kimberger | 07.07.2014 12:46 | P.S. ich hoffe, alles ist gut formatiert, da ich gerade keien Vorschau finde :-((
Moin Schrauber,
ich sitze jetzt hier schon über 4 Stunden dran, hatte das Anschreiben an Dich fast fertig, da ging alles wieder verloren, weil ich angeblich nicht mehr angemeldet war , ärger ...
Also auf ein Neues:
Ich danke Dir erstmal für die schnelle Hilfe! NAch den dirversen Durchläufen habe ich durch Logfiles-Lesen den Eindruck, einen krebsgeschwürbelasteten Laptop zu haben, obwohl ich immer sehr vorsichtig installiere :-(((((
zuerst mbam1 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 07.07.2014
Suchlauf-Zeit: 08:01:38
Logdatei: mbam1.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.07.07.01
Rootkit Datenbank: v2014.07.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: ###
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320062
Verstrichene Zeit: 16 Min, 6 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 8
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, In Quarantäne, [d8d59903cface05638427c39a45eef11],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\Supra Savings, In Quarantäne, [317c36664734e94dedaef9bb43bfbe42],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, In Quarantäne, [3a735a42e19aae889bd56b6008faed13],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\SupraSavings, In Quarantäne, [ebc24e4e3b407fb7fe72b6151fe39967],
PUP.Optional.SupraSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SupraSavingsService64, In Quarantäne, [d6d74458e99263d30995fa15be4616ea],
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\xmkysecqun64, In Quarantäne, [3e6f574563185bdbe2579a2c0ff39769],
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [535a128a3e3d1c1a82e8f0dab151de22],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-3410272128-3850883635-1020607561-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarantäne, [2588128abebde551ef7b9e2ccc364ab6],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 10
RiskWare.Tool.CK, C:\$Recycle.Bin\S-1-5-21-3410272128-3850883635-1020607561-1001\$RLO0K8K.exe, In Quarantäne, [d8d5bae2e19af343867408e6946d05fb],
Spyware.Zbot.VXGen, C:\$Recycle.Bin\S-1-5-21-3410272128-3850883635-1020607561-1001\$RNC1LHF.zip, In Quarantäne, [397497054239eb4b8b72ed827e8343bd],
PUP.Optional.AppsInstaller, C:\$Recycle.Bin\S-1-5-21-3410272128-3850883635-1020607561-1001\$RSDDS2L.exe, In Quarantäne, [baf32a72fd7eb383680f90ee42c2e51b],
PUP.Optional.AdPeak.A, C:\temp\InstallFilter64.msi, In Quarantäne, [317c8a1228533ef8e9a0ec517c84b64a],
PUP.Optional.SupraSavings.A, C:\temp\t.msi, In Quarantäne, [d2db0a922f4c2d0968599ede50b49c64],
PUP.Optional.Koyote.A, C:\Users\###\Downloads\FreeScreenToVideoSetup-r0-n-bf.exe, In Quarantäne, [c7e6a0fc1863cc6aa4c9291dd82913ed],
PUP.Optional.OpenCandy, C:\Users\###\Downloads\FreemakeVideoConverterSetup_4.1.3.14.exe, In Quarantäne, [228b17854d2e48ee868c7e9638c97c84],
PUP.Optional.OpenCandy, C:\Users\###\Downloads\MediaInfo_GUI_0.7.67_Windows.exe, In Quarantäne, [ebc2831929527bbb95473c7d5ba9e818],
PUP.Optional.OpenCandy, C:\Users\###\Downloads\DTLite4491-0356.exe, In Quarantäne, [dad30f8dbfbc40f6defebbfef21256aa],
PUP.Optional.Conduit.A, C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M3D6AB86D-DF50-4066-8CD4-43434B9052EF&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPB7CBB68B-550A-4643-AF69-91C9F7CA5C79");), Ersetzt,[5c51504cc5b6aa8cf97171538f75c43c]
Physische Sektoren: 0
(No malicious items detected)
(end) und mbam2 Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 07.07.2014
Suchlauf-Zeit: 09:46:42
Logdatei: mbam2.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.07.07.01
Rootkit Datenbank: v2014.07.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: ###
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 319861
Verstrichene Zeit: 16 Min, 22 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 0
(No malicious items detected)
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 1
PUP.Optional.Conduit.A, C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\prefs.js, Gut: (), Schlecht: (user_pref
("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M3D6AB86D-DF50-4066-8CD4-
43434B9052EF&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPB7CBB68B-550A-4643-AF69-91C9F7CA5C79");), Ersetzt,
[f1bc7c2012690e282446269e0bf9da26]
Physische Sektoren: 0
(No malicious items detected) hier adwcleaner Anmerkung: hier gab es beim restart das Problem, dass der Laptop nach em "MEDION" auf einer dunklen Seite hängen blieb, lange. Auch 3 mal Runter wieder Hoch nutzten nichts. Dann habe ich im BIOS einmal die Bootreihenfolge von CD, USB, HD auf HD Platz 1 geändert. NAch anfänglichem Dunkelschirm ging es dann aber langsam weiter. Was war das??? Kann ich die Reihenfolge wieder ändern? Code:
# AdwCleaner v3.214 - Bericht erstellt am 07/07/2014 um 10:14:54
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : ### -#######
# Gestartet von : C:\Users\###\Downloads\adwcleaner_3.214.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files\003
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\Conduit
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v30.0 (de)
[ Datei : C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\prefs.js ]
Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3315513&octid=EB_ORIGINAL_CTID&ISID=M3D6AB86D-DF50
-4066-8CD4-43434B9052EF&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SPB7CBB68B-550[...]
