFX-X64-Win-8.1.zip
2014-04-15 01:14 - 2014-04-15 01:14 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-15 01:14 - 2013-11-23 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-04-15 01:14 - 2013-11-23 22:53 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-14 20:23 - 2013-12-17 17:45 - 00000000 ____D () C:\Users\Kevin\AppData\Local\NVIDIA Corporation
2014-04-14 20:23 - 2013-11-20 02:13 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-14 20:13 - 2014-04-17 11:10 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-17 11:10 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-17 11:10 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-17 11:10 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-14 14:25 - 2013-11-20 01:52 - 00000000 ___RD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 14:19 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-13 00:25 - 2014-04-12 22:04 - 02943551 _____ () C:\Users\Kevin\Desktop\Homepage Fight Runner.rar
2014-04-12 23:20 - 2014-04-12 20:47 - 00000000 ____D () C:\Users\Kevin\Desktop\Homepage Fight Runner
2014-04-12 21:28 - 2014-04-12 21:28 - 02334392 _____ () C:\Users\Kevin\Desktop\tridornbirn hp_Dennis_Kevin.zip
2014-04-12 21:17 - 2014-04-12 21:01 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\OBS
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files\OBS
2014-04-12 21:16 - 2014-04-12 21:01 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-04-12 21:00 - 2014-04-12 21:00 - 07888419 _____ () C:\Users\Kevin\Downloads\OBS_0_613b_Installer.exe
2014-04-12 18:30 - 2014-02-10 15:23 - 00000000 ____D () C:\Users\Kevin\Documents\Diablo III
2014-04-12 18:29 - 2014-03-30 16:48 - 00000000 ____D () C:\Users\Kevin\Documents\Assassin's Creed III
2014-04-12 04:37 - 2014-04-12 04:37 - 00130509 _____ () C:\Users\Kevin\Documents\ts3_clientui-win32-1382530211-2014-04-12 04_37_42.949645.dmp
2014-04-12 01:59 - 2013-11-21 21:26 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-11 17:39 - 2014-02-09 15:34 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-04-11 17:39 - 2013-11-21 20:57 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-04-09 07:28 - 2013-11-21 20:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 07:28 - 2013-11-20 06:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 07:25 - 2013-11-20 06:18 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\Kevin\jagex_cl_runescape_LIVE.dat
C:\Users\Kevin\jagex_cl_runescape_LIVE1.dat
C:\Users\Kevin\random.dat


Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\avgnt.exe
C:\Users\Kevin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_oi2yq.dll
C:\Users\Kevin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-07 13:34

==================== End Of Log ============================
--- --- ---

--- --- ---

Alt 10.05.2014, 11:02   #17
schrauber
/// the machine
/// TB-Ausbilder
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________

__________________
Alt 16.05.2014, 22:27   #18
Ummgh23
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Sorry wieder für die späte antwort, sehr viel stress imo :/

Naja, hier erstmal der ESET log:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d5af9b133661a2499260244a6789ef12
# engine=18279
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-16 02:10:07
# local_time=2014-05-16 04:10:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode=1799 16775165 100 94 24324 6888543 25027 0
# compatibility_mode=5893 16776574 100 94 24391 59712318 0 0
# scanned=507988
# found=1
# cleaned=1
# scan_time=22959
sh=273A2A936AEC8B68DE2329EF69996F616B0D757E ft=1 fh=6e75ff11b16007d4 vn="NSIS/StartPage.CC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Kevin\Downloads\vlc-2.1.3-win64.exe"
SecurityScan:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop      
Windows Defender   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Duplicate Cleaner Free 3.2.3  
 Java 7 Update 55  
 Adobe Flash Player 	13.0.0.214  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Alienware Command Center ThermalController.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
FRST:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-05-2014
Ran by Kevin (administrator) on ALIENWARE on 16-05-2014 23:24:36
Running from C:\Users\Kevin\Desktop
Platform: Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe
(DJMASTER.COM) C:\Program Files\ONAIR\ONAIR.exe
() C:\Program Files (x86)\puush\puush.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Take-Two Interactive Software, Inc.) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\1_1_3_0\RGSC.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Dropbox, Inc.) C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(EA Digital Illusions CE AB) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12616 2012-01-10] (Alienware)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [ESL Wire] => C:\Program Files\EslWire\wire.exe [3620352 2014-04-02] (Turtle Entertainment GmbH)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [ONAIR] => C:\Program Files\ONAIR\ONAIR.exe [3505152 2014-03-09] (DJMASTER.COM)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-04-21] ()
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [RGSC] => C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\RGSCLauncher.exe [306088 2008-12-13] (Take-Two Interactive Software, Inc.)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1E4DBDDE2807CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {3B5CCE57-FA96-4E1D-B691-0FA66591519E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {3B5CCE57-FA96-4E1D-B691-0FA66591519E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {05E205BA-FB3B-401C-A6FA-C384AE3B36EE} URL = hxxp://www.google.at/search?q={searchTerms}
SearchScopes: HKCU - {3B5CCE57-FA96-4E1D-B691-0FA66591519E} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Sync Video - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\Extensions\jid0-6qxNvGdS7HQG9rsoojsd0BubY84@jetpack.xpi [2014-04-05]
FF Extension: Copy Links - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\Extensions\{76C80A11-FAD4-406c-8246-F5ED4F9367B5}.xpi [2013-12-16]
FF Extension: Adblock Plus - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-29]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-03-30] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-30] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214392 2014-05-16] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-26] (CyberLink)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-06] (Disc Soft Ltd)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2014-03-30] (<Turtle Entertainment>)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-05-09] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-11-15] (Razer Inc)
R3 SaiK0CD7; C:\Windows\system32\DRIVERS\SaiK0CD7.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU0CD7; C:\Windows\System32\drivers\SaiU0CD7.sys [47168 2012-09-20] (Saitek)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-11-21] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2013-11-21] (Acronis International GmbH)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NTIOLib_Flash; \??\C:\Users\Kevin\AppData\Local\Temp\2WSX3EDC\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

NETSVCx32: eventsystem -> C:\Windows\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: iprip -> No ServiceDLL Path.
NETSVCx32: netman -> C:\Windows\SysWOW64\netman.dll ==> No File.
NETSVCx32: wzcsvc -> No ServiceDLL Path.
NETSVCx32: ip6fwhlp -> No ServiceDLL Path.
NETSVCx32: WmdmPmSN -> No ServiceDLL Path.
NETSVCx32: Appinfo -> C:\Windows\SysWOW64\appinfo.dll ==> No File.
NETSVCx32: BDESVC -> C:\Windows\SysWOW64\bdesvc.dll ==> No File.
NETSVCx32: Browser -> C:\Windows\SysWOW64\browser.dll ==> No File.
NETSVCx32: DsmSvc -> C:\Windows\SysWOW64\DeviceSetupManager.dll ==> No File.
NETSVCx32: Eaphost -> C:\Windows\SysWOW64\eapsvc.dll ==> No File.
NETSVCx32: hkmsvc -> C:\Windows\SysWOW64\kmsvc.dll ==> No File.
NETSVCx32: IKEEXT -> C:\Windows\SysWOW64\ikeext.dll ==> No File.
NETSVCx32: MMCSS -> C:\Windows\SysWOW64\mmcss.dll ==> No File.
NETSVCx32: NcaSvc -> C:\Windows\SysWOW64\ncasvc.dll ==> No File.
NETSVCx32: ProfSvc -> C:\Windows\SysWOW64\profsvc.dll ==> No File.
NETSVCx32: seclogon -> %windir%\SysWOW64\seclogon.dll ==> No File.
NETSVCx32: SystemEventsBroker -> C:\Windows\SysWOW64\SystemEventsBrokerServer.dll ==> No File.
NETSVCx32: wercplsupport -> C:\Windows\SysWOW64\wercplsupport.dll ==> No File.
NETSVCx32: wlidsvc -> C:\Windows\SysWOW64\wlidsvc.dll ==> No File.

