Cryptolocker Virus mit Systemwiederherstellung gelöscht.

Keckrem · 08.01.2014, 18:53

Hallo an alle hier im Trojaner-Board,

habe vor einigen Tagen ein Problem mit einem Cryptolocker (2k Verschlüsselung) gehabt und diesen voreilig mit Systemwiederherstellung gelöscht. Zumindest den Zugriff auf den Desktop habe ich damit wiedererlangt und das System erscheint mir relativ schnell. Hatte - falls es wichtig ist - vor ca. 2 Wochen auch schon ein Problem mit Spyhunter 4 und Optimizer Pro, welches ich jedoch mit adwcleaner beheben konnte. Diese logfiles liegen mir leider nicht mehr vor.
Allerdings noch einer von Malwarebytes von vor wenigen Tagen:

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.06.05

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16750
Gideon :: HOME [Administrator]

06.01.2014 18:04:17
mbam-log-2014-01-06 (18-04-17).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 363072
Laufzeit: 1 Stunde(n), 39 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\Gideon\AppData\Local\Temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Gideon\Downloads\MCPatcher_downloader-14o8n0Mt.exe (PUP.Optional.Somoto) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Gideon\AppData\Local\Temp\xcoca.ine (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Hoffe dass ihr mir helfen könnt alles zu bereinigen.

Vielen Dank und Liebe Grüße,
Keckrem

schrauber · 08.01.2014, 22:46

hi,

sind Daten verschlüsselt?

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Keckrem · 09.01.2014, 16:49

Hallo und danke für die Rückmeldung, schrauber.
Dateien sind tatsächlich verschlüsselt (.lock Variante), aber sie sind
a) An einer Hand abzuzählen
b) relativ unwichtig

Logfile:
FRST Additions Logfile:
FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2014 01
Ran by Gideon at 2014-01-09 16:06:55
Running from C:\Users\Gideon\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

==================== Installed Programs ======================

 clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
Acer Games (HKCU Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (Version: 8.00.3004 - Acer Incorporated)
Acer Power Management (Version: 7.00.3012 - Acer Incorporated)
Acer Recovery Management (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (x32 Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (x32 Version: 2.02.2022 - Acer Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30603 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (Version: 3.4.4.2 - AppEx Networks)
AMD VISION Engine Control Center (x32 Version: 2013.0603.2232.38598 - Ihr Firmenname) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0603.2232.38598 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0603.2232.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0603.2231.38598 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0603.2232.38598 - Advanced Micro Devices, Inc.) Hidden
CCleaner (Version: 4.09 - Piriform)
clear.fi Media (x32 Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (x32 Version: 2.02.2016 - Acer Incorporated)
Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden
Dolby Home Theater v4 (x32 Version: 7.2.8000.17 - Dolby Laboratories Inc)
ETDWare PS/2-X64 11.6.23.203_WHQL (Version: 11.6.23.203 - ELAN Microelectronic Corp.)
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Identity Card (x32 Version: 2.00.3006 - Acer Incorporated)
Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 45 (64-bit) (Version: 1.7.0.450 - Oracle)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Live Updater (x32 Version: 2.00.3010 - Acer Incorporated)
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Internet Security Suite (x32 Version: 12.8.903 - McAfee, Inc.)
Microsoft Office (x32 Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2005 Tools for Office Runtime (x32 Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Minecraft1.5.1 (x32 Version:  - )
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (x32 Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton Online Backup (x32 Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname)
Office Addin (x32 Version: 2.02.2008 - Acer)
PCSX2 - Playstation 2 Emulator (x32 Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QCA CardReader Driver Installer (x32 Version: 1.0.1.35 - Qualcomm Atheros Inc.)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.222 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.15 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (x32 Version: 11.43 - Qualcomm Atheros)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6878 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Spotify (x32 Version: 0.8.4.99.ga249b5f1 - Spotify AB)
SpyHunter (Version: 4.16.5.4290 - Enigma Software Group USA, LLC)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VirtualDJ Home FREE (x32 Version: 7.4.1 - Atomix Productions)
Visual Studio 2005 Tools for Office Second Edition Runtime (x32 Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (x32 Version: 1 - Microsoft Corporation)
WildTangent Games (x32 Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
WinRAR 5.01 (64-Bit) (Version: 5.01.0 - win.rar GmbH)


==================== Restore Points  =========================

27-12-2013 12:06:45 Windows Modules Installer
28-12-2013 23:47:09 Installed SpyHunter
05-01-2014 13:54:11 Geplanter Prüfpunkt
07-01-2014 19:45:29 Installed VirtualDJ Home FREE

==================== Hosts content: ==========================

2012-07-26 06:26 - 2012-07-26 06:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {39532E5F-0714-4660-AF3F-3809A0523194} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25] (Google Inc.)
Task: {4503627E-10AA-4587-A344-88AB86D1190D} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {4B65AB3E-FC5C-4470-9250-D68EEEAFF523} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {4DC02834-5793-401A-B8CA-D904FD1AB187} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-04-26] (Acer Incorporate)
Task: {57C13DF6-D428-476C-83DB-9BB80342D3C8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-25] (Google Inc.)
Task: {86D75BCB-E25E-4829-82C2-C7378389CB86} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AC8E641C-048B-4931-A029-631B8307286D} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\System32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D9B4CF7D-99FE-4FC1-A245-E096228C430F} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F4FF430C-50F0-4A58-9F1B-89B6C2A7EB30} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {F922F8FC-1701-4684-934F-D8FA45C19645} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-01-18] (Acer Incorporated)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-28 20:30 - 2013-02-20 21:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-02-28 17:05 - 2013-02-28 17:05 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-02-28 17:02 - 2013-02-28 17:02 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-28 20:30 - 2013-02-20 21:58 - 00089672 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2013-12-25 20:29 - 2013-12-04 03:47 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-25 20:29 - 2013-12-04 03:47 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-25 20:29 - 2013-12-04 03:48 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-25 20:29 - 2013-12-04 03:48 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-25 20:29 - 2013-12-04 03:47 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-25 20:29 - 2013-12-04 03:48 - 13586896 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/06/2014 02:00:00 AM) (Source: ESENT) (User: )
Description: svchost (1528) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\SRU\SRU000D4.log.

Error: (01/04/2014 03:42:47 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (01/03/2014 04:26:59 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (12/31/2013 07:47:53 PM) (Source: RasClient) (User: )
Description: CoID={7CEE7F0C-36FA-4D65-A932-6B41654F8B28}: Der Benutzer "Home\Gideon" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (12/31/2013 07:46:34 PM) (Source: RasClient) (User: )
Description: CoID={7451E181-D00E-4570-BDF1-55A2FFF3B2C2}: Der Benutzer "Home\Gideon" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 0.

Error: (12/31/2013 07:19:59 PM) (Source: RasClient) (User: )
Description: CoID={ED15FEAD-87FC-48C9-B2A8-CEB23DD7682D}: Der Benutzer "Home\Gideon" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (12/31/2013 07:03:30 PM) (Source: RasClient) (User: )
Description: CoID={140CD3F1-BC93-4617-9249-7F05FC30CE78}: Der Benutzer "Home\Gideon" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (12/30/2013 08:26:09 PM) (Source: Chrome) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.63;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1e0ed163-d21b-446b-a30a-732042f29923.dmp

Error: (12/29/2013 01:22:30 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (12/28/2013 00:00:54 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: WinRAR.exe, Version: 5.1.0.0, Zeitstempel: 0x529aee4c
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000043fe930
ID des fehlerhaften Prozesses: 0x195c
Startzeit der fehlerhaften Anwendung: 0xWinRAR.exe0
Pfad der fehlerhaften Anwendung: WinRAR.exe1
Pfad des fehlerhaften Moduls: WinRAR.exe2
Berichtskennung: WinRAR.exe3
Vollständiger Name des fehlerhaften Pakets: WinRAR.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WinRAR.exe5


System errors:
=============
Error: (01/08/2014 06:23:27 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MIEZMAU71-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{EEADE103-2EC8-4F0C-AA60-54B4C95F28CF}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/08/2014 06:14:56 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MIEZMAU71-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{EEADE103-2EC8-4F0C-AA60-54B4C95F28CF}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/08/2014 06:12:15 PM) (Source: DCOM) (User: Home)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (01/08/2014 02:28:51 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MIEZMAU71-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{EEADE103-2EC8-4F0C-AA60-54B4C95F28CF}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/08/2014 07:08:14 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "McAfee Anti-Spam Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/08/2014 07:08:14 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Anti-Spam Service erreicht.

