| Kagu-chan | 07.01.2015 14:12 |
Mbam Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 07.01.2015
Suchlauf-Zeit: 13:47:19
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.4.1028
Malware Datenbank: v2015.01.07.08
Rootkit Datenbank: v2015.01.06.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Kagu-chan
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320518
Verstrichene Zeit: 7 Min, 19 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)
Registrierungswerte: 0
(Keine schädliche Elemente erkannt)
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 0
(Keine schädliche Elemente erkannt)
Dateien: 0
(Keine schädliche Elemente erkannt)
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end)
ADWC
AdwCleaner Logfile: Code:
# AdwCleaner v4.106 - Bericht erstellt am 07/01/2015 um 13:58:58
# Aktualisiert 21/12/2014 von Xplode
# Database : 2015-01-03.1 [Live]
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : Kagu-chan - KAGU-CHAN-PC
# Gestartet von : E:\Users\Kagu-chan\Desktop\AdwCleaner_4.106.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files\Optimizer Pro 3.16
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17496
-\\ Mozilla Firefox v33.1 (x86 de)
-\\ Google Chrome v39.0.2171.71
*************************
AdwCleaner[R2].txt - [7769 octets] - [03/12/2014 16:13:23]
AdwCleaner[R3].txt - [8348 octets] - [19/12/2014 04:58:13]
AdwCleaner[R4].txt - [3635 octets] - [20/12/2014 22:50:24]
AdwCleaner[S1].txt - [7398 octets] - [03/12/2014 16:16:23]
AdwCleaner[S2].txt - [10001 octets] - [20/12/2014 22:52:50]
AdwCleaner[S3].txt - [1171 octets] - [07/01/2015 13:58:58]
########## EOF - E:\AdwCleaner\AdwCleaner[S3].txt - [1231 octets] ##########
--- --- ---
Werden die alten Logs hier auch benötigt? Hatte die vergessen bzw wusste net wo die liegen.
JRT
JRT Logfile: Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Professional x86
Ran by Kagu-chan on 07.01.2015 at 14:03:43,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "E:\Users\Kagu-chan\favorites\links\startfenster.lnk"
~~~ Folders
~~~ FireFox
Successfully deleted the following from E:\Users\Kagu-chan\AppData\Roaming\mozilla\firefox\profiles\z352l41s.default\prefs.js
user_pref("extensions.2q7jrwzx5aSrkzwB.url", "hxxp://syncs-jpi.info/sync2/?q=hfZ9ofV9CShEAen0rTaFqjrMg708BNmGWj8orihGheDUojw9rjwGqTsFrTsFpchIC7n0rjnFrjs5rjkHpda5tNhVCT94tMVKhd
Emptied folder: E:\Users\Kagu-chan\AppData\Roaming\mozilla\firefox\profiles\z352l41s.default\minidumps [5 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.01.2015 at 14:06:49,37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
--- --- ---
FSRT
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-01-2015
Ran by Kagu-chan (administrator) on KAGU-CHAN-PC on 07-01-2015 14:07:52
Running from E:\Users\Kagu-chan\Desktop
Loaded Profile: Kagu-chan (Available profiles: Kagu-chan)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\Bamboo Dock\BambooCore.exe
() C:\Program Files\puush\puush.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Spotify Ltd) E:\Users\Kagu-chan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BambooCore] => C:\Program Files\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\Run: [puush] => C:\Program Files\puush\puush.exe [567880 2014-09-29] ()
HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\Run: [Spotify Web Helper] => E:\Users\Kagu-chan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-11] (Spotify Ltd)
Startup: E:\Users\Kagu-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MouseFix.exe ()
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (hxxp://tortoisesvn.net)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2026768166-240738973-2546325667-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-2026768166-240738973-2546325667-1001] => 192.168.0.205:3128
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2026768166-240738973-2546325667-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: E:\Users\Kagu-chan\AppData\Roaming\Mozilla\Firefox\Profiles\z352l41s.default
FF NetworkProxy: "backup.ftp", ""
FF NetworkProxy: "backup.ftp_port", 0
FF NetworkProxy: "backup.socks", ""
FF NetworkProxy: "backup.socks_port", 0
FF NetworkProxy: "backup.ssl", ""
FF NetworkProxy: "backup.ssl_port", 0
FF NetworkProxy: "ftp", "192.168.0.205"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "http", "192.168.0.205"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "192.168.0.205"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "192.168.0.205"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @raidcall.en/RCplugin -> E:\Users\Kagu-chan\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSearchKeyword: Default -> 80DA302478B4558A96F4C2FF4AD01669672457E0C900CF3F699C97E0650C2BE6
CHR DefaultSearchURL: Default -> 31930FB7BBA41FB5C619BC9EF791EB41381F3482E912C7B4A41C8116268DA010
CHR Profile: E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ShowIp) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoljmemkbciolpigpabjfkagboolkcj [2014-09-29]
CHR Extension: (Google Drive) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-29]
CHR Extension: (Session Manager) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbcnbpafconjjigibnhbfmmgdbbkcjfi [2014-09-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-29]
CHR Extension: (YouTube) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-29]
CHR Extension: (Google-Suche) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-29]
CHR Extension: (SAO Theme 1920x1080) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgikfepnnphbmgngmpiflajcbmoomnll [2014-09-29]
CHR Extension: (HTTPS Everywhere) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-09-29]
CHR Extension: (AdBlock) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-29]
CHR Extension: (Window Resizer) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2014-09-29]
CHR Extension: (Lazarus: Form Recovery) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2014-09-29]
CHR Extension: (Ghostery) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-09-29]
CHR Extension: (Google Wallet) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-29]
CHR Extension: (Google Mail) - E:\Users\Kagu-chan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-29]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 FileZilla Server; E:\FZ\FileZilla Server\FileZilla Server.exe [772608 2014-09-19] (FileZilla Project) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5419792 2014-11-28] (TeamViewer GmbH)
S4 TunngleService; C:\Program Files\Tunngle\TnglCtrl.exe [762320 2014-11-04] (Tunngle.net GmbH)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [567064 2014-08-19] (Wacom Technology, Corp.)