Zeile gelöscht : user_pref("extensions.betterff.surfcanyon.ramp.start_time", "1");
*************************
AdwCleaner[R0].txt - [2297 octets] - [07/07/2014 10:13:11]
AdwCleaner[S0].txt - [2114 octets] - [07/07/2014 10:14:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2174 octets] ########## hier der JRT Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by ### on 07.07.2014 at 12:08:31,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\###\appdata\locallow\boost_interprocess"
~~~ FireFox
Emptied folder: C:\Users\###\AppData\Roaming\mozilla\firefox\profiles\ewe9a0lr.default\minidumps [25 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.07.2014 at 12:14:57,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ at least FRST frisch ;-)))
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by ### (administrator) on ###### on 07-07-2014 12:19:51
Running from C:\Users\###\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(Wistron) C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\OSD.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WButton.exe
(Wistron Corp.) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Thermaltake) C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11554688 2012-08-08] (Motorola Solutions, Inc.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [HotkeyApp] => C:\Program Files (x86)\Launch Manager\HotkeyApp.exe [320824 2012-08-16] (Wistron)
HKLM-x32\...\Run: [LMgrVolOSD] => C:\Program Files (x86)\Launch Manager\OSD.exe [348960 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [Wbutton] => C:\Program Files (x86)\Launch Manager\Wbutton.exe [388408 2012-08-13] (Wistron Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-20] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [258576 2012-07-30] (CyberLink Corp.)
HKLM-x32\...\Run: [Tt eSPORTS BLACK Gaming Mouse] => C:\Program Files (x86)\Mouse Tt eSPORTS BLACK\BlackMonitor.exe [105864 2012-08-10]
(Thermaltake)
HKLM-x32\...\Run: [AVMFBoxMonitor] => C:\Program Files (x86)\FRITZ!Box Monitor\FRITZBoxMonitor.exe [1503232 2009-07-06] (AVM Berlin)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking11\Ereg\Ereg.exe [328992 2010-10-27] (Nuance
Communications, Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2092032 2014-02-03] (Dominik Reichl)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13]
(Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime Lite\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3410272128-3850883635-1020607561-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2011-06-04]
(Acresso Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1004\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-3410272128-3850883635-1020607561-1001\User: Group Policy restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {9B62A7FA-C373-4BF4-BCA6-12C03F49BB1A} URL = hxxp://www.bing.com/search?q={searchTerms}
&form=IE10TR&src=IE10TR&pc=MALNJS
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype
Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default
FF Homepage: leer
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer
\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor
\npPDFXEditPlugin.x64.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.0 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer
\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader
\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader
\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine
Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft
Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft
Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Editor
\npPDFXEditPlugin.x86.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-ExchangeViewer\PDF Viewer
\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPSibelius.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\PDFNetC.dll (PDFTron Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ScorchPDFWrapper.dll ()
FF SearchPlugin: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\googlemaps.xml
FF SearchPlugin: C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\searchplugins\ixquick-https.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions
\youtubeunblocker@unblocker.yt [2014-01-23]
FF Extension: Flashblock - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{3d7eb24f-2740-49df-8937-