==================== One Month Created Files and Folders ========

2014-05-16 23:24 - 2014-05-16 23:24 - 00024415 _____ () C:\Users\Kevin\Desktop\FRST.txt
2014-05-16 23:23 - 2014-05-16 23:23 - 00000858 _____ () C:\Users\Kevin\Desktop\checkup.txt
2014-05-16 23:20 - 2014-05-16 23:20 - 00855379 _____ () C:\Users\Kevin\Desktop\SecurityCheck.exe
2014-05-16 15:30 - 2014-05-16 15:30 - 00000000 ____D () C:\Program Files (x86)\Aurora
2014-05-15 21:30 - 2014-05-15 21:30 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-15 21:29 - 2014-05-15 21:30 - 02347384 _____ (ESET) C:\Users\Kevin\Downloads\esetsmartinstaller_deu.exe
2014-05-15 21:26 - 2014-05-15 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 21:26 - 2014-05-15 21:26 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 09:51 - 2014-05-15 09:51 - 00000000 _____ () C:\Users\Kevin\Desktop\12.09 10 uhr 30 dr mäser.txt
2014-05-14 14:27 - 2014-05-14 14:39 - 169221918 _____ () C:\Users\Kevin\Downloads\King.zip
2014-05-14 08:57 - 2014-05-06 07:14 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 08:57 - 2014-05-06 07:14 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 08:57 - 2014-05-06 05:48 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 08:57 - 2014-05-06 05:48 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 08:57 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 08:57 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 08:57 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-05-14 08:57 - 2014-04-12 11:09 - 00588288 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2014-05-14 08:57 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 08:57 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 08:57 - 2014-04-12 11:08 - 01281536 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 08:57 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 08:57 - 2014-04-12 11:08 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2014-05-14 08:57 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 08:57 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 08:57 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-05-14 08:57 - 2014-04-12 09:23 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2014-05-14 08:57 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 08:57 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 08:57 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 08:57 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 08:57 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 08:57 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\workerdd.dll
2014-05-14 08:57 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-05-14 08:57 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 08:57 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-05-14 08:57 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 08:57 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-05-14 08:57 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 08:57 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 08:57 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 08:57 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 08:57 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 08:57 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 08:57 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 08:57 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 08:57 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 08:57 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-05-14 08:57 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 08:57 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 08:57 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 08:57 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 08:57 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 08:57 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-05-14 08:56 - 2014-05-06 05:37 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 08:56 - 2014-05-06 05:26 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 08:56 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-05-14 08:56 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2014-05-14 08:56 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2014-05-14 08:56 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-05-14 08:56 - 2014-02-27 01:18 - 00621568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-05-14 08:56 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-05-14 08:56 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-05-14 08:56 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-05-14 08:56 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2014-05-13 23:16 - 2014-05-13 23:16 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Rockstar Games
2014-05-13 23:15 - 2014-05-13 23:15 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-05-13 23:15 - 2014-05-13 23:15 - 00000000 __RHD () C:\Users\Kevin\AppData\Roaming\SecuROM
2014-05-13 23:13 - 2014-05-13 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCPD First Response
2014-05-13 23:13 - 2014-05-13 23:13 - 00000000 ____D () C:\Program Files (x86)\LCPD First Response
2014-05-13 23:09 - 2014-05-13 23:12 - 24329743 _____ () C:\Users\Kevin\Downloads\1. LCPDFR 1.0b Automatic Install.zip
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-12 00:32 - 2014-05-16 23:24 - 00000000 ____D () C:\Users\Kevin\Desktop\FRST-OlderVersion
2014-05-11 21:31 - 2014-05-11 21:31 - 00000000 ____D () C:\Users\Kevin\.jagex_cache_32
2014-05-09 13:15 - 2014-05-09 13:15 - 00000000 ____D () C:\Users\Kevin\Downloads\FRST-OlderVersion
2014-05-09 13:01 - 2014-05-09 13:01 - 00000000 ____D () C:\Windows\ERUNT
2014-05-09 12:55 - 2014-05-09 12:55 - 00000000 ____D () C:\AdwCleaner
2014-05-09 12:54 - 2014-05-09 12:54 - 01316991 _____ () C:\Users\Kevin\Downloads\adwcleaner(1).exe
2014-05-09 12:51 - 2014-05-09 12:51 - 00000000 ____D () C:\ProgramData\Alienware
2014-05-09 12:49 - 2014-05-16 20:50 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-09 07:07 - 2014-05-09 07:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-09 07:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-09 07:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-09 07:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 07:06 - 2014-05-09 07:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-06 23:37 - 2014-05-11 21:31 - 00000045 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE1.dat
2014-05-06 23:37 - 2014-05-06 23:37 - 00000000 ____D () C:\Users\Kevin\jagexcache1
2014-05-06 21:06 - 2014-05-06 21:06 - 00001261 _____ () C:\Users\Public\Desktop\Burnout Paradise The Ultimate Box.lnk
2014-05-06 21:06 - 2014-05-06 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burnout Paradise The Ultimate Box
2014-05-06 17:16 - 2014-05-06 17:41 - 276805015 _____ () C:\Users\Kevin\Downloads\insane-testing.zip
2014-05-06 17:16 - 2014-05-06 17:28 - 113770432 _____ () C:\Users\Kevin\Downloads\fast-crazy-downhill.zip
2014-05-06 17:16 - 2014-05-06 17:24 - 59233105 _____ () C:\Users\Kevin\Downloads\fatal-descent.rar
2014-05-06 17:15 - 2014-05-06 17:27 - 103835337 _____ () C:\Users\Kevin\Downloads\pure-grid.zip
2014-05-06 17:15 - 2014-05-06 17:19 - 26929044 _____ () C:\Users\Kevin\Downloads\Audi_A8.zip
2014-05-06 17:14 - 2014-05-06 17:20 - 31831415 _____ () C:\Users\Kevin\Downloads\Subaru-WRX-STI-dlya-BeamNG-Drive.rar
2014-05-06 17:14 - 2014-05-06 17:19 - 22952008 _____ () C:\Users\Kevin\Downloads\chevrolet-corvette-c5-r.rar
2014-05-06 17:14 - 2014-05-06 17:17 - 22770295 _____ () C:\Users\Kevin\Downloads\Dodge-Challenger.rar
2014-05-06 17:14 - 2014-05-06 17:16 - 07432843 _____ () C:\Users\Kevin\Downloads\Skoda_Octavia.zip
2014-05-06 17:14 - 2014-05-06 17:15 - 05838647 _____ () C:\Users\Kevin\Downloads\Subaru-Impreza-WRX.rar
2014-05-06 17:13 - 2014-05-06 17:14 - 05410864 _____ () C:\Users\Kevin\Downloads\Mitsubishi-Evo-8-Black-dlya.rar
2014-05-06 17:12 - 2014-05-06 17:15 - 33795546 _____ () C:\Users\Kevin\Downloads\NissanGTR-dlya-BeamNG-Drive.rar
2014-05-06 17:10 - 2014-05-06 17:15 - 55780169 _____ () C:\Users\Kevin\Downloads\brutal-slope.zip
2014-05-06 17:10 - 2014-05-06 17:12 - 15653623 _____ () C:\Users\Kevin\Downloads\Lamborghini-Aventador.rar
2014-05-06 17:08 - 2014-05-06 17:14 - 70346234 _____ () C:\Users\Kevin\Downloads\smash-your-car.zip
2014-05-06 15:46 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 15:46 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 15:46 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 15:46 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 15:46 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-05 06:59 - 2014-05-05 06:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-05-05 06:51 - 2014-05-05 06:53 - 70638408 _____ (Apple Inc.) C:\Users\Kevin\Downloads\iCloudSetup.exe
2014-05-05 06:48 - 2014-05-05 06:59 - 00000000 ____D () C:\Users\Kevin\Desktop\Verkaufen
2014-05-04 23:14 - 2014-05-04 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-04 22:20 - 2014-05-04 22:20 - 00019741 _____ () C:\ComboFix.txt
2014-05-04 21:56 - 2014-05-04 22:20 - 00000000 ____D () C:\ComboFix
2014-05-04 21:56 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-04 21:55 - 2014-05-04 21:55 - 05197895 ____R (Swearware) C:\Users\Kevin\Desktop\ComboFix.exe
2014-05-04 21:54 - 2014-05-04 21:55 - 05197895 _____ (Swearware) C:\Users\Kevin\Downloads\ComboFix.exe
2014-05-04 03:08 - 2014-05-04 03:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Octodad Dadliest Catch
2014-05-04 03:07 - 2014-05-04 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octodad Dadliest Catch
2014-05-04 03:06 - 2014-05-04 03:07 - 00000000 ____D () C:\Program Files (x86)\Octodad Dadliest Catch
2014-05-04 03:04 - 2014-05-04 03:04 - 00000000 ____D () C:\Users\Kevin\Downloads\Octodad.Dadliest.Catch-CODEX
