Sooo, einmal mbam log: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 09.05.2014
Suchlauf-Zeit: 07:31:49
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.05.09.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Kevin
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 267273
Verstrichene Zeit: 17 Min, 12 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 5
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [e7196b9558a80000607d54cf639f08f8],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [e7196b9558a80000607d54cf639f08f8],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [e7196b9558a80000607d54cf639f08f8],
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [e7196b9558a80000607d54cf639f08f8],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2908868876-2045890655-3528692861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\SEARCHPROTECTINT, In Quarantäne, [2fd1e7196b95758bb029c7cab151c23e],
Registrierungswerte: 2
PUP.Optional.NextLive.A, HKU\S-1-5-21-2908868876-2045890655-3528692861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NextLive, C:\Windows\SysWOW64\rundll32.exe "C:\Users\Kevin\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l, In Quarantäne, [7987857b9e62f010d8f6252d837e7f81]
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2908868876-2045890655-3528692861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\SEARCHPROTECTINT|Install, 1, In Quarantäne, [2fd1e7196b95758bb029c7cab151c23e]
Registrierungsdaten: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-2908868876-2045890655-3528692861-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?ctid=CT3323882&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP438F07D2-38DE-4EBD-9DA1-14360CC25479&SSPV=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.conduit.com/?ctid=CT3323882&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP438F07D2-38DE-4EBD-9DA1-14360CC25479&SSPV=),Ersetzt,[25db8b7589775fa1d79cb28404007c84]
Ordner: 2
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me, In Quarantäne, [21df7f81af51f60a8686beaf34ce857b],
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me\cache, In Quarantäne, [21df7f81af51f60a8686beaf34ce857b],
Dateien: 9
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me\nengine.dll, In Quarantäne, [7987857b9e62f010d8f6252d837e7f81],
PUP.Optional.OpenCandy, C:\Users\Kevin\Downloads\DTLite4481-0347.exe, In Quarantäne, [986820e010f0748c1b839cc705ffae52],
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Local\genienext\nengine.dll, In Quarantäne, [8977cc344bb507f9b618c191907101ff],
PUP.Optional.Amonetize.A, C:\Users\Kevin\Desktop\Soundboards\claptrap sb__6077_il57558.exe, In Quarantäne, [f20ee31d45bb4db34a1d79c155ab21df],
PUP.Optional.Amonetize.A, C:\Users\Kevin\Desktop\Soundboards\JESSE PINKMAN SB__6078_il1285699.exe, In Quarantäne, [1be5d52b8f7153ad96d1ab8f35cb7f81],
PUP.Optional.Amonetize.A, C:\Users\Kevin\Desktop\Soundboards\TREVOR SB__6148_il12744.exe, In Quarantäne, [fe0231cfc53b24dca8bf0b2f3ac623dd],
PUP.Optional.Amonetize.A, C:\Users\Kevin\Desktop\Soundboards\WALTER WHITE sb__6077_il55463.exe, In Quarantäne, [5da3926e649ce51b97d02e0c46bae818],
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me\nengine.cookie, In Quarantäne, [21df7f81af51f60a8686beaf34ce857b],
PUP.Optional.NextLive.A, C:\Users\Kevin\AppData\Roaming\newnext.me\cache\spark.bin, In Quarantäne, [21df7f81af51f60a8686beaf34ce857b],
Physische Sektoren: 0
(No malicious items detected)
(end)
Adwcleaner Log: Code:
# AdwCleaner v3.207 - Bericht erstellt am 09/05/2014 um 12:55:38
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 8 (64 bits)
# Benutzername : Kevin - ALIENWARE
# Gestartet von : C:\Users\Kevin\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : SystemStoreService
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Kevin\AppData\Local\genienext
Ordner Gelöscht : C:\Users\Kevin\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Kevin\Documents\Mobogenie
Datei Gelöscht : C:\Users\Kevin\daemonprocess.txt
Datei Gelöscht : C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\93EA40F4CAE1A3547BC8B12F333055FE
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\93EA40F4CAE1A3547BC8B12F333055FE
***** [ Browser ] *****
-\\ Internet Explorer v10.0.9200.16537
-\\ Mozilla Firefox v
[ Datei : C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\prefs.js ]
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.startfenster.de");
*************************
AdwCleaner[R0].txt - [2010 octets] - [09/05/2014 12:55:16]
AdwCleaner[S0].txt - [1813 octets] - [09/05/2014 12:55:38]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1873 octets] ##########
JRT Log: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 8 x64
Ran by Kevin on 09.05.2014 at 13:06:22,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasmancs
~~~ Files
Successfully deleted: [File] "C:\Users\Kevin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.05.2014 at 13:09:09,73
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Und zu guter letzt FRST log:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2014 01
Ran by Kevin (administrator) on ALIENWARE on 09-05-2014 13:15:17
Running from C:\Users\Kevin\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe
(DJMASTER.COM) C:\Program Files\ONAIR\ONAIR.exe
() C:\Program Files (x86)\puush\puush.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\firefox.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\OverwolfHelper64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Last.fm) C:\Program Files (x86)\Last.fm\Last.fm Scrobbler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Aurora\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8290584 2013-08-01] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2201032 2014-04-02] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12616 2012-01-10] (Alienware)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [444760 2014-03-07] (Razer Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-04-15] (LogMeIn Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3588952 2014-04-25] (Electronic Arts)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-04-11] (Raptr, Inc)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [37664 2014-03-05] (Overwolf LTD)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [ESL Wire] => C:\Program Files\EslWire\wire.exe [3620352 2014-04-02] (Turtle Entertainment GmbH)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [ONAIR] => C:\Program Files\ONAIR\ONAIR.exe [3505152 2014-03-09] (DJMASTER.COM)
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-04-21] ()
HKU\S-1-5-21-2908868876-2045890655-3528692861-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x1E4DBDDE2807CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {3B5CCE57-FA96-4E1D-B691-0FA66591519E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM - {3B5CCE57-FA96-4E1D-B691-0FA66591519E} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKCU - {05E205BA-FB3B-401C-A6FA-C384AE3B36EE} URL = hxxp://www.google.at/search?q={searchTerms}
SearchScopes: HKCU - {3B5CCE57-FA96-4E1D-B691-0FA66591519E} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll (CANON INC.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll (CANON INC.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
FireFox:
========
FF ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Sync Video - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\Extensions\jid0-6qxNvGdS7HQG9rsoojsd0BubY84@jetpack.xpi [2014-04-05]
FF Extension: Copy Links - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\Extensions\{76C80A11-FAD4-406c-8246-F5ED4F9367B5}.xpi [2013-12-16]
FF Extension: Adblock Plus - C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\3580i1mr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-29]
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Aurora\firefox.exe
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-07] (Realsil Microelectronics Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] ()
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-08] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1615192 2014-04-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [20541216 2014-04-02] (NVIDIA Corporation)
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-03-30] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-03-30] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-26] (CyberLink)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-06] (Disc Soft Ltd)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [184968 2014-03-30] (<Turtle Entertainment>)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-04-15] (LogMeIn Inc.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-05-09] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-21] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39080 2013-11-15] (Razer Inc)
R3 SaiK0CD7; C:\Windows\system32\DRIVERS\SaiK0CD7.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU0CD7; C:\Windows\System32\drivers\SaiU0CD7.sys [47168 2012-09-20] (Saitek)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-11-21] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2013-11-21] (Acronis International GmbH)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [89088 2012-07-26] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 NTIOLib_Flash; \??\C:\Users\Kevin\AppData\Local\Temp\2WSX3EDC\NTIOLib_X64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
NETSVCx32: eventsystem -> C:\Windows\SysWOW64\es.dll (Microsoft Corporation)
NETSVCx32: iprip -> No ServiceDLL Path.