S4 LMIGuardianSvc; "C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2013-03-04] (Elaborate Bytes AG)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-13] (VIA Technologies, Inc. )
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [12088 2014-08-06] (Windows (R) Win 7 DDK provider)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [27136 2009-09-16] (Tunngle.net)
R3 teamviewervpn; C:\Windows\System32\DRIVERS\teamviewervpn.sys [25088 2013-10-17] (TeamViewer GmbH)
R3 WacHidRouter; C:\Windows\System32\DRIVERS\wachidrouter.sys [85304 2014-08-06] (Wacom Technology)
R3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13112 2014-08-06] (Wacom Technology)
S3 catchme; \??\E:\Users\KAGU-C~1\AppData\Local\Temp\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 14:07 - 2015-01-07 14:07 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\FRST-OlderVersion
2015-01-07 14:06 - 2015-01-07 14:06 - 00001156 _____ () E:\Users\Kagu-chan\Desktop\JRT.txt
2015-01-07 14:03 - 2015-01-07 14:03 - 01707939 _____ (Thisisu) E:\Users\Kagu-chan\Desktop\JRT.exe
2015-01-07 14:03 - 2015-01-07 14:03 - 00000000 ____D () C:\Windows\ERUNT
2015-01-07 14:02 - 2015-01-07 14:03 - 01707939 _____ (Thisisu) E:\Users\Kagu-chan\Downloads\JRT.exe
2015-01-07 14:01 - 2015-01-07 14:01 - 00001311 _____ () E:\Users\Kagu-chan\Desktop\adwc.txt
2015-01-07 13:56 - 2015-01-07 13:55 - 02173952 _____ () E:\Users\Kagu-chan\Desktop\AdwCleaner_4.106.exe
2015-01-07 13:55 - 2015-01-07 13:55 - 02173952 _____ () E:\Users\Kagu-chan\Downloads\AdwCleaner_4.106.exe
2015-01-07 13:54 - 2015-01-07 13:54 - 00001206 _____ () E:\Users\Kagu-chan\Desktop\mbam.txt
2015-01-07 13:54 - 2015-01-07 13:54 - 00000000 ____D () C:\Neuer Ordner
2015-01-07 12:53 - 2015-01-07 12:53 - 00000102 _____ () E:\Users\Kagu-chan\.gitconfig
2015-01-07 12:49 - 2015-01-07 12:50 - 17811112 _____ (The Git Development Community ) E:\Users\Kagu-chan\Downloads\Git-1.9.5-preview20141217.exe
2015-01-07 01:17 - 2015-01-07 01:17 - 00002629 _____ () E:\Users\Kagu-chan\Desktop\Untitled.ass
2015-01-07 00:37 - 2015-01-07 00:37 - 00048808 _____ () E:\Users\Kagu-chan\Desktop\Notizzettel.ttf
2015-01-07 00:21 - 2015-01-07 00:21 - 00427492 _____ () E:\Users\Kagu-chan\Downloads\Ao Haru Ride[1-71].mp4
2015-01-07 00:21 - 2015-01-07 00:21 - 00000385 _____ () E:\Users\Kagu-chan\Downloads\Ao Haru Ride.index
2015-01-07 00:18 - 2015-01-07 11:43 - 00000000 ____D () E:\Users\Kagu-chan\Downloads\Results
2015-01-07 00:17 - 2015-01-07 00:17 - 23845644 _____ () E:\Users\Kagu-chan\Downloads\Ao Haru Ride.avi
2015-01-06 16:16 - 2015-01-06 16:16 - 00015059 _____ () C:\ComboFix.txt
2015-01-06 16:16 - 2015-01-06 16:16 - 00000000 ____D () E:\Users\Public\AppData\Local\temp
2015-01-06 16:16 - 2015-01-06 16:16 - 00000000 ____D () E:\Users\Default\AppData\Local\temp
2015-01-06 16:00 - 2015-01-06 16:00 - 05609498 ____R (Swearware) E:\Users\Kagu-chan\Desktop\ComboFix.exe
2015-01-06 15:59 - 2015-01-06 16:00 - 05609498 _____ (Swearware) E:\Users\Kagu-chan\Downloads\ComboFix (1).exe
2015-01-06 12:37 - 2015-01-06 12:59 - 00003902 _____ () E:\Users\Kagu-chan\Desktop\Twisted fate - Sweet Sweet Cendrillon Drug (Kagu-chan) [Easy].osu
2015-01-06 12:19 - 2015-01-06 12:19 - 00005184 _____ () E:\Users\Kagu-chan\Desktop\[QC]_Ao Haru Ride - QC_Cezira.txt
2015-01-05 22:57 - 2015-01-05 23:06 - 165909566 _____ () E:\Users\Kagu-chan\Desktop\Ao Haru Ride - QC.mp4
2015-01-05 16:29 - 2014-10-10 22:48 - 00045056 _____ () E:\Users\Kagu-chan\Downloads\MouseFixDll.dll
2015-01-05 16:29 - 2014-10-10 22:48 - 00040960 _____ () E:\Users\Kagu-chan\Downloads\MouseFix.exe
2015-01-05 16:28 - 2015-01-05 16:28 - 00029728 _____ () E:\Users\Kagu-chan\Downloads\MouseFix.zip
2015-01-05 16:16 - 2015-01-06 16:16 - 00000000 ____D () E:\Users\Public\AppData\Local
2015-01-05 16:16 - 2015-01-05 16:16 - 00000000 ____D () E:\Users\Public\AppData
2015-01-05 16:02 - 2015-01-06 16:16 - 00000000 ____D () C:\Qoobox
2015-01-05 16:02 - 2015-01-05 16:14 - 00000000 ____D () C:\Windows\erdnt
2015-01-05 16:02 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-01-05 16:02 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-01-05 16:02 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-01-05 16:02 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-01-05 16:02 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-01-05 16:02 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-01-05 16:02 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-01-05 16:02 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-01-05 16:00 - 2015-01-05 16:00 - 05609498 _____ (Swearware) E:\Users\Kagu-chan\Downloads\ComboFix.exe
2015-01-05 08:01 - 2015-01-05 08:01 - 04187592 _____ (Kaspersky Lab ZAO) E:\Users\Kagu-chan\Desktop\TDSSKiller42.exe
2015-01-05 08:00 - 2015-01-05 08:01 - 04187592 _____ (Kaspersky Lab ZAO) E:\Users\Kagu-chan\Downloads\TDSSKiller42.exe
2015-01-04 15:37 - 2015-01-04 15:37 - 00001080 _____ () E:\Users\Kagu-chan\Desktop\Revo Uninstaller.lnk
2015-01-04 15:37 - 2015-01-04 15:37 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-01-04 15:37 - 2015-01-04 15:37 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-04 15:36 - 2015-01-04 15:37 - 02623656 _____ (VS Revo Group Ltd.) E:\Users\Kagu-chan\Downloads\revosetup95.exe
2015-01-04 15:18 - 2015-01-04 15:18 - 00037004 _____ () E:\Users\Kagu-chan\Desktop\gmer.log
2015-01-04 14:37 - 2015-01-04 14:38 - 00030153 _____ () E:\Users\Kagu-chan\Desktop\Addition.txt
2015-01-04 14:36 - 2015-01-07 14:08 - 00012563 _____ () E:\Users\Kagu-chan\Desktop\FRST.txt
2015-01-04 14:36 - 2015-01-07 14:07 - 00000000 ____D () C:\FRST
2015-01-04 14:35 - 2015-01-04 14:36 - 00000480 _____ () E:\Users\Kagu-chan\Desktop\defogger_disable.log
2015-01-04 14:35 - 2015-01-04 14:35 - 00000000 _____ () E:\Users\Kagu-chan\defogger_reenable
2015-01-04 14:34 - 2015-01-04 14:34 - 00380416 _____ () E:\Users\Kagu-chan\Downloads\Gmer-19357.exe
2015-01-04 14:34 - 2015-01-04 14:34 - 00380416 _____ () E:\Users\Kagu-chan\Desktop\Gmer-19357.exe
2015-01-04 14:33 - 2015-01-07 14:07 - 01115648 _____ (Farbar) E:\Users\Kagu-chan\Desktop\FRST.exe
2015-01-04 14:33 - 2015-01-04 14:33 - 01115136 _____ (Farbar) E:\Users\Kagu-chan\Downloads\FRST.exe
2015-01-04 14:33 - 2015-01-04 14:32 - 00050477 _____ () E:\Users\Kagu-chan\Desktop\Defogger.exe
2015-01-04 14:32 - 2015-01-04 14:32 - 00050477 _____ () E:\Users\Kagu-chan\Downloads\Defogger.exe
2015-01-04 08:06 - 2015-01-04 08:11 - 661834390 _____ () E:\Users\Kagu-chan\Desktop\[Chinurarete_Subs]Fairy_Tail_S2_Folge_39_8BIT.mp4
2015-01-03 16:41 - 2015-01-03 16:41 - 00027587 _____ () E:\Users\Kagu-chan\Desktop\inami-san.jpg
2015-01-02 18:19 - 2015-01-02 18:19 - 00041472 _____ () E:\Users\Kagu-chan\Desktop\Japanisch.doc
2015-01-01 19:54 - 2015-01-01 19:54 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\leer
2014-12-31 17:49 - 2014-12-31 17:50 - 06178535 _____ () E:\Users\Kagu-chan\Desktop\Twisted Sweet Sweet Cendrillon DrugMBCB-R4 (2)_.mp3
2014-12-31 17:49 - 2014-12-31 17:49 - 00000000 ____D () C:\Program Files\Lame For Audacity
2014-12-31 17:48 - 2014-12-31 17:49 - 00527423 _____ ( ) E:\Users\Kagu-chan\Downloads\Lame_v3.99.3_for_Windows.exe
2014-12-31 17:46 - 2014-12-31 17:55 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Audacity
2014-12-31 17:46 - 2014-12-31 17:46 - 00000881 _____ () E:\Users\Public\Desktop\Audacity.lnk
2014-12-31 17:46 - 2014-12-31 17:46 - 00000000 ____D () C:\Program Files\Audacity
2014-12-31 17:45 - 2014-12-31 17:45 - 22892794 _____ (Audacity Team ) E:\Users\Kagu-chan\Downloads\audacity-win-2.0.6 (1).exe
2014-12-31 17:36 - 2014-12-31 17:36 - 15540379 _____ () E:\Users\Kagu-chan\Desktop\Desktop.rar
2014-12-31 17:36 - 2014-12-29 23:03 - 10286660 _____ () E:\Users\Kagu-chan\Desktop\Twisted Sweet Sweet Cendrillon DrugMBCB-R4 (2).mp3
2014-12-31 17:19 - 2014-12-31 17:30 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\【↑Twisted ǝʇɐɟ↓】『Sweet Sweet Cendrillon Drug』【MBCB-R4】
2014-12-31 17:19 - 2014-12-31 16:56 - 06234113 _____ () E:\Users\Kagu-chan\Desktop\Twisted Sweet Sweet Cendrillon DrugMBCB-R4.mp3
2014-12-31 16:54 - 2014-12-31 16:54 - 06234113 _____ () E:\Users\Kagu-chan\Downloads\Twisted fate Sweet Sweet Cendrillon Drug Remix.mp3
2014-12-31 16:32 - 2014-12-31 16:32 - 00040374 _____ () E:\Users\Kagu-chan\Desktop\aaa.ass
2014-12-31 15:09 - 2014-12-31 15:09 - 01564052 _____ () E:\Users\Kagu-chan\Desktop\Spielicon.tif
2014-12-31 15:09 - 2014-12-31 15:09 - 01563192 _____ () E:\Users\Kagu-chan\Desktop\Spielicon.ico
2014-12-31 08:14 - 2014-12-31 08:14 - 00000000 ____D () C:\Windows\symbols
2014-12-31 07:53 - 2014-12-31 07:53 - 00000000 ____D () E:\Users\Kagu-chan\Downloads\luajit-win-master
2014-12-30 22:59 - 2014-12-30 22:59 - 00509264 _____ (Microsoft Corporation) E:\Users\Kagu-chan\Downloads\winsdk_web.exe
2014-12-30 15:57 - 2015-01-02 04:54 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\working
2014-12-30 15:48 - 2014-12-30 15:48 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\autoload
2014-12-29 23:02 - 2014-12-29 23:03 - 10286660 _____ () E:\Users\Kagu-chan\Downloads\【↑Twisted ǝʇɐɟ↓】『Sweet Sweet Cendrillon Drug』【MBCB-R4】.mp3
2014-12-29 17:45 - 2015-01-02 22:04 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\taiyo
2014-12-29 10:20 - 2014-12-29 10:20 - 00057899 _____ () E:\Users\Kagu-chan\Desktop\Lebenslauf Kai Böse.pdf
2014-12-29 10:20 - 2014-12-29 10:20 - 00040854 _____ () E:\Users\Kagu-chan\Desktop\Lebenslauf.odt
2014-12-29 10:10 - 2014-12-29 10:10 - 00015431 _____ () E:\Users\Kagu-chan\Desktop\Lebenslauf Kai Böse (1).pdf
2014-12-29 09:07 - 2014-12-29 09:07 - 00000000 ____D () E:\Users\Kagu-chan\Downloads\Yutils-master
2014-12-28 17:31 - 2014-12-28 17:33 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\IcoFX
2014-12-28 17:31 - 2014-12-28 17:31 - 00000000 ____D () C:\Program Files\IcoFX 1.6
2014-12-28 12:16 - 2014-12-28 12:16 - 00000000 ____D () E:\Users\Kagu-chan\.config
2014-12-28 09:02 - 2014-12-28 09:02 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Beat Hazard
2014-12-28 05:41 - 2014-12-28 09:00 - 00000000 ____D () E:\Users\Kagu-chan\Downloads\Tests
2014-12-27 07:49 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-27 07:03 - 2015-01-07 13:44 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-27 07:03 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-27 07:03 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-27 07:03 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-26 11:04 - 2014-12-26 11:17 - 513768341 _____ () E:\Users\Kagu-chan\Downloads\[BNFs]Fairy_Tail_S2_38_[720p].mp4
2014-12-26 11:04 - 2014-12-26 11:17 - 492697118 _____ () E:\Users\Kagu-chan\Downloads\[BNFs]Fairy_Tail_S2_37_[720p].mp4
2014-12-25 10:59 - 2014-12-25 10:59 - 00000000 ____D () E:\Users\Kagu-chan\Documents\RPGVXAce
2014-12-25 07:01 - 2014-12-25 07:01 - 00000000 ____D () E:\Users\Kagu-chan\Documents\GitHub
2014-12-25 07:00 - 2014-12-25 07:00 - 00000000 ____D () E:\Users\Kagu-chan\.ssh
2014-12-25 06:59 - 2014-12-28 11:07 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\GitHub
2014-12-25 06:59 - 2014-12-28 11:07 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local\GitHub
2014-12-25 06:59 - 2014-12-28 11:05 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2014-12-25 06:43 - 2015-01-07 12:52 - 00000000 ____D () C:\Program Files\Git
2014-12-24 12:04 - 2014-12-24 12:04 - 00000000 ____D () E:\Users\Kagu-chan\.gem
2014-12-23 20:18 - 2014-12-31 06:04 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\Kara
2014-12-23 02:32 - 2014-12-27 06:49 - 00000000 ____D () C:\Program Files\ScintillaNET v2.6
2014-12-22 23:20 - 2014-12-31 06:04 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\Clannad After Story FX
2014-12-21 03:56 - 2014-12-29 18:05 - 00003146 _____ () E:\Users\Kagu-chan\AppData\Roaming\ASSDraw3.cfg
2014-12-21 03:34 - 2014-12-22 20:57 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\FX
2014-12-21 00:16 - 2014-12-21 00:21 - 00000000 ____D () E:\Users\Kagu-chan\Desktop\Wichtig
2014-12-20 22:57 - 2014-12-20 22:57 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-20 22:36 - 2014-12-27 07:03 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-12-17 17:50 - 2014-12-17 17:50 - 00000000 ____D () E:\Users\Kagu-chan\Documents\MPC-HC Capture
2014-12-17 06:54 - 2015-01-05 16:13 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local\assembly
2014-12-17 06:37 - 2015-01-02 07:54 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\vlc
2014-12-15 02:18 - 2014-12-15 02:18 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.1.5-p273
2014-12-15 02:17 - 2014-12-15 02:18 - 00000000 ____D () C:\Ruby21
2014-12-14 18:37 - 2014-12-14 18:37 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\FXSpindle
2014-12-13 19:01 - 2014-12-13 19:01 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-12-13 18:47 - 2015-01-03 12:06 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local\Battle.net
2014-12-13 18:47 - 2014-12-13 18:47 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Battle.net
2014-12-13 18:47 - 2014-12-13 18:47 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local\Blizzard Entertainment
2014-12-13 18:46 - 2014-12-13 18:46 - 00000000 ____D () C:\Program Files\Battle.net
2014-12-12 04:45 - 2014-12-12 04:45 - 00210701 _____ () E:\Users\Kagu-chan\AppData\Local\debuggee.mdmp
2014-12-11 20:04 - 2015-01-01 03:24 - 00000000 ____D () E:\Users\Kagu-chan\Documents\Visual Studio 2010
2014-12-11 20:04 - 2014-12-11 20:04 - 00000000 ____D () C:\Program Files\Microsoft Synchronization Services
2014-12-11 20:04 - 2014-12-11 20:04 - 00000000 ____D () C:\Program Files\Microsoft SQL Server Compact Edition
2014-12-11 20:04 - 2014-12-11 20:04 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-12-11 20:02 - 2014-12-11 20:05 - 00000000 ____D () C:\Program Files\Microsoft Visual Studio 10.0
2014-12-11 20:02 - 2014-12-11 20:02 - 00000000 ____D () C:\Windows\PCHEALTH
2014-12-11 20:02 - 2014-12-11 20:02 - 00000000 ____D () C:\Program Files\Microsoft SDKs
2014-12-11 20:02 - 2014-12-11 20:02 - 00000000 ____D () C:\Program Files\Microsoft Help Viewer
2014-12-11 15:52 - 2014-12-11 15:52 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\wacomid-desktop-launcher
2014-12-11 04:34 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-11 04:34 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-11 04:34 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-11 04:34 - 2014-11-22 03:20 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-11 04:34 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-11 04:34 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-11 04:34 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-11 04:34 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-11 04:34 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-11 04:34 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-11 04:34 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-11 04:34 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-11 04:34 - 2014-11-22 02:55 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-11 04:34 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-11 04:34 - 2014-11-22 02:48 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-11 04:34 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-11 04:34 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-11 04:34 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-11 04:34 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-11 04:34 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-11 04:34 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-11 04:34 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-11 04:34 - 2014-11-22 02:23 - 00684544 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-11 04:34 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-11 04:34 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-11 04:34 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-11 04:34 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-11 04:34 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-11 04:34 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-11 04:34 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 00:30 - 2014-12-11 00:30 - 00000000 ____D () E:\Users\Kagu-chan\Downloads\[SHFS] Sono Hanabira ni Kuchizuke o - Anata to Koibito Tsunagi (x264, 480p)[5FA770E1]
2014-12-08 17:25 - 2014-12-08 17:26 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\NexusFont
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-07 14:08 - 2014-09-29 12:32 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local\Temp
2015-01-07 14:07 - 2014-09-29 12:33 - 00000000 ___RD () E:\Users\Kagu-chan\Desktop
2015-01-07 14:07 - 2009-07-14 05:34 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-07 14:07 - 2009-07-14 05:34 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-07 14:03 - 2014-09-29 12:33 - 00000000 ___RD () E:\Users\Kagu-chan\Downloads
2015-01-07 14:03 - 2014-09-29 11:12 - 01049831 _____ () C:\Windows\WindowsUpdate.log
2015-01-07 14:02 - 2014-09-29 11:57 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Skype
2015-01-07 14:00 - 2014-09-29 11:37 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-07 14:00 - 2014-09-29 11:20 - 10485760 ___SH () E:\Users\Kagu-chan\NTUSER.DAT
2015-01-07 14:00 - 2014-09-29 11:20 - 00262144 ___SH () E:\Users\Kagu-chan\ntuser.dat.LOG1
2015-01-07 14:00 - 2009-07-14 05:33 - 07678776 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-07 13:59 - 2014-09-29 11:37 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-07 13:59 - 2014-09-29 11:28 - 02378877 ____H () E:\Users\Kagu-chan\AppData\Local\IconCache.db
2015-01-07 13:59 - 2010-11-20 22:48 - 00028950 _____ () C:\Windows\PFRO.log
2015-01-07 13:59 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-07 13:59 - 2009-07-14 05:39 - 00031135 _____ () C:\Windows\setupact.log
2015-01-07 13:46 - 2014-09-30 23:19 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Aegisub
2015-01-07 13:44 - 2014-11-03 23:26 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Spotify
2015-01-07 12:59 - 2014-10-04 18:29 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\.minecraft
2015-01-07 12:53 - 2014-09-29 12:32 - 00000000 ____D () E:\Users\Kagu-chan
2015-01-07 12:46 - 2014-09-29 11:52 - 00000000 ____D () C:\Program Files\osu!
2015-01-07 11:46 - 2014-09-29 11:37 - 01311680 _____ () E:\Users\Kagu-chan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-01-07 01:53 - 2009-07-14 03:03 - 00197632 ____H () E:\Users\Default\NTUSER.DAT.LOG1
2015-01-07 00:42 - 2014-09-30 23:20 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\fontconfig
2015-01-07 00:24 - 2014-11-26 22:39 - 00000000 ____D () C:\MoTemp
2015-01-06 16:16 - 2014-09-29 12:32 - 00000000 ____D () E:\Users\Default\AppData\Local
2015-01-06 16:14 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini
2015-01-06 16:13 - 2014-09-29 12:33 - 00000000 ___RD () E:\Users\Kagu-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2015-01-06 16:04 - 2014-09-29 12:32 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming
2015-01-06 13:41 - 2014-09-30 12:30 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\FileZilla
2015-01-05 22:33 - 2014-09-29 12:00 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\TS3Client
2015-01-05 16:35 - 2014-09-29 21:01 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local\TSVNCache
2015-01-05 16:16 - 2014-09-29 12:33 - 00000000 ___RD () E:\Users\Public
2015-01-05 11:17 - 2014-11-03 23:26 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local\Spotify
2015-01-04 15:37 - 2014-09-29 12:32 - 00000000 ___RD () E:\Users\Kagu-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2015-01-01 22:37 - 2014-09-29 12:33 - 00000000 ___RD () E:\Users\Kagu-chan\Links
2014-12-31 23:42 - 2014-09-30 22:23 - 00000000 ____D () C:\Program Files\NyuFX
2014-12-31 17:46 - 2014-09-29 12:33 - 00000000 __RHD () E:\Users\Public\Desktop
2014-12-31 10:11 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-12-31 08:32 - 2014-10-04 22:54 - 00000000 ____D () C:\Program Files\TeamViewer
2014-12-31 08:11 - 2009-07-14 05:52 - 00000000 ____D () C:\Program Files\MSBuild
2014-12-29 18:05 - 2014-09-29 22:32 - 00000600 _____ () E:\Users\Kagu-chan\AppData\Local\PUTTY.RND
2014-12-28 18:24 - 2014-09-29 17:23 - 00000000 ____D () C:\Program Files\Steam
2014-12-28 11:06 - 2014-09-29 11:37 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local\Deployment
2014-12-28 05:48 - 2014-09-29 17:28 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-27 07:39 - 2014-09-29 11:57 - 00000000 ___RD () C:\Program Files\Skype
2014-12-27 07:37 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Globalization
2014-12-27 06:59 - 2014-09-29 12:32 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local
2014-12-27 06:59 - 2014-09-29 11:21 - 00001024 _____ () E:\Users\Kagu-chan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-27 06:50 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-12-27 06:49 - 2009-07-14 03:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-27 06:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\registration
2014-12-27 06:49 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\AppCompat
2014-12-27 06:39 - 2014-10-29 01:13 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\uTorrent
2014-12-27 06:37 - 2014-09-29 12:32 - 00000000 ____D () E:\Users\Kagu-chan\AppData\LocalLow
2014-12-25 10:59 - 2014-09-29 12:33 - 00000000 ___RD () E:\Users\Kagu-chan\Documents
2014-12-25 08:04 - 2014-10-29 01:22 - 00000000 ____D () E:\Users\Kagu-chan\Documents\PPSSPP
2014-12-23 00:19 - 2014-09-29 12:33 - 00000000 ___RD () E:\Users\Kagu-chan\Pictures
2014-12-21 03:32 - 2014-10-25 02:00 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\TeamViewer
2014-12-20 22:59 - 2014-10-26 00:43 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Roaming\DAEMON Tools Lite
2014-12-20 22:59 - 2014-09-29 12:08 - 00000000 ____D () C:\Windows\Panther
2014-12-15 17:08 - 2010-11-20 22:01 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-15 01:29 - 2014-09-29 12:33 - 00000000 ___RD () E:\Users\Kagu-chan\Music
2014-12-14 18:32 - 2014-11-12 05:13 - 00000496 _____ () C:\Windows\system32\TeamViewer10_Hooks.log
2014-12-11 20:11 - 2014-09-29 12:32 - 00000000 ____D () E:\Users\Kagu-chan\AppData\Local\Microsoft
2014-12-11 20:04 - 2014-09-29 12:32 - 00000000 ___SD () E:\Users\Kagu-chan\AppData\Roaming\Microsoft
2014-12-11 20:02 - 2014-09-29 11:48 - 00000000 ____D () C:\Program Files\Microsoft.NET
2014-12-11 20:02 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-12-11 16:42 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-12-11 15:47 - 2014-09-29 13:37 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-12-11 15:44 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-12-11 04:39 - 2014-10-26 05:29 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 04:34 - 2014-10-26 05:29 - 109818608 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-08 20:34 - 2014-12-05 22:09 - 00006484 _____ () E:\Users\Kagu-chan\Desktop\Zucht.txt
Some content of TEMP:
====================
E:\Users\Kagu-chan\AppData\Local\Temp\Quarantine.exe
E:\Users\Kagu-chan\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-04 00:40
==================== End Of Log ============================
--- --- ---
Additions
FRST Additions Logfile: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 07-01-2015
Ran by Kagu-chan at 2015-01-07 14:09:06
Running from E:\Users\Kagu-chan\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
‚Í‚é‚©‚º‚Ç‚è‚ÉA‚Ƃ܂肬‚ðB (HKLM\...\{E3D5D575-4A71-4596-A459-B66977579446}) (Version: 1.00.000 - )
µTorrent (HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Aegisub 3.2.1 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 3.2.1 - Aegisub Team)
Alice Madness Returns (HKLM\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AMD Catalyst Install Manager (HKLM\...\{DC7723BE-A2BB-58A0-4820-5630F9B82198}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Aura Kingdom (HKLM\...\Steam App 268420) (Version: - X-Legend)
AviSynth 2.5 (HKLM\...\AviSynth) (Version: - )
Bamboo Dock (HKLM\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (Version: 4.1.0 - Wacom Europe GmbH) Hidden
Battle.net (HKLM\...\Battle.net) (Version: - Blizzard Entertainment)
Beat Hazard (HKLM\...\Steam App 49600) (Version: - Cold Beam Games)
C9 (HKLM\...\Steam App 212390) (Version: - Cloud 9 Studio)
ColorPicker Version 2.5 (HKLM\...\{2A999A57-4530-41AC-AF6B-E5B7A28BA357}_is1) (Version: 2.5 - Cronoxyd.de)
Combined Community Codec Pack 2014-07-13 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
FileZilla Client 3.9.0.6 (HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FileZilla Server (HKLM\...\FileZilla Server) (Version: beta 0.9.47 - FileZilla Project)
Gameforge Live 2.0.5 (HKLM\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Git version 1.9.5-preview20141217 (HKLM\...\Git_is1) (Version: 1.9.5-preview20141217 - The Git Development Community)
GitHub (HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\5f7eb300e2ea4ebf) (Version: 2.6.6.2 - GitHub, Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Houlo Video Downloader (HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\Houlo Video Downloader) (Version: - )
IcoFX 1.6.4 (HKLM\...\IcoFX_is1) (Version: - )
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
JDownloader 0.9 (HKLM\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Katawa Shoujo (HKLM\...\Katawa Shoujo) (Version: - )
K-Lite Codec Pack 10.7.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 10.7.5 - )
kSub (HKLM\...\{258C48B4-73E7-4AF0-97CF-5CD57BE44E43}_is1) (Version: 2.4.1.0 - Dako-kun)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
LibreOffice 4.2.7.2 (HKLM\...\{A313C39F-79A7-408B-97EE-8F958407D694}) (Version: 4.2.7.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ Compilers 2010 Standard - enu - x86 (HKLM\...\{370187B9-6964-38D0-851F-6C4898B0C2B1}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
MKVCleaver x86 (HKLM\...\{6C419268-0E1E-4087-B769-B80B2539236F}) (Version: 6.0.5 - Ilia Bakhmoutski)
MKVToolNix 7.2.0 (32bit) (HKLM\...\MKVToolNix) (Version: 7.2.0 - Moritz Bunkus)
mocha Pro V3.2.1-7276 (HKLM\...\{110ABF3B-74FA-45A4-B893-8482DA52AA9D}) (Version: 3.21.7276 - Imagineer Systems)
Mozilla Firefox 33.1 (x86 de) (HKLM\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0.3 - Mozilla)
NetBeans IDE 8.0.1 (HKLM\...\nbi-nb-base-8.0.1.0.201408251540) (Version: 8.0.1 - NetBeans.org)
NexusFont 2.5 (ver 2.5.8.1582) (HKLM\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version: - xiles)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
NyuFX (HKLM\...\NyuFX) (Version: 1.6.0 - Youka)
osu! (HKLM\...\{172e71de-59ac-4691-a7b2-378535218a63}) (Version: latest - ppy Pty Ltd)
piaip AppLocale (HKLM\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Pokémon Trading Card Game Online (HKLM\...\{F323157A-218F-4613-9673-F975AB9397CF}) (Version: 2.23.1 - The Pokémon Company International)
Portal (HKLM\...\Steam App 400) (Version: - Valve)
Portal 2 (HKLM\...\Steam App 620) (Version: - Valve)
PPSSPP version 0.9.8 (HKLM\...\PPSSPP_is1) (Version: 0.9.8 - )
puush (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
QT Lite 4.1.0 (HKLM\...\quicktime_lite_is1) (Version: 4.1.0 - )
RaidCall (HKLM\...\RaidCall) (Version: 7.3.6-1.0.12972.94 - raidcall.com)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RPG Maker VX Ace (HKLM\...\Steam App 220700) (Version: - Enterbrain)
RPG MAKER VX Ace RTP (HKLM\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPG Maker XP (HKLM\...\Steam App 235900) (Version: - Degica)
Ruby 2.1.5-p273 (HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\{64763A89-6347-43AF-833F-3840615C62AE}_is1) (Version: 2.1.5-p273 - RubyInstaller Team)
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2026768166-240738973-2546325667-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.36244 - TeamViewer)
TERA (HKLM\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
The Legend of Heroes: Trails in the Sky (HKLM\...\Steam App 251150) (Version: - Nihon Falcom)
Torchlight II (HKLM\...\Steam App 200710) (Version: - Runic Games)
TortoiseSVN 1.8.8.25755 (32 bit) (HKLM\...\{E9741943-84C8-48D3-9B88-CDD9CADF9DA0}) (Version: 1.8.25755 - TortoiseSVN)
Tunngle Version Tunngle (HKLM\...\Tunngle_is1) (Version: Tunngle - Tunngle.net GmbH)
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
Wakfu (HKLM\...\Steam App 215080) (Version: - Ankama)
WebTablet FB Plugin 32 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
World of Warcraft (HKLM\...\World of Warcraft) (Version: - Blizzard Entertainment)
Ys Origin (HKLM\...\Steam App 207350) (Version: - Nihon Falcom)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-2026768166-240738973-2546325667-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files\Git\git-cheetah\git_shell_ext.dll ()
==================== Restore Points =========================
20-12-2014 23:22:58 Wiederherstellungsvorgang
21-12-2014 20:04:41 Windows Update
27-12-2014 06:47:34 Wiederherstellungsvorgang
27-12-2014 07:49:16 Windows Update
31-12-2014 08:09:52 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
04-01-2015 15:38:47 Revo Uninstaller's restore point - Update Service YourFileDownloader
06-01-2015 16:03:08 ComboFix created restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2015-01-06 16:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {3BDCAE71-BDF7-4D9A-8620-C0B26AAF1EB1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-29] (Google Inc.)
Task: {529A985F-5E7A-400D-A883-BD1E0E2AC933} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-09-23] ()
Task: {7AD64A29-E271-426F-8AD7-1C2FD147A87B} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {A2ADE29E-F425-439D-BD79-88DA475E7A7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-09-29] (Google Inc.)
Task: {CDD0FB77-5187-42B4-BB8E-F7C6B45FE251} - System32\Tasks\{F394FCBC-FD6F-41A7-83AF-C61BD9C993E2} => pcalua.exe -a G:\install.exe -d G:\
Task: {FF2EE01C-E4C1-4C31-A53E-79CB9CA47B3B} - System32\Tasks\{185C16E4-7E6D-455C-B1F5-F63CC70E3C3A} => pcalua.exe -a E:\Users\Kagu-chan\Downloads\winsdk_web.exe -d E:\Users\Kagu-chan\Downloads
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files\Bamboo Dock\BambooCore.exe
2012-10-16 10:39 - 2012-10-16 10:39 - 00060504 _____ () C:\Program Files\Bamboo Dock\BambooWinTab.dll
2012-01-10 13:41 - 2014-09-29 12:01 - 00567880 _____ () C:\Program Files\puush\puush.exe
2014-08-10 14:40 - 2014-08-10 14:40 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-08-10 14:40 - 2014-08-10 14:40 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2014-09-29 13:37 - 2014-09-29 13:37 - 00225792 _____ () C:\Program Files\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
2014-10-16 10:15 - 2014-10-16 10:15 - 00035328 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () C:\Program Files\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () C:\Program Files\FileZilla FTP Client\libstdc++-6.dll
2014-09-29 13:39 - 2014-08-19 20:12 - 01019672 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: FileZilla Server => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TabletInputService => 2
MSCONFIG\Services: TunngleService => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: FileZilla Server Interface => "E:\FZ\FileZilla Server\FileZilla Server Interface.exe"
MSCONFIG\startupreg: Spotify Web Helper => "E:\Users\Kagu-chan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
========================= Accounts: ==========================
Administrator (S-1-5-21-2026768166-240738973-2546325667-500 - Administrator - Disabled)
Gast (S-1-5-21-2026768166-240738973-2546325667-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2026768166-240738973-2546325667-1002 - Limited - Enabled)
Kagu-chan (S-1-5-21-2026768166-240738973-2546325667-1001 - Administrator - Enabled) => E:\Users\Kagu-chan
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) D CPU 2.80GHz
Percentage of memory in use: 31%
Total physical RAM: 3007.3 MB
Available physical RAM: 2070.71 MB
Total Pagefile: 6010.84 MB
Available Pagefile: 4932.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.89 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:146.39 GB) (Free:68.31 GB) NTFS
Drive d: (Osu) (Fixed) (Total:48.83 GB) (Free:32.11 GB) NTFS
Drive e: (Daten) (Fixed) (Total:270.45 GB) (Free:181.3 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8E14D438)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================
--- --- --- |
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