200b1cc08f8a} [2013-09-23]
FF Extension: DownloadHelper - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-
b86292ed211d} [2014-03-26]
FF Extension: AutoGroup - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\akimkin_denis@mail.ru.xpi
[2014-04-21]
FF Extension: FlashStopper - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\flashstopper@byo.co.il.xpi
[2014-04-21]
FF Extension: Image and Flash Blocker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions
\imgflashblocker@shimon.chohen.xpi [2013-09-23]
FF Extension: media menu - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid0-
X4tVYTsgT60azyHVye1faT8MjIA@jetpack.xpi [2014-04-21]
FF Extension: YouTube Control Center - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\jid1-
CikLKKPVkw6ipw@jetpack.xpi [2014-04-21]
FF Extension: Media Sniffer - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions
\MediaSniffer@hiyoko.info.xpi [2014-04-21]
FF Extension: betterFox - Make your browsing experience 15% faster. - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles
\ewe9a0lr.default\Extensions\multirevenue@googlemail.com.xpi [2014-04-21]
FF Extension: SmartVideo For YouTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions
\mytube@ashishmishra.in.xpi [2014-04-21]
FF Extension: Niederschlagsradar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions
\niederschlagsradar@sensiva.net.xpi [2014-06-10]
FF Extension: S3.Download Statusbar - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions
\s3download@statusbar.xpi [2014-02-13]
FF Extension: Search Tab - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\searchtab@pratikpoddar.xpi
[2013-12-13]
FF Extension: Secure Login - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\secureLogin@blueimp.net.xpi
[2013-09-21]
FF Extension: StopTube - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\stoptube@kashiif.com.xpi [2013-
09-23]
FF Extension: SuperStop - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\superstop@gavinsharp.com.xpi
[2013-09-23]
FF Extension: Todoist - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\support@todoist.com.xpi [2013-10
-15]
FF Extension: Session Manager - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{1280606b-2510-4fe0-
97ef-9b5a22eafe30}.xpi [2013-09-21]
FF Extension: ScrapBook - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{53A03D43-5363-4669-8190-
99061B2DEBA5}.xpi [2014-01-04]
FF Extension: Web Marker - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{5755466A-DB04-11DA-A2DD-
0E545D5EE2F7}.xpi [2014-03-09]
FF Extension: NoScript - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{73a6fe31-595d-460b-a920-
fcc0f8843232}.xpi [2014-04-21]
FF Extension: Flash Block - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{95ab36d4-fb6f-47b0-8b8d-
e5f3bd547953}.xpi [2013-09-23]
FF Extension: Adblock Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-
2b9879e08c5d}.xpi [2013-09-21]
FF Extension: Tab Mix Plus - C:\Users\###\AppData\Roaming\Mozilla\Firefox\Profiles\ewe9a0lr.default\Extensions\{dc572301-7619-498c-a57d-
39143191b318}.xpi [2013-12-26]
==================== Services (Whitelisted) =================
R2 CVPND; C:\Program Files (x86)\Cisco SystemsVPN Client\cvpnd.exe [1528616 2010-03-23] (Cisco Systems, Inc.)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952
2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13]
(CyberLink)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [239680 2014-02-19] (Foxit
Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-
18] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel
Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TipCtrl; C:\Program Files (x86)\uTIPu\TipCtrl.exe [314504 2009-02-03] (Utipu inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files (x86)\Launch Manager\WisLMSvc.exe [118560 2012-08-13] (Wistron Corp.)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 CVPNDRVA; C:\Windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
U3 dtscsidrv; C:\Windows\System32\Drivers\dtscsidrv.sys [309248 2014-03-20] (Disc Soft Ltd)
R2 easycvfs; C:\WINDOWS\system32\drivers\easycvfs.sys [110472 2010-07-29] () [File not signed]
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-09-04] (Intel Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-16] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-03-20] (Duplex Secure Ltd.)