2014-05-04 02:48 - 2014-05-04 03:04 - 50765291 _____ () C:\Users\Kevin\Downloads\codex-octodad.part09.rar
2014-05-04 02:25 - 2014-05-04 02:32 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part08.rar
2014-05-04 02:16 - 2014-05-04 02:24 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part07.rar
2014-05-04 02:09 - 2014-05-04 02:16 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part06.rar
2014-05-04 01:59 - 2014-05-04 02:07 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part05.rar
2014-05-04 01:46 - 2014-05-04 01:58 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part04.rar
2014-05-04 01:37 - 2014-05-04 01:45 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part03.rar
2014-05-04 00:46 - 2014-05-07 11:50 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG.drive
2014-05-04 00:43 - 2014-05-04 00:47 - 00000000 ____D () C:\Users\Kevin\BeamNG.drive.Alpha.0.3.0.5-iND
2014-05-04 00:29 - 2014-05-04 00:38 - 112741808 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part2.rar
2014-05-03 18:30 - 2014-05-04 00:28 - 629145600 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part1.rar
2014-05-03 18:29 - 2014-05-04 01:36 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part02.rar
2014-05-03 17:31 - 2014-05-16 17:20 - 00000024 _____ () C:\Users\Kevin\jagexappletviewer.preferences
2014-05-03 17:31 - 2014-05-03 17:31 - 00002086 _____ () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00002056 _____ () C:\Users\Kevin\Desktop\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\.jagex_cache_32
2014-05-03 17:26 - 2014-05-03 17:26 - 00347816 _____ (Microsoft Corporation) C:\Users\Kevin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.333225616075749.1.2.Run.exe
2014-05-03 14:24 - 2014-05-03 14:24 - 04143997 _____ () C:\Users\Kevin\Downloads\tdsskiller.zip
2014-05-03 03:38 - 2014-05-16 20:40 - 00000024 _____ () C:\Users\Kevin\random.dat
2014-05-03 03:38 - 2014-05-16 12:34 - 00000044 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE.dat
2014-05-03 03:38 - 2014-05-03 17:31 - 00000000 ____D () C:\Users\Kevin\jagexcache
2014-05-03 03:06 - 2014-05-03 03:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-02 13:49 - 2014-05-02 13:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\ProgramData\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-02 13:44 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-02 13:44 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-02 13:44 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-02 12:45 - 2014-05-02 12:49 - 138607664 _____ () C:\Users\Kevin\Downloads\avira_free_antivirus614_de.exe
2014-05-02 07:07 - 2014-05-02 07:07 - 00000000 ____D () C:\Device
2014-05-02 07:07 - 2014-05-02 06:54 - 05103616 _____ () C:\Windows\system32\config\DRIVERS.bak
2014-05-02 06:51 - 2014-05-15 21:24 - 00108860 _____ () C:\Windows\PFRO.log
2014-05-02 06:47 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-02 06:47 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-02 06:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-02 06:45 - 2013-12-04 16:27 - 00010405 _____ () C:\Windows\SysWOW64\cryptsvc.dll
2014-05-02 06:42 - 2014-05-04 22:20 - 00000000 ____D () C:\Qoobox
2014-05-02 06:41 - 2014-05-04 22:12 - 00000000 ____D () C:\Windows\erdnt
2014-05-02 06:30 - 2014-05-02 06:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-02 06:29 - 2014-05-02 06:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kevin\Downloads\revosetup95.exe
2014-05-01 19:46 - 2014-05-01 19:47 - 03821064 _____ () C:\Users\Kevin\Downloads\battlelog-web-plugins_2.3.2_130.exe
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\Program Files\CPUID
2014-05-01 18:37 - 2014-05-01 18:37 - 01460512 _____ ( ) C:\Users\Kevin\Downloads\cpu-z_1.67.1-setup-en.exe
2014-04-29 17:50 - 2014-04-29 17:50 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-29 17:49 - 2014-04-29 17:49 - 07401104 _____ (TeamViewer GmbH) C:\Users\Kevin\Downloads\TeamViewer_Setup_de_9.0.27614.exe
2014-04-29 17:49 - 2014-04-29 17:49 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-04-28 15:12 - 2014-05-09 13:16 - 00083221 _____ () C:\Users\Kevin\Downloads\FRST.txt
2014-04-28 15:09 - 2014-05-16 23:24 - 00000000 ____D () C:\FRST
2014-04-28 15:08 - 2014-05-16 23:24 - 02067456 _____ (Farbar) C:\Users\Kevin\Desktop\FRST64.exe
2014-04-27 18:34 - 2014-04-27 18:34 - 00000000 ____D () C:\Users\Kevin\AppData\Local\My Games
2014-04-27 12:44 - 2014-04-27 12:44 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Empty Clip Studios
2014-04-27 12:13 - 2014-04-27 12:13 - 00000000 ____D () C:\Users\Kevin\Documents\IAmAlive
2014-04-27 12:11 - 2014-05-13 23:15 - 00074275 _____ () C:\Windows\DirectX.log
2014-04-27 10:30 - 2014-04-27 10:30 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-27 10:30 - 2014-04-27 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-27 10:27 - 2014-04-27 10:28 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Kevin\Downloads\SkypeSetupFull6.14.73.104.exe
2014-04-25 23:42 - 2014-04-25 23:42 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-25 20:47 - 2014-04-25 20:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\RotMG.Production
2014-04-25 20:30 - 2014-04-25 23:00 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part01.rar
2014-04-23 23:45 - 2014-04-23 23:46 - 11065618 _____ () C:\Users\Kevin\Downloads\tokens.zip
2014-04-23 23:31 - 2014-04-24 08:28 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Forge
2014-04-23 23:31 - 2014-04-23 23:31 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Forge
2014-04-23 21:03 - 2014-04-23 21:03 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\StunlockStudios
2014-04-22 23:00 - 2014-04-22 23:02 - 00000000 ____D () C:\Users\Kevin\Documents\Schule
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\Documents\CyberLink
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\CyberLink
2014-04-21 15:04 - 2014-04-21 15:05 - 00000000 ____D () C:\Program Files (x86)\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 01085440 _____ () C:\Users\Kevin\Downloads\puush.msi
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush
2014-04-21 13:46 - 2014-04-21 13:54 - 336017408 _____ () C:\Users\Kevin\Downloads\MyLittlePorny.iso
2014-04-18 23:53 - 2014-04-18 23:53 - 00448562 _____ () C:\Users\Kevin\Downloads\voxelmap-1.7.2-1.0.jar.zip
2014-04-18 23:35 - 2014-04-18 23:35 - 00064982 _____ () C:\Users\Kevin\Downloads\seus-v10.1-Preview2.zip
2014-04-18 23:20 - 2014-04-18 23:21 - 02752442 _____ () C:\Users\Kevin\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe
2014-04-18 19:17 - 2014-04-18 19:21 - 22455453 _____ () C:\Users\Kevin\Downloads\Teramia 0.9.1 Beta.zip
2014-04-18 18:04 - 2014-04-18 18:06 - 06174909 _____ () C:\Users\Kevin\Downloads\Minecraft_1.3.2.rar
2014-04-18 17:34 - 2014-04-18 17:34 - 00000000 ____D () C:\Users\Kevin\.swt
2014-04-18 17:23 - 2014-04-19 13:55 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\.minecraft
2014-04-18 17:23 - 2014-04-18 17:23 - 00675988 _____ () C:\Users\Kevin\Desktop\Minecraft.exe
2014-04-18 17:16 - 2014-04-18 17:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Sony Creative Software Inc
2014-04-18 01:53 - 2014-04-18 02:00 - 93035512 _____ () C:\Users\Kevin\Downloads\theponyway.2012.zip
2014-04-17 11:43 - 2014-04-17 11:50 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Mp3tag
2014-04-17 11:42 - 2014-04-17 11:42 - 02634152 _____ () C:\Users\Kevin\Downloads\mp3tagv258setup.exe
2014-04-17 11:42 - 2014-04-17 11:42 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-17 11:14 - 2014-04-17 11:52 - 00000000 ____D () C:\Users\Kevin\AppData\Local\easytag
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Users\Kevin\.dbus-keyrings
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyTAG
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Program Files (x86)\EasyTAG
2014-04-17 11:13 - 2014-04-17 11:13 - 08506991 _____ () C:\Users\Kevin\Downloads\easytag-2.2.0-setup.exe
2014-04-17 11:10 - 2014-04-17 11:10 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 11:10 - 2014-04-17 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-17 11:10 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-17 11:10 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-17 11:10 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-17 11:10 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmoK Exif Sorter
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\Program Files\AmoK Exif Sorter
2014-04-17 11:07 - 2014-04-17 11:07 - 01962995 _____ () C:\Users\Kevin\Downloads\AmoK_Exif_Sorter_v2.56_(Windows_64Bit)_Setup.exe
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DigitalVolcano
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner
2014-04-17 10:48 - 2014-04-17 10:48 - 05143120 _____ (DigitalVolcano Software Ltd) C:\Users\Kevin\Downloads\DuplicateCleaner_setup.exe
2014-04-17 02:08 - 2014-04-18 13:46 - 00052059 _____ () C:\Users\Kevin\Desktop\Music.txt
2014-04-17 01:58 - 2014-04-17 02:21 - 304323421 _____ () C:\Users\Kevin\Downloads\Balloon Party - After Party - MP3 320.zip
2014-04-17 01:58 - 2014-04-17 02:21 - 154256398 _____ () C:\Users\Kevin\Downloads\Balloon Party - Apple 2012 - MP3 320.zip
2014-04-17 01:57 - 2014-04-17 02:27 - 533446578 _____ () C:\Users\Kevin\Downloads\Balloon Party - 100- No Feeble Cheering - MP3 320.zip
2014-04-16 22:41 - 2014-04-17 11:45 - 00000000 ____D () C:\Backup Festplatte
2014-04-16 22:41 - 2014-04-16 22:41 - 00003008 _____ () C:\Users\Kevin\photorec.cfg
2014-04-16 21:39 - 2014-04-16 22:27 - 00097232 _____ () C:\Windows\SysWOW64\photorec.ses
2014-04-16 18:52 - 2014-04-16 18:58 - 00000000 ____D () C:\Program Files (x86)\Convar
2014-04-16 18:52 - 2014-04-16 18:52 - 03462033 _____ () C:\Users\Kevin\Downloads\pci_filerecovery.exe
2014-04-16 14:40 - 2014-04-16 14:46 - 00000000 ____D () C:\Users\Kevin\Desktop\SweetFX