NETSVCx32: netman -> C:\Windows\SysWOW64\netman.dll ==> No File.
NETSVCx32: wzcsvc -> No ServiceDLL Path.
NETSVCx32: ip6fwhlp -> No ServiceDLL Path.
NETSVCx32: WmdmPmSN -> No ServiceDLL Path.
NETSVCx32: Appinfo -> C:\Windows\SysWOW64\appinfo.dll ==> No File.
NETSVCx32: BDESVC -> C:\Windows\SysWOW64\bdesvc.dll ==> No File.
NETSVCx32: Browser -> C:\Windows\SysWOW64\browser.dll ==> No File.
NETSVCx32: DsmSvc -> C:\Windows\SysWOW64\DeviceSetupManager.dll ==> No File.
NETSVCx32: Eaphost -> C:\Windows\SysWOW64\eapsvc.dll ==> No File.
NETSVCx32: hkmsvc -> C:\Windows\SysWOW64\kmsvc.dll ==> No File.
NETSVCx32: IKEEXT -> C:\Windows\SysWOW64\ikeext.dll ==> No File.
NETSVCx32: MMCSS -> C:\Windows\SysWOW64\mmcss.dll ==> No File.
NETSVCx32: NcaSvc -> C:\Windows\SysWOW64\ncasvc.dll ==> No File.
NETSVCx32: ProfSvc -> C:\Windows\SysWOW64\profsvc.dll ==> No File.
NETSVCx32: seclogon -> %windir%\SysWOW64\seclogon.dll ==> No File.
NETSVCx32: SystemEventsBroker -> C:\Windows\SysWOW64\SystemEventsBrokerServer.dll ==> No File.
NETSVCx32: wercplsupport -> C:\Windows\SysWOW64\wercplsupport.dll ==> No File.
NETSVCx32: wlidsvc -> C:\Windows\SysWOW64\wlidsvc.dll ==> No File.
==================== One Month Created Files and Folders ========
2014-05-09 13:15 - 2014-05-09 13:15 - 00000000 ____D () C:\Users\Kevin\Downloads\FRST-OlderVersion
2014-05-09 13:09 - 2014-05-09 13:09 - 00000998 _____ () C:\Users\Kevin\Desktop\JRT.txt
2014-05-09 13:01 - 2014-05-09 13:01 - 01016261 _____ (Thisisu) C:\Users\Kevin\Desktop\JRT.exe
2014-05-09 13:01 - 2014-05-09 13:01 - 00000000 ____D () C:\Windows\ERUNT
2014-05-09 12:58 - 2014-05-09 12:58 - 00001953 _____ () C:\Users\Kevin\Desktop\AdwCleaner[S0].txt
2014-05-09 12:55 - 2014-05-09 12:55 - 00000000 ____D () C:\AdwCleaner
2014-05-09 12:54 - 2014-05-09 12:54 - 01316991 _____ () C:\Users\Kevin\Downloads\adwcleaner(1).exe
2014-05-09 12:51 - 2014-05-09 12:51 - 01316991 _____ () C:\Users\Kevin\Desktop\adwcleaner.exe
2014-05-09 12:51 - 2014-05-09 12:51 - 00000000 ____D () C:\ProgramData\Alienware
2014-05-09 12:49 - 2014-05-09 13:05 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-09 07:32 - 2014-05-09 07:32 - 00004369 _____ () C:\Users\Kevin\Desktop\mbam.txt
2014-05-09 07:07 - 2014-05-09 07:14 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-09 07:07 - 2014-05-09 07:07 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-09 07:07 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-09 07:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-09 07:07 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 07:06 - 2014-05-09 07:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-08 16:45 - 2014-05-08 16:45 - 00000000 ____D () C:\Program Files (x86)\Aurora
2014-05-06 23:37 - 2014-05-06 23:37 - 00000045 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE1.dat
2014-05-06 23:37 - 2014-05-06 23:37 - 00000000 ____D () C:\Users\Kevin\jagexcache1
2014-05-06 21:06 - 2014-05-06 21:06 - 00001261 _____ () C:\Users\Public\Desktop\Burnout Paradise The Ultimate Box.lnk
2014-05-06 21:06 - 2014-05-06 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burnout Paradise The Ultimate Box
2014-05-06 17:16 - 2014-05-06 17:41 - 276805015 _____ () C:\Users\Kevin\Downloads\insane-testing.zip
2014-05-06 17:16 - 2014-05-06 17:28 - 113770432 _____ () C:\Users\Kevin\Downloads\fast-crazy-downhill.zip
2014-05-06 17:16 - 2014-05-06 17:24 - 59233105 _____ () C:\Users\Kevin\Downloads\fatal-descent.rar
2014-05-06 17:15 - 2014-05-06 17:27 - 103835337 _____ () C:\Users\Kevin\Downloads\pure-grid.zip
2014-05-06 17:15 - 2014-05-06 17:19 - 26929044 _____ () C:\Users\Kevin\Downloads\Audi_A8.zip
2014-05-06 17:14 - 2014-05-06 17:20 - 31831415 _____ () C:\Users\Kevin\Downloads\Subaru-WRX-STI-dlya-BeamNG-Drive.rar
2014-05-06 17:14 - 2014-05-06 17:19 - 22952008 _____ () C:\Users\Kevin\Downloads\chevrolet-corvette-c5-r.rar
2014-05-06 17:14 - 2014-05-06 17:17 - 22770295 _____ () C:\Users\Kevin\Downloads\Dodge-Challenger.rar
2014-05-06 17:14 - 2014-05-06 17:16 - 07432843 _____ () C:\Users\Kevin\Downloads\Skoda_Octavia.zip
2014-05-06 17:14 - 2014-05-06 17:15 - 05838647 _____ () C:\Users\Kevin\Downloads\Subaru-Impreza-WRX.rar
2014-05-06 17:13 - 2014-05-06 17:14 - 05410864 _____ () C:\Users\Kevin\Downloads\Mitsubishi-Evo-8-Black-dlya.rar
2014-05-06 17:12 - 2014-05-06 17:15 - 33795546 _____ () C:\Users\Kevin\Downloads\NissanGTR-dlya-BeamNG-Drive.rar
2014-05-06 17:10 - 2014-05-06 17:15 - 55780169 _____ () C:\Users\Kevin\Downloads\brutal-slope.zip
2014-05-06 17:10 - 2014-05-06 17:12 - 15653623 _____ () C:\Users\Kevin\Downloads\Lamborghini-Aventador.rar
2014-05-06 17:08 - 2014-05-06 17:14 - 70346234 _____ () C:\Users\Kevin\Downloads\smash-your-car.zip
2014-05-06 15:46 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 15:46 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 15:46 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 15:46 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 15:46 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-05 06:59 - 2014-05-05 06:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-05-05 06:51 - 2014-05-05 06:53 - 70638408 _____ (Apple Inc.) C:\Users\Kevin\Downloads\iCloudSetup.exe
2014-05-05 06:48 - 2014-05-05 06:59 - 00000000 ____D () C:\Users\Kevin\Desktop\Verkaufen
2014-05-04 23:14 - 2014-05-04 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-04 22:20 - 2014-05-04 22:20 - 00019741 _____ () C:\ComboFix.txt
2014-05-04 21:56 - 2014-05-04 22:20 - 00000000 ____D () C:\ComboFix
2014-05-04 21:56 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-04 21:55 - 2014-05-04 21:55 - 05197895 ____R (Swearware) C:\Users\Kevin\Desktop\ComboFix.exe
2014-05-04 21:54 - 2014-05-04 21:55 - 05197895 _____ (Swearware) C:\Users\Kevin\Downloads\ComboFix.exe
2014-05-04 03:08 - 2014-05-04 03:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Octodad Dadliest Catch
2014-05-04 03:07 - 2014-05-04 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octodad Dadliest Catch
2014-05-04 03:06 - 2014-05-04 03:07 - 00000000 ____D () C:\Program Files (x86)\Octodad Dadliest Catch
2014-05-04 03:04 - 2014-05-04 03:04 - 00000000 ____D () C:\Users\Kevin\Downloads\Octodad.Dadliest.Catch-CODEX
2014-05-04 02:48 - 2014-05-04 03:04 - 50765291 _____ () C:\Users\Kevin\Downloads\codex-octodad.part09.rar
2014-05-04 02:25 - 2014-05-04 02:32 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part08.rar
2014-05-04 02:16 - 2014-05-04 02:24 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part07.rar
2014-05-04 02:09 - 2014-05-04 02:16 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part06.rar
2014-05-04 01:59 - 2014-05-04 02:07 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part05.rar