S3 synusb64; C:\Windows\System32\drivers\synusb64.sys [30352 2010-09-17] (Steinberg Media Technologies GmbH)
R1 ui11rdr; C:\Windows\System32\DRIVERS\ui11rdr.sys [199752 2011-11-21] (1&1 Internet AG)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S2 sbapifs; system32\DRIVERS\sbapifs.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-07 12:14 - 2014-07-07 12:14 - 00000961 _____ () C:\Users\###\Desktop\JRT.txt
2014-07-07 12:08 - 2014-07-07 12:08 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-07 12:07 - 2014-07-07 12:07 - 01016261 _____ (Thisisu) C:\Users\###\Downloads\JRT.exe
2014-07-07 10:13 - 2014-07-07 10:14 - 00000000 ____D () C:\AdwCleaner
2014-07-07 10:11 - 2014-07-07 10:11 - 01346519 _____ () C:\Users\###\Downloads\adwcleaner_3.214.exe
2014-07-07 07:59 - 2014-07-07 09:41 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 07:58 - 2014-07-07 10:05 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 07:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-07 07:58 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-07 07:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-07-07 07:56 - 2014-07-07 07:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\###\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 21:38 - 2014-07-05 21:38 - 00043048 _____ () C:\Users\###\Downloads\Addition-korr.txt
2014-07-05 21:33 - 2014-07-05 21:33 - 00049154 _____ () C:\Users\###\Downloads\FRSTkorr.txt
2014-07-05 21:07 - 2014-07-05 21:07 - 517430305 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-05 21:07 - 2014-07-05 21:07 - 00288536 _____ () C:\WINDOWS\Minidump\070514-21531-01.dmp
2014-07-05 21:03 - 2014-07-05 21:03 - 00380416 _____ () C:\Users\###\Downloads\4knde644.exe
2014-07-05 21:01 - 2014-07-05 21:02 - 00043065 _____ () C:\Users\###\Downloads\Addition.txt
2014-07-05 20:59 - 2014-07-07 12:19 - 00021589 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-05 20:59 - 2014-07-07 12:19 - 00000000 ____D () C:\FRST
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-04 22:08 - 2014-07-05 20:16 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-04 22:07 - 2014-07-04 22:22 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-07-03 10:56 - 2014-06-06 11:33 - 00000824 _____ () C:\WINDOWS\system32\Drivers\etc\hosts.20140703-105625.backup
2014-07-03 10:02 - 2014-07-03 10:03 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:52 - 2014-07-03 09:52 - 00002184 _____ () C:\Users\###\Desktop\Malwarebytes Anti-Malware - Malware Scanner - CHIP
Downloader.lnk
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner -
CHIP-Installer.exe
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\WIN7 - EA2014 - Verknüpfung.lnk
2014-06-26 22:15 - 2014-07-04 22:22 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-
_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB
Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:40 - 2014-06-23 12:00 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:37 - 2014-06-23 08:43 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-
_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:24 - 2014-03-19 03:27 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2014-06-21 14:24 - 2014-03-19 03:27 - 00109056 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudbus.sys
2014-06-21 13:50 - 2014-06-21 14:23 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:32 - 2014-06-21 13:54 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:32 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2014-05-07 17:42 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2014-06-21 13:30 - 2014-06-21 13:31 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:26 - 2014-06-21 13:27 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:57 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-
_Palais_Omnisport_Paris_-_Full.flv
2014-06-20 23:41 - 2014-06-21 00:07 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-16 10:39 - 2014-06-16 10:43 - 00000000 ____D () C:\Users\###\Documents\_Gedä KreKo Kreativit-
2014-06-11 21:05 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-06-11 21:05 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-06-11 21:05 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-06-11 21:05 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-06-11 21:05 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-06-11 21:05 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-06-11 21:05 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-06-11 21:05 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-06-11 21:05 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-06-11 21:05 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-06-11 21:05 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-06-11 21:05 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-06-11 21:05 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-06-11 21:05 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-06-11 21:05 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-06-11 21:05 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-06-11 21:05 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-06-11 21:04 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-06-11 21:04 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-06-11 21:04 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2014-06-11 21:04 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS
\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS
\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-06-11 21:04 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-06-11 21:04 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-06-11 21:04 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-06-11 21:04 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 21:03 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-06-11 21:03 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-06-11 21:03 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-06-11 21:03 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-06-11 21:03 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-06-11 21:03 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-06-11 21:03 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-06-11 21:03 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-06-11 21:03 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-06-11 21:03 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-06-11 21:03 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-06-11 21:03 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-06-11 21:03 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-06-11 21:03 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2014-06-11 21:03 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-06-11 21:03 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 09:08 - 2014-06-13 22:41 - 00000000 ____D () C:\Users\###\Documents\_mixed-dur
==================== One Month Modified Files and Folders =======
2014-07-07 12:20 - 2014-07-05 20:59 - 00021589 _____ () C:\Users\###\Downloads\FRST.txt
2014-07-07 12:19 - 2014-07-05 20:59 - 00000000 ____D () C:\FRST
2014-07-07 12:16 - 2013-09-21 14:40 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3410272128-
3850883635-1020607561-1001
2014-07-07 12:14 - 2014-07-07 12:14 - 00000961 _____ () C:\Users\###\Desktop\JRT.txt
2014-07-07 12:08 - 2014-07-07 12:08 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-07-07 12:07 - 2014-07-07 12:07 - 01016261 _____ (Thisisu) C:\Users\###\Downloads\JRT.exe
2014-07-07 12:03 - 2013-12-20 08:45 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-07 12:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-07-07 12:01 - 2013-09-24 18:18 - 00001118 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-07 11:07 - 2013-09-24 18:17 - 00001114 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 11:07 - 2013-09-21 14:35 - 00000000 ____D () C:\Users\###\Documents\Youcam
2014-07-07 11:05 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-07 10:16 - 2013-11-14 00:18 - 00012014 _____ () C:\WINDOWS\PFRO.log
2014-07-07 10:14 - 2014-07-07 10:13 - 00000000 ____D () C:\AdwCleaner
2014-07-07 10:11 - 2014-07-07 10:11 - 01346519 _____ () C:\Users\###\Downloads\adwcleaner_3.214.exe
2014-07-07 10:05 - 2014-07-07 07:58 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-07 09:50 - 2014-02-17 11:09 - 01216079 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-07 09:41 - 2014-07-07 07:59 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-07 09:34 - 2014-05-16 21:58 - 00000000 ____D () C:\WINDOWS\fr
2014-07-07 09:34 - 2014-04-01 19:14 - 00000000 ____D () C:\temp
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-07 07:58 - 2014-07-07 07:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-07 07:57 - 2014-07-07 07:56 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\###\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-05 21:38 - 2014-07-05 21:38 - 00043048 _____ () C:\Users\###\Downloads\Addition-korr.txt
2014-07-05 21:33 - 2014-07-05 21:33 - 00049154 _____ () C:\Users\###\Downloads\FRSTkorr.txt
2014-07-05 21:14 - 2014-02-17 10:50 - 00000000 ____D () C:\Users\###
2014-07-05 21:07 - 2014-07-05 21:07 - 517430305 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-05 21:07 - 2014-07-05 21:07 - 00288536 _____ () C:\WINDOWS\Minidump\070514-21531-01.dmp
2014-07-05 21:07 - 2014-06-02 16:32 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-05 21:03 - 2014-07-05 21:03 - 00380416 _____ () C:\Users\###\Downloads\4knde644.exe
2014-07-05 21:02 - 2014-07-05 21:01 - 00043065 _____ () C:\Users\###\Downloads\Addition.txt
2014-07-05 20:54 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-05 20:53 - 2014-07-05 20:53 - 00000578 _____ () C:\Users\###\Downloads\defogger_disable.log
2014-07-05 20:53 - 2014-07-05 20:53 - 00000020 _____ () C:\Users\###\defogger_reenable
2014-07-05 20:52 - 2014-07-05 20:52 - 00050477 _____ () C:\Users\###\Downloads\Defogger.exe
2014-07-05 20:45 - 2014-07-05 20:45 - 02084352 _____ (Farbar) C:\Users\###\Downloads\FRST64.exe
2014-07-05 20:19 - 2014-02-18 09:25 - 00000000 ____D () C:\Users\###\Documents\_WIN-PC
2014-07-05 20:16 - 2014-07-04 22:08 - 00000664 _____ () C:\WINDOWS\SysWOW64\Drivers\kgpfr2.cfg
2014-07-04 22:22 - 2014-07-04 22:07 - 00002496 _____ () C:\WINDOWS\system32\Drivers\kgpcpy.cfg
2014-07-04 22:22 - 2014-06-26 22:15 - 00000000 ____D () C:\Program Files (x86)\19A6D51C-2D35-44DB-B412-0B01BF8D2D62
2014-07-04 22:03 - 2014-07-04 22:03 - 00707664 _____ (iS3, Inc.) C:\Users\###\Downloads\SZSetup_AID10121_AV.exe
2014-07-04 12:58 - 2013-11-03 09:28 - 00125952 ___SH () C:\Users\###\Desktop\Thumbs.db
2014-07-03 11:34 - 2014-07-03 11:34 - 00001411 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00001399 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-03 11:34 - 2014-07-03 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-03 11:34 - 2014-01-03 10:31 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-03 11:10 - 2014-01-03 10:34 - 00000135 _____ () C:\WINDOWS\wininit.ini
2014-07-03 10:52 - 2013-11-03 11:00 - 00000000 ____D () C:\Users\###\AppData\Roaming\vlc
2014-07-03 10:03 - 2014-07-03 10:02 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\###\Downloads\spybot-2.4.exe
2014-07-03 09:52 - 2014-07-03 09:52 - 00002184 _____ () C:\Users\###\Desktop\Malwarebytes Anti-Malware - Malware Scanner - CHIP
Downloader.lnk
2014-07-03 09:43 - 2014-07-03 09:43 - 00961360 _____ (Chip Digital GmbH) C:\Users\###\Downloads\Malwarebytes Anti Malware Malware Scanner -
CHIP-Installer.exe
2014-07-02 19:35 - 2014-02-25 19:13 - 00000000 ____D () C:\Users\###\Documents\#######
2014-07-01 14:53 - 2013-11-14 09:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-01 14:53 - 2013-11-14 09:11 - 00766620 _____ () C:\WINDOWS\system32\perfh007.dat
2014-07-01 14:53 - 2013-11-14 09:11 - 00159902 _____ () C:\WINDOWS\system32\perfc007.dat
2014-07-01 08:46 - 2013-10-23 13:56 - 00000000 ____D () C:\Users\###\Documents\#######
2014-06-30 16:29 - 2013-11-06 15:32 - 00000000 ____D () C:\Users\###\Documents\___Tests
2014-06-30 16:18 - 2014-06-30 16:18 - 00002302 _____ () C:\Users\###\Desktop\W######4 - Verknüpfung.lnk
2014-06-30 07:29 - 2013-12-25 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\FileAdvisor
2014-06-26 09:32 - 2014-06-26 09:32 - 00517413 _____ () C:\Users\###\Downloads\quickfolders_tabbed_folders-3.14.1-sm+tb.xpi
2014-06-26 09:32 - 2014-06-26 09:32 - 00097251 _____ () C:\Users\###\Downloads\expression_search_gmailui-0.8.8-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00376218 _____ () C:\Users\###\Downloads\archive_this-1.4.8.0-tb.xpi
2014-06-26 09:31 - 2014-06-26 09:31 - 00204851 _____ () C:\Users\###\Downloads\quickfilters-2.5-sm+tb.xpi
2014-06-26 09:28 - 2014-06-26 09:28 - 00046321 _____ () C:\Users\###\Downloads\totalquickfilter-3.0-tb.xpi
2014-06-26 09:27 - 2014-06-26 09:27 - 00002054 _____ () C:\Users\###\Downloads\filter_of_filters-1.1-tb.xpi
2014-06-25 19:47 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-06-25 13:51 - 2014-01-27 21:27 - 00000000 ____D () C:\D-EVERYTHINGSEARCH
2014-06-25 13:51 - 2014-01-27 21:25 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-06-23 16:15 - 2014-06-23 16:15 - 00000000 _____ () C:\Users\###\Downloads\IRON_BUTTERFLY_-_IN_A_GADDA_DA_VIDA_-
_1968_ORIGINAL_FULL_VERSION_CD_SOUND_3D_VIDEO.flv
2014-06-23 12:54 - 2014-06-23 12:54 - 00003832 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1396198660
2014-06-23 12:54 - 2014-03-30 18:57 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Users\###\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB
Creator
2014-06-23 12:04 - 2014-06-23 12:04 - 00000000 ____D () C:\Program Files (x86)\LinuxLive USB Creator
2014-06-23 12:00 - 2014-06-23 11:40 - 1010827264 _____ () C:\Users\Public\Documents\ubuntu-14.04-desktop-amd64.iso
2014-06-23 11:52 - 2014-06-23 11:52 - 05001199 _____ (LinuxLive USB Creator) C:\Users\Public\Documents\LinuxLive USB Creator 2.8.29.exe
2014-06-23 11:19 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-06-23 11:00 - 2013-08-22 16:46 - 00305858 _____ () C:\WINDOWS\setupact.log
2014-06-23 10:50 - 2014-06-23 10:50 - 05001199 _____ (LinuxLive USB Creator) C:\Users\###\Downloads\LinuxLive USB Creator 2.8.29.exe
2014-06-23 08:43 - 2014-06-23 08:37 - 34251899 _____ () C:\Users\###\Downloads\Led_Zeppelin_-_Whole_Lotta_Love_HD.flv
2014-06-22 20:43 - 2014-06-22 20:43 - 00000000 _____ () C:\Users\###\Downloads\Red_Hot_Chili_Peppers_-
_Stadion_Slaski_Chorz_w_Poland_Full_Concert_2007.07.03.flv
2014-06-21 14:24 - 2014-06-21 14:24 - 00000000 ____D () C:\Program Files\SAMSUNG
2014-06-21 14:23 - 2014-06-21 13:50 - 00000000 ____D () C:\ProgramData\Samsung
2014-06-21 13:54 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\samsung
2014-06-21 13:33 - 2014-06-21 13:33 - 00000000 ____D () C:\Users\Public\Documents\NativeFus_Log
2014-06-21 13:33 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\AppData\Roaming\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00001993 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Users\###\Documents\SelfMV
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2014-06-21 13:32 - 2014-06-21 13:32 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-06-21 13:32 - 2012-11-05 19:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-21 13:31 - 2014-06-21 13:30 - 41820464 _____ (Samsung Electronics Co., Ltd.) C:\Users\###\Downloads\Kies3Setup.exe
2014-06-21 13:28 - 2014-06-21 13:28 - 00000000 ____D () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505
2014-06-21 13:27 - 2014-06-21 13:26 - 20536004 _____ () C:\Users\###\Downloads\CF-Auto-Root-jflte-jfltexx-gti9505.zip
2014-06-21 13:26 - 2014-06-21 13:26 - 00467537 _____ () C:\Users\###\Downloads\Odin304.zip
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert-1.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Copenhagen_Denmark_1972_Full_Concert.flv
2014-06-21 07:58 - 2014-06-21 07:58 - 00000000 _____ () C:\Users\###\Downloads\AC_DC_-_Greatest_Hits_2011_Full_Completo.flv
2014-06-21 07:58 - 2014-06-21 07:57 - 00000000 _____ () C:\Users\###\Downloads\Deep_Purple_-_Live_Rockpalast_-_1985_-
_Palais_Omnisport_Paris_-_Full.flv
2014-06-21 00:20 - 2014-03-22 01:03 - 00000000 ____D () C:\Users\###\AppData\Local\Windows Live
2014-06-21 00:07 - 2014-06-20 23:41 - 77834736 _____ () C:\Users\###\Downloads\Deep_Purple-Made_In_Japan_1972.flv
2014-06-18 17:56 - 2013-09-24 18:18 - 00004090 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-18 17:56 - 2013-09-24 18:17 - 00003854 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 18:29 - 2013-09-22 22:02 - 00006234 _____ () C:\WirelessDiagLog.csv
2014-06-16 10:43 - 2014-06-16 10:39 - 00000000 ____D () C:\Users\###\Documents\##-
2014-06-13 22:41 - 2014-06-11 09:08 - 00000000 ____D () C:\Users\###\Documents\######
2014-06-12 08:13 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-06-12 07:37 - 2013-10-14 10:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-06-12 07:30 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-06-11 21:45 - 2013-09-22 14:37 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-06-11 21:43 - 2012-11-05 19:14 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-06-11 21:03 - 2014-06-11 21:03 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-06-11 21:03 - 2014-06-11 21:03 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-06-11 13:02 - 2014-06-11 13:02 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 12:25 - 2014-05-02 10:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-06-08 21:44 - 2013-12-24 08:55 - 00000000 ____D () C:\Users\###\Documents\####
Files to move or delete:
====================
C:\Users\###\AppData\Roaming\CamLayout.ini
C:\Users\###\AppData\Roaming\CamShapes.ini
C:\Users\###\AppData\Roaming\CamStudio.Producer.Data.ini
Some content of TEMP:
====================
C:\Users\###\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\###\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-07 10:39
==================== End Of Log ============================ --- --- ---
So, ich hoffe, nun geht alles gut - und ich würde mich freuen, wenn Du mir grünes Licht geben könntest (hoffnung, hoffnung)
Gruß
Kim |