==================== One Month Modified Files and Folders =======

2014-05-16 23:24 - 2014-05-16 23:24 - 00024415 _____ () C:\Users\Kevin\Desktop\FRST.txt
2014-05-16 23:24 - 2014-05-12 00:32 - 00000000 ____D () C:\Users\Kevin\Desktop\FRST-OlderVersion
2014-05-16 23:24 - 2014-04-28 15:09 - 00000000 ____D () C:\FRST
2014-05-16 23:24 - 2014-04-28 15:08 - 02067456 _____ (Farbar) C:\Users\Kevin\Desktop\FRST64.exe
2014-05-16 23:23 - 2014-05-16 23:23 - 00000858 _____ () C:\Users\Kevin\Desktop\checkup.txt
2014-05-16 23:22 - 2013-11-21 22:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-16 23:20 - 2014-05-16 23:20 - 00855379 _____ () C:\Users\Kevin\Desktop\SecurityCheck.exe
2014-05-16 23:02 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-16 22:45 - 2013-11-25 00:06 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\TS3Client
2014-05-16 21:55 - 2013-11-21 21:14 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Skype
2014-05-16 21:11 - 2013-12-08 22:35 - 01215290 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 20:58 - 2013-11-23 20:29 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-16 20:58 - 2013-11-23 20:29 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-16 20:55 - 2014-01-08 17:39 - 00000000 ___RD () C:\Users\Kevin\Dropbox
2014-05-16 20:55 - 2014-01-08 17:38 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-16 20:55 - 2014-01-08 17:37 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Dropbox
2014-05-16 20:55 - 2013-11-20 01:52 - 00000000 ___RD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 20:54 - 2013-11-21 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-16 20:53 - 2013-11-21 21:26 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Raptr
2014-05-16 20:52 - 2013-12-18 20:45 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Overwolf
2014-05-16 20:52 - 2013-11-21 21:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\LogMeIn Hamachi
2014-05-16 20:51 - 2014-02-01 20:29 - 00000000 ____D () C:\Users\Kevin\AppData\Local\ESL Wire Game Client
2014-05-16 20:51 - 2013-11-21 21:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-16 20:51 - 2013-11-21 21:09 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-16 20:50 - 2014-05-09 12:49 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-16 20:50 - 2013-11-20 02:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-16 20:50 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 20:49 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-16 20:47 - 2013-11-21 21:10 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Battle.net
2014-05-16 20:40 - 2014-05-03 03:38 - 00000024 _____ () C:\Users\Kevin\random.dat
2014-05-16 19:29 - 2013-11-21 21:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Last.fm
2014-05-16 17:20 - 2014-05-03 17:31 - 00000024 _____ () C:\Users\Kevin\jagexappletviewer.preferences
2014-05-16 15:30 - 2014-05-16 15:30 - 00000000 ____D () C:\Program Files (x86)\Aurora
2014-05-16 12:34 - 2014-05-03 03:38 - 00000044 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE.dat
2014-05-16 06:30 - 2013-11-21 20:57 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-16 00:51 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-15 23:40 - 2014-02-09 15:34 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-15 23:35 - 2014-02-13 18:19 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft Public Test
2014-05-15 21:30 - 2014-05-15 21:30 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-15 21:30 - 2014-05-15 21:29 - 02347384 _____ (ESET) C:\Users\Kevin\Downloads\esetsmartinstaller_deu.exe
2014-05-15 21:26 - 2014-05-15 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-15 21:26 - 2014-05-15 21:26 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-15 21:26 - 2013-11-20 01:52 - 00000000 ___RD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-15 21:24 - 2014-05-02 06:51 - 00108860 _____ () C:\Windows\PFRO.log
2014-05-15 21:23 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-05-15 21:23 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 21:23 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-05-15 21:23 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\SecureBootUpdates
2014-05-15 21:23 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-05-15 21:23 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-05-15 20:29 - 2013-11-21 21:10 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-05-15 11:24 - 2013-11-21 20:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-15 11:22 - 2013-11-20 06:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-15 11:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-05-15 11:20 - 2013-11-20 06:18 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 11:20 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-05-15 09:52 - 2013-11-21 21:10 - 00000000 ____D () C:\ProgramData\Origin
2014-05-15 09:51 - 2014-05-15 09:51 - 00000000 _____ () C:\Users\Kevin\Desktop\12.09 10 uhr 30 dr mäser.txt
2014-05-15 07:31 - 2013-11-21 00:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-14 14:39 - 2014-05-14 14:27 - 169221918 _____ () C:\Users\Kevin\Downloads\King.zip
2014-05-13 23:16 - 2014-05-13 23:16 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Rockstar Games
2014-05-13 23:15 - 2014-05-13 23:15 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2014-05-13 23:15 - 2014-05-13 23:15 - 00000000 __RHD () C:\Users\Kevin\AppData\Roaming\SecuROM
2014-05-13 23:15 - 2014-04-27 12:11 - 00074275 _____ () C:\Windows\DirectX.log
2014-05-13 23:13 - 2014-05-13 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LCPD First Response
2014-05-13 23:13 - 2014-05-13 23:13 - 00000000 ____D () C:\Program Files (x86)\LCPD First Response
2014-05-13 23:12 - 2014-05-13 23:09 - 24329743 _____ () C:\Users\Kevin\Downloads\1. LCPDFR 1.0b Automatic Install.zip
2014-05-13 20:23 - 2013-11-21 22:14 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-13 14:29 - 2014-05-13 14:29 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-05-11 21:31 - 2014-05-11 21:31 - 00000000 ____D () C:\Users\Kevin\.jagex_cache_32
2014-05-11 21:31 - 2014-05-06 23:37 - 00000045 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE1.dat
2014-05-11 21:31 - 2013-11-20 01:51 - 00000000 ____D () C:\Users\Kevin
2014-05-11 15:17 - 2013-11-20 10:44 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-05-11 15:17 - 2013-11-20 10:44 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-05-11 15:17 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-09 13:16 - 2014-04-28 15:12 - 00083221 _____ () C:\Users\Kevin\Downloads\FRST.txt
2014-05-09 13:15 - 2014-05-09 13:15 - 00000000 ____D () C:\Users\Kevin\Downloads\FRST-OlderVersion
2014-05-09 13:01 - 2014-05-09 13:01 - 00000000 ____D () C:\Windows\ERUNT
2014-05-09 12:55 - 2014-05-09 12:55 - 00000000 ____D () C:\AdwCleaner
2014-05-09 12:54 - 2014-05-09 12:54 - 01316991 _____ () C:\Users\Kevin\Downloads\adwcleaner(1).exe
2014-05-09 12:51 - 2014-05-09 12:51 - 00000000 ____D () C:\ProgramData\Alienware
2014-05-09 07:32 - 2014-03-21 13:47 - 00000000 ____D () C:\Users\Kevin\Desktop\Soundboards
2014-05-09 07:14 - 2014-05-09 07:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-09 07:06 - 2014-05-09 07:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-07 14:17 - 2013-11-20 02:04 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Apps\2.0
2014-05-07 13:33 - 2013-11-20 01:57 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2908868876-2045890655-3528692861-1001