2014-05-04 01:46 - 2014-05-04 01:58 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part04.rar
2014-05-04 01:37 - 2014-05-04 01:45 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part03.rar
2014-05-04 00:46 - 2014-05-07 11:50 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG.drive
2014-05-04 00:43 - 2014-05-04 00:47 - 00000000 ____D () C:\Users\Kevin\BeamNG.drive.Alpha.0.3.0.5-iND
2014-05-04 00:29 - 2014-05-04 00:38 - 112741808 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part2.rar
2014-05-03 18:30 - 2014-05-04 00:28 - 629145600 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part1.rar
2014-05-03 18:29 - 2014-05-04 01:36 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part02.rar
2014-05-03 17:31 - 2014-05-08 22:45 - 00000024 _____ () C:\Users\Kevin\jagexappletviewer.preferences
2014-05-03 17:31 - 2014-05-03 17:31 - 00002086 _____ () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00002056 _____ () C:\Users\Kevin\Desktop\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\.jagex_cache_32
2014-05-03 17:26 - 2014-05-03 17:26 - 00347816 _____ (Microsoft Corporation) C:\Users\Kevin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.333225616075749.1.2.Run.exe
2014-05-03 14:24 - 2014-05-03 14:24 - 04143997 _____ () C:\Users\Kevin\Downloads\tdsskiller.zip
2014-05-03 14:24 - 2014-04-29 18:21 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Kevin\Desktop\TDSSKiller.exe
2014-05-03 03:38 - 2014-05-09 00:12 - 00000024 _____ () C:\Users\Kevin\random.dat
2014-05-03 03:38 - 2014-05-08 22:45 - 00000044 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE.dat
2014-05-03 03:38 - 2014-05-03 17:31 - 00000000 ____D () C:\Users\Kevin\jagexcache
2014-05-03 03:06 - 2014-05-03 03:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-03 03:01 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 03:01 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 03:01 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 03:01 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-02 13:49 - 2014-05-02 13:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\ProgramData\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-02 13:44 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-02 13:44 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-05-02 13:44 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-05-02 12:45 - 2014-05-02 12:49 - 138607664 _____ () C:\Users\Kevin\Downloads\avira_free_antivirus614_de.exe
2014-05-02 07:07 - 2014-05-02 07:07 - 00000000 ____D () C:\Device
2014-05-02 07:07 - 2014-05-02 06:54 - 05103616 _____ () C:\Windows\system32\config\DRIVERS.bak
2014-05-02 06:51 - 2014-05-09 12:56 - 00106776 _____ () C:\Windows\PFRO.log
2014-05-02 06:47 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-02 06:47 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-02 06:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-02 06:47 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-02 06:45 - 2013-12-04 16:27 - 00010405 _____ () C:\Windows\SysWOW64\cryptsvc.dll
2014-05-02 06:42 - 2014-05-04 22:20 - 00000000 ____D () C:\Qoobox
2014-05-02 06:41 - 2014-05-04 22:12 - 00000000 ____D () C:\Windows\erdnt
2014-05-02 06:30 - 2014-05-02 06:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-02 06:29 - 2014-05-02 06:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kevin\Downloads\revosetup95.exe
2014-05-01 19:46 - 2014-05-01 19:47 - 03821064 _____ () C:\Users\Kevin\Downloads\battlelog-web-plugins_2.3.2_130.exe
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\Program Files\CPUID
2014-05-01 18:37 - 2014-05-01 18:37 - 01460512 _____ ( ) C:\Users\Kevin\Downloads\cpu-z_1.67.1-setup-en.exe
2014-04-29 17:50 - 2014-04-29 17:50 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-29 17:49 - 2014-04-29 17:49 - 07401104 _____ (TeamViewer GmbH) C:\Users\Kevin\Downloads\TeamViewer_Setup_de_9.0.27614.exe
2014-04-29 17:49 - 2014-04-29 17:49 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-04-28 15:13 - 2014-04-28 15:15 - 00052871 _____ () C:\Users\Kevin\Desktop\Addition.txt
2014-04-28 15:12 - 2014-05-09 13:15 - 00024101 _____ () C:\Users\Kevin\Downloads\FRST.txt
2014-04-28 15:09 - 2014-05-09 13:15 - 00000000 ____D () C:\FRST
2014-04-28 15:08 - 2014-05-09 13:15 - 02064384 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64.exe
2014-04-27 18:34 - 2014-04-27 18:34 - 00000000 ____D () C:\Users\Kevin\AppData\Local\My Games
2014-04-27 12:44 - 2014-04-27 12:44 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Empty Clip Studios
2014-04-27 12:13 - 2014-04-27 12:13 - 00000000 ____D () C:\Users\Kevin\Documents\IAmAlive
2014-04-27 12:11 - 2014-05-06 21:05 - 00055802 _____ () C:\Windows\DirectX.log
2014-04-27 10:30 - 2014-04-27 10:30 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-27 10:30 - 2014-04-27 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-27 10:27 - 2014-04-27 10:28 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Kevin\Downloads\SkypeSetupFull6.14.73.104.exe
2014-04-25 23:42 - 2014-04-25 23:42 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-25 20:47 - 2014-04-25 20:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\RotMG.Production
2014-04-25 20:30 - 2014-04-25 23:00 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part01.rar
2014-04-23 23:45 - 2014-04-23 23:46 - 11065618 _____ () C:\Users\Kevin\Downloads\tokens.zip
2014-04-23 23:31 - 2014-04-24 08:28 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Forge
2014-04-23 23:31 - 2014-04-23 23:31 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Forge
2014-04-23 21:03 - 2014-04-23 21:03 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\StunlockStudios
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 _____ () C:\Users\Kevin\Desktop\Achammer Protokoll, Mathe Verbesserung, Physik Verbesserung.txt
2014-04-22 23:00 - 2014-04-22 23:02 - 00000000 ____D () C:\Users\Kevin\Documents\Schule
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\Documents\CyberLink
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\CyberLink
2014-04-21 15:04 - 2014-04-21 15:05 - 00000000 ____D () C:\Program Files (x86)\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 01085440 _____ () C:\Users\Kevin\Downloads\puush.msi
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush
2014-04-21 13:46 - 2014-04-21 13:54 - 336017408 _____ () C:\Users\Kevin\Downloads\MyLittlePorny.iso
2014-04-18 23:53 - 2014-04-18 23:53 - 00448562 _____ () C:\Users\Kevin\Downloads\voxelmap-1.7.2-1.0.jar.zip
2014-04-18 23:35 - 2014-04-18 23:35 - 00064982 _____ () C:\Users\Kevin\Downloads\seus-v10.1-Preview2.zip
2014-04-18 23:20 - 2014-04-18 23:21 - 02752442 _____ () C:\Users\Kevin\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe
2014-04-18 19:17 - 2014-04-18 19:21 - 22455453 _____ () C:\Users\Kevin\Downloads\Teramia 0.9.1 Beta.zip
2014-04-18 19:14 - 2014-04-18 19:14 - 02347187 _____ () C:\Users\Kevin\Desktop\mcpatcher-4.3.2_02.exe
2014-04-18 18:04 - 2014-04-18 18:06 - 06174909 _____ () C:\Users\Kevin\Downloads\Minecraft_1.3.2.rar
2014-04-18 17:34 - 2014-04-18 17:34 - 00000000 ____D () C:\Users\Kevin\.swt
2014-04-18 17:23 - 2014-04-19 13:55 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\.minecraft
2014-04-18 17:23 - 2014-04-18 17:23 - 00675988 _____ () C:\Users\Kevin\Desktop\Minecraft.exe
2014-04-18 17:16 - 2014-04-18 17:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Sony Creative Software Inc
2014-04-18 01:53 - 2014-04-18 02:00 - 93035512 _____ () C:\Users\Kevin\Downloads\theponyway.2012.zip
2014-04-17 11:43 - 2014-04-17 11:50 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Mp3tag
2014-04-17 11:42 - 2014-04-17 11:42 - 02634152 _____ () C:\Users\Kevin\Downloads\mp3tagv258setup.exe
2014-04-17 11:42 - 2014-04-17 11:42 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-17 11:14 - 2014-04-17 11:52 - 00000000 ____D () C:\Users\Kevin\AppData\Local\easytag
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Users\Kevin\.dbus-keyrings
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyTAG
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Program Files (x86)\EasyTAG
2014-04-17 11:13 - 2014-04-17 11:13 - 08506991 _____ () C:\Users\Kevin\Downloads\easytag-2.2.0-setup.exe
2014-04-17 11:10 - 2014-04-17 11:10 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 11:10 - 2014-04-17 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-17 11:10 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-17 11:10 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-17 11:10 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-17 11:10 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmoK Exif Sorter
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\Program Files\AmoK Exif Sorter
2014-04-17 11:07 - 2014-04-17 11:07 - 01962995 _____ () C:\Users\Kevin\Downloads\AmoK_Exif_Sorter_v2.56_(Windows_64Bit)_Setup.exe
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DigitalVolcano
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner
2014-04-17 10:48 - 2014-04-17 10:48 - 05143120 _____ (DigitalVolcano Software Ltd) C:\Users\Kevin\Downloads\DuplicateCleaner_setup.exe
2014-04-17 02:08 - 2014-04-18 13:46 - 00052059 _____ () C:\Users\Kevin\Desktop\Music.txt
2014-04-17 01:58 - 2014-04-17 02:21 - 304323421 _____ () C:\Users\Kevin\Downloads\Balloon Party - After Party - MP3 320.zip
2014-04-17 01:58 - 2014-04-17 02:21 - 154256398 _____ () C:\Users\Kevin\Downloads\Balloon Party - Apple 2012 - MP3 320.zip
2014-04-17 01:57 - 2014-04-17 02:27 - 533446578 _____ () C:\Users\Kevin\Downloads\Balloon Party - 100- No Feeble Cheering - MP3 320.zip
2014-04-16 22:41 - 2014-04-17 11:45 - 00000000 ____D () C:\Backup Festplatte
2014-04-16 22:41 - 2014-04-16 22:41 - 00003008 _____ () C:\Users\Kevin\photorec.cfg
2014-04-16 22:36 - 2014-04-16 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-16 22:36 - 2014-04-16 22:36 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 21:39 - 2014-04-16 22:27 - 00097232 _____ () C:\Windows\SysWOW64\photorec.ses
2014-04-16 18:52 - 2014-04-16 18:58 - 00000000 ____D () C:\Program Files (x86)\Convar
2014-04-16 18:52 - 2014-04-16 18:52 - 03462033 _____ () C:\Users\Kevin\Downloads\pci_filerecovery.exe
2014-04-16 14:40 - 2014-04-16 14:46 - 00000000 ____D () C:\Users\Kevin\Desktop\SweetFX
2014-04-15 19:45 - 2014-04-15 19:46 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-04-15 19:45 - 2014-04-15 19:45 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-04-15 19:45 - 2014-04-15 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-04-15 17:57 - 2014-04-16 17:57 - 00773359 _____ () C:\Users\Kevin\Documents\Untitled_Windows Media Video V11_HD-720-30p-Video mit 6 Mbit-s.wmv
2014-04-15 10:46 - 2014-04-15 10:46 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-04-15 03:08 - 2014-04-15 03:12 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Beat Hazard
2014-04-15 02:06 - 2014-04-15 02:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\CrashRpt
2014-04-15 02:03 - 2014-04-15 02:03 - 03831134 _____ () C:\Users\Kevin\Downloads\Powerplays-SweetFX-X64-Win-8.1.zip
2014-04-15 01:14 - 2014-04-15 01:14 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-15 01:13 - 2014-03-04 13:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-04-15 01:09 - 2014-03-04 16:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-04-15 01:09 - 2014-03-04 16:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00484296 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00409544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00377688 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-04-15 01:09 - 2014-03-04 16:35 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-04-15 01:09 - 2013-11-28 15:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-04-15 01:09 - 2013-11-28 15:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-04-15 01:09 - 2013-11-22 10:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-04-14 20:23 - 2014-03-21 21:43 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-04-14 20:23 - 2014-03-21 21:43 - 00033568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-04-13 15:36 - 2014-04-29 13:52 - 00009000 _____ () C:\Users\Kevin\Documents\TombRaider.log
2014-04-12 22:04 - 2014-04-13 00:25 - 02943551 _____ () C:\Users\Kevin\Desktop\Homepage Fight Runner.rar
2014-04-12 21:28 - 2014-04-12 21:28 - 02334392 _____ () C:\Users\Kevin\Desktop\tridornbirn hp_Dennis_Kevin.zip
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files\OBS
2014-04-12 21:01 - 2014-04-12 21:17 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\OBS
2014-04-12 21:01 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-04-12 21:00 - 2014-04-12 21:00 - 07888419 _____ () C:\Users\Kevin\Downloads\OBS_0_613b_Installer.exe
2014-04-12 20:47 - 2014-04-12 23:20 - 00000000 ____D () C:\Users\Kevin\Desktop\Homepage Fight Runner
2014-04-12 04:37 - 2014-04-12 04:37 - 00130509 _____ () C:\Users\Kevin\Documents\ts3_clientui-win32-1382530211-2014-04-12 04_37_42.949645.dmp