Error: (01/07/2014 11:00:27 PM) (Source: DCOM) (User: Home)
Description: {209500FC-6B45-4693-8871-6296C4843751}

Error: (01/07/2014 07:33:56 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MIEZMAU71-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{EEADE103-2EC8-4F0C-AA60-54B4C95F28CF}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/07/2014 04:28:28 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MIEZMAU71-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{EEADE103-2EC8-4F0C-AA60-54B4C95F28CF}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/07/2014 03:58:07 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "MIEZMAU71-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{EEADE103-2EC8-4F0C-AA60-54B4C95F28CF}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


Microsoft Office Sessions:
=========================
Error: (01/06/2014 02:00:00 AM) (Source: ESENT)(User: )
Description: svchost1528SRUJet: C:\Windows\system32\SRU\SRU000D4.log-1811 (0xfffff8ed)

Error: (01/04/2014 03:42:47 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (01/03/2014 04:26:59 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (12/31/2013 07:47:53 PM) (Source: RasClient)(User: )
Description: {7CEE7F0C-36FA-4D65-A932-6B41654F8B28}Home\GideonBreitbandverbindung651

Error: (12/31/2013 07:46:34 PM) (Source: RasClient)(User: )
Description: {7451E181-D00E-4570-BDF1-55A2FFF3B2C2}Home\GideonBreitbandverbindung0

Error: (12/31/2013 07:19:59 PM) (Source: RasClient)(User: )
Description: {ED15FEAD-87FC-48C9-B2A8-CEB23DD7682D}Home\GideonBreitbandverbindung651

Error: (12/31/2013 07:03:30 PM) (Source: RasClient)(User: )
Description: {140CD3F1-BC93-4617-9249-7F05FC30CE78}Home\GideonBreitbandverbindung651

Error: (12/30/2013 08:26:09 PM) (Source: Chrome)(User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.63;lang=;id=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1e0ed163-d21b-446b-a30a-732042f29923.dmp

Error: (12/29/2013 01:22:30 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (12/28/2013 00:00:54 AM) (Source: Application Error)(User: )
Description: WinRAR.exe5.1.0.0529aee4cunknown0.0.0.000000000c000000500000000043fe930195c01cf033e830333e4C:\Program Files\WinRAR\WinRAR.exeunknownbc9c7303-6f4a-11e3-be74-089e01dcda03


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 3530.26 MB
Available physical RAM: 1295.91 MB
Total Pagefile: 7114.26 MB
Available Pagefile: 3075.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.45 GB) (Free:401.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 2F6756AC)

Partition: GPT Partition Type
==================== End Of Log ============================

--- --- ---

Grüße,
Keckrem

Hallo nochmal, sry wegen des falschen Logs.
Konnte vorhin auch aus irgendeinem Grund nicht editieren.
Hier also jetzt das andere Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014 01
Ran by Gideon (administrator) on HOME on 09-01-2014 16:02:22
Running from C:\Users\Gideon\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\mcafee\AppStats\MfeASUM.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-22] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13519432 2013-04-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\mcafee.com\agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642816 2013-06-03] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132224 2013-02-28] ( (Atheros Communications))
HKCU\...\Run: [Spotify Web Helper] - C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-09-28] ()
HKU\Default\...\Run: [Pokki] - C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\Default\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-02-20] (Acer Incorporated)
HKU\Default User\...\Run: [Pokki] - C:\Windows\system32\rundll32.exe "%LOCALAPPDATA%\Pokki\Engine\Launcher.dll",RunLaunchPlatform
HKU\Default User\...\RunOnce: [RegAutoPlay] - C:\Program Files (x86)\Acer\clear.fi Media\RegAutoplay.exe [1845832 2013-02-20] (Acer Incorporated)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKLM - DefaultScope {ABC09333-689F-47B3-8CC3-1DFFC3C27B88} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM - {ABC09333-689F-47B3-8CC3-1DFFC3C27B88} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 - {ABC09333-689F-47B3-8CC3-1DFFC3C27B88} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKCU - DefaultScope {ABC09333-689F-47B3-8CC3-1DFFC3C27B88} URL = 
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKCU - {ABC09333-689F-47B3-8CC3-1DFFC3C27B88} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Gideon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Gideon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Gideon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Gideon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (SiteAdvisor) - C:\Users\Gideon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_1
CHR Extension: (AdBlock) - C:\Users\Gideon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.16_0
CHR Extension: (Google Wallet) - C:\Users\Gideon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\Gideon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227968 2013-02-28] (Qualcomm Atheros Commnucations)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [660040 2013-01-18] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-04-22] (ELAN Microelectronics Corp.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [121616 2013-10-02] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [335216 2013-12-26] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-11-26] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-04] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-04] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [37472 2013-02-14] (Advanced Micro Devices, Inc.)
R2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [219360 2013-04-18] (AppEx Networks Corporation)
R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [43520 2013-03-12] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98744 2013-04-23] (Advanced Micro Devices)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-02-28] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-11-04] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-04] (McAfee, Inc.)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2013-12-26] (McAfee, Inc.)
R2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-04] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69344 2013-11-04] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-04] (McAfee, Inc.)
R2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-04] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-04] (McAfee, Inc.)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-09 16:02 - 2014-01-09 16:05 - 00015826 _____ C:\Users\Gideon\Downloads\FRST.txt
2014-01-09 16:02 - 2014-01-09 16:02 - 00000000 ____D C:\FRST
2014-01-09 16:00 - 2014-01-09 16:00 - 01931770 _____ (Farbar) C:\Users\Gideon\Downloads\FRST64.exe
2014-01-08 18:25 - 2014-01-08 18:26 - 00001211 _____ C:\Users\Gideon\Downloads\SHK.bat
2014-01-07 20:46 - 2014-01-07 20:46 - 00001050 _____ C:\Users\Gideon\Desktop\VirtualDJ Home FREE.lnk
2014-01-07 20:46 - 2014-01-07 20:46 - 00000000 ____D C:\Users\Gideon\Documents\VirtualDJ
2014-01-07 20:46 - 2014-01-07 20:46 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-01-07 20:46 - 2014-01-07 20:46 - 00000000 ____D C:\ProgramData\APN
2014-01-07 20:46 - 2014-01-07 20:46 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2014-01-07 20:45 - 2013-06-06 21:41 - 00489392 _____ (Ask Partner Network) C:\Users\Gideon\Documents\APNSetup.exe
2014-01-07 20:38 - 2014-01-07 20:42 - 39178560 _____ (Atomix Productions) C:\Users\Gideon\Downloads\install_virtualdj_home_v7.4.1.exe
2014-01-06 21:14 - 2014-01-09 16:01 - 00162587 _____ C:\Windows\WindowsUpdate.log
2014-01-06 20:36 - 2014-01-06 20:36 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-06 20:36 - 2014-01-06 20:36 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-06 20:36 - 2014-01-06 20:36 - 00000000 ____D C:\Program Files\CCleaner
2014-01-06 20:34 - 2014-01-06 20:35 - 04645232 _____ (Piriform Ltd) C:\Users\Gideon\Downloads\ccsetup409.exe
2014-01-06 18:03 - 2014-01-06 18:03 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Malwarebytes
2014-01-06 18:02 - 2014-01-06 18:02 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-06 18:02 - 2014-01-06 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-06 18:02 - 2014-01-06 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-06 18:02 - 2014-01-06 17:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Gideon\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-06 18:02 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-06 17:44 - 2014-01-06 17:46 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Gideon\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-05 22:36 - 2014-01-05 22:37 - 05320487 _____ C:\Users\Gideon\Downloads\generator.zip
2014-01-05 12:30 - 2014-01-06 20:38 - 00000000 ____D C:\Windows\Minidump
2014-01-05 12:30 - 2014-01-05 12:30 - 00281248 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-03 19:44 - 2014-01-03 19:45 - 00027123 _____ C:\Users\Gideon\Downloads\vba_deu.dll.zip
2014-01-03 18:52 - 2014-01-03 19:45 - 00639082 _____ C:\Users\Gideon\Desktop\VisualBoyAdvance-1.7.2.zip
2014-01-03 16:51 - 2014-01-03 16:51 - 00000425 _____ C:\Windows\BRWMARK.INI
2014-01-03 16:47 - 2014-01-03 16:47 - 00000000 ____D C:\Users\Gideon\Desktop\States
2014-01-03 16:44 - 2014-01-03 16:46 - 00000000 ____D C:\Users\Gideon\Desktop\Backup MCraft
2014-01-03 16:35 - 2014-01-03 16:35 - 00000000 ____D C:\Users\Gideon\Desktop\Randomizer
2014-01-03 16:34 - 2014-01-05 21:26 - 00000000 ____D C:\Users\Gideon\Desktop\Pokemon Gelb
2014-01-03 16:34 - 2013-12-18 14:54 - 00000756 _____ C:\Users\Gideon\Desktop\Englisch Magazin.txt
2014-01-03 16:33 - 2014-01-03 16:33 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Spotify
2014-01-03 16:33 - 2014-01-03 16:33 - 00000000 ____D C:\Users\Gideon\AppData\Local\Spotify
2014-01-03 16:23 - 2014-01-03 16:23 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-01-01 00:57 - 2014-01-01 00:57 - 39739769 _____ C:\Users\Gideon\Downloads\mcpatcher-converted-64px_v2.6.6_[mc1.5.2](13w21a)]_W1-Pack.zip
2014-01-01 00:57 - 2014-01-01 00:11 - 64079267 _____ C:\Users\Gideon\Desktop\Misa.zip
2014-01-01 00:57 - 2014-01-01 00:01 - 39732730 _____ C:\Users\Gideon\Desktop\64px_v2.6.6_[mc1.5.2](13w21a)]_W1-Pack.zip
2013-12-31 23:58 - 2014-01-01 00:11 - 64079267 _____ C:\Users\Gideon\Downloads\Misa.zip
2013-12-31 23:50 - 2014-01-01 00:01 - 39732730 _____ C:\Users\Gideon\Downloads\64px_v2.6.6_[mc1.5.2](13w21a)]_W1-Pack.zip
2013-12-31 18:34 - 2013-12-31 18:34 - 00000000 _____ C:\Users\Gideon\Desktop\Neues Textdokument.txt
2013-12-29 19:26 - 2013-12-29 19:27 - 10512788 _____ C:\Users\Gideon\Desktop\Pokemon Blattgr�n  [Fuel-Edition] + VBA Emulator.rar
2013-12-29 19:25 - 2013-12-29 19:25 - 00611913 _____ C:\Users\Gideon\Downloads\VisualBoyAdvance-1.7.2.zip
2013-12-29 15:07 - 2013-12-29 15:07 - 00003673 _____ C:\Users\Gideon\Downloads\Timber Mod 1.5.2.zip
2013-12-29 12:27 - 2013-06-16 23:41 - 00997632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2013-12-29 12:27 - 2013-06-01 12:34 - 02391280 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-12-29 12:27 - 2013-06-01 12:26 - 06987008 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-12-29 12:27 - 2013-06-01 12:26 - 00327936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-12-29 12:27 - 2013-06-01 11:24 - 02106176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-12-29 12:27 - 2013-06-01 10:25 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-12-29 12:27 - 2013-06-01 10:25 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2013-12-29 12:27 - 2013-06-01 10:24 - 01453568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2013-12-29 12:27 - 2013-06-01 10:24 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2013-12-29 12:27 - 2013-06-01 10:24 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscms.dll
2013-12-29 12:27 - 2013-06-01 10:23 - 01842176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2013-12-29 12:27 - 2013-06-01 10:23 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-12-29 12:27 - 2013-06-01 10:22 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-12-29 12:27 - 2013-06-01 10:22 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2013-12-29 12:27 - 2013-06-01 10:22 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MbaeParserTask.exe
2013-12-29 12:27 - 2013-06-01 10:21 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2013-12-29 12:27 - 2013-06-01 10:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2013-12-29 12:27 - 2013-06-01 10:20 - 02219520 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2013-12-29 12:27 - 2013-06-01 10:20 - 01527808 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2013-12-29 12:27 - 2013-06-01 10:20 - 01048576 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2013-12-29 12:27 - 2013-06-01 10:20 - 00583168 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2013-12-29 12:27 - 2013-06-01 10:19 - 00785408 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2013-12-29 12:27 - 2013-06-01 10:19 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupManager.dll
2013-12-29 12:27 - 2013-06-01 04:08 - 00037632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthAvrcpTg.sys
2013-12-29 12:27 - 2013-05-24 23:09 - 01403296 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-12-29 12:27 - 2013-05-24 23:09 - 01271584 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-12-29 12:27 - 2013-05-24 23:09 - 01217352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-12-29 12:27 - 2013-05-24 23:09 - 01093904 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-12-29 12:25 - 2013-10-09 02:33 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-12-29 12:25 - 2013-10-08 23:30 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-12-29 12:25 - 2013-10-08 23:30 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-12-29 12:25 - 2013-10-08 23:30 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-12-29 12:25 - 2013-10-08 23:30 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-12-29 12:25 - 2013-10-08 23:28 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-12-29 12:25 - 2013-10-08 23:27 - 03279872 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-12-29 12:25 - 2013-10-08 23:27 - 01622016 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-12-29 12:25 - 2013-10-08 23:27 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-12-29 12:25 - 2013-10-08 23:27 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-12-29 12:25 - 2013-10-08 23:27 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-12-29 12:25 - 2013-10-08 23:27 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-12-29 12:25 - 2013-10-08 23:27 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-12-29 12:25 - 2013-10-05 07:10 - 00285016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2013-12-29 12:25 - 2013-10-03 23:09 - 00385528 _____ C:\Windows\system32\ApnDatabase.xml
2013-12-29 12:25 - 2013-10-02 03:50 - 00447320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2013-12-29 12:25 - 2013-09-28 06:48 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-12-29 12:25 - 2013-09-28 04:58 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-12-29 12:25 - 2013-09-19 08:32 - 01455448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-12-29 12:25 - 2013-09-13 23:36 - 00247296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2013-12-29 12:25 - 2013-09-13 23:33 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2013-12-29 12:25 - 2013-08-30 06:43 - 00061784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\crashdmp.sys
2013-12-29 12:25 - 2013-08-30 06:20 - 01173504 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2013-12-29 12:25 - 2013-08-30 06:19 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2013-12-29 12:25 - 2013-08-30 06:18 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2013-12-29 12:25 - 2013-08-30 00:48 - 00914432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2013-12-29 12:25 - 2013-08-30 00:48 - 00488960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resutils.dll
2013-12-29 12:25 - 2013-08-30 00:47 - 00302080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clusapi.dll
2013-12-29 12:25 - 2013-08-21 07:39 - 00465240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-12-29 12:25 - 2013-08-10 07:30 - 00151896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2013-12-29 12:25 - 2013-08-10 06:21 - 00817152 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-12-29 12:25 - 2013-08-10 04:58 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-12-29 12:25 - 2013-07-25 00:10 - 10799104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2013-12-29 12:25 - 2013-07-25 00:07 - 13661696 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2013-12-29 12:25 - 2013-07-12 02:38 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2013-12-29 12:25 - 2013-07-12 02:30 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2013-12-29 12:25 - 2013-07-09 09:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-12-29 12:25 - 2013-07-09 07:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-12-29 12:25 - 2013-07-09 05:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-12-29 12:25 - 2013-07-09 04:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-12-29 12:25 - 2013-07-08 23:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-12-29 12:25 - 2013-07-08 23:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-12-29 12:25 - 2013-07-08 23:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-12-29 12:25 - 2013-07-08 23:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-12-29 12:25 - 2013-07-06 01:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-12-29 12:25 - 2013-07-03 01:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-12-29 12:25 - 2013-07-03 01:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-12-29 12:25 - 2013-07-03 01:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-12-29 12:25 - 2013-07-03 01:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-12-29 12:25 - 2013-06-30 23:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-12-29 12:25 - 2013-06-30 23:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-12-29 12:25 - 2013-06-29 07:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-12-29 12:25 - 2013-06-29 07:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-12-29 12:25 - 2013-06-29 06:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-12-29 12:25 - 2013-06-26 04:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-12-29 12:25 - 2013-06-26 03:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-12-29 12:25 - 2013-06-24 23:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-12-29 12:25 - 2013-06-24 23:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-12-29 12:25 - 2013-06-24 23:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-12-29 12:25 - 2013-06-19 06:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-12-29 12:25 - 2013-06-19 06:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-12-29 12:25 - 2013-06-18 23:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-12-29 12:25 - 2013-06-18 23:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-12-29 12:25 - 2013-06-12 00:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-12-29 12:25 - 2013-06-12 00:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-12-29 12:25 - 2013-06-06 09:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-12-29 12:25 - 2012-09-27 08:17 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\newdev.exe