2014-05-07 13:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-07 11:50 - 2014-05-04 00:46 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG.drive
2014-05-06 23:37 - 2014-05-06 23:37 - 00000000 ____D () C:\Users\Kevin\jagexcache1
2014-05-06 21:06 - 2014-05-06 21:06 - 00001261 _____ () C:\Users\Public\Desktop\Burnout Paradise The Ultimate Box.lnk
2014-05-06 21:06 - 2014-05-06 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burnout Paradise The Ultimate Box
2014-05-06 17:41 - 2014-05-06 17:16 - 276805015 _____ () C:\Users\Kevin\Downloads\insane-testing.zip
2014-05-06 17:28 - 2014-05-06 17:16 - 113770432 _____ () C:\Users\Kevin\Downloads\fast-crazy-downhill.zip
2014-05-06 17:27 - 2014-05-06 17:15 - 103835337 _____ () C:\Users\Kevin\Downloads\pure-grid.zip
2014-05-06 17:24 - 2014-05-06 17:16 - 59233105 _____ () C:\Users\Kevin\Downloads\fatal-descent.rar
2014-05-06 17:20 - 2014-05-06 17:14 - 31831415 _____ () C:\Users\Kevin\Downloads\Subaru-WRX-STI-dlya-BeamNG-Drive.rar
2014-05-06 17:19 - 2014-05-06 17:15 - 26929044 _____ () C:\Users\Kevin\Downloads\Audi_A8.zip
2014-05-06 17:19 - 2014-05-06 17:14 - 22952008 _____ () C:\Users\Kevin\Downloads\chevrolet-corvette-c5-r.rar
2014-05-06 17:17 - 2014-05-06 17:14 - 22770295 _____ () C:\Users\Kevin\Downloads\Dodge-Challenger.rar
2014-05-06 17:16 - 2014-05-06 17:14 - 07432843 _____ () C:\Users\Kevin\Downloads\Skoda_Octavia.zip
2014-05-06 17:15 - 2014-05-06 17:14 - 05838647 _____ () C:\Users\Kevin\Downloads\Subaru-Impreza-WRX.rar
2014-05-06 17:15 - 2014-05-06 17:12 - 33795546 _____ () C:\Users\Kevin\Downloads\NissanGTR-dlya-BeamNG-Drive.rar
2014-05-06 17:15 - 2014-05-06 17:10 - 55780169 _____ () C:\Users\Kevin\Downloads\brutal-slope.zip
2014-05-06 17:14 - 2014-05-06 17:13 - 05410864 _____ () C:\Users\Kevin\Downloads\Mitsubishi-Evo-8-Black-dlya.rar
2014-05-06 17:14 - 2014-05-06 17:08 - 70346234 _____ () C:\Users\Kevin\Downloads\smash-your-car.zip
2014-05-06 17:12 - 2014-05-06 17:10 - 15653623 _____ () C:\Users\Kevin\Downloads\Lamborghini-Aventador.rar
2014-05-06 17:02 - 2013-11-23 19:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-06 07:14 - 2014-05-14 08:57 - 19274752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 07:14 - 2014-05-14 08:57 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 05:48 - 2014-05-14 08:57 - 14367232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:48 - 2014-05-14 08:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-06 05:37 - 2014-05-14 08:56 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:26 - 2014-05-14 08:56 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-05 16:06 - 2013-11-21 22:28 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Apple Computer
2014-05-05 06:59 - 2014-05-05 06:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-05-05 06:59 - 2014-05-05 06:48 - 00000000 ____D () C:\Users\Kevin\Desktop\Verkaufen
2014-05-05 06:59 - 2013-11-21 22:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-05 06:53 - 2014-05-05 06:51 - 70638408 _____ (Apple Inc.) C:\Users\Kevin\Downloads\iCloudSetup.exe
2014-05-04 23:33 - 2013-12-23 02:45 - 198948224 _____ (Sony Creative Software Inc.) C:\Users\Kevin\Downloads\vegaspro12.0.770.exe
2014-05-04 23:14 - 2014-05-04 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-04 23:14 - 2014-02-10 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-05-04 23:14 - 2014-02-10 17:35 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-05-04 23:13 - 2013-12-16 21:10 - 00000000 ____D () C:\Program Files\VDownloader
2014-05-04 22:20 - 2014-05-04 22:20 - 00019741 _____ () C:\ComboFix.txt
2014-05-04 22:20 - 2014-05-04 21:56 - 00000000 ____D () C:\ComboFix
2014-05-04 22:20 - 2014-05-02 06:42 - 00000000 ____D () C:\Qoobox
2014-05-04 22:12 - 2014-05-02 06:41 - 00000000 ____D () C:\Windows\erdnt
2014-05-04 22:07 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-05-04 21:55 - 2014-05-04 21:55 - 05197895 ____R (Swearware) C:\Users\Kevin\Desktop\ComboFix.exe
2014-05-04 21:55 - 2014-05-04 21:54 - 05197895 _____ (Swearware) C:\Users\Kevin\Downloads\ComboFix.exe
2014-05-04 03:08 - 2014-05-04 03:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Octodad Dadliest Catch
2014-05-04 03:07 - 2014-05-04 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octodad Dadliest Catch
2014-05-04 03:07 - 2014-05-04 03:06 - 00000000 ____D () C:\Program Files (x86)\Octodad Dadliest Catch
2014-05-04 03:04 - 2014-05-04 03:04 - 00000000 ____D () C:\Users\Kevin\Downloads\Octodad.Dadliest.Catch-CODEX
2014-05-04 03:04 - 2014-05-04 02:48 - 50765291 _____ () C:\Users\Kevin\Downloads\codex-octodad.part09.rar
2014-05-04 02:32 - 2014-05-04 02:25 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part08.rar
2014-05-04 02:24 - 2014-05-04 02:16 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part07.rar
2014-05-04 02:16 - 2014-05-04 02:09 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part06.rar
2014-05-04 02:07 - 2014-05-04 01:59 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part05.rar
2014-05-04 01:58 - 2014-05-04 01:46 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part04.rar
2014-05-04 01:45 - 2014-05-04 01:37 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part03.rar
2014-05-04 01:36 - 2014-05-03 18:29 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part02.rar
2014-05-04 00:47 - 2014-05-04 00:43 - 00000000 ____D () C:\Users\Kevin\BeamNG.drive.Alpha.0.3.0.5-iND
2014-05-04 00:38 - 2014-05-04 00:29 - 112741808 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part2.rar
2014-05-04 00:28 - 2014-05-03 18:30 - 629145600 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part1.rar
2014-05-03 20:20 - 2013-12-16 18:31 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-05-03 18:08 - 2014-01-28 17:59 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-05-03 17:51 - 2013-11-21 21:10 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-03 17:31 - 2014-05-03 17:31 - 00002086 _____ () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00002056 _____ () C:\Users\Kevin\Desktop\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\.jagex_cache_32
2014-05-03 17:31 - 2014-05-03 03:38 - 00000000 ____D () C:\Users\Kevin\jagexcache
2014-05-03 17:26 - 2014-05-03 17:26 - 00347816 _____ (Microsoft Corporation) C:\Users\Kevin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.333225616075749.1.2.Run.exe
2014-05-03 14:24 - 2014-05-03 14:24 - 04143997 _____ () C:\Users\Kevin\Downloads\tdsskiller.zip
2014-05-03 03:06 - 2014-05-03 03:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-02 13:49 - 2014-05-02 13:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\ProgramData\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-02 12:49 - 2014-05-02 12:45 - 138607664 _____ () C:\Users\Kevin\Downloads\avira_free_antivirus614_de.exe
2014-05-02 07:16 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-05-02 07:07 - 2014-05-02 07:07 - 00000000 ____D () C:\Device
2014-05-02 07:07 - 2012-07-26 07:26 - 70778880 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 13893632 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-05-02 06:54 - 2014-05-02 07:07 - 05103616 _____ () C:\Windows\system32\config\DRIVERS.bak
2014-05-02 06:52 - 2014-03-15 14:38 - 05152168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-02 06:30 - 2014-05-02 06:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-02 06:29 - 2014-05-02 06:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kevin\Downloads\revosetup95.exe
2014-05-02 06:26 - 2013-11-20 02:04 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Deployment