2014-04-12 03:26 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-12 03:26 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-12 03:26 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-12 03:26 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 03:26 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-12 03:26 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-12 03:26 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-12 03:26 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-12 03:26 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-12 03:26 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-12 03:26 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-12 03:26 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-12 03:26 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-12 03:26 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 03:26 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-12 03:25 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 03:25 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 03:25 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 03:25 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 03:25 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-12 03:25 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-12 03:25 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-12 03:25 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 03:25 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 03:25 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 03:25 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-12 03:25 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 03:25 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-12 03:25 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 03:25 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 03:25 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 07:07 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 07:07 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-09 07:07 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-09 07:07 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
==================== One Month Modified Files and Folders =======
2014-05-09 13:15 - 2014-05-09 13:15 - 00000000 ____D () C:\Users\Kevin\Downloads\FRST-OlderVersion
2014-05-09 13:15 - 2014-04-28 15:12 - 00024101 _____ () C:\Users\Kevin\Downloads\FRST.txt
2014-05-09 13:15 - 2014-04-28 15:09 - 00000000 ____D () C:\FRST
2014-05-09 13:15 - 2014-04-28 15:08 - 02064384 _____ (Farbar) C:\Users\Kevin\Downloads\FRST64.exe
2014-05-09 13:15 - 2013-11-21 21:14 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Skype
2014-05-09 13:13 - 2013-11-21 21:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Last.fm
2014-05-09 13:09 - 2014-05-09 13:09 - 00000998 _____ () C:\Users\Kevin\Desktop\JRT.txt
2014-05-09 13:09 - 2013-12-08 22:35 - 01560798 _____ () C:\Windows\WindowsUpdate.log
2014-05-09 13:08 - 2014-01-08 17:39 - 00000000 ___RD () C:\Users\Kevin\Dropbox
2014-05-09 13:08 - 2014-01-08 17:37 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Dropbox
2014-05-09 13:07 - 2013-11-25 00:06 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\TS3Client
2014-05-09 13:07 - 2013-11-21 21:26 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Raptr
2014-05-09 13:06 - 2014-02-01 20:29 - 00000000 ____D () C:\Users\Kevin\AppData\Local\ESL Wire Game Client
2014-05-09 13:06 - 2013-12-18 20:45 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Overwolf
2014-05-09 13:05 - 2014-05-09 12:49 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-09 13:05 - 2013-11-21 21:16 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-05-09 13:05 - 2013-11-21 21:09 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-05-09 13:05 - 2013-11-21 21:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\LogMeIn Hamachi
2014-05-09 13:04 - 2013-11-20 02:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-09 13:04 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-09 13:01 - 2014-05-09 13:01 - 01016261 _____ (Thisisu) C:\Users\Kevin\Desktop\JRT.exe
2014-05-09 13:01 - 2014-05-09 13:01 - 00000000 ____D () C:\Windows\ERUNT
2014-05-09 13:00 - 2013-11-21 21:10 - 00000000 ____D () C:\ProgramData\Origin
2014-05-09 13:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-09 12:58 - 2014-05-09 12:58 - 00001953 _____ () C:\Users\Kevin\Desktop\AdwCleaner[S0].txt
2014-05-09 12:56 - 2014-05-02 06:51 - 00106776 _____ () C:\Windows\PFRO.log
2014-05-09 12:56 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-09 12:55 - 2014-05-09 12:55 - 00000000 ____D () C:\AdwCleaner
2014-05-09 12:55 - 2013-11-20 01:51 - 00000000 ____D () C:\Users\Kevin
2014-05-09 12:54 - 2014-05-09 12:54 - 01316991 _____ () C:\Users\Kevin\Downloads\adwcleaner(1).exe
2014-05-09 12:51 - 2014-05-09 12:51 - 01316991 _____ () C:\Users\Kevin\Desktop\adwcleaner.exe
2014-05-09 12:51 - 2014-05-09 12:51 - 00000000 ____D () C:\ProgramData\Alienware
2014-05-09 12:48 - 2013-11-21 20:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-09 12:22 - 2013-11-21 22:14 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-09 07:32 - 2014-05-09 07:32 - 00004369 _____ () C:\Users\Kevin\Desktop\mbam.txt
2014-05-09 07:32 - 2014-03-21 13:47 - 00000000 ____D () C:\Users\Kevin\Desktop\Soundboards
2014-05-09 07:14 - 2014-05-09 07:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-09 07:07 - 2014-05-09 07:07 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-09 07:07 - 2014-05-09 07:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-05-09 07:06 - 2014-05-09 07:06 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Kevin\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-09 00:12 - 2014-05-03 03:38 - 00000024 _____ () C:\Users\Kevin\random.dat
2014-05-09 00:10 - 2013-11-21 21:10 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Battle.net
2014-05-08 22:45 - 2014-05-03 17:31 - 00000024 _____ () C:\Users\Kevin\jagexappletviewer.preferences
2014-05-08 22:45 - 2014-05-03 03:38 - 00000044 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE.dat
2014-05-08 21:34 - 2013-11-23 20:29 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-08 16:45 - 2014-05-08 16:45 - 00000000 ____D () C:\Program Files (x86)\Aurora
2014-05-07 16:24 - 2013-11-20 10:44 - 00751892 _____ () C:\Windows\system32\perfh007.dat
2014-05-07 16:24 - 2013-11-20 10:44 - 00155620 _____ () C:\Windows\system32\perfc007.dat
2014-05-07 16:24 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-07 14:17 - 2013-11-20 02:04 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Apps\2.0
2014-05-07 13:33 - 2013-11-20 01:57 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2908868876-2045890655-3528692861-1001
2014-05-07 13:33 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-07 11:50 - 2014-05-04 00:46 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeamNG.drive
2014-05-06 23:37 - 2014-05-06 23:37 - 00000045 _____ () C:\Users\Kevin\jagex_cl_runescape_LIVE1.dat
2014-05-06 23:37 - 2014-05-06 23:37 - 00000000 ____D () C:\Users\Kevin\jagexcache1