2013-12-29 12:25 - 2012-09-27 08:17 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\ndadmin.exe
2013-12-29 12:25 - 2012-09-27 08:15 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2013-12-29 12:25 - 2012-09-27 07:35 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.exe
2013-12-29 12:25 - 2012-09-27 07:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndadmin.exe
2013-12-29 12:25 - 2012-09-27 07:34 - 00275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2013-12-29 12:23 - 2013-08-10 06:21 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2013-12-29 12:23 - 2013-08-10 06:21 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2013-12-29 12:23 - 2013-08-10 04:58 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2013-12-29 12:23 - 2013-08-03 07:40 - 01374208 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2013-12-29 12:23 - 2013-08-03 07:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2013-12-29 12:23 - 2013-08-03 07:40 - 00462336 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2013-12-29 12:23 - 2013-08-03 06:14 - 00399360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2013-12-29 12:23 - 2013-08-03 06:13 - 01245696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2013-12-29 12:23 - 2013-08-03 06:13 - 00437248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2013-12-29 12:23 - 2013-08-02 07:28 - 19758080 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-12-29 12:23 - 2013-08-02 07:28 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2013-12-29 12:23 - 2013-08-02 06:08 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-12-29 12:23 - 2013-08-02 06:08 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2013-12-29 12:23 - 2013-08-01 11:41 - 02233688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-12-29 12:23 - 2013-07-25 00:10 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mbsmsapi.dll
2013-12-29 12:23 - 2013-07-25 00:06 - 00225280 _____ (Microsoft Corporation) C:\Windows\system32\mbsmsapi.dll
2013-12-29 12:23 - 2013-04-10 00:17 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2013-12-29 12:23 - 2013-04-09 23:29 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2013-12-29 01:48 - 2014-01-06 01:21 - 00000000 ____D C:\AdwCleaner
2013-12-29 01:47 - 2013-12-29 01:47 - 01233962 _____ C:\Users\Gideon\Downloads\adwcleaner_3.016.exe
2013-12-29 00:50 - 2013-12-29 00:50 - 00000000 _____ C:\autoexec.bat
2013-12-29 00:46 - 2013-12-29 00:49 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2013-12-29 00:18 - 2013-12-04 01:53 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-29 00:18 - 2013-12-04 01:53 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-28 21:54 - 2013-12-29 00:20 - 00000000 ___RD C:\Windows\BrowserChoice
2013-12-28 00:40 - 2013-12-28 00:40 - 00025547 _____ C:\Users\Gideon\Downloads\luckyblocks (1.5.2).zip
2013-12-28 00:40 - 2013-12-28 00:40 - 00025547 _____ C:\Users\Gideon\Desktop\luckyblocks (1.5.2).zip
2013-12-28 00:30 - 2013-12-28 00:31 - 00065008 _____ C:\Users\Gideon\Downloads\LuckyBlock_v4.2.1_1.6.4.jar
2013-12-27 23:52 - 2013-12-27 23:52 - 00002222 _____ C:\Users\Public\Desktop\YUGI THE DESTINY.lnk
2013-12-27 23:52 - 2013-12-27 23:52 - 00000000 ____D C:\Program Files (x86)\KONAMI
2013-12-27 16:14 - 2013-12-27 15:37 - 215771253 _____ C:\Users\Gideon\Desktop\POC_Yugi_The_Destiny.rar
2013-12-27 15:29 - 2013-12-27 15:28 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-27 15:28 - 2013-12-27 15:28 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-27 15:28 - 2013-12-27 15:28 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-27 15:28 - 2013-12-27 15:28 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-27 15:27 - 2013-12-27 15:28 - 00000000 ____D C:\Program Files\Java
2013-12-27 15:07 - 2013-12-27 15:26 - 131396000 _____ (Oracle Corporation) C:\Users\Gideon\Downloads\jdk-7u45-windows-x64.exe
2013-12-27 15:05 - 2013-12-27 15:05 - 00915368 _____ (Oracle Corporation) C:\Users\Gideon\Downloads\chromeinstall-7u45 (1).exe
2013-12-27 14:51 - 2013-12-27 14:53 - 07114640 _____ C:\Users\Gideon\Downloads\scala-library.jar.stash
2013-12-27 14:51 - 2013-12-27 14:52 - 02318161 _____ C:\Users\Gideon\Downloads\bcprov-jdk15on-148.jar.stash
2013-12-27 13:23 - 2013-12-27 13:25 - 00000000 ____D C:\Windows\system32\MRT
2013-12-27 13:23 - 2013-12-01 14:42 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-26 23:56 - 2013-12-26 00:50 - 00377138 _____ C:\Users\Gideon\Desktop\OptiFine_1.5.2_HD_U_D5.zip
2013-12-26 23:48 - 2013-12-26 23:49 - 00352775 _____ C:\Users\Gideon\Downloads\OptiFine_1.5.2_HD_D5.zip
2013-12-26 23:43 - 2013-12-27 17:00 - 00000000 ____D C:\Users\Gideon\Desktop\Mods
2013-12-26 23:43 - 2013-12-26 23:43 - 00811293 _____ C:\Users\Gideon\Downloads\More Tools Mod 1.5.2-1.zip
2013-12-26 23:43 - 2013-12-26 23:43 - 00811293 _____ C:\Users\Gideon\Desktop\More Tools Mod 1.5.2-1.zip
2013-12-26 23:37 - 2013-12-26 23:37 - 02032810 _____ C:\Users\Gideon\Downloads\minecraftforge-universal-1.5.2-7.8.1.737.zip
2013-12-26 23:29 - 2013-12-26 23:29 - 00062966 _____ C:\Users\Gideon\Downloads\More-Furnaces-Mod-1.5.2.zip
2013-12-26 22:45 - 2013-12-26 22:45 - 1252327424 _____ C:\Users\Gideon\Desktop\Yu-Gi-Oh! GX - Tag Force Evolution (Europe) (En,Fr,De,Es,It).iso
2013-12-26 22:38 - 2013-12-26 22:37 - 10020768 _____ C:\Users\Gideon\Desktop\pcsx2-0.9.8-by-Garyteeh.rar
2013-12-26 22:36 - 2013-12-26 22:37 - 10020768 _____ C:\Users\Gideon\Downloads\pcsx2-0.9.8-by-Garyteeh.rar
2013-12-26 20:09 - 2013-12-26 15:15 - 769892531 _____ C:\Users\Gideon\Desktop\Yu-Gi-Oh! GX - Tag Force Evolution (Europe) (En,Fr,De,Es,It).7z
2013-12-26 14:03 - 2013-12-26 14:03 - 00000000 ____D C:\Program Files (x86)\PCSX2 0.9.8
2013-12-26 14:01 - 2013-12-26 15:15 - 769892531 _____ C:\Users\Gideon\Downloads\Yu-Gi-Oh! GX - Tag Force Evolution (Europe) (En,Fr,De,Es,It).7z
2013-12-26 14:00 - 2013-12-26 14:02 - 12780479 _____ C:\Users\Gideon\Downloads\pcsx2-0.9.8-installer.exe
2013-12-26 13:21 - 2013-12-26 13:20 - 07365967 _____ C:\Users\Gideon\Desktop\Hawkpack-Alpha-1.5.zip
2013-12-26 13:18 - 2013-12-26 13:20 - 07365967 _____ C:\Users\Gideon\Downloads\Hawkpack-Alpha-1.5.zip
2013-12-26 13:06 - 2013-12-26 13:03 - 01799465 _____ C:\Users\Gideon\Desktop\McPatcher 1.5.2.exe
2013-12-26 13:03 - 2013-12-26 13:03 - 01799465 _____ C:\Users\Gideon\Downloads\McPatcher 1.5.2.exe
2013-12-26 12:56 - 2013-12-28 21:47 - 00000480 _____ C:\Users\Gideon\daemonprocess.txt
2013-12-26 12:56 - 2013-12-26 13:15 - 00000000 ____D C:\Users\Gideon\AppData\Local\cache
2013-12-26 12:53 - 2013-12-26 12:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-26 12:05 - 2013-12-26 12:05 - 00002093 _____ C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-12-26 11:57 - 2012-08-28 13:27 - 00058536 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\usbfilter.sys
2013-12-26 11:56 - 2013-12-26 11:57 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-26 11:56 - 2013-12-26 11:56 - 00000000 ____D C:\Program Files\ATI Technologies
2013-12-26 11:55 - 2013-12-26 11:55 - 00000000 ____D C:\AMD
2013-12-26 11:47 - 2013-12-26 11:53 - 52056328 _____ (Advanced Micro Devices, Inc.) C:\Users\Gideon\Downloads\13-12_win7_win8_32-64_sb.exe
2013-12-26 02:09 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Programme
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-26 01:30 - 2013-12-26 01:30 - 00374114 _____ C:\Users\Gideon\Downloads\OptiFine_1.5.2_HD_D3.zip
2013-12-26 01:00 - 2013-12-26 01:02 - 30694824 _____ (Oracle Corporation) C:\Users\Gideon\Downloads\jre-7u45-windows-x64.exe
2013-12-26 00:59 - 2013-12-26 04:39 - 00000000 ____D C:\Users\Gideon\Desktop\saves
2013-12-26 00:57 - 2013-12-27 17:01 - 00000000 ____D C:\Users\Gideon\Desktop\texturepacks
2013-12-26 00:57 - 2013-12-26 23:50 - 00001698 _____ C:\Users\Gideon\Desktop\Minecraft.lnk
2013-12-26 00:56 - 2014-01-02 19:20 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\.minecraft
2013-12-26 00:56 - 2013-12-26 00:57 - 00000000 ____D C:\Users\Gideon\Desktop\minecraft launcher
2013-12-26 00:50 - 2013-12-26 00:50 - 00377138 _____ C:\Users\Gideon\Downloads\OptiFine_1.5.2_HD_U_D5.zip
2013-12-26 00:29 - 2013-12-26 00:29 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2013-12-26 00:25 - 2013-12-26 00:25 - 53917463 _____ (TeamExtreme                                                 ) C:\Users\Gideon\Desktop\Minecraft 1.5.1.exe
2013-12-26 00:19 - 2013-12-26 00:25 - 53917463 _____ (TeamExtreme                                                 ) C:\Users\Gideon\Downloads\Minecraft 1.5.1.exe
2013-12-25 23:39 - 2014-01-03 16:47 - 00000000 ____D C:\Users\Gideon\Desktop\.minecraft
2013-12-25 22:52 - 2013-10-25 07:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-25 22:52 - 2013-10-25 07:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-25 22:52 - 2013-10-25 07:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-12-25 22:52 - 2013-10-25 07:19 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-25 22:52 - 2013-10-25 07:18 - 19271168 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-25 22:52 - 2013-10-25 07:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-25 22:52 - 2013-10-25 07:17 - 15404032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-25 22:52 - 2013-10-25 07:17 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-25 22:52 - 2013-10-25 07:17 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-25 22:52 - 2013-10-25 07:17 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-25 22:52 - 2013-10-25 05:45 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-25 22:52 - 2013-10-25 05:44 - 14356992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-25 22:52 - 2013-10-25 05:44 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-25 22:52 - 2013-10-25 05:43 - 13761536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-25 22:52 - 2013-10-25 05:43 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-25 22:52 - 2013-10-25 05:43 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-25 22:52 - 2013-10-25 05:43 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-25 22:52 - 2013-10-25 05:43 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-25 22:52 - 2013-05-15 23:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-12-25 22:52 - 2013-05-15 23:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-12-25 22:52 - 2013-05-14 14:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-25 22:52 - 2013-05-14 10:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-25 22:50 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-12-25 22:50 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-12-25 22:50 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-12-25 22:50 - 2013-07-02 01:44 - 00036288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2013-12-25 22:50 - 2013-07-01 23:08 - 00247216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2013-12-25 22:50 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-12-25 22:50 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-12-25 22:50 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-12-25 22:50 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-12-25 22:49 - 2013-09-04 04:11 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-12-25 22:49 - 2013-08-16 06:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-12-25 22:49 - 2013-08-16 06:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-12-25 22:49 - 2013-08-16 06:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-12-25 22:49 - 2013-08-16 06:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-12-25 22:49 - 2013-08-16 06:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-12-25 22:49 - 2013-08-16 06:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-12-25 22:49 - 2013-08-16 06:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-12-25 22:49 - 2013-08-16 06:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-12-25 22:49 - 2013-08-16 06:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-12-25 22:49 - 2013-08-16 06:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-12-25 22:49 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-12-25 22:49 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-12-25 22:49 - 2013-08-16 06:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-12-25 22:49 - 2013-08-15 23:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-12-25 22:49 - 2013-08-15 23:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-12-25 22:49 - 2013-08-15 23:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-12-25 22:49 - 2013-08-15 23:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-12-25 22:48 - 2013-08-16 06:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-12-25 22:48 - 2013-08-16 06:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-25 22:48 - 2013-08-16 06:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-12-25 22:48 - 2013-08-15 23:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-12-25 22:48 - 2013-08-15 23:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-12-25 22:48 - 2013-08-15 23:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-12-25 22:48 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-12-25 22:48 - 2013-08-15 23:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-12-25 22:47 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-25 22:47 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-25 22:47 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-12-25 22:47 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-12-25 22:24 - 2013-12-25 22:45 - 197103376 _____ C:\Users\Gideon\Downloads\Gronkhs Minecraft Ordner 1.6.2.zip
2013-12-25 22:24 - 2013-03-02 11:57 - 00332520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2013-12-25 22:24 - 2013-03-02 11:57 - 00077544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storahci.sys
2013-12-25 22:24 - 2013-03-02 11:39 - 00495336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2013-12-25 22:24 - 2013-03-02 09:23 - 01338880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-12-25 22:24 - 2013-03-02 09:23 - 00893952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2013-12-25 22:24 - 2013-03-02 09:23 - 00601088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2013-12-25 22:24 - 2013-03-02 09:23 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2013-12-25 22:24 - 2013-03-02 09:23 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2013-12-25 22:24 - 2013-03-02 09:22 - 05091840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-12-25 22:24 - 2013-03-02 09:22 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2013-12-25 22:24 - 2013-03-02 09:21 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvstore.dll
2013-12-25 22:24 - 2013-03-02 09:21 - 00145408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\powercfg.cpl
2013-12-25 22:24 - 2013-03-02 09:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevDispItemProvider.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 01627648 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 00951808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\usbmon.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2013-12-25 22:24 - 2013-03-02 03:45 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\TimeBrokerServer.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2013-12-25 22:24 - 2013-03-02 03:45 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\WSDPrintProxy.DLL
2013-12-25 22:24 - 2013-03-02 03:44 - 05978624 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-12-25 22:24 - 2013-03-02 03:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2013-12-25 22:24 - 2013-03-02 03:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2013-12-25 22:24 - 2013-03-02 03:44 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\discan.dll
2013-12-25 22:24 - 2013-03-02 03:44 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\NdisImPlatform.dll
2013-12-25 22:24 - 2013-03-02 03:44 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\DevDispItemProvider.dll
2013-12-25 22:24 - 2013-03-02 03:43 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2013-12-25 22:24 - 2013-03-02 03:15 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2013-12-25 22:24 - 2013-03-01 05:56 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2013-12-25 22:24 - 2013-03-01 05:56 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2013-12-25 22:24 - 2013-03-01 05:55 - 01175040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2013-12-25 22:20 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2013-12-25 22:20 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2013-12-25 22:20 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-12-25 22:20 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-12-25 22:20 - 2013-05-24 00:02 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-12-25 22:20 - 2013-05-23 23:25 - 00694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2013-12-25 22:19 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-12-25 22:19 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-12-25 22:15 - 2013-12-25 21:28 - 00473416 _____ C:\Users\Gideon\Desktop\.minecraft.jar
2013-12-25 22:15 - 2013-07-01 23:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2013-12-25 22:15 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbprint.sys
2013-12-25 22:15 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2013-12-25 22:15 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2013-12-25 22:14 - 2013-05-04 08:58 - 00120736 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2013-12-25 22:14 - 2013-05-04 07:59 - 01483776 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2013-12-25 22:14 - 2013-05-04 07:59 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\Magnify.exe
2013-12-25 22:14 - 2013-05-04 07:58 - 01332736 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2013-12-25 22:14 - 2013-05-04 07:58 - 00470528 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2013-12-25 22:14 - 2013-05-04 07:58 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2013-12-25 22:14 - 2013-05-04 07:58 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2013-12-25 22:14 - 2013-05-04 07:58 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\netprofm.dll
2013-12-25 22:14 - 2013-05-04 07:58 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2013-12-25 22:14 - 2013-05-04 07:57 - 01131520 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2013-12-25 22:14 - 2013-05-04 07:57 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2013-12-25 22:14 - 2013-05-04 07:57 - 00560640 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2013-12-25 22:14 - 2013-05-04 07:57 - 00501760 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2013-12-25 22:14 - 2013-05-04 07:57 - 00389120 _____ (Microsoft Corporation) C:\Windows\system32\BCP47Langs.dll
2013-12-25 22:14 - 2013-05-04 07:57 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2013-12-25 22:14 - 2013-05-04 07:57 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\biwinrt.dll
2013-12-25 22:14 - 2013-05-04 07:57 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2013-12-25 22:14 - 2013-05-04 07:56 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2013-12-25 22:14 - 2013-05-04 05:58 - 00758784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Magnify.exe
2013-12-25 22:14 - 2013-05-04 05:57 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2013-12-25 22:14 - 2013-05-04 05:57 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netplwiz.dll
2013-12-25 22:14 - 2013-05-04 05:57 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netprofm.dll
2013-12-25 22:14 - 2013-05-04 05:57 - 00018432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\npmproxy.dll
2013-12-25 22:14 - 2013-05-04 05:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\muifontsetup.dll
2013-12-25 22:14 - 2013-05-04 05:56 - 00449536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2013-12-25 22:14 - 2013-05-04 05:56 - 00411136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2013-12-25 22:14 - 2013-05-04 05:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BCP47Langs.dll
2013-12-25 22:14 - 2013-05-04 05:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\biwinrt.dll
2013-12-25 22:14 - 2013-05-04 05:55 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\intl.cpl
2013-12-25 22:14 - 2013-05-04 05:51 - 00014848 _____ (Microsoft) C:\Windows\system32\rars.rs
2013-12-25 22:14 - 2013-05-04 05:48 - 00027648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2013-12-25 22:14 - 2013-05-04 05:47 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2013-12-25 22:14 - 2013-05-04 05:10 - 00014848 _____ (Microsoft) C:\Windows\SysWOW64\rars.rs
2013-12-25 22:14 - 2013-03-02 03:45 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2013-12-25 22:14 - 2013-03-02 03:45 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\taskhostex.exe
2013-12-25 22:12 - 2013-04-24 00:13 - 01013248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-12-25 22:12 - 2013-04-24 00:12 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-12-25 22:12 - 2013-04-23 23:56 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-12-25 22:12 - 2013-04-23 23:55 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-12-25 22:11 - 2013-10-03 00:25 - 01300992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-12-25 22:11 - 2013-10-01 23:22 - 01022976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-12-25 22:11 - 2013-06-01 10:25 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2013-12-25 22:11 - 2013-06-01 10:21 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-12-25 22:11 - 2013-05-31 00:24 - 01257472 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-12-25 22:11 - 2013-05-31 00:08 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-12-25 22:11 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-12-25 22:11 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-12-25 22:11 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-12-25 22:11 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-12-25 22:11 - 2013-05-15 03:25 - 00888320 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2013-12-25 22:11 - 2013-05-15 03:25 - 00542208 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2013-12-25 22:11 - 2013-05-15 03:24 - 00793088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\autochk.exe
2013-12-25 22:11 - 2013-05-15 03:24 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2013-12-25 22:11 - 2013-03-02 10:59 - 00411880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-12-25 22:10 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-12-25 22:10 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-12-25 22:08 - 2013-09-23 23:30 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-12-25 22:08 - 2013-09-23 23:30 - 00323072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-12-25 22:07 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2013-12-25 22:07 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2013-12-25 22:07 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2013-12-25 22:07 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2013-12-25 22:07 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2013-12-25 22:07 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2013-12-25 22:07 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2013-12-25 22:07 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2013-12-25 22:06 - 2013-11-07 00:18 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-25 22:06 - 2013-08-07 06:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-12-25 22:06 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-25 22:06 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-12-25 22:06 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-12-25 22:06 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-12-25 22:06 - 2012-11-10 05:23 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-12-25 22:06 - 2012-11-10 05:23 - 00132608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-12-25 22:06 - 2012-11-10 05:22 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\RDWebAI.dll
2013-12-25 22:06 - 2012-11-10 05:22 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\VmHostAI.dll
2013-12-25 22:06 - 2012-11-10 05:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\appserverai.dll
2013-12-25 22:03 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-12-25 22:03 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-12-25 22:03 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\apprepapi.dll
2013-12-25 22:03 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\apprepsync.dll
2013-12-25 22:03 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-12-25 22:03 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepapi.dll
2013-12-25 22:03 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apprepsync.dll
2013-12-25 22:02 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-25 22:02 - 2013-04-27 06:20 - 00733184 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-12-25 22:01 - 2013-11-23 07:43 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-25 22:01 - 2013-11-23 06:05 - 00368640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-25 22:01 - 2013-11-01 06:38 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-25 22:01 - 2013-11-01 04:49 - 00273408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-25 22:01 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-25 22:01 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2013-12-25 22:01 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-25 22:01 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-25 22:01 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-25 22:01 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2013-12-25 22:01 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-25 22:01 - 2013-08-23 08:22 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2013-12-25 22:01 - 2013-08-23 02:44 - 01711616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-12-25 22:01 - 2013-04-03 00:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-12-25 22:01 - 2013-04-03 00:12 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-12-25 22:00 - 2013-10-02 00:37 - 02035712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-12-25 22:00 - 2013-10-02 00:26 - 02304512 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-12-25 22:00 - 2013-08-02 07:28 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2013-12-25 22:00 - 2013-08-02 06:08 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2013-12-25 22:00 - 2013-03-22 04:49 - 02382336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2013-12-25 22:00 - 2013-03-21 23:47 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2013-12-25 21:53 - 2013-12-26 00:52 - 00000000 ____D C:\Users\Gideon\Desktop\Neuer Ordner
2013-12-25 21:52 - 2013-12-26 00:26 - 00000082 _____ C:\Users\Gideon\Desktop\MOL_Properties.properties
2013-12-25 21:52 - 2013-12-25 21:55 - 00000000 ____D C:\Users\Gideon\minecraft
2013-12-25 21:46 - 2013-12-25 21:46 - 00000000 ____D C:\ProgramData\Oracle
2013-12-25 21:45 - 2013-12-25 21:45 - 00000000 ____D C:\ProgramData\Sun
2013-12-25 21:45 - 2013-12-25 21:44 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-25 21:45 - 2013-12-25 21:44 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-25 21:45 - 2013-12-25 21:44 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-25 21:45 - 2013-12-25 21:44 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-25 21:44 - 2013-12-25 21:44 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-25 21:41 - 2013-12-25 21:41 - 00915368 _____ (Oracle Corporation) C:\Users\Gideon\Downloads\chromeinstall-7u45.exe
2013-12-25 21:37 - 2013-12-25 21:37 - 00018174 _____ C:\Users\Gideon\Downloads\[kickass.to]minecraft.1.7.2.cracked.full.installer.online.server.list.torrent
2013-12-25 21:28 - 2013-12-25 21:28 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\WinRAR
2013-12-25 21:27 - 2013-12-25 21:28 - 00473416 _____ C:\Users\Gideon\Desktop\MinecraftSMP cracked Launcher.jar
2013-12-25 21:02 - 2013-12-25 21:02 - 00000983 _____ C:\Users\Public\Desktop\WinRAR.lnk
2013-12-25 21:02 - 2013-12-25 21:02 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-25 21:01 - 2013-12-25 21:02 - 00000000 ____D C:\Program Files\WinRAR
2013-12-25 21:00 - 2013-12-25 21:01 - 02087616 _____ C:\Users\Gideon\Downloads\winrar-x64-501d.exe
2013-12-25 20:29 - 2013-12-25 20:29 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-25 20:26 - 2014-01-08 21:37 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-25 20:26 - 2014-01-08 20:37 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-25 20:26 - 2013-12-25 20:32 - 00004092 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-25 20:26 - 2013-12-25 20:32 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-25 20:26 - 2013-12-25 20:29 - 00000000 ____D C:\Users\Gideon\AppData\Local\Google
2013-12-25 20:26 - 2013-12-25 20:29 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-25 20:25 - 2013-12-25 20:25 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\ATI
2013-12-25 20:25 - 2013-12-25 20:25 - 00000000 ____D C:\Users\Gideon\AppData\Local\ATI
2013-12-25 20:25 - 2013-12-25 20:25 - 00000000 ____D C:\ProgramData\ATI
2013-12-25 20:14 - 2013-12-25 20:14 - 00819144 _____ (Google Inc.) C:\Users\Gideon\Downloads\chrome_installer_31.0.1650.63.exe
2013-12-25 20:13 - 2013-12-29 19:38 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2058586743-3979093847-619797469-1001
2013-12-25 20:08 - 2013-12-25 20:08 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-25 20:08 - 2013-12-25 20:08 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Macromedia
2013-12-25 20:08 - 2013-12-25 20:08 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Atheros
2013-12-25 20:07 - 2013-12-30 12:53 - 00000000 ___RD C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-25 20:07 - 2013-12-30 12:53 - 00000000 ___RD C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 20:07 - 2013-12-26 23:47 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Adobe
2013-12-25 20:07 - 2013-12-25 20:07 - 00001442 _____ C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 20:07 - 2013-12-25 20:07 - 00000000 ____D C:\ProgramData\OEM_YAHOO
2013-12-25 20:07 - 2013-12-25 20:07 - 00000000 ____D C:\Program Files\Accessory Store
2013-12-25 20:06 - 2013-12-29 00:20 - 00000000 ____D C:\Users\Gideon\AppData\Local\Packages
2013-12-25 20:06 - 2013-12-25 20:06 - 00000000 ____D C:\Users\Gideon\AppData\Local\VirtualStore
2013-12-25 20:05 - 2014-01-06 01:14 - 00000000 ____D C:\Users\Gideon
2013-12-25 20:05 - 2013-12-25 20:05 - 00000020 ___SH C:\Users\Gideon\ntuser.ini
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Vorlagen
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Startmenü
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Netzwerkumgebung
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Lokale Einstellungen
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Eigene Dateien
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Druckumgebung
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Documents\Eigene Musik
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Documents\Eigene Bilder
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\AppData\Local\Verlauf
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\AppData\Local\Anwendungsdaten
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Anwendungsdaten
2013-12-25 20:05 - 2013-09-28 19:51 - 00000000 ___RD C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-25 20:05 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-12-25 20:05 - 2012-07-26 09:13 - 00000000 ___RD C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-25 20:05 - 2012-07-26 09:13 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

2014-01-09 16:05 - 2014-01-09 16:02 - 00015826 _____ C:\Users\Gideon\Downloads\FRST.txt
2014-01-09 16:02 - 2014-01-09 16:02 - 00000000 ____D C:\FRST
2014-01-09 16:01 - 2014-01-06 21:14 - 00162587 _____ C:\Windows\WindowsUpdate.log
2014-01-09 16:00 - 2014-01-09 16:00 - 01931770 _____ (Farbar) C:\Users\Gideon\Downloads\FRST64.exe
2014-01-09 16:00 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\sru
2014-01-08 21:37 - 2013-12-25 20:26 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-08 20:37 - 2013-12-25 20:26 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-08 18:26 - 2014-01-08 18:25 - 00001211 _____ C:\Users\Gideon\Downloads\SHK.bat
2014-01-07 22:54 - 2013-09-29 05:32 - 00753134 _____ C:\Windows\system32\perfh007.dat
2014-01-07 22:54 - 2013-09-29 05:32 - 00155826 _____ C:\Windows\system32\perfc007.dat
2014-01-07 22:54 - 2012-07-26 08:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-07 20:46 - 2014-01-07 20:46 - 00001050 _____ C:\Users\Gideon\Desktop\VirtualDJ Home FREE.lnk
2014-01-07 20:46 - 2014-01-07 20:46 - 00000000 ____D C:\Users\Gideon\Documents\VirtualDJ
2014-01-07 20:46 - 2014-01-07 20:46 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-01-07 20:46 - 2014-01-07 20:46 - 00000000 ____D C:\ProgramData\APN
2014-01-07 20:46 - 2014-01-07 20:46 - 00000000 ____D C:\Program Files (x86)\VirtualDJ
2014-01-07 20:42 - 2014-01-07 20:38 - 39178560 _____ (Atomix Productions) C:\Users\Gideon\Downloads\install_virtualdj_home_v7.4.1.exe
2014-01-06 20:38 - 2014-01-05 12:30 - 00000000 ____D C:\Windows\Minidump
2014-01-06 20:38 - 2013-08-02 17:33 - 00000000 ____D C:\Windows\Panther
2014-01-06 20:36 - 2014-01-06 20:36 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-01-06 20:36 - 2014-01-06 20:36 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2014-01-06 20:36 - 2014-01-06 20:36 - 00000000 ____D C:\Program Files\CCleaner
2014-01-06 20:35 - 2014-01-06 20:34 - 04645232 _____ (Piriform Ltd) C:\Users\Gideon\Downloads\ccsetup409.exe
2014-01-06 19:46 - 2012-07-26 08:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-06 18:03 - 2014-01-06 18:03 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Malwarebytes
2014-01-06 18:02 - 2014-01-06 18:02 - 00001113 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-06 18:02 - 2014-01-06 18:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-06 18:02 - 2014-01-06 18:02 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-06 17:46 - 2014-01-06 18:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Gideon\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-06 17:46 - 2014-01-06 17:44 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Gideon\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-06 01:21 - 2013-12-29 01:48 - 00000000 ____D C:\AdwCleaner
2014-01-06 01:14 - 2013-12-25 20:05 - 00000000 ____D C:\Users\Gideon
2014-01-06 01:12 - 2012-07-26 09:12 - 00000000 __RHD C:\Users\Public\Libraries
2014-01-06 01:12 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\registration
2014-01-05 22:37 - 2014-01-05 22:36 - 05320487 _____ C:\Users\Gideon\Downloads\generator.zip
2014-01-05 21:26 - 2014-01-03 16:34 - 00000000 ____D C:\Users\Gideon\Desktop\Pokemon Gelb
2014-01-05 12:30 - 2014-01-05 12:30 - 00281248 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-04 20:07 - 2013-09-28 20:25 - 00000000 ____D C:\ProgramData\Norton
2014-01-04 15:17 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\NDF
2014-01-03 19:45 - 2014-01-03 19:44 - 00027123 _____ C:\Users\Gideon\Downloads\vba_deu.dll.zip
2014-01-03 19:45 - 2014-01-03 18:52 - 00639082 _____ C:\Users\Gideon\Desktop\VisualBoyAdvance-1.7.2.zip
2014-01-03 16:51 - 2014-01-03 16:51 - 00000425 _____ C:\Windows\BRWMARK.INI
2014-01-03 16:47 - 2014-01-03 16:47 - 00000000 ____D C:\Users\Gideon\Desktop\States
2014-01-03 16:47 - 2013-12-25 23:39 - 00000000 ____D C:\Users\Gideon\Desktop\.minecraft
2014-01-03 16:46 - 2014-01-03 16:44 - 00000000 ____D C:\Users\Gideon\Desktop\Backup MCraft
2014-01-03 16:35 - 2014-01-03 16:35 - 00000000 ____D C:\Users\Gideon\Desktop\Randomizer
2014-01-03 16:33 - 2014-01-03 16:33 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Spotify
2014-01-03 16:33 - 2014-01-03 16:33 - 00000000 ____D C:\Users\Gideon\AppData\Local\Spotify
2014-01-03 16:23 - 2014-01-03 16:23 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-01-02 21:45 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2014-01-02 19:20 - 2013-12-26 00:56 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\.minecraft
2014-01-01 00:57 - 2014-01-01 00:57 - 39739769 _____ C:\Users\Gideon\Downloads\mcpatcher-converted-64px_v2.6.6_[mc1.5.2](13w21a)]_W1-Pack.zip
2014-01-01 00:11 - 2014-01-01 00:57 - 64079267 _____ C:\Users\Gideon\Desktop\Misa.zip
2014-01-01 00:11 - 2013-12-31 23:58 - 64079267 _____ C:\Users\Gideon\Downloads\Misa.zip
2014-01-01 00:01 - 2014-01-01 00:57 - 39732730 _____ C:\Users\Gideon\Desktop\64px_v2.6.6_[mc1.5.2](13w21a)]_W1-Pack.zip
2014-01-01 00:01 - 2013-12-31 23:50 - 39732730 _____ C:\Users\Gideon\Downloads\64px_v2.6.6_[mc1.5.2](13w21a)]_W1-Pack.zip
2013-12-31 18:34 - 2013-12-31 18:34 - 00000000 _____ C:\Users\Gideon\Desktop\Neues Textdokument.txt
2013-12-30 13:14 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\rescache
2013-12-30 12:53 - 2013-12-25 20:07 - 00000000 ___RD C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-30 12:53 - 2013-12-25 20:07 - 00000000 ___RD C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-30 12:40 - 2012-07-26 06:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-12-30 12:38 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ToastData
2013-12-30 12:38 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\WinStore
2013-12-30 12:38 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\SecureBootUpdates
2013-12-30 12:38 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\oobe
2013-12-29 19:38 - 2013-12-25 20:13 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2058586743-3979093847-619797469-1001
2013-12-29 19:27 - 2013-12-29 19:26 - 10512788 _____ C:\Users\Gideon\Desktop\Pokemon Blattgr�n  [Fuel-Edition] + VBA Emulator.rar
2013-12-29 19:25 - 2013-12-29 19:25 - 00611913 _____ C:\Users\Gideon\Downloads\VisualBoyAdvance-1.7.2.zip
2013-12-29 15:07 - 2013-12-29 15:07 - 00003673 _____ C:\Users\Gideon\Downloads\Timber Mod 1.5.2.zip
2013-12-29 01:47 - 2013-12-29 01:47 - 01233962 _____ C:\Users\Gideon\Downloads\adwcleaner_3.016.exe
2013-12-29 00:50 - 2013-12-29 00:50 - 00000000 _____ C:\autoexec.bat
2013-12-29 00:49 - 2013-12-29 00:46 - 00000000 ____D C:\Windows\CD09642E061D4844BA37ED1480916404.TMP
2013-12-29 00:20 - 2013-12-28 21:54 - 00000000 ___RD C:\Windows\BrowserChoice
2013-12-29 00:20 - 2013-12-25 20:06 - 00000000 ____D C:\Users\Gideon\AppData\Local\Packages
2013-12-29 00:20 - 2013-08-02 16:47 - 00000000 ____D C:\ProgramData\PRICache
2013-12-29 00:18 - 2012-07-26 06:37 - 00000000 ____D C:\Windows\servicing
2013-12-29 00:16 - 2013-08-02 16:58 - 00000000 ____D C:\Program Files (x86)\McAfee
2013-12-28 21:55 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-28 21:55 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-12-28 21:55 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-28 21:55 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Defender
2013-12-28 21:55 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-28 21:55 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-12-28 21:55 - 2012-07-26 08:52 - 00000000 ____D C:\Program Files\Windows Journal
2013-12-28 21:52 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-28 21:52 - 2012-07-26 09:12 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-12-28 21:52 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2013-12-28 21:52 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2013-12-28 21:52 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\SysWOW64\Dism
2013-12-28 21:52 - 2012-07-26 06:38 - 00000000 ____D C:\Windows\system32\Dism
2013-12-28 21:47 - 2013-12-26 12:56 - 00000480 _____ C:\Users\Gideon\daemonprocess.txt
2013-12-28 00:40 - 2013-12-28 00:40 - 00025547 _____ C:\Users\Gideon\Downloads\luckyblocks (1.5.2).zip
2013-12-28 00:40 - 2013-12-28 00:40 - 00025547 _____ C:\Users\Gideon\Desktop\luckyblocks (1.5.2).zip
2013-12-28 00:31 - 2013-12-28 00:30 - 00065008 _____ C:\Users\Gideon\Downloads\LuckyBlock_v4.2.1_1.6.4.jar
2013-12-27 23:52 - 2013-12-27 23:52 - 00002222 _____ C:\Users\Public\Desktop\YUGI THE DESTINY.lnk
2013-12-27 23:52 - 2013-12-27 23:52 - 00000000 ____D C:\Program Files (x86)\KONAMI
2013-12-27 17:01 - 2013-12-26 00:57 - 00000000 ____D C:\Users\Gideon\Desktop\texturepacks
2013-12-27 17:00 - 2013-12-26 23:43 - 00000000 ____D C:\Users\Gideon\Desktop\Mods
2013-12-27 15:37 - 2013-12-27 16:14 - 215771253 _____ C:\Users\Gideon\Desktop\POC_Yugi_The_Destiny.rar
2013-12-27 15:28 - 2013-12-27 15:29 - 00312744 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-12-27 15:28 - 2013-12-27 15:28 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-12-27 15:28 - 2013-12-27 15:28 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-12-27 15:28 - 2013-12-27 15:28 - 00108968 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2013-12-27 15:28 - 2013-12-27 15:27 - 00000000 ____D C:\Program Files\Java
2013-12-27 15:26 - 2013-12-27 15:07 - 131396000 _____ (Oracle Corporation) C:\Users\Gideon\Downloads\jdk-7u45-windows-x64.exe
