Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: FileZilla Stealer?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.11.2014, 21:58   #1
PhesmanLP
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Hallo,

ich kann mich seit heute nicht mehr in meinen Root Server einloggen.
Ich bin mir zu 90% sicher das es ein Stealer ist.
Es kommt immer folgende Fehlermeldung:

Ich hatte dies schonmal, und bin mir ziemlich sicher das (wie bei dem anderen male) danach 3 BitCoin Miner auf meinen Computer im' AppData Ordner "geladen" werden.


Malwarebytes Premium Scan (gekauft):
** kommt gleich **


#########################################

FRST.txt:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-11-2014 01
Ran by Familie Kemnitz (administrator) on KEMNITZPC on 10-11-2014 21:53:38
Running from C:\Users\Familie Kemnitz\Desktop
Loaded Profiles: Familie Kemnitz &  (Available profiles: Familie Kemnitz & Matthina)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Skillbrains) C:\Users\Familie Kemnitz\AppData\Local\Skillbrains\lightshot\5.1.4.17\Lightshot.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-11-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-07-30] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [440632 2014-08-29] (Malwarebytes Corporation)
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22056544 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000\...\Run: [LightShot] => C:\Users\Familie Kemnitz\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-06-18] ()
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784904 2014-10-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000\...\MountPoints2: {a675e0d7-4806-11e4-b091-806e6f6e6963} - E:\klettbrowser\start.exe
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22056544 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightShot] => C:\Users\Familie Kemnitz\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-06-18] ()
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784904 2014-10-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {a675e0d7-4806-11e4-b091-806e6f6e6963} - E:\klettbrowser\start.exe
HKU\S-1-5-21-3383184443-1007438557-2850217814-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3383184443-1007438557-2850217814-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Familie Kemnitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Developers)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
GroupPolicyUsers\S-1-5-21-3383184443-1007438557-2850217814-1002\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: 66.57.108.60:17364
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x01C3315161EDCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Familie Kemnitz\AppData\Roaming\Mozilla\Firefox\Profiles\7jf5pxog.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: RAMBack - C:\Users\Familie Kemnitz\AppData\Roaming\Mozilla\Firefox\Profiles\7jf5pxog.default\Extensions\ramback@pavlov.net.xpi [2014-09-30]
FF Extension: Tamper Data - C:\Users\Familie Kemnitz\AppData\Roaming\Mozilla\Firefox\Profiles\7jf5pxog.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2014-10-12]