2014-05-01 22:37 - 2013-11-20 06:44 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-01 22:37 - 2013-11-20 06:44 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-01 19:47 - 2014-05-01 19:46 - 03821064 _____ () C:\Users\Kevin\Downloads\battlelog-web-plugins_2.3.2_130.exe
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\Program Files\CPUID
2014-05-01 18:37 - 2014-05-01 18:37 - 01460512 _____ ( ) C:\Users\Kevin\Downloads\cpu-z_1.67.1-setup-en.exe
2014-04-29 17:50 - 2014-04-29 17:50 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-29 17:49 - 2014-04-29 17:49 - 07401104 _____ (TeamViewer GmbH) C:\Users\Kevin\Downloads\TeamViewer_Setup_de_9.0.27614.exe
2014-04-29 17:49 - 2014-04-29 17:49 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-04-29 13:52 - 2014-04-13 15:36 - 00009000 _____ () C:\Users\Kevin\Documents\TombRaider.log
2014-04-27 18:34 - 2014-04-27 18:34 - 00000000 ____D () C:\Users\Kevin\AppData\Local\My Games
2014-04-27 18:34 - 2013-12-10 20:50 - 00000000 ____D () C:\Users\Kevin\Documents\My Games
2014-04-27 12:44 - 2014-04-27 12:44 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Empty Clip Studios
2014-04-27 12:13 - 2014-04-27 12:13 - 00000000 ____D () C:\Users\Kevin\Documents\IAmAlive
2014-04-27 10:30 - 2014-04-27 10:30 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-27 10:30 - 2014-04-27 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-27 10:30 - 2014-03-20 17:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-27 10:30 - 2013-11-21 21:14 - 00000000 ____D () C:\ProgramData\Skype
2014-04-27 10:28 - 2014-04-27 10:27 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Kevin\Downloads\SkypeSetupFull6.14.73.104.exe
2014-04-25 23:42 - 2014-04-25 23:42 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-25 23:42 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-25 23:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-25 23:00 - 2014-04-25 20:30 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part01.rar
2014-04-25 21:02 - 2013-11-21 00:54 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Adobe
2014-04-25 20:57 - 2014-03-06 17:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DAEMON Tools Lite
2014-04-25 20:57 - 2013-12-23 02:44 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Sony
2014-04-25 20:47 - 2014-04-25 20:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\RotMG.Production
2014-04-25 13:56 - 2014-03-07 17:51 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\vlc
2014-04-24 08:28 - 2014-04-23 23:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Forge
2014-04-23 23:46 - 2014-04-23 23:45 - 11065618 _____ () C:\Users\Kevin\Downloads\tokens.zip
2014-04-23 23:31 - 2014-04-23 23:31 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Forge
2014-04-23 21:03 - 2014-04-23 21:03 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\StunlockStudios
2014-04-22 23:02 - 2014-04-22 23:00 - 00000000 ____D () C:\Users\Kevin\Documents\Schule
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\Documents\CyberLink
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\CyberLink
2014-04-21 15:09 - 2013-11-21 01:51 - 00000000 ____D () C:\ProgramData\CyberLink
2014-04-21 15:05 - 2014-04-21 15:04 - 00000000 ____D () C:\Program Files (x86)\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 01085440 _____ () C:\Users\Kevin\Downloads\puush.msi
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush
2014-04-21 13:54 - 2014-04-21 13:46 - 336017408 _____ () C:\Users\Kevin\Downloads\MyLittlePorny.iso
2014-04-19 14:04 - 2013-12-30 16:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Skyrim
2014-04-19 13:55 - 2014-04-18 17:23 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\.minecraft
2014-04-19 11:39 - 2014-05-06 15:46 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 15:46 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 15:46 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 15:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 15:46 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 23:53 - 2014-04-18 23:53 - 00448562 _____ () C:\Users\Kevin\Downloads\voxelmap-1.7.2-1.0.jar.zip
2014-04-18 23:35 - 2014-04-18 23:35 - 00064982 _____ () C:\Users\Kevin\Downloads\seus-v10.1-Preview2.zip
2014-04-18 23:21 - 2014-04-18 23:20 - 02752442 _____ () C:\Users\Kevin\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe
2014-04-18 19:21 - 2014-04-18 19:17 - 22455453 _____ () C:\Users\Kevin\Downloads\Teramia 0.9.1 Beta.zip
2014-04-18 18:06 - 2014-04-18 18:04 - 06174909 _____ () C:\Users\Kevin\Downloads\Minecraft_1.3.2.rar
2014-04-18 17:34 - 2014-04-18 17:34 - 00000000 ____D () C:\Users\Kevin\.swt
2014-04-18 17:23 - 2014-04-18 17:23 - 00675988 _____ () C:\Users\Kevin\Desktop\Minecraft.exe
2014-04-18 17:16 - 2014-04-18 17:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Sony Creative Software Inc
2014-04-18 13:46 - 2014-04-17 02:08 - 00052059 _____ () C:\Users\Kevin\Desktop\Music.txt
2014-04-18 02:00 - 2014-04-18 01:53 - 93035512 _____ () C:\Users\Kevin\Downloads\theponyway.2012.zip
2014-04-17 11:52 - 2014-04-17 11:14 - 00000000 ____D () C:\Users\Kevin\AppData\Local\easytag
2014-04-17 11:50 - 2014-04-17 11:43 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Mp3tag
2014-04-17 11:45 - 2014-04-16 22:41 - 00000000 ____D () C:\Backup Festplatte
2014-04-17 11:42 - 2014-04-17 11:42 - 02634152 _____ () C:\Users\Kevin\Downloads\mp3tagv258setup.exe
2014-04-17 11:42 - 2014-04-17 11:42 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Users\Kevin\.dbus-keyrings
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyTAG
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Program Files (x86)\EasyTAG
2014-04-17 11:13 - 2014-04-17 11:13 - 08506991 _____ () C:\Users\Kevin\Downloads\easytag-2.2.0-setup.exe
2014-04-17 11:11 - 2013-11-21 01:06 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 11:10 - 2014-04-17 11:10 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 11:10 - 2014-04-17 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-17 11:10 - 2013-11-21 01:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmoK Exif Sorter
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\Program Files\AmoK Exif Sorter
2014-04-17 11:07 - 2014-04-17 11:07 - 01962995 _____ () C:\Users\Kevin\Downloads\AmoK_Exif_Sorter_v2.56_(Windows_64Bit)_Setup.exe
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DigitalVolcano
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner
2014-04-17 10:48 - 2014-04-17 10:48 - 05143120 _____ (DigitalVolcano Software Ltd) C:\Users\Kevin\Downloads\DuplicateCleaner_setup.exe
2014-04-17 02:27 - 2014-04-17 01:57 - 533446578 _____ () C:\Users\Kevin\Downloads\Balloon Party - 100- No Feeble Cheering - MP3 320.zip
2014-04-17 02:21 - 2014-04-17 01:58 - 304323421 _____ () C:\Users\Kevin\Downloads\Balloon Party - After Party - MP3 320.zip
2014-04-17 02:21 - 2014-04-17 01:58 - 154256398 _____ () C:\Users\Kevin\Downloads\Balloon Party - Apple 2012 - MP3 320.zip
2014-04-16 22:41 - 2014-04-16 22:41 - 00003008 _____ () C:\Users\Kevin\photorec.cfg
2014-04-16 22:27 - 2014-04-16 21:39 - 00097232 _____ () C:\Windows\SysWOW64\photorec.ses
2014-04-16 18:58 - 2014-04-16 18:52 - 00000000 ____D () C:\Program Files (x86)\Convar
2014-04-16 18:52 - 2014-04-16 18:52 - 03462033 _____ () C:\Users\Kevin\Downloads\pci_filerecovery.exe
2014-04-16 17:57 - 2014-04-15 17:57 - 00773359 _____ () C:\Users\Kevin\Documents\Untitled_Windows Media Video V11_HD-720-30p-Video mit 6 Mbit-s.wmv
2014-04-16 14:46 - 2014-04-16 14:40 - 00000000 ____D () C:\Users\Kevin\Desktop\SweetFX