2013-12-27 15:05 - 2013-12-27 15:05 - 00915368 _____ (Oracle Corporation) C:\Users\Gideon\Downloads\chromeinstall-7u45 (1).exe
2013-12-27 14:53 - 2013-12-27 14:51 - 07114640 _____ C:\Users\Gideon\Downloads\scala-library.jar.stash
2013-12-27 14:52 - 2013-12-27 14:51 - 02318161 _____ C:\Users\Gideon\Downloads\bcprov-jdk15on-148.jar.stash
2013-12-27 13:25 - 2013-12-27 13:23 - 00000000 ____D C:\Windows\system32\MRT
2013-12-26 23:50 - 2013-12-26 00:57 - 00001698 _____ C:\Users\Gideon\Desktop\Minecraft.lnk
2013-12-26 23:49 - 2013-12-26 23:48 - 00352775 _____ C:\Users\Gideon\Downloads\OptiFine_1.5.2_HD_D5.zip
2013-12-26 23:47 - 2013-12-25 20:07 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Adobe
2013-12-26 23:43 - 2013-12-26 23:43 - 00811293 _____ C:\Users\Gideon\Downloads\More Tools Mod 1.5.2-1.zip
2013-12-26 23:43 - 2013-12-26 23:43 - 00811293 _____ C:\Users\Gideon\Desktop\More Tools Mod 1.5.2-1.zip
2013-12-26 23:37 - 2013-12-26 23:37 - 02032810 _____ C:\Users\Gideon\Downloads\minecraftforge-universal-1.5.2-7.8.1.737.zip
2013-12-26 23:29 - 2013-12-26 23:29 - 00062966 _____ C:\Users\Gideon\Downloads\More-Furnaces-Mod-1.5.2.zip
2013-12-26 22:45 - 2013-12-26 22:45 - 1252327424 _____ C:\Users\Gideon\Desktop\Yu-Gi-Oh! GX - Tag Force Evolution (Europe) (En,Fr,De,Es,It).iso
2013-12-26 22:37 - 2013-12-26 22:38 - 10020768 _____ C:\Users\Gideon\Desktop\pcsx2-0.9.8-by-Garyteeh.rar
2013-12-26 22:37 - 2013-12-26 22:36 - 10020768 _____ C:\Users\Gideon\Downloads\pcsx2-0.9.8-by-Garyteeh.rar
2013-12-26 15:15 - 2013-12-26 20:09 - 769892531 _____ C:\Users\Gideon\Desktop\Yu-Gi-Oh! GX - Tag Force Evolution (Europe) (En,Fr,De,Es,It).7z
2013-12-26 15:15 - 2013-12-26 14:01 - 769892531 _____ C:\Users\Gideon\Downloads\Yu-Gi-Oh! GX - Tag Force Evolution (Europe) (En,Fr,De,Es,It).7z
2013-12-26 14:03 - 2013-12-26 14:03 - 00000000 ____D C:\Program Files (x86)\PCSX2 0.9.8
2013-12-26 14:02 - 2013-12-26 14:00 - 12780479 _____ C:\Users\Gideon\Downloads\pcsx2-0.9.8-installer.exe
2013-12-26 13:20 - 2013-12-26 13:21 - 07365967 _____ C:\Users\Gideon\Desktop\Hawkpack-Alpha-1.5.zip
2013-12-26 13:20 - 2013-12-26 13:18 - 07365967 _____ C:\Users\Gideon\Downloads\Hawkpack-Alpha-1.5.zip
2013-12-26 13:15 - 2013-12-26 12:56 - 00000000 ____D C:\Users\Gideon\AppData\Local\cache
2013-12-26 13:03 - 2013-12-26 13:06 - 01799465 _____ C:\Users\Gideon\Desktop\McPatcher 1.5.2.exe
2013-12-26 13:03 - 2013-12-26 13:03 - 01799465 _____ C:\Users\Gideon\Downloads\McPatcher 1.5.2.exe
2013-12-26 12:53 - 2013-12-26 12:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-26 12:06 - 2013-08-02 16:58 - 00000000 ____D C:\ProgramData\McAfee
2013-12-26 12:05 - 2013-12-26 12:05 - 00002093 _____ C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2013-12-26 12:00 - 2013-08-02 16:58 - 00000000 ____D C:\Program Files\Common Files\mcafee
2013-12-26 11:57 - 2013-12-26 11:56 - 00000000 ____D C:\ProgramData\Package Cache
2013-12-26 11:56 - 2013-12-26 11:56 - 00000000 ____D C:\Program Files\ATI Technologies
2013-12-26 11:55 - 2013-12-26 11:55 - 00000000 ____D C:\AMD
2013-12-26 11:53 - 2013-12-26 11:47 - 52056328 _____ (Advanced Micro Devices, Inc.) C:\Users\Gideon\Downloads\13-12_win7_win8_32-64_sb.exe
2013-12-26 04:39 - 2013-12-26 00:59 - 00000000 ____D C:\Users\Gideon\Desktop\saves
2013-12-26 02:02 - 2012-07-26 09:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Programme
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-12-26 01:54 - 2013-12-26 01:54 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-12-26 01:54 - 2012-07-26 09:12 - 00000000 ____D C:\Program Files\Windows NT
2013-12-26 01:54 - 2012-07-26 06:37 - 00000000 __RHD C:\Users\Default
2013-12-26 01:30 - 2013-12-26 01:30 - 00374114 _____ C:\Users\Gideon\Downloads\OptiFine_1.5.2_HD_D3.zip
2013-12-26 01:02 - 2013-12-26 01:00 - 30694824 _____ (Oracle Corporation) C:\Users\Gideon\Downloads\jre-7u45-windows-x64.exe
2013-12-26 00:57 - 2013-12-26 00:56 - 00000000 ____D C:\Users\Gideon\Desktop\minecraft launcher
2013-12-26 00:52 - 2013-12-25 21:53 - 00000000 ____D C:\Users\Gideon\Desktop\Neuer Ordner
2013-12-26 00:50 - 2013-12-26 23:56 - 00377138 _____ C:\Users\Gideon\Desktop\OptiFine_1.5.2_HD_U_D5.zip
2013-12-26 00:50 - 2013-12-26 00:50 - 00377138 _____ C:\Users\Gideon\Downloads\OptiFine_1.5.2_HD_U_D5.zip
2013-12-26 00:29 - 2013-12-26 00:29 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2013-12-26 00:26 - 2013-12-25 21:52 - 00000082 _____ C:\Users\Gideon\Desktop\MOL_Properties.properties
2013-12-26 00:25 - 2013-12-26 00:25 - 53917463 _____ (TeamExtreme                                                 ) C:\Users\Gideon\Desktop\Minecraft 1.5.1.exe
2013-12-26 00:25 - 2013-12-26 00:19 - 53917463 _____ (TeamExtreme                                                 ) C:\Users\Gideon\Downloads\Minecraft 1.5.1.exe
2013-12-25 23:18 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-12-25 22:45 - 2013-12-25 22:24 - 197103376 _____ C:\Users\Gideon\Downloads\Gronkhs Minecraft Ordner 1.6.2.zip
2013-12-25 21:55 - 2013-12-25 21:52 - 00000000 ____D C:\Users\Gideon\minecraft
2013-12-25 21:46 - 2013-12-25 21:46 - 00000000 ____D C:\ProgramData\Oracle
2013-12-25 21:45 - 2013-12-25 21:45 - 00000000 ____D C:\ProgramData\Sun
2013-12-25 21:44 - 2013-12-25 21:45 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-12-25 21:44 - 2013-12-25 21:45 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-12-25 21:44 - 2013-12-25 21:45 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-12-25 21:44 - 2013-12-25 21:45 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-12-25 21:44 - 2013-12-25 21:44 - 00000000 ____D C:\Program Files (x86)\Java
2013-12-25 21:44 - 2012-07-26 09:12 - 00000000 ____D C:\Windows\system32\restore
2013-12-25 21:41 - 2013-12-25 21:41 - 00915368 _____ (Oracle Corporation) C:\Users\Gideon\Downloads\chromeinstall-7u45.exe
2013-12-25 21:37 - 2013-12-25 21:37 - 00018174 _____ C:\Users\Gideon\Downloads\[kickass.to]minecraft.1.7.2.cracked.full.installer.online.server.list.torrent
2013-12-25 21:28 - 2013-12-25 22:15 - 00473416 _____ C:\Users\Gideon\Desktop\.minecraft.jar
2013-12-25 21:28 - 2013-12-25 21:28 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\WinRAR
2013-12-25 21:28 - 2013-12-25 21:27 - 00473416 _____ C:\Users\Gideon\Desktop\MinecraftSMP cracked Launcher.jar
2013-12-25 21:02 - 2013-12-25 21:02 - 00000983 _____ C:\Users\Public\Desktop\WinRAR.lnk
2013-12-25 21:02 - 2013-12-25 21:02 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2013-12-25 21:02 - 2013-12-25 21:01 - 00000000 ____D C:\Program Files\WinRAR
2013-12-25 21:01 - 2013-12-25 21:00 - 02087616 _____ C:\Users\Gideon\Downloads\winrar-x64-501d.exe
2013-12-25 20:32 - 2013-12-25 20:26 - 00004092 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-25 20:32 - 2013-12-25 20:26 - 00003856 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-12-25 20:29 - 2013-12-25 20:29 - 00002251 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-12-25 20:29 - 2013-12-25 20:26 - 00000000 ____D C:\Users\Gideon\AppData\Local\Google
2013-12-25 20:29 - 2013-12-25 20:26 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-25 20:25 - 2013-12-25 20:25 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\ATI
2013-12-25 20:25 - 2013-12-25 20:25 - 00000000 ____D C:\Users\Gideon\AppData\Local\ATI
2013-12-25 20:25 - 2013-12-25 20:25 - 00000000 ____D C:\ProgramData\ATI
2013-12-25 20:14 - 2013-12-25 20:14 - 00819144 _____ (Google Inc.) C:\Users\Gideon\Downloads\chrome_installer_31.0.1650.63.exe
2013-12-25 20:08 - 2013-12-25 20:08 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-25 20:08 - 2013-12-25 20:08 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Macromedia
2013-12-25 20:08 - 2013-12-25 20:08 - 00000000 ____D C:\Users\Gideon\AppData\Roaming\Atheros
2013-12-25 20:08 - 2013-08-02 17:24 - 00000000 ___HD C:\OEM
2013-12-25 20:07 - 2013-12-25 20:07 - 00001442 _____ C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-25 20:07 - 2013-12-25 20:07 - 00000000 ____D C:\ProgramData\OEM_YAHOO
2013-12-25 20:07 - 2013-12-25 20:07 - 00000000 ____D C:\Program Files\Accessory Store
2013-12-25 20:07 - 2013-09-28 20:26 - 00003550 _____ C:\Windows\System32\Tasks\Norton Online Backup ARA
2013-12-25 20:06 - 2013-12-25 20:06 - 00000000 ____D C:\Users\Gideon\AppData\Local\VirtualStore
2013-12-25 20:06 - 2013-08-02 16:58 - 00000000 ____D C:\Program Files\mcafee
2013-12-25 20:06 - 2012-07-26 09:12 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-12-25 20:05 - 2013-12-25 20:05 - 00000020 ___SH C:\Users\Gideon\ntuser.ini
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Vorlagen
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Startmenü
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Netzwerkumgebung
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Lokale Einstellungen
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Eigene Dateien
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Druckumgebung
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Documents\Eigene Musik
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Documents\Eigene Bilder
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\AppData\Local\Verlauf
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\AppData\Local\Anwendungsdaten
2013-12-25 20:05 - 2013-12-25 20:05 - 00000000 _SHDL C:\Users\Gideon\Anwendungsdaten
2013-12-18 14:54 - 2014-01-03 16:34 - 00000756 _____ C:\Users\Gideon\Desktop\Englisch Magazin.txt