2014-05-06 21:06 - 2014-05-06 21:06 - 00001261 _____ () C:\Users\Public\Desktop\Burnout Paradise The Ultimate Box.lnk
2014-05-06 21:06 - 2014-05-06 21:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Burnout Paradise The Ultimate Box
2014-05-06 21:05 - 2014-04-27 12:11 - 00055802 _____ () C:\Windows\DirectX.log
2014-05-06 17:41 - 2014-05-06 17:16 - 276805015 _____ () C:\Users\Kevin\Downloads\insane-testing.zip
2014-05-06 17:28 - 2014-05-06 17:16 - 113770432 _____ () C:\Users\Kevin\Downloads\fast-crazy-downhill.zip
2014-05-06 17:27 - 2014-05-06 17:15 - 103835337 _____ () C:\Users\Kevin\Downloads\pure-grid.zip
2014-05-06 17:24 - 2014-05-06 17:16 - 59233105 _____ () C:\Users\Kevin\Downloads\fatal-descent.rar
2014-05-06 17:20 - 2014-05-06 17:14 - 31831415 _____ () C:\Users\Kevin\Downloads\Subaru-WRX-STI-dlya-BeamNG-Drive.rar
2014-05-06 17:19 - 2014-05-06 17:15 - 26929044 _____ () C:\Users\Kevin\Downloads\Audi_A8.zip
2014-05-06 17:19 - 2014-05-06 17:14 - 22952008 _____ () C:\Users\Kevin\Downloads\chevrolet-corvette-c5-r.rar
2014-05-06 17:17 - 2014-05-06 17:14 - 22770295 _____ () C:\Users\Kevin\Downloads\Dodge-Challenger.rar
2014-05-06 17:16 - 2014-05-06 17:14 - 07432843 _____ () C:\Users\Kevin\Downloads\Skoda_Octavia.zip
2014-05-06 17:15 - 2014-05-06 17:14 - 05838647 _____ () C:\Users\Kevin\Downloads\Subaru-Impreza-WRX.rar
2014-05-06 17:15 - 2014-05-06 17:12 - 33795546 _____ () C:\Users\Kevin\Downloads\NissanGTR-dlya-BeamNG-Drive.rar
2014-05-06 17:15 - 2014-05-06 17:10 - 55780169 _____ () C:\Users\Kevin\Downloads\brutal-slope.zip
2014-05-06 17:14 - 2014-05-06 17:13 - 05410864 _____ () C:\Users\Kevin\Downloads\Mitsubishi-Evo-8-Black-dlya.rar
2014-05-06 17:14 - 2014-05-06 17:08 - 70346234 _____ () C:\Users\Kevin\Downloads\smash-your-car.zip
2014-05-06 17:12 - 2014-05-06 17:10 - 15653623 _____ () C:\Users\Kevin\Downloads\Lamborghini-Aventador.rar
2014-05-06 17:02 - 2013-11-23 19:29 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-05-05 16:06 - 2013-11-21 22:28 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Apple Computer
2014-05-05 06:59 - 2014-05-05 06:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-05-05 06:59 - 2014-05-05 06:48 - 00000000 ____D () C:\Users\Kevin\Desktop\Verkaufen
2014-05-05 06:59 - 2013-11-21 22:26 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-05-05 06:53 - 2014-05-05 06:51 - 70638408 _____ (Apple Inc.) C:\Users\Kevin\Downloads\iCloudSetup.exe
2014-05-04 23:33 - 2013-12-23 02:45 - 198948224 _____ (Sony Creative Software Inc.) C:\Users\Kevin\Downloads\vegaspro12.0.770.exe
2014-05-04 23:14 - 2014-05-04 23:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-05-04 23:14 - 2014-02-10 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-05-04 23:14 - 2014-02-10 17:35 - 00000000 ____D () C:\Program Files (x86)\GameforgeLive
2014-05-04 23:13 - 2013-12-16 21:10 - 00000000 ____D () C:\Program Files\VDownloader
2014-05-04 22:20 - 2014-05-04 22:20 - 00019741 _____ () C:\ComboFix.txt
2014-05-04 22:20 - 2014-05-04 21:56 - 00000000 ____D () C:\ComboFix
2014-05-04 22:20 - 2014-05-02 06:42 - 00000000 ____D () C:\Qoobox
2014-05-04 22:12 - 2014-05-02 06:41 - 00000000 ____D () C:\Windows\erdnt
2014-05-04 22:07 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-05-04 21:55 - 2014-05-04 21:55 - 05197895 ____R (Swearware) C:\Users\Kevin\Desktop\ComboFix.exe
2014-05-04 21:55 - 2014-05-04 21:54 - 05197895 _____ (Swearware) C:\Users\Kevin\Downloads\ComboFix.exe
2014-05-04 20:48 - 2013-11-23 20:29 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-04 20:08 - 2013-11-21 00:56 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-05-04 03:08 - 2014-05-04 03:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Octodad Dadliest Catch
2014-05-04 03:07 - 2014-05-04 03:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Octodad Dadliest Catch
2014-05-04 03:07 - 2014-05-04 03:06 - 00000000 ____D () C:\Program Files (x86)\Octodad Dadliest Catch
2014-05-04 03:04 - 2014-05-04 03:04 - 00000000 ____D () C:\Users\Kevin\Downloads\Octodad.Dadliest.Catch-CODEX
2014-05-04 03:04 - 2014-05-04 02:48 - 50765291 _____ () C:\Users\Kevin\Downloads\codex-octodad.part09.rar
2014-05-04 02:32 - 2014-05-04 02:25 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part08.rar
2014-05-04 02:24 - 2014-05-04 02:16 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part07.rar
2014-05-04 02:16 - 2014-05-04 02:09 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part06.rar
2014-05-04 02:07 - 2014-05-04 01:59 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part05.rar
2014-05-04 01:58 - 2014-05-04 01:46 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part04.rar
2014-05-04 01:45 - 2014-05-04 01:37 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part03.rar
2014-05-04 01:36 - 2014-05-03 18:29 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part02.rar
2014-05-04 00:47 - 2014-05-04 00:43 - 00000000 ____D () C:\Users\Kevin\BeamNG.drive.Alpha.0.3.0.5-iND
2014-05-04 00:38 - 2014-05-04 00:29 - 112741808 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part2.rar
2014-05-04 00:28 - 2014-05-03 18:30 - 629145600 _____ () C:\Users\Kevin\Downloads\BEDRAL0305.part1.rar
2014-05-03 20:20 - 2013-12-16 18:31 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-05-03 18:08 - 2014-01-28 17:59 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-05-03 17:51 - 2013-11-21 21:10 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-05-03 17:31 - 2014-05-03 17:31 - 00002086 _____ () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00002056 _____ () C:\Users\Kevin\Desktop\RuneScape.lnk
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RuneScape
2014-05-03 17:31 - 2014-05-03 17:31 - 00000000 ____D () C:\.jagex_cache_32
2014-05-03 17:31 - 2014-05-03 03:38 - 00000000 ____D () C:\Users\Kevin\jagexcache
2014-05-03 17:26 - 2014-05-03 17:26 - 00347816 _____ (Microsoft Corporation) C:\Users\Kevin\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.333225616075749.1.2.Run.exe
2014-05-03 14:24 - 2014-05-03 14:24 - 04143997 _____ () C:\Users\Kevin\Downloads\tdsskiller.zip
2014-05-03 03:06 - 2014-05-03 03:06 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-05-02 13:49 - 2014-05-02 13:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\ProgramData\Avira
2014-05-02 13:44 - 2014-05-02 13:44 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-02 12:49 - 2014-05-02 12:45 - 138607664 _____ () C:\Users\Kevin\Downloads\avira_free_antivirus614_de.exe
2014-05-02 07:16 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-05-02 07:07 - 2014-05-02 07:07 - 00000000 ____D () C:\Device