Chrome: 
=======
CHR Profile: C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-19]
CHR Extension: (Google Docs) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-19]
CHR Extension: (Google Drive) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-19]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-11-01]
CHR Extension: (YouTube) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-19]
CHR Extension: (Google-Suche) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-19]
CHR Extension: (Google Tabellen) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-19]
CHR Extension: (Hola Besseres Internet) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-10-31]
CHR Extension: (Google Wallet) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-19]
CHR Extension: (Google Mail) - C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-11-14] (Advanced Micro Devices, Inc.) [File not signed]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-03] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [441144 2014-08-29] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-09-29] (The OpenVPN Project)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-07] (BlueStack Systems)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63000 2014-08-30] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-11] (ManyCam LLC)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-10-01] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 21:53 - 2014-11-10 21:54 - 00017157 _____ () C:\Users\Familie Kemnitz\Desktop\FRST.txt
2014-11-10 21:53 - 2014-11-10 21:53 - 00000000 ____D () C:\FRST
2014-11-10 21:53 - 2014-11-10 21:52 - 02116096 _____ (Farbar) C:\Users\Familie Kemnitz\Desktop\FRST64.exe
2014-11-10 21:52 - 2014-11-10 21:52 - 02116096 _____ (Farbar) C:\Users\Familie Kemnitz\Downloads\FRST64.exe
2014-11-10 21:51 - 2014-11-10 21:51 - 04163057 _____ () C:\Users\Familie Kemnitz\Downloads\tdsskiller.zip
2014-11-10 21:50 - 2014-11-10 21:50 - 01107968 _____ (Farbar) C:\Users\Familie Kemnitz\Downloads\FRST.exe
2014-11-10 21:14 - 2014-11-10 21:31 - 00000000 ____D () C:\Users\Familie Kemnitz\Documents\ShareX
2014-11-10 21:14 - 2014-11-10 21:14 - 00000744 _____ () C:\Users\Familie Kemnitz\Desktop\ShareX.lnk
2014-11-10 21:14 - 2014-11-10 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShareX
2014-11-10 21:14 - 2014-11-10 21:14 - 00000000 ____D () C:\Program Files\ShareX
2014-11-10 21:13 - 2014-11-10 21:13 - 02967742 _____ (ShareX Developers ) C:\Users\Familie Kemnitz\Downloads\ShareX-9.4.0-setup.exe
2014-11-10 21:00 - 2014-11-10 21:00 - 05620487 _____ () C:\Users\Familie Kemnitz\Desktop\Resilience Source.zip
2014-11-10 20:59 - 2014-11-10 20:59 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\FLARESource
2014-11-09 21:24 - 2014-11-09 21:24 - 00003098 _____ () C:\Users\Familie Kemnitz\Desktop\emailbomber.php
2014-11-09 20:45 - 2014-11-09 20:45 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-11-09 20:45 - 2014-11-09 20:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-11-09 20:44 - 2014-11-10 20:38 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-11-09 20:44 - 2014-11-09 20:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-11-09 20:43 - 2014-11-09 20:44 - 02737592 _____ (Malwarebytes ) C:\Users\Familie Kemnitz\Downloads\mbae-setup-1.04.1.1012.exe
2014-11-09 20:41 - 2014-02-18 00:52 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\bracket
2014-11-09 20:12 - 2014-11-09 20:12 - 00001073 _____ () C:\Users\Public\Desktop\herdProtect.lnk
2014-11-09 20:12 - 2014-11-09 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\herdProtect
2014-11-09 20:12 - 2014-11-09 20:12 - 00000000 ____D () C:\Program Files\Reason
2014-11-09 20:11 - 2014-11-09 20:11 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\Neon_Cube
2014-11-09 20:10 - 2014-11-09 20:10 - 02210096 _____ (Reason Company Software Inc.) C:\Users\Familie Kemnitz\Downloads\herdProtectScan_32Setup.exe
2014-11-09 19:53 - 2014-11-09 19:53 - 09530880 _____ () C:\Users\Familie Kemnitz\Downloads\Neon Cube.exe
2014-11-09 18:44 - 2014-11-09 18:44 - 00021482 _____ () C:\Users\Familie Kemnitz\Downloads\skAssassination.sk
2014-11-09 18:37 - 2014-11-09 18:37 - 02520828 _____ () C:\Users\Familie Kemnitz\Downloads\MD_Messenger_Setup.rar
2014-11-09 18:36 - 2014-11-09 18:36 - 00000000 ____D () C:\Users\Familie Kemnitz\Documents\Visual Studio 2013
2014-11-09 18:32 - 2014-11-09 18:32 - 00197632 _____ () C:\Users\Familie Kemnitz\Downloads\ScreenshoX.exe
2014-11-09 18:32 - 2014-11-09 18:32 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\ScreenshoX
2014-11-09 18:14 - 2014-11-09 18:14 - 01343053 _____ () C:\Users\Familie Kemnitz\Downloads\Get.jar
2014-11-09 18:12 - 2014-11-09 18:12 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\luc4chat
2014-11-09 18:11 - 2014-11-09 18:11 - 00288768 _____ () C:\Users\Familie Kemnitz\Desktop\Luc4Chat v1.3.exe
2014-11-09 18:11 - 2014-11-09 18:11 - 00060394 _____ () C:\Users\Familie Kemnitz\Downloads\Installer.jar
2014-11-03 10:47 - 2014-11-09 19:50 - 00000528 _____ () C:\Users\Familie Kemnitz\Desktop\funny.php
2014-11-02 22:31 - 2014-11-02 22:33 - 31701025 _____ () C:\Users\Familie Kemnitz\Downloads\KitLow.zip
2014-11-02 20:22 - 2014-11-10 20:38 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-02 20:22 - 2014-11-02 20:22 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-02 20:22 - 2014-11-02 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-02 20:22 - 2014-11-02 20:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-02 20:22 - 2014-11-02 20:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-02 20:22 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-02 20:22 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-02 20:22 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-02 20:19 - 2014-11-02 20:21 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Familie Kemnitz\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-02 20:09 - 2014-11-02 20:10 - 01935673 _____ () C:\Users\Familie Kemnitz\Downloads\AllArkhamPlugins-master.zip
2014-11-01 08:04 - 2014-11-01 08:04 - 00095974 _____ () C:\Users\Familie Kemnitz\Desktop\proxy list (unchecked).txt
2014-11-01 07:52 - 2014-11-01 07:52 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ProxyChecker
2014-11-01 07:52 - 2014-11-01 07:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProxyChecker
2014-11-01 07:52 - 2014-11-01 07:52 - 00000000 ____D () C:\Program Files (x86)\mSoft
2014-11-01 07:50 - 2014-11-01 07:51 - 01005413 _____ () C:\Users\Familie Kemnitz\Downloads\ProxyChecker-1.0.0.28.exe
2014-10-31 23:01 - 2014-11-01 08:55 - 00010640 _____ () C:\Users\Familie Kemnitz\Downloads\Clans (1).sk
2014-10-31 23:01 - 2014-10-31 23:01 - 00337004 _____ () C:\Users\Familie Kemnitz\Downloads\Vault-1.4.1 (2).jar
2014-10-31 22:52 - 2014-10-31 22:52 - 00166222 _____ () C:\Users\Familie Kemnitz\Downloads\iConomy.jar
2014-10-31 22:38 - 2014-10-31 22:38 - 00053657 _____ () C:\Users\Familie Kemnitz\Downloads\FakePlayersOnline.jar
2014-10-31 22:23 - 2014-10-31 22:23 - 00023694 _____ () C:\Users\Familie Kemnitz\Downloads\ShopSearch_v1.4.1.sk
2014-10-31 21:39 - 2014-10-31 21:39 - 00011169 _____ () C:\Users\Familie Kemnitz\Downloads\UltimateRanking.sk
2014-10-31 21:37 - 2014-10-31 21:37 - 00002584 _____ () C:\Users\Familie Kemnitz\Downloads\Ranks.sk
2014-10-31 15:47 - 2014-10-31 15:47 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-31 15:47 - 2014-10-31 15:47 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-31 15:44 - 2014-10-31 15:45 - 16183084 _____ () C:\Users\Familie Kemnitz\Downloads\RogueKiller10.0.4.0.zip
2014-10-31 15:07 - 2014-10-31 15:07 - 00029696 _____ (Pavel Bansky) C:\Users\Familie Kemnitz\Downloads\echotool.exe
2014-10-31 13:05 - 2014-10-31 18:44 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\TeamViewer
2014-10-31 13:04 - 2014-10-31 13:04 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-10-31 13:04 - 2014-10-31 13:04 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-10-31 13:04 - 2014-10-31 13:04 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-10-31 13:04 - 2013-10-17 16:32 - 00035112 _____ (TeamViewer GmbH) C:\Windows\system32\Drivers\teamviewervpn.sys
2014-10-31 13:02 - 2014-10-31 13:03 - 06626832 _____ (TeamViewer GmbH) C:\Users\Familie Kemnitz\Downloads\TeamViewer_Setup_de.exe
2014-10-31 10:59 - 2014-10-31 10:59 - 00016413 _____ () C:\Users\Familie Kemnitz\Downloads\Clans.sk
2014-10-31 10:58 - 2014-10-31 10:58 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\Reallife Server Scripts
2014-10-31 10:47 - 2012-02-11 07:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2014-10-31 10:47 - 2012-02-11 07:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2014-10-31 10:47 - 2011-02-25 07:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-10-31 10:47 - 2011-02-25 06:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-10-31 10:45 - 2014-10-31 10:45 - 00002295 _____ () C:\Users\Familie Kemnitz\Downloads\Warn-System.sk
2014-10-31 09:55 - 2014-10-31 09:55 - 00050930 _____ () C:\Users\Familie Kemnitz\Downloads\KillaPvP Skinpack.rar
2014-10-31 09:36 - 2014-10-31 09:36 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\ExtremePvP 2.0
2014-10-31 09:35 - 2014-10-31 09:35 - 00035828 _____ () C:\Users\Familie Kemnitz\Downloads\ExtremePvP 2.0.zip
2014-10-31 09:26 - 2014-10-31 09:26 - 00000000 ____D () C:\temp
2014-10-31 09:25 - 2014-10-31 09:26 - 00011232 _____ () C:\Users\Familie Kemnitz\Downloads\FreeGG Bot.zip
2014-10-31 09:20 - 2014-10-31 09:20 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\VPNium
2014-10-31 09:15 - 2014-10-31 12:47 - 00000000 ____D () C:\Program Files (x86)\VPNium
2014-10-31 09:15 - 2014-10-31 09:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPNium
2014-10-31 09:15 - 2014-10-31 09:15 - 00000983 _____ () C:\Users\Matthina\Desktop\VPNium.lnk
2014-10-31 09:15 - 2014-10-31 09:15 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VPNium
2014-10-31 09:14 - 2014-10-31 09:15 - 07127541 _____ () C:\Users\Familie Kemnitz\Downloads\VPNium_setup.exe
2014-10-31 08:01 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-31 08:01 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-31 08:01 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-31 08:01 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-31 07:56 - 2014-10-31 07:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-31 07:52 - 2014-10-31 07:53 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-10-31 07:52 - 2014-10-31 07:53 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-10-30 22:39 - 2014-10-30 22:39 - 01025024 _____ (Scendix Software-Vertriebsges. mbH) C:\Users\Familie Kemnitz\Downloads\MoodEditor.exe
2014-10-30 22:31 - 2014-10-30 22:31 - 00260754 _____ () C:\Users\Familie Kemnitz\Downloads\HolographicDisplays.jar
2014-10-30 21:51 - 2014-10-30 21:51 - 00023539 _____ () C:\Users\Familie Kemnitz\Downloads\r57.rar
2014-10-30 21:50 - 2014-10-30 21:50 - 00038939 _____ () C:\Users\Familie Kemnitz\Downloads\c99.rar
2014-10-30 21:42 - 2014-10-30 21:42 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\ILSPY
2014-10-30 21:42 - 2014-10-30 21:42 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\ICSharpCode
2014-10-30 21:40 - 2014-10-30 21:41 - 01970845 _____ () C:\Users\Familie Kemnitz\Downloads\ILSpy_2.2.0.1706_Binaries.zip
2014-10-30 16:36 - 2014-10-30 16:36 - 00013998 _____ () C:\Users\Familie Kemnitz\Downloads\WhitelistMessage.jar
2014-10-30 16:33 - 2014-02-04 03:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-10-30 16:33 - 2014-02-04 03:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-10-30 16:33 - 2014-02-04 03:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-10-30 16:33 - 2014-02-04 03:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-10-30 16:33 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-10-30 16:33 - 2012-07-06 21:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-10-30 16:28 - 2012-07-26 04:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-10-30 16:28 - 2012-07-26 04:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-10-30 16:28 - 2012-07-26 04:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-10-30 16:28 - 2012-07-26 04:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-10-30 16:28 - 2012-07-26 04:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-10-30 16:28 - 2012-07-26 03:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-10-30 16:28 - 2012-07-26 03:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-10-30 16:28 - 2012-06-02 15:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-10-29 21:23 - 2014-10-29 21:23 - 00015899 _____ () C:\Users\Familie Kemnitz\Downloads\CName.jar
2014-10-29 21:22 - 2014-10-29 21:22 - 00005439 _____ () C:\Users\Familie Kemnitz\Downloads\RainbowTrail.jar
2014-10-29 21:21 - 2014-10-29 21:21 - 00032736 _____ () C:\Users\Familie Kemnitz\Downloads\RainbowArmour.jar
2014-10-29 21:20 - 2014-10-29 21:20 - 00002830 _____ () C:\Users\Familie Kemnitz\Downloads\FireworksOnJoin (v3.1).jar
2014-10-29 21:13 - 2014-10-29 21:13 - 00015657 _____ () C:\Users\Familie Kemnitz\Downloads\LaunchPad-1.0.jar
2014-10-29 21:13 - 2014-10-29 21:13 - 00004277 _____ () C:\Users\Familie Kemnitz\Downloads\JoinEffect.jar
2014-10-29 21:10 - 2014-10-29 21:10 - 00002920 _____ () C:\Users\Familie Kemnitz\Downloads\FakePumpkinHelmet.jar
2014-10-29 20:58 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-10-29 20:58 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-10-29 20:58 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-10-29 20:58 - 2013-03-19 06:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-10-29 20:58 - 2012-10-09 19:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-10-29 20:58 - 2012-10-09 19:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-10-29 20:58 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-10-29 20:58 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-10-29 20:58 - 2012-01-04 11:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2014-10-29 20:58 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2014-10-29 20:58 - 2011-06-16 06:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-10-29 20:58 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-10-29 20:58 - 2011-05-04 06:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2014-10-29 20:58 - 2011-05-04 06:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2014-10-29 20:57 - 2014-08-01 12:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-10-29 20:57 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-10-29 20:57 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-29 20:57 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-29 20:57 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-29 20:57 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-29 20:57 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-29 20:57 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-29 20:57 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-29 20:57 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-29 20:57 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-29 20:57 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-29 20:57 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-29 20:57 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-29 20:57 - 2011-12-30 07:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2014-10-29 20:57 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2014-10-29 20:57 - 2011-05-04 06:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2014-10-29 20:57 - 2011-05-04 06:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2014-10-29 20:57 - 2011-05-04 06:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2014-10-29 20:57 - 2011-05-04 06:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2014-10-29 20:57 - 2011-05-04 06:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2014-10-29 20:57 - 2011-05-04 06:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2014-10-29 20:57 - 2011-05-04 06:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2014-10-29 20:57 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2014-10-29 20:57 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2014-10-29 20:57 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2014-10-29 20:57 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2014-10-29 20:57 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2014-10-29 20:57 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2014-10-29 20:57 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2014-10-29 20:57 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2014-10-29 20:57 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2014-10-29 20:56 - 2013-08-05 03:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-10-29 20:55 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-10-29 20:55 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-10-29 20:55 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-10-29 20:55 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-10-29 20:55 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-10-29 20:55 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-10-29 20:55 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-10-29 20:55 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-10-29 20:55 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-10-29 20:55 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-10-29 20:55 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-10-29 20:55 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-10-29 20:55 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-10-29 20:55 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-10-29 20:55 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-10-29 20:55 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-10-29 20:55 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-10-29 20:55 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-10-29 20:55 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-10-29 20:55 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-10-29 20:55 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-10-29 20:55 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-10-29 20:54 - 2014-09-25 03:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-29 20:54 - 2014-09-25 02:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-10-29 20:54 - 2013-09-08 03:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-10-29 20:54 - 2013-09-08 03:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-10-29 20:54 - 2013-07-04 13:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-10-29 20:54 - 2013-07-04 13:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-10-29 20:54 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-10-29 20:54 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-10-29 20:54 - 2013-07-04 11:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-10-29 20:54 - 2012-12-07 14:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-10-29 20:54 - 2012-12-07 14:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2014-10-29 20:54 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-10-29 20:54 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2014-10-29 20:54 - 2012-12-07 12:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2014-10-29 20:54 - 2012-12-07 12:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2014-10-29 20:54 - 2012-12-07 12:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2014-10-29 20:54 - 2012-12-07 12:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2014-10-29 20:54 - 2012-12-07 12:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2014-10-29 20:54 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2014-10-29 20:54 - 2012-12-07 12:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2014-10-29 20:54 - 2012-12-07 12:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2014-10-29 20:54 - 2012-12-07 12:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2014-10-29 20:54 - 2012-12-07 12:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2014-10-29 20:54 - 2012-12-07 12:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2014-10-29 20:54 - 2012-12-07 12:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2014-10-29 20:54 - 2012-12-07 12:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2014-10-29 20:54 - 2012-12-07 12:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2014-10-29 20:54 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2014-10-29 20:54 - 2012-10-03 18:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2014-10-29 20:54 - 2012-10-03 18:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2014-10-29 20:54 - 2012-10-03 18:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2014-10-29 20:54 - 2012-10-03 18:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2014-10-29 20:54 - 2012-10-03 18:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2014-10-29 20:54 - 2012-10-03 18:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-10-29 20:54 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2014-10-29 20:54 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2014-10-29 20:54 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2014-10-29 20:54 - 2012-10-03 17:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2014-10-29 20:54 - 2012-08-22 19:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-10-29 20:54 - 2012-08-21 22:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2014-10-29 20:54 - 2012-07-04 21:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2014-10-29 20:54 - 2012-05-01 06:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-10-29 20:54 - 2012-01-13 08:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2014-10-29 20:53 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-29 20:53 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-29 20:52 - 2014-10-29 20:52 - 00004231 _____ () C:\Users\Familie Kemnitz\Downloads\MineplexPumpkins.jar
2014-10-29 20:46 - 2014-10-29 20:46 - 00048243 _____ () C:\Users\Familie Kemnitz\Downloads\animations.zip
2014-10-29 20:41 - 2014-10-29 21:26 - 00000003 _____ () C:\Users\Familie Kemnitz\Downloads\locations.yml
2014-10-29 20:41 - 2014-10-29 20:42 - 00005256 _____ () C:\Users\Familie Kemnitz\Downloads\proxy.log.0
2014-10-29 20:41 - 2014-10-29 20:41 - 00000865 _____ () C:\Users\Familie Kemnitz\Downloads\config.yml
2014-10-29 20:41 - 2014-10-29 20:41 - 00000155 _____ () C:\Users\Familie Kemnitz\Downloads\modules.yml
2014-10-29 20:41 - 2014-10-29 20:41 - 00000000 ____D () C:\Users\Familie Kemnitz\Downloads\plugins
2014-10-29 20:41 - 2014-10-29 20:41 - 00000000 ____D () C:\Users\Familie Kemnitz\Downloads\modules
2014-10-29 20:41 - 2014-10-29 20:41 - 00000000 _____ () C:\Users\Familie Kemnitz\Downloads\proxy.log.0.lck
2014-10-29 20:32 - 2014-09-09 23:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-10-29 20:32 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-10-29 20:31 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-10-29 20:31 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-10-29 20:31 - 2013-05-10 06:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-10-29 20:31 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-10-29 20:31 - 2011-03-11 07:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2014-10-29 20:31 - 2011-03-11 07:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2014-10-29 20:31 - 2011-03-11 07:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2014-10-29 20:31 - 2011-03-11 07:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2014-10-29 20:31 - 2011-03-11 07:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2014-10-29 20:31 - 2011-03-11 07:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2014-10-29 20:31 - 2011-03-11 07:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2014-10-29 20:31 - 2011-03-11 06:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2014-10-29 20:31 - 2011-03-11 06:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2014-10-29 20:31 - 2011-03-11 05:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-10-29 20:30 - 2014-01-24 03:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-10-29 20:30 - 2013-08-28 02:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-10-29 20:30 - 2013-01-24 07:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-10-29 20:30 - 2012-05-05 09:36 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-29 20:30 - 2012-05-05 08:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-29 20:30 - 2011-02-18 11:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2014-10-29 20:30 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2014-10-29 14:33 - 2014-10-29 14:33 - 00027315 _____ () C:\Users\Familie Kemnitz\Downloads\BungeePortals.jar
2014-10-29 13:12 - 2014-10-29 13:13 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\www
2014-10-29 13:06 - 2014-10-29 13:06 - 00015435 _____ () C:\Users\Familie Kemnitz\Downloads\MyServer.jar
2014-10-29 12:58 - 2014-10-29 12:58 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\Neuer Ordner (2)
2014-10-29 12:53 - 2014-10-29 12:53 - 00486005 _____ () C:\Users\Familie Kemnitz\Downloads\PermissionsEx.jar
2014-10-29 12:46 - 2014-10-29 12:46 - 00014804 _____ () C:\Users\Familie Kemnitz\Downloads\pvp_lobby7055.schematic
2014-10-29 12:44 - 2014-10-29 12:44 - 01643924 _____ () C:\Users\Familie Kemnitz\Downloads\Multiverse-Core-2.5.jar
2014-10-29 12:23 - 2014-10-29 12:23 - 00012516 _____ () C:\Users\Familie Kemnitz\Downloads\Fountain.jar
2014-10-29 11:50 - 2014-10-29 11:50 - 00024904 _____ () C:\Users\Familie Kemnitz\Downloads\Surf_1.1ALPHA_HOTFIX1.jar
2014-10-29 11:49 - 2014-10-29 11:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2014-10-29 11:49 - 2014-10-29 11:49 - 00000000 ____D () C:\Windows\de
2014-10-29 11:48 - 2014-10-29 11:48 - 00001374 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-10-29 11:48 - 2014-10-29 11:48 - 00001305 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-10-29 11:47 - 2014-10-29 11:47 - 00000000 ____D () C:\Windows\PCHEALTH
2014-10-29 11:45 - 2014-10-29 11:48 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-10-29 11:44 - 2014-10-29 11:49 - 49762604 _____ () C:\Users\Familie Kemnitz\Downloads\BungeeCord BukkitDE.rar
2014-10-29 11:44 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2014-10-29 11:44 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-10-29 11:44 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-10-29 11:44 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2014-10-29 11:44 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-10-29 11:44 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2014-10-29 11:44 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-10-29 11:44 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-10-29 11:42 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-10-29 11:42 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-10-29 11:41 - 2014-10-29 11:41 - 00000199 _____ () C:\Windows\DirectX.log
2014-10-29 11:41 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2014-10-29 11:41 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2014-10-29 11:38 - 2014-10-31 15:26 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\Windows Live
2014-10-29 11:38 - 2014-10-29 11:38 - 01245384 _____ (Microsoft Corporation) C:\Users\Familie Kemnitz\Downloads\wlsetup-web.exe
2014-10-29 11:28 - 2014-10-29 11:30 - 00000000 ____D () C:\Fraps
2014-10-29 11:28 - 2014-10-29 11:28 - 00000562 _____ () C:\Users\Public\Desktop\Fraps.lnk
2014-10-29 11:28 - 2014-10-29 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-10-29 11:27 - 2014-10-29 11:27 - 02782320 _____ (Beepa Pty Ltd) C:\Users\Familie Kemnitz\Downloads\Fraps_v3.5.9.9.exe
2014-10-29 09:37 - 2014-10-29 09:37 - 00007156 _____ () C:\Users\Familie Kemnitz\Downloads\PumpkinStep.jar
2014-10-29 09:31 - 2014-10-29 09:31 - 00101231 _____ () C:\Users\Familie Kemnitz\Downloads\Ragemode.jar
2014-10-29 09:23 - 2014-10-29 09:23 - 00076118 _____ () C:\Users\Familie Kemnitz\Downloads\GunGame.jar
2014-10-29 09:13 - 2014-10-29 09:13 - 00001925 _____ () C:\Users\Familie Kemnitz\Downloads\LobbyTools.sk
2014-10-29 08:42 - 2014-10-29 08:44 - 00005222 _____ () C:\Users\Familie Kemnitz\Downloads\Tokenshop.sk
2014-10-29 08:42 - 2014-10-29 08:42 - 00008182 _____ () C:\Users\Familie Kemnitz\Downloads\Backpacks.sk
2014-10-28 21:50 - 2014-10-28 21:51 - 00002121 _____ () C:\Users\Familie Kemnitz\Downloads\customKS.sk
2014-10-28 21:37 - 2014-10-28 21:40 - 00001212 _____ () C:\Users\Familie Kemnitz\Desktop\AntiJoinBot.sk
2014-10-28 21:36 - 2014-10-28 21:36 - 00004303 _____ () C:\Users\Familie Kemnitz\Downloads\bountyhunter.sk.txt
2014-10-28 21:34 - 2014-10-28 21:34 - 00003246 _____ () C:\Users\Familie Kemnitz\Downloads\Cristmas.sk
2014-10-28 20:52 - 2014-10-28 20:52 - 00222888 _____ () C:\Users\Familie Kemnitz\Downloads\WeCorrect.jar
2014-10-28 20:52 - 2014-10-28 20:52 - 00003420 _____ () C:\Users\Familie Kemnitz\Downloads\RealSex.jar
2014-10-28 20:51 - 2014-10-28 20:51 - 00017772 _____ () C:\Users\Familie Kemnitz\Downloads\SupportX_3.0.0.jar
2014-10-28 20:47 - 2014-10-28 20:47 - 00016985 _____ () C:\Users\Familie Kemnitz\Downloads\Maintenance-Bukkit.jar
2014-10-28 20:43 - 2014-10-28 20:46 - 00000836 _____ () C:\Users\Familie Kemnitz\Downloads\messages.yml
2014-10-28 20:43 - 2014-10-28 20:43 - 05215626 _____ () C:\Users\Familie Kemnitz\Downloads\AutoYouTuber.jar
2014-10-26 20:23 - 2014-10-26 20:23 - 00002564 _____ () C:\Users\Familie Kemnitz\Downloads\Cars.sk
2014-10-26 20:21 - 2014-10-26 20:21 - 00001879 _____ () C:\Users\Familie Kemnitz\Downloads\MFG_SpinningSigns.sk
2014-10-26 20:18 - 2014-10-26 20:19 - 00007596 _____ () C:\Users\Familie Kemnitz\Downloads\jukebox.sk
2014-10-26 20:17 - 2014-10-26 20:17 - 00004924 _____ () C:\Users\Familie Kemnitz\Downloads\LobbyChat.sk
2014-10-26 20:10 - 2014-10-26 20:13 - 00003371 _____ () C:\Users\Familie Kemnitz\Downloads\BanManager.sk
2014-10-26 20:10 - 2014-10-26 20:10 - 00008408 _____ () C:\Users\Familie Kemnitz\Downloads\Mojang-Service-Status-V2.2.sk
2014-10-26 20:09 - 2014-10-26 20:09 - 00004029 _____ () C:\Users\Familie Kemnitz\Downloads\Player_Stats.sk
2014-10-26 20:06 - 2014-10-26 20:08 - 00002853 _____ () C:\Users\Familie Kemnitz\Downloads\Playtime.sk
2014-10-26 20:00 - 2014-10-26 20:03 - 00018489 _____ () C:\Users\Familie Kemnitz\Downloads\c.channels_1.2.1.sk
2014-10-26 19:57 - 2014-10-26 19:58 - 00011823 _____ () C:\Users\Familie Kemnitz\Downloads\Safe_Trade.sk
2014-10-26 19:55 - 2014-10-26 19:55 - 00002233 _____ () C:\Users\Familie Kemnitz\Downloads\SkUtilities.sk
2014-10-26 19:54 - 2014-10-26 19:54 - 00002043 _____ () C:\Users\Familie Kemnitz\Downloads\warning.sk
2014-10-26 19:18 - 2014-10-26 19:52 - 00001054 _____ () C:\Users\Familie Kemnitz\Downloads\servermute.sk
2014-10-26 19:18 - 2014-10-26 19:49 - 00001210 _____ () C:\Users\Familie Kemnitz\Downloads\muted.sk
2014-10-26 19:18 - 2014-10-26 19:22 - 00007538 _____ () C:\Users\Familie Kemnitz\Downloads\clearchat.sk
2014-10-26 19:11 - 2014-10-26 19:15 - 00003546 _____ () C:\Users\Familie Kemnitz\Downloads\announcer.sk
2014-10-26 19:04 - 2014-10-26 19:04 - 00006850 _____ () C:\Users\Familie Kemnitz\Downloads\iEco.sk
2014-10-26 19:01 - 2014-10-26 19:01 - 00069513 _____ () C:\Users\Familie Kemnitz\Downloads\PlugMan.jar
2014-10-26 15:08 - 2014-10-26 15:08 - 00065738 _____ () C:\Users\Familie Kemnitz\Downloads\Vulcan Minecraft Checker_mpgh.net.zip
2014-10-26 15:07 - 2014-10-26 15:07 - 00177774 _____ () C:\Users\Familie Kemnitz\Downloads\acc2.txt
2014-10-26 14:50 - 2014-10-26 14:50 - 00002187 _____ () C:\Users\Familie Kemnitz\Downloads\Leiche.jar
2014-10-26 14:48 - 2014-10-26 14:48 - 00010365 _____ () C:\Users\Familie Kemnitz\Downloads\zClans_en_.jar
2014-10-26 14:47 - 2014-10-26 14:47 - 00005144 _____ () C:\Users\Familie Kemnitz\Downloads\SAlert.jar
2014-10-26 12:31 - 2014-10-26 12:31 - 00002963 _____ () C:\Users\Familie Kemnitz\Downloads\PMSystem.jar
2014-10-26 12:30 - 2014-10-26 12:30 - 00008626 _____ () C:\Users\Familie Kemnitz\Downloads\NoSpawnChunks.jar
2014-10-26 12:22 - 2013-12-22 21:13 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\banmanagement
2014-10-26 12:16 - 2014-10-26 12:17 - 00473291 _____ () C:\Users\Familie Kemnitz\Downloads\BanManager.zip
2014-10-26 12:10 - 2014-10-26 12:10 - 02787174 _____ () C:\Users\Familie Kemnitz\Downloads\map.rar
2014-10-26 11:50 - 2014-10-26 11:50 - 00070290 _____ () C:\Users\Familie Kemnitz\Downloads\World Downloader [1.7.2] 20140118.zip
2014-10-25 18:51 - 2014-10-22 20:23 - 00001932 _____ () C:\Users\Familie Kemnitz\Desktop\Alts (2).txt
2014-10-25 18:51 - 2014-10-22 19:53 - 02391038 _____ () C:\Users\Familie Kemnitz\Desktop\ApocalypseBot.jar
2014-10-24 21:32 - 2014-10-24 21:33 - 00004156 _____ () C:\Users\Familie Kemnitz\Downloads\104_working_shells.txt
2014-10-24 21:17 - 2014-11-02 20:00 - 00000084 _____ () C:\Users\Familie Kemnitz\Downloads\9E1F0000.log
2014-10-24 21:11 - 2014-10-24 21:11 - 00399872 _____ (LuckyGamer) C:\Users\Familie Kemnitz\Downloads\iCheck.exe
2014-10-24 21:00 - 2014-10-24 21:00 - 06126536 _____ (Tim Kosse) C:\Users\Familie Kemnitz\Downloads\FileZilla_3.9.0.6_win32-setup.exe
2014-10-23 18:00 - 2014-10-23 18:00 - 00002504 _____ () C:\Users\Familie Kemnitz\Downloads\Relax (1).jar
2014-10-23 17:33 - 2014-10-23 17:33 - 00005830 _____ () C:\Users\Familie Kemnitz\Downloads\NoCheatPlus_mpgh.net.rar
2014-10-22 19:57 - 2014-10-22 19:57 - 00000000 ___RD () C:\Sandbox
2014-10-22 19:56 - 2014-11-09 17:31 - 00002432 _____ () C:\Windows\Sandboxie.ini
2014-10-22 19:56 - 2014-10-22 19:55 - 00000856 _____ () C:\Users\Familie Kemnitz\Desktop\Sandboxed Web Browser.lnk
2014-10-22 19:55 - 2014-10-22 19:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-10-22 19:53 - 2014-10-22 19:54 - 02734600 _____ (Sandboxie Holdings, LLC) C:\Users\Familie Kemnitz\Downloads\SandboxieInstall (1).exe
2014-10-22 17:37 - 2014-10-22 17:37 - 00000000 ____D () C:\Program Files (x86)\AppInsights
2014-10-22 17:22 - 2014-10-22 17:22 - 00000000 ____D () C:\Program Files (x86)\Windows Phone Kits
2014-10-22 16:47 - 2014-10-22 16:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 5 SDK
2014-10-22 16:44 - 2014-10-22 16:44 - 00000000 ____D () C:\Program Files (x86)\Workflow Manager Tools
2014-10-22 16:44 - 2014-10-22 16:44 - 00000000 ____D () C:\Program Files (x86)\Open XML SDK
2014-10-22 16:43 - 2014-10-22 16:43 - 00000000 ____D () C:\Program Files\Windows Identity Foundation
2014-10-22 16:43 - 2014-10-22 16:43 - 00000000 ____D () C:\Program Files\Microsoft Identity Extensions
2014-10-22 16:43 - 2014-10-22 16:43 - 00000000 ____D () C:\Program Files (x86)\Windows Identity Foundation
2014-10-22 16:38 - 2014-10-29 11:48 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-10-22 16:38 - 2014-10-22 16:38 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-10-22 16:33 - 2014-10-22 17:53 - 00000000 ____D () C:\ProgramData\Windows App Certification Kit
2014-10-22 16:33 - 2014-10-22 16:33 - 00000000 ____D () C:\Program Files\Application Verifier
2014-10-22 16:33 - 2014-10-22 16:33 - 00000000 ____D () C:\Program Files (x86)\Application Verifier
2014-10-22 16:30 - 2014-10-22 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2014-10-22 16:26 - 2014-10-22 16:26 - 00000000 ____D () C:\ProgramData\PreEmptive Solutions
2014-10-22 16:19 - 2014-10-22 16:22 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-22 16:17 - 2014-10-22 16:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools
2014-10-22 16:14 - 2014-10-22 17:50 - 00000000 ____D () C:\Program Files\IIS Express
2014-10-22 16:14 - 2014-10-22 17:50 - 00000000 ____D () C:\Program Files (x86)\IIS Express
2014-10-22 16:13 - 2014-10-22 16:13 - 00000000 ____D () C:\ProgramData\NuGet
2014-10-22 16:13 - 2014-10-22 16:13 - 00000000 ____D () C:\Program Files (x86)\NuGet
2014-10-22 16:13 - 2014-10-22 16:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft WCF Data Services
2014-10-22 16:12 - 2014-10-22 16:13 - 00000000 ____D () C:\Program Files\IIS
2014-10-22 16:12 - 2014-10-22 16:12 - 00000000 ____D () C:\Program Files (x86)\IIS
2014-10-22 16:08 - 2014-10-22 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2014-10-22 16:06 - 2010-05-26 10:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-10-22 16:04 - 2014-10-22 16:29 - 00000000 ____D () C:\Program Files (x86)\Windows Kits
2014-10-22 15:47 - 2014-10-22 15:47 - 00000000 ____D () C:\Program Files (x86)\HTML Help Workshop
2014-10-22 15:46 - 2014-10-22 15:46 - 00000000 ____D () C:\Windows\symbols
2014-10-22 15:46 - 2014-10-22 15:46 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-10-22 15:42 - 2014-10-22 16:39 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-10-22 15:42 - 2014-10-22 16:39 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2014-10-22 15:42 - 2014-10-22 15:55 - 00000000 ____D () C:\Windows\SysWOW64\1033
2014-10-22 15:41 - 2014-10-22 17:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2013
2014-10-22 15:31 - 2014-10-22 16:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-10-22 15:31 - 2014-10-22 15:44 - 00000000 ____D () C:\Windows\system32\1033
2014-10-22 15:30 - 2014-10-22 17:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-10-22 15:30 - 2014-10-22 15:30 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 12.0
2014-10-22 15:27 - 2014-10-22 15:27 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\FaceCrypt
2014-10-22 15:25 - 2014-10-22 15:25 - 00984705 _____ () C:\Users\Familie Kemnitz\Downloads\FC_Alpha_0-0-0-1.rar
2014-10-22 15:18 - 2014-10-22 15:18 - 00002514 _____ () C:\Users\Familie Kemnitz\Downloads\logo.php.png.aes
2014-10-22 15:17 - 2014-10-22 15:17 - 00641007 _____ (Quadsoft ) C:\Users\Familie Kemnitz\Downloads\easyCryptSetup.exe
2014-10-22 15:17 - 2014-10-22 15:17 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\Quadsoft
2014-10-22 15:17 - 2014-10-22 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quadsoft easyCrypt
2014-10-22 15:17 - 2014-10-22 15:17 - 00000000 ____D () C:\Program Files (x86)\Quadsoft easyCrypt
2014-10-22 15:15 - 2014-10-22 15:15 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\RadioBeats
2014-10-22 15:14 - 2014-10-22 15:14 - 00967152 _____ () C:\Users\Familie Kemnitz\Downloads\Radio_Beats_v7.rar
2014-10-22 15:12 - 2014-10-22 15:12 - 00282488 _____ () C:\Users\Familie Kemnitz\Downloads\devextras.codereflect.zip
2014-10-22 15:11 - 2014-10-22 15:12 - 04881508 _____ () C:\Users\Familie Kemnitz\Downloads\update0.1.5.rar
2014-10-22 15:05 - 2014-10-30 16:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-22 15:03 - 2014-10-22 15:03 - 01236880 _____ (Microsoft Corporation) C:\Users\Familie Kemnitz\Downloads\vs_ultimate.exe
2014-10-21 20:21 - 2014-10-21 20:21 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\.webkie
2014-10-21 20:18 - 2014-10-21 20:20 - 01448843 _____ () C:\Users\Familie Kemnitz\Downloads\Webkie v1.1 - Self Extractor.zip
2014-10-21 19:54 - 2014-10-21 19:54 - 00027847 _____ () C:\Users\Familie Kemnitz\Downloads\FFA (1).jar
2014-10-21 17:56 - 2014-10-21 17:56 - 00019822 _____ () C:\Users\Familie Kemnitz\Downloads\FFA.jar
2014-10-21 17:56 - 2014-10-21 17:56 - 00007078 _____ () C:\Users\Familie Kemnitz\Downloads\Messages.jar
2014-10-21 16:47 - 2014-10-21 16:47 - 00002477 _____ () C:\Users\Familie Kemnitz\Downloads\bank (1).sk
2014-10-21 16:41 - 2014-10-21 16:41 - 01409326 _____ () C:\Users\Familie Kemnitz\Downloads\Small Town.zip
2014-10-21 16:41 - 2014-10-21 16:41 - 00001487 _____ () C:\Users\Familie Kemnitz\Downloads\DailyReward.sk
2014-10-19 21:24 - 2014-10-19 21:24 - 00006560 ____N () C:\bootsqm.dat
2014-10-19 20:57 - 2014-10-19 20:57 - 00056341 _____ () C:\Users\Familie Kemnitz\Downloads\Hub (1).jar
2014-10-19 20:57 - 2014-10-19 20:57 - 00035677 _____ () C:\Users\Familie Kemnitz\Downloads\Angel.jar
2014-10-19 18:08 - 2014-10-19 18:08 - 00000000 ____D () C:\Users\Familie Kemnitz\Documents\Klett
2014-10-19 18:05 - 2014-10-19 18:05 - 00001267 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader 5.0.lnk
2014-10-19 18:05 - 2014-10-19 18:05 - 00001255 _____ () C:\Users\Public\Desktop\Acrobat Reader 5.0.lnk
2014-10-19 18:05 - 2014-10-19 18:05 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-10-19 18:05 - 2014-10-19 18:05 - 00000000 ____D () C:\Users\Familie Kemnitz\Documents\My eBooks
2014-10-19 18:04 - 2014-10-19 18:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Klett
2014-10-19 18:04 - 1998-11-17 10:44 - 00328704 _____ (InstallShield Software Corporation ) C:\Windows\IsUn0407.exe
2014-10-19 18:00 - 2014-10-19 18:01 - 00000000 ____D () C:\Program Files (x86)\Klett
2014-10-19 17:29 - 2014-10-19 17:29 - 00151382 _____ () C:\Users\Familie Kemnitz\Downloads\Hub.jar
2014-10-19 14:17 - 2014-10-19 14:17 - 01689527 _____ () C:\Users\Familie Kemnitz\Downloads\Server Lobby-Creepays.rar
2014-10-19 14:14 - 2014-10-19 14:14 - 00005568 _____ () C:\Users\Familie Kemnitz\Downloads\LobbyBukkitTp.jar
2014-10-19 13:52 - 2014-10-19 13:53 - 20521693 _____ () C:\Users\Familie Kemnitz\Downloads\spigot.jar
2014-10-19 13:44 - 2014-10-19 13:45 - 00016770 _____ () C:\Users\Familie Kemnitz\Downloads\CrashRestarter.jar
2014-10-19 13:36 - 2014-10-19 13:37 - 09364357 _____ () C:\Users\Familie Kemnitz\Downloads\BungeeCord (1).jar
2014-10-19 13:35 - 2014-10-19 13:35 - 00043993 _____ () C:\Users\Familie Kemnitz\Downloads\Yamler-Bungee-2.2.3-SNAPSHOT.jar
2014-10-19 10:05 - 2014-10-28 22:10 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-19 10:05 - 2014-10-19 10:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-19 10:03 - 2014-11-10 21:08 - 00001128 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-19 10:03 - 2014-11-10 20:31 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-19 10:03 - 2014-10-19 10:05 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\Google
2014-10-19 10:03 - 2014-10-19 10:05 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-19 10:03 - 2014-10-19 10:03 - 00004124 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-19 10:03 - 2014-10-19 10:03 - 00003872 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-19 10:02 - 2014-10-19 10:03 - 00880272 _____ (Google Inc.) C:\Users\Familie Kemnitz\Downloads\ChromeSetup.exe
2014-10-18 22:31 - 2014-10-18 22:32 - 26563136 _____ () C:\Users\Familie Kemnitz\Downloads\WebcamMax-7.8.7.2.MultiLanguage.Setup.exe
2014-10-18 21:51 - 2014-10-19 06:27 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\ManyCam
2014-10-18 21:51 - 2014-10-18 21:52 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\ManyCam
2014-10-18 21:51 - 2014-10-18 21:51 - 00000000 ____D () C:\ProgramData\ManyCam
2014-10-18 21:50 - 2014-10-18 21:51 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-10-18 21:50 - 2014-10-18 21:50 - 00000000 ____D () C:\ProgramData\Temp
2014-10-18 21:48 - 2014-10-18 21:49 - 12277376 _____ (ManyCam LLC) C:\Users\Familie Kemnitz\Downloads\3.0.80_manycamsetup-3.0.80.exe
2014-10-18 21:46 - 2014-10-18 21:48 - 38548910 _____ () C:\Users\Familie Kemnitz\Downloads\vcw-stripes.swf
2014-10-18 21:44 - 2014-10-18 21:47 - 49993534 _____ () C:\Users\Familie Kemnitz\Downloads\vcw-nadia.swf
2014-10-18 21:09 - 2014-10-19 18:05 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-10-18 21:09 - 2014-10-18 21:09 - 00000953 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\flockmod-tablet.lnk
2014-10-18 21:09 - 2014-10-18 21:09 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\flockmod-air-tablet-ed
2014-10-18 21:09 - 2014-10-18 21:09 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-10-18 21:09 - 2014-10-18 21:09 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-10-18 21:09 - 2014-10-18 21:09 - 00000000 ____D () C:\ProgramData\Adobe
2014-10-18 21:09 - 2014-10-18 21:09 - 00000000 ____D () C:\Program Files (x86)\flockmod-tablet
2014-10-18 21:08 - 2014-10-18 21:08 - 01111428 _____ () C:\Users\Familie Kemnitz\Downloads\flockmod.exe
2014-10-18 19:16 - 2014-10-18 19:16 - 00040319 _____ () C:\Users\Familie Kemnitz\Downloads\MotdManager.jar
2014-10-18 11:54 - 2014-10-18 11:54 - 00034648 _____ () C:\Users\Familie Kemnitz\Downloads\RewardVoting.jar
2014-10-18 11:54 - 2014-10-18 11:54 - 00018694 _____ () C:\Users\Familie Kemnitz\Downloads\Votifier.jar
2014-10-18 11:41 - 2014-10-18 11:41 - 00230948 _____ () C:\Users\Familie Kemnitz\Downloads\MaxBans.jar
2014-10-18 11:05 - 2014-10-18 11:06 - 00015793 _____ () C:\Users\Familie Kemnitz\Downloads\ColoredSigns.jar
2014-10-18 10:44 - 2014-10-18 10:44 - 00325807 _____ () C:\Users\Familie Kemnitz\Downloads\Multiverse-Core-2.4.jar
2014-10-18 10:42 - 2014-10-18 10:42 - 00454351 _____ () C:\Users\Familie Kemnitz\Downloads\SkQuery.jar
2014-10-18 10:42 - 2014-10-18 10:42 - 00085790 _____ () C:\Users\Familie Kemnitz\Downloads\SkExtras.jar
2014-10-18 10:41 - 2014-10-18 10:41 - 01648928 _____ () C:\Users\Familie Kemnitz\Downloads\Skript.jar
2014-10-18 10:41 - 2014-10-18 10:41 - 00017760 _____ () C:\Users\Familie Kemnitz\Downloads\Guilds.sk
2014-10-18 10:12 - 2014-10-18 10:12 - 00669979 _____ () C:\Users\Familie Kemnitz\Downloads\OptiFine_1.8.0_HD_U_A0.jar
2014-10-17 23:06 - 2014-10-17 23:06 - 00018341 _____ () C:\Users\Familie Kemnitz\Downloads\BanPlus.jar
2014-10-17 18:13 - 2014-11-10 21:00 - 00001093 _____ () C:\Users\Familie Kemnitz\Desktop\jd-gui.cfg
2014-10-17 18:02 - 2014-10-17 18:02 - 00009668 _____ () C:\Users\Familie Kemnitz\Downloads\OpMessage.jar
2014-10-17 18:02 - 2014-10-17 18:02 - 00006247 _____ () C:\Users\Familie Kemnitz\Downloads\GommeTroll.jar
2014-10-17 17:01 - 2014-10-17 17:03 - 00002490 _____ () C:\Users\Familie Kemnitz\Downloads\bank(1).sk
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ____D () C:\Users\Familie Kemnitz\.android
2014-10-16 16:51 - 2014-10-16 16:51 - 00001780 _____ () C:\Users\Public\Desktop\Apps.lnk
2014-10-16 16:49 - 2014-10-16 16:50 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-10-16 16:49 - 2014-10-16 16:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-10-16 16:49 - 2014-10-16 16:49 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-10-16 16:48 - 2014-10-16 17:01 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-10-16 16:48 - 2014-10-16 16:48 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\Bluestacks
2014-10-16 16:47 - 2014-10-16 16:48 - 13444288 _____ (BlueStack Systems Inc.) C:\Users\Familie Kemnitz\Downloads\BlueStacks-SplitInstaller_native.exe
2014-10-16 16:43 - 2014-10-16 16:43 - 01176696 _____ () C:\Users\Familie Kemnitz\AppData\Roaming\AndyCleanVM.exe
2014-10-16 16:42 - 2014-10-16 16:47 - 00000000 ____D () C:\Program Files\Andy
2014-10-16 16:42 - 2014-10-16 16:43 - 01177208 _____ () C:\Users\Familie Kemnitz\AppData\Roaming\AndyCleanupTool.exe
2014-10-16 16:42 - 2014-10-16 16:42 - 00336584 _____ (andyroid.net) C:\Users\Familie Kemnitz\Downloads\Andy_v29.exe
2014-10-16 16:37 - 2014-10-16 16:37 - 00001070 _____ () C:\Users\Familie Kemnitz\Downloads\settings2.txt
2014-10-16 16:37 - 2014-10-16 16:37 - 00000000 _____ () C:\Users\Familie Kemnitz\Downloads\tags.txt
2014-10-16 16:37 - 2014-10-16 16:37 - 00000000 _____ () C:\Users\Familie Kemnitz\Downloads\comments.txt
2014-10-16 16:36 - 2014-10-16 16:36 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DevExtras
2014-10-16 16:36 - 2014-10-16 16:36 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\DevExtras
2014-10-16 16:36 - 2014-10-16 16:36 - 00000000 ____D () C:\ProgramData\Nimoru
2014-10-16 16:36 - 2014-10-16 16:36 - 00000000 ____D () C:\ProgramData\CyberProducts
2014-10-16 16:36 - 2014-10-16 16:36 - 00000000 ____D () C:\Program Files (x86)\DevExtras
2014-10-16 16:34 - 2014-10-16 16:35 - 00642048 _____ () C:\Users\Familie Kemnitz\Downloads\devextras.codereflect.msi
2014-10-16 16:34 - 2014-10-16 16:34 - 08488960 _____ (CyberProducts) C:\Users\Familie Kemnitz\Downloads\CyberTerror.exe
2014-10-16 15:57 - 2014-10-16 15:57 - 00001011 _____ () C:\Users\Familie Kemnitz\Desktop\SParty.jar
2014-10-16 15:49 - 2014-10-29 20:40 - 09266389 _____ () C:\Users\Familie Kemnitz\Downloads\BungeeCord.jar
2014-10-16 15:44 - 2014-10-16 15:44 - 00009317 _____ () C:\Users\Familie Kemnitz\Downloads\party.jar
2014-10-16 13:55 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 13:55 - 2014-09-24 05:01 - 09056768 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 13:55 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 13:55 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 13:55 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 13:55 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 13:55 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 13:55 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 13:55 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 13:55 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 13:54 - 2014-09-24 05:02 - 01538560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 13:54 - 2014-09-24 05:02 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 13:54 - 2014-09-24 05:02 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-10-16 13:54 - 2014-09-24 05:01 - 12288512 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 13:54 - 2014-09-24 05:01 - 02467328 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 13:54 - 2014-09-24 05:01 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 13:54 - 2014-09-24 05:01 - 00495616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 13:54 - 2014-09-24 05:01 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 13:54 - 2014-09-24 05:01 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 13:54 - 2014-09-24 05:01 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 13:54 - 2014-09-24 05:01 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-10-16 13:54 - 2014-09-24 05:01 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 13:54 - 2014-09-24 05:00 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-10-16 13:54 - 2014-09-24 05:00 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-10-16 13:54 - 2014-09-24 04:59 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 13:54 - 2014-09-24 04:59 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 13:54 - 2014-09-24 04:40 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 11019264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 06025728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 02086912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 01266688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-10-16 13:54 - 2014-09-24 04:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 13:54 - 2014-09-24 04:38 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-10-16 13:54 - 2014-09-24 04:38 - 00016384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-10-16 13:54 - 2014-09-24 04:37 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 13:54 - 2014-09-24 04:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 13:54 - 2014-09-24 02:00 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 13:54 - 2014-09-24 01:24 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 13:54 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 13:54 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 13:54 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 13:54 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 13:54 - 2014-07-17 03:07 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 13:54 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 13:54 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 13:54 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 13:54 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 13:54 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 13:54 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 13:54 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 13:54 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 13:54 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 13:54 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 13:54 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 13:54 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 13:54 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 13:54 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 13:54 - 2014-05-30 09:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-10-16 13:54 - 2014-05-30 09:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-10-16 13:54 - 2014-05-30 09:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-10-16 13:54 - 2014-05-30 09:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-10-16 13:54 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-10-16 13:54 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-10-16 13:54 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-10-16 13:54 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-10-16 13:48 - 2014-10-16 13:48 - 00010345 _____ () C:\Users\Familie Kemnitz\Downloads\LobbyManager.jar
2014-10-15 21:17 - 2014-10-15 21:17 - 00002477 _____ () C:\Users\Familie Kemnitz\Downloads\bank.sk
2014-10-14 16:13 - 2014-10-14 16:15 - 36022888 _____ (Skype Technologies S.A.) C:\Users\Familie Kemnitz\Downloads\SkypeSetupFull.exe
2014-10-13 20:35 - 2014-10-13 20:35 - 00093011 _____ () C:\Users\Familie Kemnitz\Downloads\AdminHelper-Dev.jar
2014-10-13 20:27 - 2014-10-13 20:27 - 00024569 _____ () C:\Users\Familie Kemnitz\Downloads\LobbyPlugin.jar
2014-10-13 20:06 - 2014-10-13 20:06 - 00337004 _____ () C:\Users\Familie Kemnitz\Downloads\Vault-1.4.1.jar
2014-10-13 20:03 - 2014-10-13 20:03 - 00035666 _____ () C:\Users\Familie Kemnitz\Downloads\DebitCard.jar
2014-10-13 15:16 - 2014-10-13 15:16 - 00000000 ____D () C:\ProgramData\EmailNotifier
2014-10-13 15:14 - 2014-10-13 15:14 - 00217904 _____ () C:\Users\Familie Kemnitz\Downloads\ManyCamWebInstaller.exe
2014-10-13 15:03 - 2014-10-13 15:03 - 00138003 _____ () C:\Users\Familie Kemnitz\Downloads\ReminePlugin.jar
2014-10-13 14:35 - 2014-10-13 14:35 - 00050016 _____ () C:\Users\Familie Kemnitz\Downloads\QuickSG.jar
2014-10-13 14:35 - 2014-10-13 14:35 - 00010078 _____ () C:\Users\Familie Kemnitz\Downloads\Umfrage.jar
2014-10-13 14:35 - 2014-10-13 14:35 - 00003111 _____ () C:\Users\Familie Kemnitz\Downloads\TeamChat.jar
2014-10-13 14:04 - 2014-10-13 14:05 - 02118421 _____ () C:\Users\Familie Kemnitz\Downloads\Front 5.2.zip
2014-10-12 23:23 - 2014-10-12 23:23 - 00002890 _____ () C:\Users\Familie Kemnitz\Downloads\17439.c
2014-10-12 22:53 - 2014-10-12 22:53 - 00019636 _____ () C:\Users\Familie Kemnitz\Downloads\easy-creds-3.8-DEV.tar.gz
2014-10-12 22:00 - 2014-10-12 22:00 - 00036349 _____ () C:\Users\Familie Kemnitz\Downloads\minecade-death-swap-0.0.3-20140122.053744-9.jar
2014-10-12 21:53 - 2014-10-12 21:53 - 00081879 _____ () C:\Users\Familie Kemnitz\Downloads\minecade-engine-1.0-RELEASE.jar
2014-10-12 21:52 - 2014-10-12 21:52 - 00102330 _____ () C:\Users\Familie Kemnitz\Downloads\MinecadeMinigames-0.0.1.jar
2014-10-12 18:36 - 2014-10-22 20:22 - 00020403 _____ () C:\Users\Familie Kemnitz\Desktop\1.5k Proxies.txt
2014-10-11 21:04 - 2014-10-11 21:04 - 03980400 _____ (pepsoft.org) C:\Users\Familie Kemnitz\Downloads\worldpainter_64_1.10.2.exe
2014-10-11 20:11 - 2014-10-11 20:11 - 00076210 _____ () C:\Users\Familie Kemnitz\Downloads\TagAPI.jar
2014-10-11 20:05 - 2014-10-21 19:58 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\Bukkit Plugins
2014-10-11 19:10 - 2014-10-02 15:31 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-11 19:10 - 2014-10-02 15:31 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-11 19:10 - 2014-10-02 15:31 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-11 19:02 - 2014-10-11 19:07 - 135998368 _____ (Oracle Corporation) C:\Users\Familie Kemnitz\Downloads\jdk-7u67-windows-x64.exe
2014-10-11 16:41 - 2014-10-11 16:41 - 00009747 _____ () C:\Users\Familie Kemnitz\Downloads\BasicsPlugin.jar
2014-10-11 13:47 - 2014-11-09 23:35 - 00000408 _____ () C:\Windows\Tasks\update-sys.job
2014-10-11 13:47 - 2014-11-09 18:42 - 00000408 _____ () C:\Windows\Tasks\update-S-1-5-21-3383184443-1007438557-2850217814-1000.job
2014-10-11 13:47 - 2014-10-11 13:47 - 00003304 _____ () C:\Windows\System32\Tasks\update-sys
2014-10-11 13:47 - 2014-10-11 13:47 - 00003302 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-3383184443-1007438557-2850217814-1000
2014-10-11 13:47 - 2014-10-11 13:47 - 00000457 _____ () C:\Users\Familie Kemnitz\AppData\Local\UserProducts.xml
2014-10-11 13:47 - 2014-10-11 13:47 - 00000003 _____ () C:\Users\Familie Kemnitz\AppData\Local\updater.log
2014-10-11 13:47 - 2014-10-11 13:47 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lightshot
2014-10-11 13:47 - 2014-10-11 13:47 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\Skillbrains
2014-10-11 13:47 - 2014-10-11 13:47 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-10-11 13:46 - 2014-10-11 13:46 - 02422800 _____ (Skillbrains ) C:\Users\Familie Kemnitz\Downloads\setup-lightshot.exe
2014-10-11 13:29 - 2014-10-11 13:29 - 00003140 _____ () C:\Users\Familie Kemnitz\Downloads\McHelloPlugin.jar
2014-10-11 13:28 - 2014-10-11 13:28 - 00024816 _____ () C:\Users\Familie Kemnitz\Downloads\StaffLogin.jar
2014-10-11 13:24 - 2014-10-11 13:24 - 00155842 _____ () C:\Users\Familie Kemnitz\Downloads\AdminLobby.jar
2014-10-11 13:22 - 2014-10-11 13:22 - 00010453 _____ () C:\Users\Familie Kemnitz\Downloads\WarnSystem.jar
2014-10-11 13:20 - 2014-10-11 13:20 - 00003487 _____ () C:\Users\Familie Kemnitz\Downloads\AntiDrop.jar
2014-10-11 13:19 - 2014-10-11 13:19 - 00004622 _____ () C:\Users\Familie Kemnitz\Downloads\Anti1K.jar
2014-10-11 13:17 - 2014-10-11 13:17 - 00003802 _____ () C:\Users\Familie Kemnitz\Downloads\Hello.jar
2014-10-11 12:02 - 2014-10-11 12:04 - 00000000 ____D () C:\Users\Familie Kemnitz\Downloads\TwicePvP (@TwicePvP) _ Twitter-Dateien
2014-10-11 12:02 - 2014-10-11 12:02 - 00112742 _____ () C:\Users\Familie Kemnitz\Downloads\TwicePvP (@TwicePvP) _ Twitter.htm
2014-10-11 10:33 - 2014-10-11 10:33 - 00000000 ____D () C:\Users\Familie Kemnitz\Desktop\Websites
2014-10-11 09:20 - 2014-10-11 09:20 - 00046467 _____ () C:\Users\Familie Kemnitz\Downloads\VipCodes.jar
2014-10-11 09:12 - 2014-10-11 09:12 - 00006513 _____ () C:\Users\Familie Kemnitz\Downloads\Tophats.jar

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-10 21:52 - 2014-09-29 19:33 - 01537752 _____ () C:\Windows\WindowsUpdate.log
2014-11-10 21:51 - 2014-09-29 20:18 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\Skype
2014-11-10 21:42 - 2014-09-29 19:53 - 00000600 _____ () C:\Users\Familie Kemnitz\AppData\Local\PUTTY.RND
2014-11-10 21:41 - 2014-10-03 20:50 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-10 21:41 - 2014-09-29 19:54 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\FileZilla
2014-11-10 21:35 - 2009-07-14 05:45 - 00033152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-10 21:35 - 2009-07-14 05:45 - 00033152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-10 20:38 - 2014-10-01 18:59 - 00203935 _____ () C:\Windows\IE11_main.log
2014-11-10 20:30 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-10 20:30 - 2009-07-14 05:51 - 00032101 _____ () C:\Windows\setupact.log
2014-11-09 21:10 - 2014-09-30 12:39 - 00000000 ____D () C:\My Web Sites
2014-11-09 17:46 - 2014-09-29 20:20 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\.minecraft
2014-11-03 00:28 - 2010-11-21 04:47 - 00861034 _____ () C:\Windows\PFRO.log
2014-11-02 23:52 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\schemas
2014-11-02 21:52 - 2014-09-29 20:17 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-11-01 20:20 - 2014-09-29 20:28 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\TS3Client
2014-11-01 08:00 - 2014-09-29 19:39 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\VirtualStore
2014-10-31 18:18 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-31 14:40 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-31 14:40 - 2009-07-14 05:45 - 00275096 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-31 13:27 - 2014-09-29 20:00 - 00061176 _____ () C:\Users\Familie Kemnitz\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-31 08:18 - 2011-04-12 08:43 - 00699342 _____ () C:\Windows\system32\perfh007.dat
2014-10-31 08:18 - 2011-04-12 08:43 - 00149450 _____ () C:\Windows\system32\perfc007.dat
2014-10-31 08:18 - 2009-07-14 06:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-30 20:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-30 20:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-30 20:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-10-30 16:37 - 2014-09-29 19:53 - 01593564 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-10-30 16:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-10-28 06:34 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 07:48 - 2014-09-29 19:39 - 00000000 ____D () C:\Users\Familie Kemnitz
2014-10-24 14:15 - 2014-09-30 16:48 - 00001932 _____ () C:\Users\Familie Kemnitz\Desktop\Alts.txt
2014-10-23 17:48 - 2014-10-03 07:16 - 00000000 ____D () C:\Users\Matthina
2014-10-23 17:48 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-23 14:33 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-22 18:13 - 2014-10-03 07:13 - 00000680 __RSH () C:\Users\Familie Kemnitz\ntuser.pol
2014-10-22 16:25 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-22 15:31 - 2009-07-14 06:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-21 20:00 - 2014-10-05 16:49 - 00000000 ____D () C:\Users\Familie Kemnitz\workspace
2014-10-21 19:59 - 2014-10-05 16:50 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\Eclipse
2014-10-19 22:54 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-10-19 18:05 - 2014-10-03 20:55 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Roaming\Adobe
2014-10-19 18:05 - 2014-09-29 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-19 18:00 - 2014-09-29 19:43 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-18 21:08 - 2014-10-03 20:49 - 00000000 ____D () C:\Users\Familie Kemnitz\AppData\Local\Adobe
2014-10-17 14:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-14 17:33 - 2014-09-29 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-14 16:16 - 2014-09-29 19:51 - 00000000 ____D () C:\ProgramData\Skype
2014-10-11 19:10 - 2014-10-02 15:27 - 00000000 ____D () C:\Program Files\Java
2014-10-11 19:09 - 2014-10-02 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit

Some content of TEMP:
====================
C:\Users\Familie Kemnitz\AppData\Local\Temp\dllnt_dump.dll
C:\Users\Familie Kemnitz\AppData\Local\Temp\ochelper.exe
C:\Users\Familie Kemnitz\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Familie Kemnitz\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Familie Kemnitz\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-29 19:30

==================== End Of Log ============================
         

Alt 11.11.2014, 11:56   #2
PhesmanLP
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Addition.txt:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2014 01
Ran by Familie Kemnitz at 2014-11-10 21:56:12
Running from C:\Users\Familie Kemnitz\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.293 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 9 ActiveX (HKLM-x32\...\{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}) (Version: 9.0.16.0 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{EE0AEC31-DAE0-6F50-FFD8-58F08CC74F07}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Application Insights Tools for Visual Studio 2013 (x32 Version: 2.1 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4078 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{152E0B21-19D5-4772-9EF8-8E76074B0C0A}) (Version: 0.9.4.4078 - BlueStack Systems, Inc.)
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
DevExtras - CodeReflect (HKLM-x32\...\{D3F9A17B-0655-45B9-899D-7B46DC1CD2CC}) (Version: 1.0.8 - DevExtras)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework 6.1.1 Tools  for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
flockmod tablet edition (HKLM-x32\...\flockmod-air-tablet-ed) (Version: 1.3.0 - UNKNOWN)
flockmod tablet edition (x32 Version: 1.3.0 - UNKNOWN) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Green Line 2 Sprachtrainer (HKLM-x32\...\{16281EBA-AA00-44D2-BC8B-06F3C3380DA1}) (Version: 1.00.000 - Klett)
herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 7 Update 67 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170670}) (Version: 1.7.0.670 - Oracle)
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
Lightshot-5.1.4.17 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.17 - Skillbrains)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Malwarebytes Anti-Exploit version 1.04.1.1012 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.04.1.1012 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
ManyCam 3.0.80 (remove only) (HKLM-x32\...\ManyCam) (Version: 3.0.80 - ManyCam LLC)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.3 - Mozilla)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
ProxyChecker (remove only) (HKLM-x32\...\ProxyChecker) (Version:  - )
Python Tools Redirection Template (x32 Version: 1.2 - Microsoft Corporation) Hidden
Quadsoft easyCrypt Version 1.3.0.2 (HKLM-x32\...\{80D75FCC-2C8E-4C8B-BBFA-D3E946F5CDBB}_is1) (Version: 1.3.0.2 - Quadsoft)
Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
ShareX 9.4.0 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 9.4.0 - ShareX Developers)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Sprachtrainer Fonts (HKLM-x32\...\{FBCF2ED3-AFB5-475E-BF9A-30BEAD366FBC}) (Version: 1.00.01 - Ernst Klett Verlag GmbH)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
VPNium  (HKLM-x32\...\VPNium) (Version:  - )
VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-10-2014 06:54:13 Windows Update
28-10-2014 19:35:40 Windows Update
29-10-2014 07:39:31 Windows Update
29-10-2014 10:38:38 Windows Live Essentials
29-10-2014 10:40:18 DirectX wurde installiert
29-10-2014 10:41:37 DirectX wurde installiert
29-10-2014 10:43:10 DirectX wurde installiert
29-10-2014 10:45:54 WLSetup
30-10-2014 15:12:08 Windows Update
31-10-2014 06:49:36 Windows Update
31-10-2014 08:15:50 Microsoft Visual C++ 2005 Redistributable wird installiert
31-10-2014 08:19:34 Gerätetreiber-Paketinstallation: TAP-Win32 Provider V9 Netzwerkadapter
01-11-2014 06:40:10 Windows Update
02-11-2014 19:00:17 Windows Update
02-11-2014 19:43:42 Windows Defender Checkpoint
03-11-2014 08:18:40 Windows Update
09-11-2014 16:35:52 Windows Update
09-11-2014 17:39:09 Installed MD_Messenger_Setup
10-11-2014 19:35:11 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00588178-55BB-42D2-8859-9C38BC4CB89C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {0C1D67B5-857C-4710-B433-55C1E9F8DA88} - System32\Tasks\{62A98E41-9FA6-436F-9A36-8CF50B5CF9D8} => Firefox.exe hxxp://ui.skype.com/ui/0/6.20.0.104/de/go/help.faq.installer?source=lightinstaller&amp;LastError=1618
Task: {260D1911-CF49-4AFA-8AC8-9BC919A5B77A} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {94E05849-E365-4078-997C-B09B7F548897} - System32\Tasks\update-S-1-5-21-3383184443-1007438557-2850217814-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {B6545AB5-C8ED-4DA0-A042-B1F4E37BBE45} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-03] (Adobe Systems Incorporated)
Task: {C44C9389-067B-4BB7-88A9-F97AD48C29E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-3383184443-1007438557-2850217814-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2011-11-14 12:50 - 2011-11-14 12:50 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2011-11-14 12:50 - 2011-11-14 12:50 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-11-14 12:36 - 2011-11-14 12:36 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 08:55 - 2011-11-09 08:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-12-05 03:38 - 2010-12-05 03:38 - 01242112 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_imgproc220.dll
2010-12-05 03:38 - 2010-12-05 03:38 - 02010624 _____ () C:\Program Files (x86)\ManyCam\Bin\opencv_core220.dll
2014-09-06 17:44 - 2014-09-06 17:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-10-28 22:10 - 2014-10-22 05:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 22:10 - 2014-10-22 05:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 22:10 - 2014-10-22 05:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 22:10 - 2014-10-22 05:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: SQLWriter => 2
MSCONFIG\Services: WMPNetworkSvc => 3

========================= Accounts: ==========================

Administrator (S-1-5-21-3383184443-1007438557-2850217814-500 - Administrator - Disabled)
Familie Kemnitz (S-1-5-21-3383184443-1007438557-2850217814-1000 - Administrator - Enabled) => C:\Users\Familie Kemnitz
Gast (S-1-5-21-3383184443-1007438557-2850217814-501 - Limited - Disabled)
Matthina (S-1-5-21-3383184443-1007438557-2850217814-1002 - Limited - Enabled) => C:\Users\Matthina

==================== Faulty Device Manager Devices =============

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Generic Bluetooth Adapter
Description: Generic Bluetooth Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: GenericAdapter
Service: BTHUSB
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/10/2014 08:32:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 08:31:30 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/09/2014 11:27:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 11:26:24 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/09/2014 08:37:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 08:36:59 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/09/2014 05:32:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 05:31:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/03/2014 10:43:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/03/2014 10:43:39 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


System errors:
=============
Error: (11/10/2014 08:38:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (11/10/2014 08:31:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (11/10/2014 08:30:49 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (11/10/2014 08:30:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎11.‎2014 um 23:45:27 unerwartet heruntergefahren.

Error: (11/09/2014 11:26:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (11/09/2014 11:25:40 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (11/09/2014 11:25:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎11.‎2014 um 21:47:28 unerwartet heruntergefahren.

Error: (11/09/2014 08:36:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (11/09/2014 08:36:17 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (11/09/2014 08:36:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎11.‎2014 um 20:29:02 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (11/10/2014 08:32:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/10/2014 08:31:30 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/09/2014 11:27:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 11:26:24 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/09/2014 08:37:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 08:36:59 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/09/2014 05:32:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/09/2014 05:31:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (11/03/2014 10:43:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/03/2014 10:43:39 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)


==================== Memory info =========================== 

Processor: AMD A8-3500M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 47%
Total physical RAM: 5607.96 MB
Available physical RAM: 2949.01 MB
Total Pagefile: 11214.1 MB
Available Pagefile: 7891.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:292.87 GB) (Free:233.76 GB) NTFS
Drive d: () (Fixed) (Total:405.67 GB) (Free:340.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 2BCAA86C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=405.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
RogueKiller Log:
Code:
ATTFilter
RogueKiller V10.0.4.0 (x64) [Oct 29 2014] by Adlice Software
mail : hxxp://www.adlice.com/contact/
Feedback : hxxp://forum.adlice.com
Website : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Familie Kemnitz [Administrator]
Mode : Scan -- Date : 11/11/2014  10:55:59

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 15 ¤¤¤
[PUP] (X64) HKEY_USERS\S-1-5-21-3383184443-1007438557-2850217814-1000\Software\Microsoft\Windows\CurrentVersion\Run | LightShot : C:\Users\Familie Kemnitz\AppData\Local\Skillbrains\lightshot\Lightshot.exe  -> Found
[PUP] (X86) HKEY_USERS\S-1-5-21-3383184443-1007438557-2850217814-1000\Software\Microsoft\Windows\CurrentVersion\Run | LightShot : C:\Users\Familie Kemnitz\AppData\Local\Skillbrains\lightshot\Lightshot.exe  -> Found
[PUP] (X64) HKEY_USERS\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run | LightShot : C:\Users\Familie Kemnitz\AppData\Local\Skillbrains\lightshot\Lightshot.exe  -> Found
[PUP] (X86) HKEY_USERS\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Run | LightShot : C:\Users\Familie Kemnitz\AppData\Local\Skillbrains\lightshot\Lightshot.exe  -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3383184443-1007438557-2850217814-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 66.57.108.60:17364  -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3383184443-1007438557-2850217814-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 66.57.108.60:17364  -> Found
[PUM.Proxy] (X64) HKEY_USERS\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 66.57.108.60:17364  -> Found
[PUM.Proxy] (X86) HKEY_USERS\S-1-5-21-3383184443-1007438557-2850217814-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Windows\CurrentVersion\Internet Settings | ProxyServer : 66.57.108.60:17364  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0580F828-EC23-4220-8F1D-840AE058B4B2} | DhcpNameServer : 10.3.0.1 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{0580F828-EC23-4220-8F1D-840AE058B4B2} | DhcpNameServer : 10.3.0.1 [(Private Address) (XX)]  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{0580F828-EC23-4220-8F1D-840AE058B4B2} | DhcpNameServer : 10.3.0.1 [(Private Address) (XX)]  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST9750420AS ATA Device +++++
--- User ---
[MBR] 1470035f8f08b1a0a20526c1ee2630f9
[BSP] 79cdde4affb14b59fefb93f578d7fb00 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 299900 MB
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 614402048 | Size: 415402 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: Generic- Multi-Card USB Device +++++
Error reading User MBR! ([15] Das Gerät ist nicht bereit. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] Die Anforderung wird nicht unterstützt. )


============================================
RKreport_DEL_10312014_160027.log - RKreport_SCN_10312014_155809.log
         
Sooo...
habe irgendwie keinen richtigen Malwarebytes Log gefunden,
da Malwarebytes nichts gefunden hat.
Hier gibt es aber trotzdem nochmal ein Bild
__________________


Alt 11.11.2014, 12:24   #3
Warlord711
/// TB-Ausbilder
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Hi !

Du hast auf dein eigenes Thema geantwortet, deshalb tauchte es bei uns nicht in der Übersicht auf.

Aber die Logs sind bis auf bissl AdWare unauffällig. RogueKiller hat auch schon gelöscht.


Lass mal die Tools durchlaufen:

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
__________________

Alt 11.11.2014, 13:05   #4
PhesmanLP
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Hallo,
tut mir leid.

Ziemlich komisch,
kann es sein das die Datei gecryptet ist, und somit FUD ist?

Was Ich weiß, ist das Malware existiert.
Nach einer bestimmten Zeit (ca. 10 Minuten) öffnet sich immer der Internet Explorer 2x aber sozusagen "unsichtbar"

AdwCleaner hängt, bzw. ist "eingefroren"
(siehe Bild)


###############
Geht wieder!
###############

AdwCleaner:

Code:
ATTFilter
# AdwCleaner v4.101 - Bericht erstellt am 11/11/2014 um 12:28:55
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-10.9 [Live]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Familie Kemnitz - KEMNITZPC
# Gestartet von : C:\Users\Familie Kemnitz\Desktop\AdwCleaner_4.101.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\Skillbrains
Ordner Gefunden : C:\Users\Familie Kemnitz\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Ordner Gefunden : C:\Users\Familie Kemnitz\AppData\Local\Skillbrains

***** [ Tasks ] *****

Task Gefunden : update-sys
Task Gefunden : update-S-1-5-21-3383184443-1007438557-2850217814-1000
Task Gefunden : update-sys

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Email Notifier
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.18595


-\\ Mozilla Firefox v32.0.3 (x86 de)


-\\ Google Chrome v38.0.2125.111


*************************

AdwCleaner[R0].txt - [342 octets] - [11/11/2014 12:27:06]
AdwCleaner[R1].txt - [1312 octets] - [11/11/2014 12:28:55]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [1372 octets] ##########
         
Junkware Remove Tool:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Ultimate x64
Ran by Familie Kemnitz on 11.11.2014 at 12:29:31,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Familie Kemnitz\AppData\Roaming\mozilla\firefox\profiles\7jf5pxog.default\minidumps [19 files]



~~~ Chrome

Failed to delete: [Folder] C:\Users\Familie Kemnitz\appdata\local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.11.2014 at 13:04:53,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 11.11.2014, 13:08   #5
Warlord711
/// TB-Ausbilder
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Welche Datei soll gecrypted sein ?

IE 2-mal, wie stellt sich das dar ? Nur als zusätzlicher Task ?
Das ist durchaus normal.

Wenn der IE läuft und du gibst in einer Eingabeaufforderung ein:

Zitat:
WMIC PATH Win32_Process WHERE Name="iexplore.exe" get CommandLine
erhälst du so etwas zurück:

Zitat:
"C:\Program Files\Internet Explorer\iexplore.exe"

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:8196 CREDAT:267521 /prefetch:2
Das ist normal.

__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 11.11.2014, 13:11   #6
PhesmanLP
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Nein,
zweimal als Prozess. Also der Internet Explorer, den ich nicht benutze?
Eventuell wenn bis jetzt immernoch das Problem da sein sollte die Malware die noch nicht entfehrnt wurde.

Alt 11.11.2014, 13:19   #7
Warlord711
/// TB-Ausbilder
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Ärrg wieso schreib ich Task ... ich meinte als 2. Prozess ohne Fenster.

Du meinst der läuft, obwohl du ihn nicht nutzt ?
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 11.11.2014, 13:27   #8
PhesmanLP
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Ja, und das auch noch unsichtbar.

KOMISCH!
Wenn Ich den Verlauf von FileZilla lösche kann Ich wieder auf den Server zugreifen???

Alt 11.11.2014, 13:55   #9
Warlord711
/// TB-Ausbilder
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Ist das bei jedem Rechnerstart so, das der IE läuft ?
Manchmal wird der IE von anderen Programmen verwendet, um Webinterface darzustellen.

Prüf bei FileZilla, ob der verwendete Servername noch aktuell ist.
Klingt nach falschem Hostnamen oder DNS Problem.

Oder evtl am Server etwas verstellt ?
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 12.11.2014, 09:09   #10
PhesmanLP
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Nein, alles okay.... als Ich das Letzte mal dieses Problem hatte dachte Ich erst jemand hätte meine IP via ipTables gesperrt, Fehlanzeige. Danach habe ich meinem Hoster eine Email geschrieben... Fehlanzeige, bei denen ist alles okay. Nach um die 2 Wochen als ich meinen Computer aus Angst neuinstalliert habe ging halt alles wieder weil bei allen anderen alles klappte. Nachdem Login via PuTTy sah ich dann eine chinesische IP (getract) als Last-Login. Server neuinstalliert, SSH Port geändert usw. Jetzt geht alles auf einmal wieder. Ich habe den KOMPLETTEN FileZilla Verlauf einmal gelöscht. Jetzt kommt aber beim starten meines Computers "Java Weblauncher reagiert nicht mehr. Möchten Sie das Programm debuggen?" Naja. Danach beende Ich die Prozesse via TaskManager und es funktioniert alles wieder. Ich kann mich wie gewohnt per SFTP einloggen.

Alt 12.11.2014, 11:25   #11
Warlord711
/// TB-Ausbilder
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Dann mach mal Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Und dann noch den ESET Komplettscan.
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 12.11.2014, 12:23   #12
PhesmanLP
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Hey,

die Prozesse bilden sich immer noch...


Fixlog:
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 09-11-2014 01
Ran by Familie Kemnitz at 2014-11-12 11:30:59 Run:1
Running from C:\Users\Familie Kemnitz\Desktop
Loaded Profile: Familie Kemnitz (Available profiles: Familie Kemnitz & Matthina)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
emptytemp:

*****************

EmptyTemp: => Removed 3.1 GB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
         

Alt 12.11.2014, 13:46   #13
Warlord711
/// TB-Ausbilder
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Sieht eigentlich aus wie nen "Normaler" IE Start.

Aber das kommt von alleine ? Ohne weitere Fenster ?
Der Tab heisst ja "Verbindung wird hergestellt...", sieht aus wie nen Teil einer Managing Console oder sowas in der Art.

Wenn das wirklich ohne Zutun im ProcessExplorer auftaucht, dann mach bitte nen Neustart, beobachte den ProcessExplorer und falls die Iexplore.exe wieder da ist,
mach ein FRST Log, diesmal macht du den Haken bei Whitelist-Processes raus, dann Scan klicken und das Log posten.
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Alt 15.11.2014, 15:03   #14
PhesmanLP
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Hey,

der Laptop ist derzeit für ungefähr 2 Wochen in Reperatur da das Ladegerät bzw. der Anschluss "tot" ist.

Mit freundlichen Grüßen

Florian.

Alt 17.11.2014, 12:57   #15
Warlord711
/// TB-Ausbilder
 
FileZilla Stealer? - Standard

FileZilla Stealer?



Alles klar
__________________
Lerne, zurück zu schlagen und unterstütze uns!
TB Akademie | Spende | Lob & Kritik

Antwort

Themen zu FileZilla Stealer?
administrator, adobe, adobe flash player, avast, bitcoin, bluestacks, browser, computer, detected, downloader, explorer, fehlermeldung, flash player, google, helper, installation, microsoft, mozilla, nvidia, ordner, registry, scan, server, software, svchost.exe, system, vcredist, windows




Ähnliche Themen: FileZilla Stealer?


  1. Filezilla Verbindungsproblem
    Alles rund um Windows - 29.11.2014 (3)
  2. Antivir 3 Funde (Filezilla/SiSoftware)
    Log-Analyse und Auswertung - 29.10.2014 (3)
  3. Trojanisierte FileZilla-Version greift Zugangsdaten ab
    Nachrichten - 28.01.2014 (0)
  4. FileZilla Verbindungsproblem.
    Netzwerk und Hardware - 27.01.2014 (10)
  5. Trojaner oder Stealer
    Log-Analyse und Auswertung - 06.05.2013 (7)
  6. GVU Trojaner und FTP Stealer
    Log-Analyse und Auswertung - 07.12.2012 (21)
  7. Zugriff auf Filezilla ... wohl über einen Trojaner
    Log-Analyse und Auswertung - 11.09.2012 (11)
  8. Filezilla Verbindungsfehler
    Netzwerk und Hardware - 29.02.2012 (4)
  9. Winlogon.exe stealer.exe was ist das alles
    Log-Analyse und Auswertung - 13.12.2011 (50)
  10. FileZilla FTP-Server zeigt dauernde Login-Versuche
    Log-Analyse und Auswertung - 10.06.2010 (5)
  11. FileZilla sicher für sensible Daten?
    Überwachung, Datenschutz und Spam - 24.05.2010 (9)
  12. Trjoaner/Stealer Verdacht
    Log-Analyse und Auswertung - 16.12.2009 (5)
  13. Hackhound Stealer?
    Plagegeister aller Art und deren Bekämpfung - 14.10.2009 (9)
  14. C:\Stealer.exe
    Plagegeister aller Art und deren Bekämpfung - 25.08.2009 (15)
  15. Password Stealer ??
    Mülltonne - 23.11.2008 (0)
  16. Stealer analysieren
    Plagegeister aller Art und deren Bekämpfung - 24.05.2008 (1)
  17. Pw stealer
    Mülltonne - 04.05.2008 (1)

Zum Thema FileZilla Stealer? - Hallo, ich kann mich seit heute nicht mehr in meinen Root Server einloggen. Ich bin mir zu 90% sicher das es ein Stealer ist. Es kommt immer folgende Fehlermeldung: Ich - FileZilla Stealer?...
Archiv
Du betrachtest: FileZilla Stealer? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.