Files to move or delete:
====================
C:\Users\Kevin\jagex_cl_runescape_LIVE.dat
C:\Users\Kevin\jagex_cl_runescape_LIVE1.dat
C:\Users\Kevin\random.dat


Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\avgnt.exe
C:\Users\Kevin\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Kevin\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Kevin\AppData\Local\Temp\drm_dyndata_7390006.dll
C:\Users\Kevin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpolreq6.dll
C:\Users\Kevin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-05-14 08:57] - [2014-04-12 11:10] - 0578048 ____A (Microsoft Corporation) 75DD70A14145499C9F7D903CF9A8C91B

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-16 03:00

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

Und ja, immer noch Prozessprobleme :/ Vorallem mit Skype und bf4
__________________
Geändert von Ummgh23 (16.05.2014 um 22:33 Uhr)

Alt 17.05.2014, 19:58   #19
schrauber
/// the machine
/// TB-Ausbilder
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Mach mal bitte einen Refresh von Win 8.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.05.2014, 16:01   #20
Ummgh23
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Skype hat grad zum ersten mal wieder gefunzt da nur 1 prozess da

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-05-2014
Ran by Kevin at 2014-05-18 01:53:04 Run:1
Running from C:\Users\Kevin\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
         
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====
Und ich hab keine Win cd da

bf4 macht jedoch immer noch dieselben probs.

Oder was meinst du mit Refresh von Win 8? Komplett clearen will ich meinen PC näml. nicht D:

Uund da sind die 2 Skype-Prozesse wieder...


Alt 20.05.2014, 11:21   #21
schrauber
/// the machine
/// TB-Ausbilder
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Refresh:

Windows 8 Refresh: A great feature, if you know the limitations | Microsoft windows - InfoWorld
__________________
--> Multiple instanzen verschiedener Prozesse laufen, nicht killbar.

Alt 20.05.2014, 14:36   #22
Ummgh23
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Ich soll also einen refreshpoint erstellen?

Alt 21.05.2014, 08:10   #23
schrauber
/// the machine
/// TB-Ausbilder
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Nein, das ist ein kompletter Refresh von Windows, ohne Datenverlust.

So wird&#39;s gemacht: Auffrischen, Wiederherstellen und Zurücksetzen des PCs auf die Originaleinstellung - Hilfe zu Microsoft*Windows
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 21.05.2014, 10:36   #24
Ummgh23
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Sagt mir nur:"Medien Einlegen"

Alt 22.05.2014, 08:41   #25
schrauber
/// the machine
/// TB-Ausbilder
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Hast Du win8 per Scheibe installiert? War es schon drauf? Wenn ja war ne Scheibe dabei oder ne recovery Partition?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.05.2014, 16:42   #26
Ummgh23
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Ich hab keine CD und keine Recovery Partition.

Alt 23.05.2014, 16:06   #27
schrauber
/// the machine
/// TB-Ausbilder
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Keine CD und keine Recovery geht nit. Eins von beiden is Muss. Wir haste Windows installiert?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.05.2014, 17:29   #28
Ummgh23
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Der IT'ler von dem ich den PC hab(Is Dell Partner, alienware pc) hat Win 8 draufgetan als er bei ihm in reperatur war mal. Die CD hat er mir nicht mitgegeben als ich ihn zurückbekommen habe.

Alt 24.05.2014, 11:23   #29
schrauber
/// the machine
/// TB-Ausbilder
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Dann gehste jetzt zum Ihm und sagst dass Dein Win8, ohn eBesitz eines Recovery Mediums oder der Lizenz, illegal ist. Wenn Du die Lizenz aber bei ihm bezahlt hast, muss er dir auch ein Medium dazu bereitstellen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.05.2014, 15:24   #30
Ummgh23
 
Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Standard

Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


Nene ich hab die Lizenz ja! Hab ein Formular mit dem Key usw drauf. Nur kein Medium.
Und ich habs nicht bezahlt, er hats mir geschenkt. Ist n bekannter.

Antwort
Seite 2 von 3 1 2 3

Themen zu Multiple instanzen verschiedener Prozesse laufen, nicht killbar.
ahnung, laufe, laufen, nicht mehr, prozesse, skype, spuckt, task-manager, verschiedener, verweigert, verwenden, zugriff, zugriff verweigert, öfters


« winmgr.exe blockiert Zugriff auf Antivirenprogramme warum ? | Malwarebytes' Anti-Malware stürzt ab »


Ähnliche Themen: Multiple instanzen verschiedener Prozesse laufen, nicht killbar.


  1. WIN 8.1 64bit: auch ich habe musik im hintergrund laufen - prozesse teilweise SEHR lahm! ;-(
    Plagegeister aller Art und deren Bekämpfung - 29.06.2015 (7)
  2. Windows XP: Fragmente verschiedener Programme lassen sich nicht deinstallieren, Desktophintergrund verändert sich
    Log-Analyse und Auswertung - 18.02.2014 (12)
  3. PC macht Mätzchen, sobald mehrere Prozesse laufen
    Plagegeister aller Art und deren Bekämpfung - 28.01.2014 (8)
  4. Viele Prozesse laufen (u.a. svchost.exe) - hohe CPU-Auslastung: Rechner langsam!
    Log-Analyse und Auswertung - 17.11.2013 (13)
  5. PC wird immer langsamer und es laufen mehrere svchost-Prozesse gleichzeitig
    Plagegeister aller Art und deren Bekämpfung - 08.11.2012 (18)
  6. Malwarebyte Otl Avir Gmer können nicht vollständig ausgeführt werden. Prozess ist nicht killbar.
    Plagegeister aller Art und deren Bekämpfung - 10.10.2011 (3)
  7. Ram zu hoch & zuviel Prozesse laufen
    Log-Analyse und Auswertung - 14.06.2011 (1)
  8. Über 70 Prozesse am laufen?
    Log-Analyse und Auswertung - 06.07.2010 (21)
  9. Ständig ca. 85 Prozesse am laufen... was löschen?
    Log-Analyse und Auswertung - 16.04.2010 (1)
  10. Nach ausführen einer .exe, komische Prozesse am laufen
    Log-Analyse und Auswertung - 08.04.2010 (37)
  11. Task manager auf 100% (8 mal svchost.exe Prozesse laufen im Taskmanager)
    Log-Analyse und Auswertung - 01.02.2009 (0)
  12. Malwarebytes kann es nicht löschen ( Rogue.Multiple )
    Log-Analyse und Auswertung - 18.08.2008 (34)
  13. dropper.agent.bmh nicht killbar
    Log-Analyse und Auswertung - 16.01.2008 (10)
  14. PC extrem langsam! Zu viel Prozesse laufen im Hintergrund! Was kann ich tun?
    Log-Analyse und Auswertung - 20.07.2006 (3)
  15. habe gaaaaanz viele prozesse laufen!Welche sind gut welche nicht?
    Plagegeister aller Art und deren Bekämpfung - 07.03.2006 (3)
  16. Alarm? Unbekannte Prozesse laufen
    Plagegeister aller Art und deren Bekämpfung - 06.06.2004 (4)
  17. Welche Prozesse dürfen unter WIN 98 II laufen?
    Alles rund um Windows - 28.09.2003 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Multiple instanzen verschiedener Prozesse laufen, nicht killbar. - Sooo, einmal mbam log: Code: Alles auswählen Aufklappen ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 09.05.2014 Suchlauf-Zeit: 07:31:49 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.05.09.04 Rootkit Datenbank: v2014.03.27.01 Lizenz: - Multiple instanzen verschiedener Prozesse laufen, nicht killbar....
Archiv
Du betrachtest: Multiple instanzen verschiedener Prozesse laufen, nicht killbar. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129