2014-05-02 07:07 - 2012-07-26 07:26 - 70778880 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 13893632 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-02 07:07 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-05-02 06:54 - 2014-05-02 07:07 - 05103616 _____ () C:\Windows\system32\config\DRIVERS.bak
2014-05-02 06:52 - 2014-03-15 14:38 - 05152168 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-02 06:36 - 2013-11-20 01:52 - 00000000 ___RD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 06:30 - 2014-05-02 06:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-02 06:29 - 2014-05-02 06:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Kevin\Downloads\revosetup95.exe
2014-05-02 06:26 - 2013-11-20 02:04 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Deployment
2014-05-01 19:47 - 2014-05-01 19:46 - 03821064 _____ () C:\Users\Kevin\Downloads\battlelog-web-plugins_2.3.2_130.exe
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-05-01 18:38 - 2014-05-01 18:38 - 00000000 ____D () C:\Program Files\CPUID
2014-05-01 18:37 - 2014-05-01 18:37 - 01460512 _____ ( ) C:\Users\Kevin\Downloads\cpu-z_1.67.1-setup-en.exe
2014-04-29 18:21 - 2014-05-03 14:24 - 04164448 _____ (Kaspersky Lab ZAO) C:\Users\Kevin\Desktop\TDSSKiller.exe
2014-04-29 17:50 - 2014-04-29 17:50 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-04-29 17:49 - 2014-04-29 17:49 - 07401104 _____ (TeamViewer GmbH) C:\Users\Kevin\Downloads\TeamViewer_Setup_de_9.0.27614.exe
2014-04-29 17:49 - 2014-04-29 17:49 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-04-29 16:14 - 2014-05-03 03:01 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-03 03:01 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-03 03:01 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-03 03:01 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-29 13:52 - 2014-04-13 15:36 - 00009000 _____ () C:\Users\Kevin\Documents\TombRaider.log
2014-04-29 07:16 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-28 19:22 - 2013-11-21 22:14 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 15:15 - 2014-04-28 15:13 - 00052871 _____ () C:\Users\Kevin\Desktop\Addition.txt
2014-04-27 18:34 - 2014-04-27 18:34 - 00000000 ____D () C:\Users\Kevin\AppData\Local\My Games
2014-04-27 18:34 - 2013-12-10 20:50 - 00000000 ____D () C:\Users\Kevin\Documents\My Games
2014-04-27 12:44 - 2014-04-27 12:44 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Empty Clip Studios
2014-04-27 12:13 - 2014-04-27 12:13 - 00000000 ____D () C:\Users\Kevin\Documents\IAmAlive
2014-04-27 10:30 - 2014-04-27 10:30 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-04-27 10:30 - 2014-04-27 10:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-04-27 10:30 - 2014-03-20 17:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-04-27 10:30 - 2013-11-21 21:14 - 00000000 ____D () C:\ProgramData\Skype
2014-04-27 10:28 - 2014-04-27 10:27 - 34827424 _____ (Skype Technologies S.A.) C:\Users\Kevin\Downloads\SkypeSetupFull6.14.73.104.exe
2014-04-25 23:42 - 2014-04-25 23:42 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-25 23:42 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-25 23:42 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-25 23:00 - 2014-04-25 20:30 - 105999000 _____ () C:\Users\Kevin\Downloads\codex-octodad.part01.rar
2014-04-25 21:02 - 2013-11-21 00:54 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Adobe
2014-04-25 20:57 - 2014-03-06 17:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DAEMON Tools Lite
2014-04-25 20:57 - 2013-12-23 02:44 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Sony
2014-04-25 20:47 - 2014-04-25 20:47 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\RotMG.Production
2014-04-25 13:56 - 2014-03-07 17:51 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\vlc
2014-04-24 08:28 - 2014-04-23 23:31 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Forge
2014-04-23 23:46 - 2014-04-23 23:45 - 11065618 _____ () C:\Users\Kevin\Downloads\tokens.zip
2014-04-23 23:31 - 2014-04-23 23:31 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Forge
2014-04-23 21:03 - 2014-04-23 21:03 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\StunlockStudios
2014-04-23 06:34 - 2014-01-08 17:38 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-23 01:47 - 2013-11-20 06:44 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2013-11-20 06:44 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-22 23:04 - 2014-04-22 23:04 - 00000000 _____ () C:\Users\Kevin\Desktop\Achammer Protokoll, Mathe Verbesserung, Physik Verbesserung.txt
2014-04-22 23:02 - 2014-04-22 23:00 - 00000000 ____D () C:\Users\Kevin\Documents\Schule
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\Documents\CyberLink
2014-04-21 15:09 - 2014-04-21 15:09 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\CyberLink
2014-04-21 15:09 - 2013-11-21 01:51 - 00000000 ____D () C:\ProgramData\CyberLink
2014-04-21 15:05 - 2014-04-21 15:04 - 00000000 ____D () C:\Program Files (x86)\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 01085440 _____ () C:\Users\Kevin\Downloads\puush.msi
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\puush
2014-04-21 15:04 - 2014-04-21 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\puush
2014-04-21 13:54 - 2014-04-21 13:46 - 336017408 _____ () C:\Users\Kevin\Downloads\MyLittlePorny.iso
2014-04-19 14:04 - 2013-12-30 16:08 - 00000000 ____D () C:\Users\Kevin\AppData\Local\Skyrim
2014-04-19 13:55 - 2014-04-18 17:23 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\.minecraft
2014-04-19 11:39 - 2014-05-06 15:46 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 15:46 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 15:46 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 15:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 15:46 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-18 23:53 - 2014-04-18 23:53 - 00448562 _____ () C:\Users\Kevin\Downloads\voxelmap-1.7.2-1.0.jar.zip
2014-04-18 23:35 - 2014-04-18 23:35 - 00064982 _____ () C:\Users\Kevin\Downloads\seus-v10.1-Preview2.zip
2014-04-18 23:21 - 2014-04-18 23:20 - 02752442 _____ () C:\Users\Kevin\Downloads\forge-1.7.2-10.12.1.1060-installer-win.exe
2014-04-18 19:21 - 2014-04-18 19:17 - 22455453 _____ () C:\Users\Kevin\Downloads\Teramia 0.9.1 Beta.zip
2014-04-18 19:14 - 2014-04-18 19:14 - 02347187 _____ () C:\Users\Kevin\Desktop\mcpatcher-4.3.2_02.exe
2014-04-18 18:06 - 2014-04-18 18:04 - 06174909 _____ () C:\Users\Kevin\Downloads\Minecraft_1.3.2.rar
2014-04-18 17:34 - 2014-04-18 17:34 - 00000000 ____D () C:\Users\Kevin\.swt
2014-04-18 17:23 - 2014-04-18 17:23 - 00675988 _____ () C:\Users\Kevin\Desktop\Minecraft.exe
2014-04-18 17:16 - 2014-04-18 17:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Sony Creative Software Inc