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-07 13:31

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 10.01.2014, 10:43

Daten kannste löschen, keine Chance zu decrypten.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Keckrem · 10.01.2014, 14:21

Hallo schrauber,
McAfee hat beim Download einen Trojaner erkannt, ich nehme aber an dass dies normal ist?
Dachte mir ich könne ihn nach dem Download deaktivieren, aber offenbar nicht.

Warum gibt es eigentlich keine Chance die Daten zu decrypten? Und ist mein System stark verseucht?

Sorry für die vielen Fragen, Logfile kommt später.

LG
Keckrem

Keckrem · 10.01.2014, 21:05

Hallo,
ich bin's wieder, mit Logfile und einigen Neuigkeiten.

Also. Erstens ist mir aufgefallen, dass keine Dateien verschlüsselt waren, die verdächtigten Dateien heißen nämlich von Haus aus session.lock.
Außerdem wurde nach Combofix ein Bluescreen angezeigt. Normal? Auch das mit der Virusmeldung. Normal?

Logfile war zu groß und ist als .zip angehangen. Und zur deutlichen Untermalung heißt es .zip.zip

Nunja, eine Frage hab ich. Ist mein System stark verseucht?

Schönes Wochenende,

Keckrem

schrauber · 11.01.2014, 13:34

Definier mal schlimm. Ich hab schon schlimmere gesehen

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Keckrem · 15.01.2014, 09:06

Hallo und sorry dass einige Tage keine Antwort kam. Habe etwas privaten Stress. Das ist auch der Grund, warum ich das vorerst abbreche und - falls es noch mal Probleme gibt - den PC wahrscheinlich plattmachen werden.

Sollte ich erneut Hilfe benötigen werde ich Bescheid sagen, Empfehlung im Bekanntenkreis ist sicher.
Vielen Dank für die tatkräftige Unterstützung, Schrauber.

LG,
Keckrem

schrauber · 16.01.2014, 08:23

ok

16.01.2014, 08:23	#9
schrauber /// the machine /// TB-Ausbilder	Cryptolocker Virus mit Systemwiederherstellung gelöscht. ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Cryptolocker Virus mit Systemwiederherstellung gelöscht.

Log-Analyse und Auswertung: Cryptolocker Virus mit Systemwiederherstellung gelöscht.