2014-04-18 13:46 - 2014-04-17 02:08 - 00052059 _____ () C:\Users\Kevin\Desktop\Music.txt
2014-04-18 02:00 - 2014-04-18 01:53 - 93035512 _____ () C:\Users\Kevin\Downloads\theponyway.2012.zip
2014-04-17 11:52 - 2014-04-17 11:14 - 00000000 ____D () C:\Users\Kevin\AppData\Local\easytag
2014-04-17 11:50 - 2014-04-17 11:43 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Mp3tag
2014-04-17 11:45 - 2014-04-16 22:41 - 00000000 ____D () C:\Backup Festplatte
2014-04-17 11:42 - 2014-04-17 11:42 - 02634152 _____ () C:\Users\Kevin\Downloads\mp3tagv258setup.exe
2014-04-17 11:42 - 2014-04-17 11:42 - 00000000 ____D () C:\Program Files (x86)\Mp3tag
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Users\Kevin\.dbus-keyrings
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EasyTAG
2014-04-17 11:14 - 2014-04-17 11:14 - 00000000 ____D () C:\Program Files (x86)\EasyTAG
2014-04-17 11:13 - 2014-04-17 11:13 - 08506991 _____ () C:\Users\Kevin\Downloads\easytag-2.2.0-setup.exe
2014-04-17 11:11 - 2013-11-21 01:06 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-17 11:10 - 2014-04-17 11:10 - 00005449 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-17 11:10 - 2014-04-17 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-17 11:10 - 2013-11-21 01:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmoK Exif Sorter
2014-04-17 11:08 - 2014-04-17 11:08 - 00000000 ____D () C:\Program Files\AmoK Exif Sorter
2014-04-17 11:07 - 2014-04-17 11:07 - 01962995 _____ () C:\Users\Kevin\Downloads\AmoK_Exif_Sorter_v2.56_(Windows_64Bit)_Setup.exe
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Duplicate Cleaner Free
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\DigitalVolcano
2014-04-17 10:49 - 2014-04-17 10:49 - 00000000 ____D () C:\Program Files (x86)\Duplicate Cleaner
2014-04-17 10:48 - 2014-04-17 10:48 - 05143120 _____ (DigitalVolcano Software Ltd) C:\Users\Kevin\Downloads\DuplicateCleaner_setup.exe
2014-04-17 02:27 - 2014-04-17 01:57 - 533446578 _____ () C:\Users\Kevin\Downloads\Balloon Party - 100- No Feeble Cheering - MP3 320.zip
2014-04-17 02:21 - 2014-04-17 01:58 - 304323421 _____ () C:\Users\Kevin\Downloads\Balloon Party - After Party - MP3 320.zip
2014-04-17 02:21 - 2014-04-17 01:58 - 154256398 _____ () C:\Users\Kevin\Downloads\Balloon Party - Apple 2012 - MP3 320.zip
2014-04-16 22:41 - 2014-04-16 22:41 - 00003008 _____ () C:\Users\Kevin\photorec.cfg
2014-04-16 22:36 - 2014-04-16 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-04-16 22:36 - 2014-04-16 22:36 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-04-16 22:27 - 2014-04-16 21:39 - 00097232 _____ () C:\Windows\SysWOW64\photorec.ses
2014-04-16 18:58 - 2014-04-16 18:52 - 00000000 ____D () C:\Program Files (x86)\Convar
2014-04-16 18:52 - 2014-04-16 18:52 - 03462033 _____ () C:\Users\Kevin\Downloads\pci_filerecovery.exe
2014-04-16 17:57 - 2014-04-15 17:57 - 00773359 _____ () C:\Users\Kevin\Documents\Untitled_Windows Media Video V11_HD-720-30p-Video mit 6 Mbit-s.wmv
2014-04-16 14:46 - 2014-04-16 14:40 - 00000000 ____D () C:\Users\Kevin\Desktop\SweetFX
2014-04-15 19:46 - 2014-04-15 19:45 - 00000000 ____D () C:\Program Files\Virtual Audio Cable
2014-04-15 19:45 - 2014-04-15 19:45 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2014-04-15 19:45 - 2014-04-15 19:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
2014-04-15 10:46 - 2014-04-15 10:46 - 00046136 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2014-04-15 03:12 - 2014-04-15 03:08 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Beat Hazard
2014-04-15 02:06 - 2014-04-15 02:06 - 00000000 ____D () C:\Users\Kevin\AppData\Local\CrashRpt
2014-04-15 02:03 - 2014-04-15 02:03 - 03831134 _____ () C:\Users\Kevin\Downloads\Powerplays-SweetFX-X64-Win-8.1.zip
2014-04-15 01:14 - 2014-04-15 01:14 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-04-15 01:14 - 2013-11-23 22:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-04-15 01:14 - 2013-11-23 22:53 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-04-14 20:23 - 2013-12-17 17:45 - 00000000 ____D () C:\Users\Kevin\AppData\Local\NVIDIA Corporation
2014-04-14 20:23 - 2013-11-20 02:13 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-04-14 20:13 - 2014-04-17 11:10 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-17 11:10 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-17 11:10 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-17 11:10 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-14 14:25 - 2013-11-20 01:52 - 00000000 ___RD () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 14:19 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-13 00:25 - 2014-04-12 22:04 - 02943551 _____ () C:\Users\Kevin\Desktop\Homepage Fight Runner.rar
2014-04-12 23:20 - 2014-04-12 20:47 - 00000000 ____D () C:\Users\Kevin\Desktop\Homepage Fight Runner
2014-04-12 21:28 - 2014-04-12 21:28 - 02334392 _____ () C:\Users\Kevin\Desktop\tridornbirn hp_Dennis_Kevin.zip
2014-04-12 21:17 - 2014-04-12 21:01 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\OBS
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-04-12 21:16 - 2014-04-12 21:16 - 00000000 ____D () C:\Program Files\OBS
2014-04-12 21:16 - 2014-04-12 21:01 - 00000000 ____D () C:\Program Files (x86)\OBS
2014-04-12 21:00 - 2014-04-12 21:00 - 07888419 _____ () C:\Users\Kevin\Downloads\OBS_0_613b_Installer.exe
2014-04-12 18:30 - 2014-02-10 15:23 - 00000000 ____D () C:\Users\Kevin\Documents\Diablo III
2014-04-12 18:29 - 2014-03-30 16:48 - 00000000 ____D () C:\Users\Kevin\Documents\Assassin's Creed III
2014-04-12 04:37 - 2014-04-12 04:37 - 00130509 _____ () C:\Users\Kevin\Documents\ts3_clientui-win32-1382530211-2014-04-12 04_37_42.949645.dmp
2014-04-12 01:59 - 2013-11-21 21:26 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-04-11 17:39 - 2014-02-09 15:34 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-04-11 17:39 - 2013-11-21 20:57 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-04-09 07:28 - 2013-11-21 20:10 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 07:28 - 2013-11-20 06:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 07:25 - 2013-11-20 06:18 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
Files to move or delete:
====================
C:\Users\Kevin\jagex_cl_runescape_LIVE.dat
C:\Users\Kevin\jagex_cl_runescape_LIVE1.dat
C:\Users\Kevin\random.dat
Some content of TEMP:
====================
C:\Users\Kevin\AppData\Local\Temp\avgnt.exe
C:\Users\Kevin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_oi2yq.dll
C:\Users\Kevin\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-07 13:34
==================== End Of Log ============================
--- --- ---
--- --- --- |
SecurityCheck und: