C:\Users\didi\AppData\Roaming\skype.dat

megaolymp · 07.07.2013, 10:40

#
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by SYSTEM on 07-07-2013 11:13:03
Running from H:\
Windows 7 Home Premium (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Recovery

The current controlset is ControlSet002
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and an extra Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [BackupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k [261888 2009-08-12] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" [199464 2009-08-03] (Egis Technology Inc.)
HKLM-x32\...\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-19] ()
HKLM-x32\...\Run: [QuickTime Plugin Install] C:\Program Files (x86)\QuickTime\Plugins\DeleteMe2.exe [86016 2013-02-18] ()
HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-24] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DATAMNGR] C:\PROGRA~2\WIA6EB~1\Datamngr\DATAMN~1.EXE [1890744 2012-09-02] (Bandoo Media, inc)
HKU\didi\...\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU "C:\Windows\TEMP\E_S1760.tmp" /EF "HKCU" [x] <===== ATTENTION
HKU\didi\...\Winlogon: [Shell] explorer.exe,C:\Users\didi\AppData\Roaming\skype.dat [60416 2013-06-21] () <==== ATTENTION 
AppInit_DLLs: C:\PROGRA~2\WIA6EB~1\Datamngr\x64\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\x64\IEBHO.dll  [1528760 2012-09-02] (Bandoo Media, inc)
AppInit_DLLs-x32: C:\PROGRA~2\WIA6EB~1\Datamngr\datamngr.dll C:\PROGRA~2\WIA6EB~1\Datamngr\IEBHO.dll  [1185208 2012-09-02] (Bandoo Media, inc)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Hardcopy.LNK
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you, Siegfried Weckmann)
Startup: C:\ProgramData\Start Menu\Programs\Startup\NETGEAR WNDA3100v2 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WNDA3100v2 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNDA3100v2\WNDA3100v2.exe ()
Startup: C:\ProgramData\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Services (Whitelisted) =================

S2 MCLIENT; C:\Program Files (x86)\Norton Management\Engine\3.2.0.19\ccSvcHst.exe [143928 2012-10-10] (Symantec Corporation)
S2 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [311592 2009-08-06] (Egis Technology Inc.)
S2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe [144368 2013-05-20] (Symantec Corporation)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1225312 2012-11-26] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [659040 2012-11-26] (Secunia)
S2 WSWNDA3100; C:\Program Files (x86)\NETGEAR\WNDA3100v2\WifiSvc.exe [272864 2010-08-19] ()

==================== Drivers (Whitelisted) ====================

S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
S1 ccSet_MCLIENT; C:\Windows\system32\drivers\MCLIENTx64\0302000.013\ccSetx64.sys [168096 2012-10-03] (Symantec Corporation)
S1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1404000.028\ccSetx64.sys [169048 2013-04-15] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-21] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-21] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130705.001\IDSvia64.sys [513184 2013-06-21] (Symantec Corporation)
S1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\IPSDefs\20130705.001\IDSvia64.sys [513184 2013-06-21] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130705.023\ENG64.SYS [126040 2013-07-05] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130705.023\ENG64.SYS [126040 2013-07-05] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130705.023\EX64.SYS [2098776 2013-07-05] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.0.36\Definitions\VirusDefs\20130705.023\EX64.SYS [2098776 2013-07-05] (Symantec Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1404000.028\SRTSP64.SYS [796760 2013-05-15] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\N360x64\1404000.028\SRTSPX64.SYS [36952 2013-03-04] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\N360x64\1404000.028\SYMDS64.SYS [493656 2013-05-20] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\N360x64\1404000.028\SYMEFA64.SYS [1139800 2013-05-22] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\N360x64\1404000.028\Ironx64.SYS [224416 2013-03-04] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\N360x64\1404000.028\SYMNETS.SYS [433752 2013-04-24] (Symantec Corporation)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [x]
S3 EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 PCDSRVC{A368CD8C-DE499B0B-06020101}_0; \??\c:\users\admini~1\appdata\local\temp\xyy5x7vocu.o\pcdrdiag\bin\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-07 11:12 - 2013-07-07 11:12 - 00000000 ____D C:\FRST
2013-07-06 09:00 - 2013-07-07 00:40 - 00000004 ____A C:\Users\didi\AppData\Roaming\skype.ini
2013-07-06 07:49 - 2013-06-29 05:56 - 00000000 ____D C:\Users\didi\Downloads\Ray
2013-07-06 07:49 - 2013-06-28 10:01 - 00000000 ____D C:\Users\didi\Downloads\maddy
2013-07-06 07:49 - 2013-06-27 15:15 - 00000000 ____D C:\Users\didi\Downloads\Lionville
2013-07-06 07:49 - 2013-06-26 12:15 - 00000000 ____D C:\Users\didi\Downloads\Physical-olivia
2013-07-06 07:49 - 2013-06-25 02:19 - 00000000 ____D C:\Users\didi\Downloads\Quireboys
2013-07-06 07:48 - 2013-06-27 15:37 - 00000000 ____D C:\Users\didi\Downloads\Frankie
2013-07-06 07:48 - 2013-06-25 09:48 - 00000000 ____D C:\Users\didi\Downloads\Jillette
2013-07-06 07:48 - 2013-06-19 14:52 - 00000000 ____D C:\Users\didi\Downloads\Insanitizers
2013-07-06 07:48 - 2013-06-15 03:25 - 00000000 ____D C:\Users\didi\Downloads\Haggard
2013-07-06 07:48 - 2013-06-15 03:23 - 00000000 ____D C:\Users\didi\Downloads\Gun
2013-07-06 07:48 - 2013-06-15 03:18 - 00000000 ____D C:\Users\didi\Downloads\Elvis
2013-07-06 07:48 - 2013-05-27 00:37 - 00000000 ____D C:\Users\didi\Downloads\Harpo - Smile
2013-07-06 07:48 - 2013-05-27 00:34 - 00000000 ____D C:\Users\didi\Downloads\Emerson, Lake & Palmer - The Best Of
2013-07-06 07:47 - 2013-07-01 01:53 - 00000000 ____D C:\Users\didi\Downloads\david B
2013-07-06 07:47 - 2013-06-30 08:51 - 00000000 ____D C:\Users\didi\Downloads\Deap Vally
2013-07-06 07:47 - 2013-06-28 13:35 - 00000000 ____D C:\Users\didi\Downloads\David - (1998)
2013-07-06 07:47 - 2013-06-28 13:30 - 00000000 ____D C:\Users\didi\Downloads\David Lee Roth - (1986)
2013-07-06 07:47 - 2013-05-27 00:29 - 00000000 ____D C:\Users\didi\Downloads\David Arkenstone - World Cafe
2013-07-06 07:47 - 2012-03-01 00:28 - 00000000 ____D C:\Users\didi\Downloads\Edenbridge - Arcana (2001)
2013-07-06 07:47 - 2012-01-17 06:10 - 00000000 ____D C:\Users\didi\Downloads\Cryptic Wintermoon - Of Shadows
2013-07-06 05:06 - 2013-06-18 07:33 - 00000000 ____D C:\Users\didi\Downloads\Love Ballads 4er CD Box Flac
2013-07-06 05:05 - 2013-07-04 01:36 - 00000000 ____D C:\Users\didi\Downloads\Robben Ford - Bringing It Back Home
2013-07-06 05:05 - 2013-06-23 07:00 - 00000000 ____D C:\Users\didi\Downloads\Rose
2013-07-06 05:04 - 2013-06-29 22:52 - 00000000 ____D C:\Users\didi\Downloads\Soul
2013-07-06 05:04 - 2013-06-26 11:32 - 00000000 ____D C:\Users\didi\Downloads\Xanadu
2013-07-06 05:04 - 2013-06-20 04:42 - 00000000 ____D C:\Users\didi\Downloads\Searchers
2013-07-06 05:04 - 2013-06-20 02:20 - 00000000 ____D C:\Users\didi\Downloads\Viktor (1987)
2013-07-06 05:04 - 2013-06-16 08:42 - 00000000 ____D C:\Users\didi\Downloads\Tornfly
2013-07-06 05:04 - 2010-01-11 06:38 - 00000000 ____D C:\Users\didi\Downloads\Santana - Santana Brothers (1994)
2013-07-06 05:03 - 2011-12-21 03:27 - 00000000 ____D C:\Users\didi\Downloads\Clive Barker - 03 Das dritte Buch des Blutes
2013-07-06 05:02 - 2013-06-08 06:23 - 00000000 ____D C:\Users\didi\Downloads\Cazadores
2013-07-06 05:02 - 2013-06-08 06:22 - 00000000 ____D C:\Users\didi\Downloads\Byron
2013-07-06 05:02 - 2013-06-08 06:21 - 00000000 ____D C:\Users\didi\Downloads\Butch
2013-07-06 05:01 - 2013-06-27 01:06 - 00000000 ____D C:\Users\didi\Downloads\Black Sabbath
2013-07-06 05:01 - 2013-06-23 02:53 - 00000000 ____D C:\Users\didi\Downloads\Bon Jovi - Greatest Hits
2013-07-06 05:00 - 2013-06-08 06:19 - 00000000 ____D C:\Users\didi\Downloads\BC
2013-07-06 05:00 - 2013-06-08 06:18 - 00000000 ____D C:\Users\didi\Downloads\Artificial Heart
2013-07-06 05:00 - 2012-06-15 01:22 - 00000000 ____D C:\Users\didi\Downloads\Canned Heat - Future Blues (1970)
2013-07-06 05:00 - 2012-02-29 09:50 - 00000000 ____D C:\Users\didi\Downloads\Die besten Werbehits Edition 2008-2009
2013-07-06 05:00 - 2012-02-21 07:37 - 00000000 ____D C:\Users\didi\Downloads\Barbra Streisand - One Voice (1987)
2013-07-06 04:59 - 2013-07-04 20:58 - 00000000 ___AD C:\Users\didi\Downloads\Architects - The Here And Now - 2011
2013-07-06 04:59 - 2013-07-04 19:46 - 00000000 ____D C:\Users\didi\Downloads\Cat Stevens - Izitso (1977)
2013-07-06 04:59 - 2012-08-27 07:03 - 00000000 ____D C:\Users\didi\Downloads\Cat Stevens - Matthew & Son (1966)
2013-07-06 04:59 - 2012-06-20 06:57 - 00000000 ____D C:\Users\didi\Downloads\Dio - Angry Machines (1996)
2013-07-06 04:58 - 2013-07-04 19:47 - 00000000 ___RD C:\Users\didi\Downloads\Peter Maffay - Weil es dich gibt
2013-07-04 09:32 - 2013-06-25 10:14 - 00000000 ____D C:\Users\didi\Downloads\rnb
2013-07-04 09:32 - 2013-04-24 02:50 - 00000000 ____D C:\Users\didi\Downloads\white
2013-07-04 09:31 - 2013-06-23 23:41 - 00000000 ____D C:\Users\didi\Downloads\Laura
2013-07-04 09:31 - 2013-05-08 14:49 - 00000000 ____D C:\Users\didi\Downloads\nazareth
2013-07-04 09:29 - 2013-06-24 16:30 - 00000000 ____D C:\Users\didi\Downloads\Kiss
2013-07-04 09:28 - 2013-06-24 06:39 - 00000000 ____D C:\Users\didi\Downloads\jukebox
2013-07-04 09:28 - 2013-06-22 11:35 - 00000000 ____D C:\Users\didi\Downloads\Jesse Cook
2013-07-04 09:27 - 2013-07-04 09:52 - 00000000 ____D C:\Users\didi\Downloads\Eagles – The Studio Albums 1972-1979 (2013)
2013-07-04 09:27 - 2013-06-24 08:48 - 00000000 ____D C:\Users\didi\Downloads\Gretchen
2013-07-04 09:26 - 2013-06-26 10:33 - 00000000 ____D C:\Users\didi\Downloads\foute
2013-07-04 09:24 - 2013-06-26 10:33 - 00000000 ____D C:\Users\didi\Downloads\disco
2013-07-04 09:24 - 2013-06-26 09:04 - 00000000 ____D C:\Users\didi\Downloads\Chris Rea - Wired To The Moon
2013-07-04 09:24 - 2011-12-06 02:49 - 00000000 ____D C:\Users\didi\Downloads\Cyndi Lauper - Collections  2006
2013-07-04 09:24 - 2011-11-29 23:51 - 00000000 ____D C:\Users\didi\Downloads\Cinderella - Night Songs (1986)
2013-07-04 09:23 - 2011-12-06 02:20 - 00000000 ____D C:\Users\didi\Downloads\Black Sabbath - Never Say Die 1978
2013-07-04 09:23 - 2011-12-05 01:39 - 00000000 ____D C:\Users\didi\Downloads\Chill House Paradise Islands Edition (2011)
2013-07-04 09:23 - 2011-12-04 00:00 - 00000000 ____D C:\Users\didi\Downloads\Black Sabbath - Forbidden 1995
2013-07-04 09:23 - 2011-11-24 23:35 - 00000000 ____D C:\Users\didi\Downloads\Barry White - Under The Influence Of Love (1995)
2013-07-04 09:23 - 2011-11-23 02:11 - 00000000 ____D C:\Users\didi\Downloads\Bryan Adams - Bare Bones
2013-07-04 09:22 - 2011-11-28 05:22 - 00000000 ____D C:\Users\didi\Downloads\Alan Parsons Project - Vulture Culture (1984)
2013-07-04 09:22 - 2011-11-15 03:56 - 00000000 ____D C:\Users\didi\Downloads\Andreas Gabalier - Volks Rock 'n' Roller
2013-07-04 09:22 - 2011-11-13 23:08 - 00000000 ____D C:\Users\didi\Downloads\Andreas Gabalier - Herzwerk
2013-07-04 09:19 - 2013-06-26 08:43 - 00000000 ____D C:\Users\didi\Downloads\100 Hits - Disco Classics
2013-07-04 09:18 - 2013-01-19 03:05 - 00000000 ____D C:\Users\didi\Downloads\80ERHITS
2013-07-04 08:01 - 2013-07-07 00:39 - 00000728 ____A C:\Windows\setupact.log
2013-07-04 08:01 - 2013-07-04 08:01 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 09:35 - 2013-07-03 09:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-02 08:26 - 2013-06-18 04:59 - 00000000 ____D C:\Users\didi\Downloads\Die Toten Hosen - Bis Zum Bitteren Ende
2013-07-02 08:25 - 2013-06-18 06:01 - 00000000 ____D C:\Users\didi\Downloads\Lenka - Two
2013-06-29 02:25 - 2013-06-29 02:25 - 00000000 ____D C:\Users\didi\AppData\Roaming\BEGAware
2013-06-29 00:46 - 2013-06-29 00:47 - 00000000 ____D C:\Program Files (x86)\MP3Gain
2013-06-29 00:42 - 2013-06-29 00:42 - 00000994 ____A C:\Users\didi\Desktop\Jigsaws Galore.lnk
2013-06-29 00:42 - 2013-06-29 00:42 - 00000000 ____D C:\Program Files (x86)\Jigsaws
2013-06-29 00:41 - 2013-06-29 00:41 - 00000000 ____D C:\Program Files (x86)\BEGAware
2013-06-28 09:35 - 2013-06-24 03:02 - 00000000 ____D C:\Users\didi\Downloads\ZZ Top
2013-06-28 09:35 - 2013-05-29 02:36 - 00000000 ____D C:\Users\didi\Downloads\rihanna
2013-06-28 09:34 - 2013-06-20 03:12 - 00000000 ____D C:\Users\didi\Downloads\paula
2013-06-28 09:34 - 2013-06-18 04:53 - 00000000 ____D C:\Users\didi\Downloads\Beatsteaks - Muffensausen
2013-06-28 09:34 - 2013-05-26 07:13 - 00000000 ____D C:\Users\didi\Downloads\beyonce
2013-06-28 09:34 - 2013-05-16 03:41 - 00000000 ____D C:\Users\didi\Downloads\katy
2013-06-28 09:34 - 2013-04-02 02:49 - 00000000 ____D C:\Users\didi\Downloads\maroon
2013-06-27 10:26 - 2013-05-29 00:51 - 00000000 ____D C:\Users\didi\Downloads\The Dunwells
2013-06-27 10:25 - 2013-06-24 03:39 - 00000000 ____D C:\Users\didi\Downloads\Stevie Wonder
2013-06-27 10:25 - 2013-06-23 06:58 - 00000000 ____D C:\Users\didi\Downloads\Olivia
2013-06-27 10:25 - 2013-06-17 12:50 - 00000000 ____D C:\Users\didi\Downloads\Martin (2011)
2013-06-27 10:25 - 2013-06-17 09:23 - 00000000 ____D C:\Users\didi\Downloads\status
2013-06-27 10:25 - 2013-06-13 12:20 - 00000000 ____D C:\Users\didi\Downloads\sade
2013-06-27 10:25 - 2013-06-10 09:38 - 00000000 ____D C:\Users\didi\Downloads\Martin Cilia
2013-06-27 10:25 - 2013-06-09 09:00 - 00000000 ____D C:\Users\didi\Downloads\Mike
2013-06-27 10:24 - 2013-06-18 10:04 - 00000000 ____D C:\Users\didi\Downloads\hanson
2013-06-27 10:24 - 2013-05-27 00:01 - 00000000 ____D C:\Users\didi\Downloads\Luv - Forever Yours
2013-06-27 10:24 - 2013-05-26 07:09 - 00000000 ____D C:\Users\didi\Downloads\Helloween - Unarmed 2010
2013-06-27 10:24 - 2013-02-08 15:54 - 00000000 ____D C:\Users\didi\Downloads\Holly Williams
2013-06-27 10:24 - 2012-06-29 04:44 - 00000000 ____D C:\Users\didi\Downloads\Maria
2013-06-27 10:24 - 2011-09-05 02:02 - 00000000 ____D C:\Users\didi\Downloads\lady
2013-06-27 10:23 - 2013-06-18 03:40 - 00000000 ____D C:\Users\didi\Downloads\genesis
2013-06-27 10:23 - 2013-06-15 03:24 - 00000000 ____D C:\Users\didi\Downloads\Gypsy
2013-06-27 10:23 - 2013-06-15 03:17 - 00000000 ____D C:\Users\didi\Downloads\Clutch
2013-06-27 10:23 - 2013-06-14 10:14 - 00000000 ____D C:\Users\didi\Downloads\Empire
2013-06-27 10:23 - 2013-06-04 11:06 - 00000000 ____D C:\Users\didi\Downloads\Degreed
2013-06-27 10:23 - 2013-05-26 23:04 - 00000000 ____D C:\Users\didi\Downloads\Dusty Springfield - Dusty In Memphis [1969]
2013-06-27 10:23 - 2013-05-26 06:53 - 00000000 ____D C:\Users\didi\Downloads\Cutting Crew - Broadcast 1986
2013-06-27 10:23 - 2013-04-06 23:49 - 00000000 ____D C:\Users\didi\Downloads\Emma
2013-06-27 10:22 - 2013-06-20 02:58 - 00000000 ____D C:\Users\didi\Downloads\ciara
2013-06-27 10:22 - 2013-06-15 03:16 - 00000000 ____D C:\Users\didi\Downloads\Carrie
2013-06-27 10:22 - 2013-06-15 03:15 - 00000000 ____D C:\Users\didi\Downloads\Caro
2013-06-27 10:22 - 2013-06-14 12:46 - 00000000 ____D C:\Users\didi\Downloads\Chris Rea
2013-06-27 10:22 - 2013-06-14 02:08 - 00000000 ____D C:\Users\didi\Downloads\Burning Rain
2013-06-27 10:22 - 2012-09-10 11:47 - 00000000 ____D C:\Users\didi\Downloads\Belinda  -  2009
2013-06-27 10:22 - 2012-09-10 08:55 - 00000000 ____D C:\Users\didi\Downloads\Belinda 1987
2013-06-27 10:22 - 2012-09-10 08:43 - 00000000 ____D C:\Users\didi\Downloads\Belinda
2013-06-27 10:21 - 2013-06-15 00:47 - 00000000 ____D C:\Users\didi\Downloads\Abba
2013-06-27 10:21 - 2013-05-26 23:38 - 00000000 ____D C:\Users\didi\Downloads\A Flock Of Seagulls - LIsten 1983
2013-06-27 10:21 - 2013-05-26 23:20 - 00000000 ____D C:\Users\didi\Downloads\Barque Of Dante - Final Victory
2013-06-27 10:21 - 2013-05-26 22:40 - 00000000 ____D C:\Users\didi\Downloads\Anita Baker - Rapture
2013-06-27 10:21 - 2013-02-26 07:17 - 00000000 ____D C:\Users\didi\Downloads\After Midnight
2013-06-27 10:20 - 2013-06-14 04:22 - 00000000 ____D C:\Users\didi\Downloads\best of
2013-06-27 10:20 - 2013-02-26 07:21 - 00000000 ____D C:\Users\didi\Downloads\Before Midnight
2013-06-27 10:19 - 2013-06-20 03:47 - 00000000 ____D C:\Users\didi\Downloads\copacobana
2013-06-27 10:19 - 2013-06-01 06:28 - 00000000 ____D C:\Users\didi\Downloads\J. J. Burner
2013-06-27 10:18 - 2013-06-17 05:24 - 00000000 ____D C:\Users\didi\Downloads\paul
2013-06-27 10:18 - 2013-06-04 03:58 - 00000000 ____D C:\Users\didi\Downloads\pure legends
2013-06-27 10:17 - 2013-07-04 09:58 - 00000000 ____D C:\Users\didi\Downloads\Retro Disco 80's  2013
2013-06-27 10:17 - 2013-06-08 06:08 - 00000000 ____D C:\Users\didi\Downloads\romantics
2013-06-27 10:16 - 2013-06-20 02:57 - 00000000 ____D C:\Users\didi\Downloads\saxo
2013-06-27 10:15 - 2013-06-22 08:37 - 00000000 ____D C:\Users\didi\Downloads\Too Slim
2013-06-27 10:15 - 2013-05-26 07:12 - 00000000 ____D C:\Users\didi\Downloads\Unleashed - The Halls Of Asgaard
2013-06-27 10:14 - 2013-05-05 16:48 - 00000000 ____D C:\Users\didi\Downloads\Haensel.und.Gretel.Hexenjaeger.DVDRiP.LD.German.XViD-AOE
2013-06-27 10:11 - 2013-06-26 17:53 - 00000000 ____D C:\Users\didi\Downloads\Moody Blues - 1968 - In Search Of The Lost Chord 320
2013-06-27 10:11 - 2013-06-26 17:53 - 00000000 ____D C:\Users\didi\Downloads\K-Tel's Music Box (1976)
2013-06-27 10:10 - 2013-06-25 16:44 - 00000000 ____D C:\Users\didi\Downloads\100 Hits - Band On The Run
2013-06-27 10:09 - 2013-05-26 22:37 - 00000000 ____D C:\Users\didi\Downloads\100 Hits - Dancing Party Of The 60´s
2013-06-22 03:09 - 2013-06-08 06:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-22 03:09 - 2013-06-08 06:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-22 03:09 - 2013-06-08 06:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-22 03:09 - 2013-06-08 06:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-22 03:09 - 2013-06-08 06:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-22 03:09 - 2013-06-08 04:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-22 03:09 - 2013-06-08 03:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-22 03:09 - 2013-06-08 03:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-22 03:09 - 2013-06-08 03:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-22 03:09 - 2013-06-08 03:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-22 03:09 - 2013-06-08 03:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-22 03:09 - 2013-06-08 03:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-22 02:03 - 2013-06-22 02:07 - 00000000 ____D C:\Windows\System32\Drivers\N360x64
2013-06-22 02:03 - 2013-06-22 02:03 - 00000000 ____D C:\Program Files (x86)\Norton 360 Premier Edition
2013-06-21 07:21 - 2013-06-21 07:21 - 00060416 ___RA C:\Users\didi\AppData\Roaming\skype.dat
2013-06-17 10:03 - 2013-06-17 10:03 - 00000000 ____D C:\Users\didi\Documents\Steuer-Sparbuch
2013-06-17 10:03 - 2013-06-17 10:03 - 00000000 ____D C:\Users\didi\Documents\Sparbuch
2013-06-17 10:02 - 2013-06-17 10:02 - 00000000 ____D C:\Users\didi\Documents\Heidi
2013-06-17 10:00 - 2013-04-24 20:03 - 00000000 ____D C:\Users\didi\Downloads\Yardbirds
2013-06-17 09:59 - 2013-06-27 09:15 - 00000000 ____D C:\Users\didi\Downloads\Nellie
2013-06-17 09:59 - 2013-06-18 10:21 - 00000000 ____D C:\Users\didi\Downloads\RocLegs
2013-06-17 09:59 - 2013-06-07 05:30 - 00000000 ____D C:\Users\didi\Downloads\Shannon
2013-06-17 09:57 - 2013-05-15 15:04 - 00000000 ____D C:\Users\didi\Downloads\echo
2013-06-17 09:56 - 2013-06-09 10:19 - 00000000 ____D C:\Users\didi\Downloads\Alice
2013-06-16 02:50 - 2013-06-21 17:54 - 00000000 ____D C:\Users\didi\AppData\Roaming\FreeCDRipper
2013-06-15 05:11 - 2013-06-21 17:54 - 00000000 ____D C:\Users\didi\AppData\Roaming\FreeAudioPack
2013-06-15 05:11 - 2013-06-15 05:12 - 00000000 ____D C:\Program Files (x86)\Windows Searchqu Toolbar
2013-06-15 05:11 - 2013-06-15 05:12 - 00000000 ____D C:\Program Files (x86)\Free mp3 Wma Converter
2013-06-15 05:11 - 2013-06-15 05:11 - 00001322 ____A C:\Users\didi\Desktop\Easy Audio Cutter.lnk
2013-06-15 05:11 - 2013-06-15 05:11 - 00001306 ____A C:\Users\didi\Desktop\Free CD Ripper.lnk
2013-06-15 05:11 - 2013-06-15 05:11 - 00001304 ____A C:\Users\didi\Desktop\Free Mp3 Wma Converter.lnk
2013-06-15 05:11 - 2013-06-15 05:11 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-06-15 05:11 - 2011-09-29 04:20 - 02084864 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudDesign.dll
2013-06-15 05:11 - 2011-09-29 04:20 - 01986560 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudFile.dll
2013-06-15 05:11 - 2011-09-29 04:20 - 01212416 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudioInfos.dll
2013-06-15 05:11 - 2011-09-29 04:20 - 00484352 ____A C:\Windows\SysWOW64\lame_enc.dll
2013-06-15 05:11 - 2011-09-29 04:20 - 00479232 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudioVisu.dll
2013-06-15 05:11 - 2011-09-29 04:20 - 00458752 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudPlayer.dll
2013-06-15 05:11 - 2011-09-29 04:20 - 00454656 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudioRecord.dll
2013-06-15 05:11 - 2011-09-29 04:20 - 00417792 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\AudDisplay.dll
2013-06-15 05:11 - 2011-09-29 04:20 - 00348160 ____A (NCT Company Ltd.) C:\Windows\SysWOW64\WMAFile.dll
2013-06-15 05:11 - 2011-09-29 04:20 - 00164144 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMCT232.OCX
2013-06-15 05:11 - 2011-09-29 04:20 - 00116296 ____A C:\Windows\SysWOW64\NCTWMAProfiles.prx
2013-06-15 05:11 - 2011-09-29 04:19 - 01060864 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2013-06-15 05:11 - 2011-09-29 04:19 - 00662288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2013-06-15 05:11 - 2011-09-29 04:19 - 00224016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TABCTL32.OCX
2013-06-15 05:11 - 2011-09-29 04:19 - 00152848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2013-06-15 05:11 - 2011-09-29 04:19 - 00141312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2013-06-15 05:11 - 2011-09-29 04:19 - 00119568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2013-06-15 05:11 - 2011-09-29 04:19 - 00115920 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msinet.OCX
2013-06-15 05:11 - 2011-09-29 04:19 - 00101888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2013-06-15 05:11 - 2011-09-29 04:19 - 00059904 ____A (Microsoft Corporation) C:\Windows\SysWOW64\Mscc2fr.dll
2013-06-15 05:11 - 2011-09-29 04:19 - 00032768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2013-06-15 05:11 - 2011-09-29 04:19 - 00021504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\TABCTFR.DLL
2013-06-15 05:11 - 2011-09-29 04:19 - 00015360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetfr.DLL
2013-06-12 20:56 - 2013-05-16 17:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 20:56 - 2013-05-16 17:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 20:56 - 2013-05-16 17:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 20:56 - 2013-05-16 17:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 20:56 - 2013-05-16 17:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 20:56 - 2013-05-16 17:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 20:56 - 2013-05-16 17:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 20:56 - 2013-05-16 17:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 20:56 - 2013-05-16 16:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 20:56 - 2013-05-16 16:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 20:56 - 2013-05-16 16:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 20:56 - 2013-05-16 16:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 20:56 - 2013-05-16 16:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 20:56 - 2013-05-16 16:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 20:56 - 2013-05-16 16:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 20:56 - 2013-05-16 16:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 20:56 - 2013-05-16 16:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 20:56 - 2013-05-14 04:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 20:56 - 2013-05-14 00:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 20:50 - 2013-05-12 21:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 20:50 - 2013-05-12 21:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 20:50 - 2013-05-12 21:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 20:50 - 2013-05-12 21:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 20:50 - 2013-05-12 20:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 20:50 - 2013-05-12 20:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 20:50 - 2013-05-12 20:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 20:50 - 2013-05-12 19:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 20:50 - 2013-05-12 19:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 20:50 - 2013-05-12 19:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 20:50 - 2013-05-09 21:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 20:50 - 2013-05-09 19:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 20:50 - 2013-05-07 22:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 20:50 - 2013-04-25 21:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 20:50 - 2013-04-25 20:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 20:50 - 2013-04-25 15:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 20:50 - 2013-04-16 23:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 20:50 - 2013-04-16 22:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 20:50 - 2013-03-31 14:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll

==================== One Month Modified Files and Folders =======

2013-07-07 11:12 - 2013-07-07 11:12 - 00000000 ____D C:\FRST
2013-07-07 00:40 - 2013-07-06 09:00 - 00000004 ____A C:\Users\didi\AppData\Roaming\skype.ini
2013-07-07 00:39 - 2013-07-04 08:01 - 00000728 ____A C:\Windows\setupact.log
2013-07-07 00:39 - 2011-12-03 04:56 - 00001106 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-07 00:39 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-07 00:13 - 2012-06-14 07:23 - 01213423 ____A C:\Windows\WindowsUpdate.log
2013-07-07 00:13 - 2009-07-13 20:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-07 00:13 - 2009-07-13 20:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-07 00:10 - 2012-09-02 03:30 - 00000000 ____D C:\Users\didi\AppData\Local\CrashDumps
2013-07-06 08:51 - 2011-12-03 04:56 - 00001110 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-06 07:50 - 2013-05-13 09:16 - 00000000 ____D C:\Users\didi\AppData\Roaming\vlc
2013-07-06 05:01 - 2013-04-28 06:34 - 00000274 ____A C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2013-07-04 20:58 - 2013-07-06 04:59 - 00000000 ___AD C:\Users\didi\Downloads\Architects - The Here And Now - 2011
2013-07-04 19:47 - 2013-07-06 04:58 - 00000000 ___RD C:\Users\didi\Downloads\Peter Maffay - Weil es dich gibt
2013-07-04 19:46 - 2013-07-06 04:59 - 00000000 ____D C:\Users\didi\Downloads\Cat Stevens - Izitso (1977)
2013-07-04 09:58 - 2013-06-27 10:17 - 00000000 ____D C:\Users\didi\Downloads\Retro Disco 80's  2013
2013-07-04 09:52 - 2013-07-04 09:27 - 00000000 ____D C:\Users\didi\Downloads\Eagles – The Studio Albums 1972-1979 (2013)
2013-07-04 08:03 - 2013-03-14 11:19 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-07-04 08:03 - 2013-03-14 11:19 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-07-04 08:01 - 2013-07-04 08:01 - 00000000 ____A C:\Windows\setuperr.log
2013-07-04 08:01 - 2013-03-10 01:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-04 01:36 - 2013-07-06 05:05 - 00000000 ____D C:\Users\didi\Downloads\Robben Ford - Bringing It Back Home
2013-07-03 09:35 - 2013-07-03 09:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-03 08:43 - 2013-04-28 06:34 - 00000282 ____A C:\Windows\Tasks\RegClean Pro_UPDATES.job
2013-07-02 08:16 - 2011-11-21 08:03 - 00657698 ____A C:\Windows\System32\perfh007.dat
2013-07-02 08:16 - 2011-11-21 08:03 - 00131070 ____A C:\Windows\System32\perfc007.dat
2013-07-02 08:16 - 2009-07-13 21:13 - 01507502 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-01 01:53 - 2013-07-06 07:47 - 00000000 ____D C:\Users\didi\Downloads\david B
2013-06-30 08:51 - 2013-07-06 07:47 - 00000000 ____D C:\Users\didi\Downloads\Deap Vally
2013-06-29 22:52 - 2013-07-06 05:04 - 00000000 ____D C:\Users\didi\Downloads\Soul
2013-06-29 05:56 - 2013-07-06 07:49 - 00000000 ____D C:\Users\didi\Downloads\Ray
2013-06-29 02:25 - 2013-06-29 02:25 - 00000000 ____D C:\Users\didi\AppData\Roaming\BEGAware
2013-06-29 00:47 - 2013-06-29 00:46 - 00000000 ____D C:\Program Files (x86)\MP3Gain
2013-06-29 00:42 - 2013-06-29 00:42 - 00000994 ____A C:\Users\didi\Desktop\Jigsaws Galore.lnk
2013-06-29 00:42 - 2013-06-29 00:42 - 00000000 ____D C:\Program Files (x86)\Jigsaws
2013-06-29 00:41 - 2013-06-29 00:41 - 00000000 ____D C:\Program Files (x86)\BEGAware
2013-06-28 13:35 - 2013-07-06 07:47 - 00000000 ____D C:\Users\didi\Downloads\David - (1998)
2013-06-28 13:30 - 2013-07-06 07:47 - 00000000 ____D C:\Users\didi\Downloads\David Lee Roth - (1986)
2013-06-28 10:01 - 2013-07-06 07:49 - 00000000 ____D C:\Users\didi\Downloads\maddy
2013-06-27 15:37 - 2013-07-06 07:48 - 00000000 ____D C:\Users\didi\Downloads\Frankie
2013-06-27 15:15 - 2013-07-06 07:49 - 00000000 ____D C:\Users\didi\Downloads\Lionville
2013-06-27 09:15 - 2013-06-17 09:59 - 00000000 ____D C:\Users\didi\Downloads\Nellie
2013-06-27 01:06 - 2013-07-06 05:01 - 00000000 ____D C:\Users\didi\Downloads\Black Sabbath
2013-06-26 17:53 - 2013-06-27 10:11 - 00000000 ____D C:\Users\didi\Downloads\Moody Blues - 1968 - In Search Of The Lost Chord 320
2013-06-26 17:53 - 2013-06-27 10:11 - 00000000 ____D C:\Users\didi\Downloads\K-Tel's Music Box (1976)
2013-06-26 12:15 - 2013-07-06 07:49 - 00000000 ____D C:\Users\didi\Downloads\Physical-olivia
2013-06-26 11:32 - 2013-07-06 05:04 - 00000000 ____D C:\Users\didi\Downloads\Xanadu
2013-06-26 10:33 - 2013-07-04 09:26 - 00000000 ____D C:\Users\didi\Downloads\foute
2013-06-26 10:33 - 2013-07-04 09:24 - 00000000 ____D C:\Users\didi\Downloads\disco
2013-06-26 09:04 - 2013-07-04 09:24 - 00000000 ____D C:\Users\didi\Downloads\Chris Rea - Wired To The Moon
2013-06-26 08:43 - 2013-07-04 09:19 - 00000000 ____D C:\Users\didi\Downloads\100 Hits - Disco Classics
2013-06-25 16:44 - 2013-06-27 10:10 - 00000000 ____D C:\Users\didi\Downloads\100 Hits - Band On The Run
2013-06-25 10:14 - 2013-07-04 09:32 - 00000000 ____D C:\Users\didi\Downloads\rnb
2013-06-25 09:48 - 2013-07-06 07:48 - 00000000 ____D C:\Users\didi\Downloads\Jillette
2013-06-25 02:19 - 2013-07-06 07:49 - 00000000 ____D C:\Users\didi\Downloads\Quireboys
2013-06-24 16:30 - 2013-07-04 09:29 - 00000000 ____D C:\Users\didi\Downloads\Kiss
2013-06-24 09:55 - 2012-06-21 09:04 - 00000000 ____D C:\Users\didi\Documents\Outlook-Dateien
2013-06-24 08:48 - 2013-07-04 09:27 - 00000000 ____D C:\Users\didi\Downloads\Gretchen
2013-06-24 06:39 - 2013-07-04 09:28 - 00000000 ____D C:\Users\didi\Downloads\jukebox
2013-06-24 03:39 - 2013-06-27 10:25 - 00000000 ____D C:\Users\didi\Downloads\Stevie Wonder
2013-06-24 03:02 - 2013-06-28 09:35 - 00000000 ____D C:\Users\didi\Downloads\ZZ Top
2013-06-23 23:41 - 2013-07-04 09:31 - 00000000 ____D C:\Users\didi\Downloads\Laura
2013-06-23 07:00 - 2013-07-06 05:05 - 00000000 ____D C:\Users\didi\Downloads\Rose
2013-06-23 06:58 - 2013-06-27 10:25 - 00000000 ____D C:\Users\didi\Downloads\Olivia
2013-06-23 02:53 - 2013-07-06 05:01 - 00000000 ____D C:\Users\didi\Downloads\Bon Jovi - Greatest Hits
2013-06-22 11:35 - 2013-07-04 09:28 - 00000000 ____D C:\Users\didi\Downloads\Jesse Cook
2013-06-22 08:37 - 2013-06-27 10:15 - 00000000 ____D C:\Users\didi\Downloads\Too Slim
2013-06-22 07:46 - 2012-01-03 07:57 - 00000000 ____D C:\Users\didi\AppData\Local\Paint.NET
2013-06-22 07:36 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-06-22 02:07 - 2013-06-22 02:03 - 00000000 ____D C:\Windows\System32\Drivers\N360x64
2013-06-22 02:06 - 2013-03-10 01:27 - 00177312 ____A (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2013-06-22 02:06 - 2013-03-10 01:27 - 00007631 ____A C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2013-06-22 02:05 - 2012-02-03 06:13 - 00000000 ____D C:\ProgramData\Norton
2013-06-22 02:04 - 2013-03-10 01:27 - 00000000 ____D C:\Program Files\Symantec
2013-06-22 02:03 - 2013-06-22 02:03 - 00000000 ____D C:\Program Files (x86)\Norton 360 Premier Edition
2013-06-22 02:03 - 2013-01-25 10:51 - 00001277 ____A C:\Users\didi\Desktop\Norton-Installationsdateien.lnk
2013-06-21 17:54 - 2013-06-16 02:50 - 00000000 ____D C:\Users\didi\AppData\Roaming\FreeCDRipper
2013-06-21 17:54 - 2013-06-15 05:11 - 00000000 ____D C:\Users\didi\AppData\Roaming\FreeAudioPack
2013-06-21 17:54 - 2013-03-10 01:27 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-06-21 17:54 - 2011-12-02 03:07 - 00000000 ____D C:\users\didi
2013-06-21 17:54 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\registration
2013-06-21 07:21 - 2013-06-21 07:21 - 00060416 ___RA C:\Users\didi\AppData\Roaming\skype.dat
2013-06-20 04:42 - 2013-07-06 05:04 - 00000000 ____D C:\Users\didi\Downloads\Searchers
2013-06-20 03:47 - 2013-06-27 10:19 - 00000000 ____D C:\Users\didi\Downloads\copacobana
2013-06-20 03:12 - 2013-06-28 09:34 - 00000000 ____D C:\Users\didi\Downloads\paula
2013-06-20 02:58 - 2013-06-27 10:22 - 00000000 ____D C:\Users\didi\Downloads\ciara
2013-06-20 02:57 - 2013-06-27 10:16 - 00000000 ____D C:\Users\didi\Downloads\saxo
2013-06-20 02:20 - 2013-07-06 05:04 - 00000000 ____D C:\Users\didi\Downloads\Viktor (1987)
2013-06-19 14:52 - 2013-07-06 07:48 - 00000000 ____D C:\Users\didi\Downloads\Insanitizers
2013-06-18 10:21 - 2013-06-17 09:59 - 00000000 ____D C:\Users\didi\Downloads\RocLegs
2013-06-18 10:04 - 2013-06-27 10:24 - 00000000 ____D C:\Users\didi\Downloads\hanson
2013-06-18 07:33 - 2013-07-06 05:06 - 00000000 ____D C:\Users\didi\Downloads\Love Ballads 4er CD Box Flac
2013-06-18 06:01 - 2013-07-02 08:25 - 00000000 ____D C:\Users\didi\Downloads\Lenka - Two
2013-06-18 04:59 - 2013-07-02 08:26 - 00000000 ____D C:\Users\didi\Downloads\Die Toten Hosen - Bis Zum Bitteren Ende
2013-06-18 04:53 - 2013-06-28 09:34 - 00000000 ____D C:\Users\didi\Downloads\Beatsteaks - Muffensausen
2013-06-18 03:40 - 2013-06-27 10:23 - 00000000 ____D C:\Users\didi\Downloads\genesis
2013-06-17 12:50 - 2013-06-27 10:25 - 00000000 ____D C:\Users\didi\Downloads\Martin (2011)
2013-06-17 10:03 - 2013-06-17 10:03 - 00000000 ____D C:\Users\didi\Documents\Steuer-Sparbuch
2013-06-17 10:03 - 2013-06-17 10:03 - 00000000 ____D C:\Users\didi\Documents\Sparbuch
2013-06-17 10:02 - 2013-06-17 10:02 - 00000000 ____D C:\Users\didi\Documents\Heidi
2013-06-17 09:23 - 2013-06-27 10:25 - 00000000 ____D C:\Users\didi\Downloads\status
2013-06-17 05:24 - 2013-06-27 10:18 - 00000000 ____D C:\Users\didi\Downloads\paul
2013-06-16 08:42 - 2013-07-06 05:04 - 00000000 ____D C:\Users\didi\Downloads\Tornfly
2013-06-15 05:12 - 2013-06-15 05:11 - 00000000 ____D C:\Program Files (x86)\Windows Searchqu Toolbar
2013-06-15 05:12 - 2013-06-15 05:11 - 00000000 ____D C:\Program Files (x86)\Free mp3 Wma Converter
2013-06-15 05:11 - 2013-06-15 05:11 - 00001322 ____A C:\Users\didi\Desktop\Easy Audio Cutter.lnk
2013-06-15 05:11 - 2013-06-15 05:11 - 00001306 ____A C:\Users\didi\Desktop\Free CD Ripper.lnk
2013-06-15 05:11 - 2013-06-15 05:11 - 00001304 ____A C:\Users\didi\Desktop\Free Mp3 Wma Converter.lnk
2013-06-15 05:11 - 2013-06-15 05:11 - 00000000 ____D C:\ProgramData\boost_interprocess
2013-06-15 03:25 - 2013-07-06 07:48 - 00000000 ____D C:\Users\didi\Downloads\Haggard
2013-06-15 03:24 - 2013-06-27 10:23 - 00000000 ____D C:\Users\didi\Downloads\Gypsy
2013-06-15 03:23 - 2013-07-06 07:48 - 00000000 ____D C:\Users\didi\Downloads\Gun
2013-06-15 03:18 - 2013-07-06 07:48 - 00000000 ____D C:\Users\didi\Downloads\Elvis
2013-06-15 03:17 - 2013-06-27 10:23 - 00000000 ____D C:\Users\didi\Downloads\Clutch
2013-06-15 03:16 - 2013-06-27 10:22 - 00000000 ____D C:\Users\didi\Downloads\Carrie
2013-06-15 03:15 - 2013-06-27 10:22 - 00000000 ____D C:\Users\didi\Downloads\Caro
2013-06-15 00:47 - 2013-06-27 10:21 - 00000000 ____D C:\Users\didi\Downloads\Abba
2013-06-14 12:46 - 2013-06-27 10:22 - 00000000 ____D C:\Users\didi\Downloads\Chris Rea
2013-06-14 10:14 - 2013-06-27 10:23 - 00000000 ____D C:\Users\didi\Downloads\Empire
2013-06-14 04:22 - 2013-06-27 10:20 - 00000000 ____D C:\Users\didi\Downloads\best of
2013-06-14 02:08 - 2013-06-27 10:22 - 00000000 ____D C:\Users\didi\Downloads\Burning Rain
2013-06-13 12:20 - 2013-06-27 10:25 - 00000000 ____D C:\Users\didi\Downloads\sade
2013-06-13 06:32 - 2009-09-17 13:59 - 00000000 ____D C:\Windows\Panther
2013-06-12 20:57 - 2011-12-03 05:35 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-10 09:38 - 2013-06-27 10:25 - 00000000 ____D C:\Users\didi\Downloads\Martin Cilia
2013-06-09 20:57 - 2012-08-11 07:19 - 00000000 ____D C:\Windows\Minidump
2013-06-09 10:19 - 2013-06-17 09:56 - 00000000 ____D C:\Users\didi\Downloads\Alice
2013-06-09 09:00 - 2013-06-27 10:25 - 00000000 ____D C:\Users\didi\Downloads\Mike
2013-06-08 06:23 - 2013-07-06 05:02 - 00000000 ____D C:\Users\didi\Downloads\Cazadores
2013-06-08 06:22 - 2013-07-06 05:02 - 00000000 ____D C:\Users\didi\Downloads\Byron
2013-06-08 06:21 - 2013-07-06 05:02 - 00000000 ____D C:\Users\didi\Downloads\Butch
2013-06-08 06:19 - 2013-07-06 05:00 - 00000000 ____D C:\Users\didi\Downloads\BC
2013-06-08 06:18 - 2013-07-06 05:00 - 00000000 ____D C:\Users\didi\Downloads\Artificial Heart
2013-06-08 06:08 - 2013-06-27 10:17 - 00000000 ____D C:\Users\didi\Downloads\romantics
2013-06-08 06:08 - 2013-06-22 03:09 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 06:07 - 2013-06-22 03:09 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 06:06 - 2013-06-22 03:09 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 06:06 - 2013-06-22 03:09 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 06:06 - 2013-06-22 03:09 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 04:28 - 2013-06-22 03:09 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 03:42 - 2013-06-22 03:09 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 03:40 - 2013-06-22 03:09 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 03:40 - 2013-06-22 03:09 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 03:40 - 2013-06-22 03:09 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 03:40 - 2013-06-22 03:09 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 03:13 - 2013-06-22 03:09 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-07 05:30 - 2013-06-17 09:59 - 00000000 ____D C:\Users\didi\Downloads\Shannon

Files to move or delete:
====================
C:\ProgramData\FullRemove.exe
C:\Users\didi\AppData\Roaming\skype.dat
C:\Users\didi\AppData\Roaming\skype.ini

==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================


==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 4087.08 MB
Available physical RAM: 3436.7 MB
Total Pagefile: 4085.23 MB
Available Pagefile: 3428.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:455.95 GB) (Free:316.72 GB) NTFS (Disk=0 Partition=3)
Drive e: (DATA) (Fixed) (Total:456.46 GB) (Free:453.39 GB) NTFS (Disk=0 Partition=4)
Drive f: (PQSERVICE) (Fixed) (Total:19 GB) (Free:6.93 GB) NTFS (Disk=0 Partition=1)
Drive h: () (Removable) (Total:14.9 GB) (Free:14.9 GB) FAT32 (Disk=1 Partition=1)
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS (Disk=0 Partition=2) ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1226C5E7)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)


LastRegBack: 2013-06-26 21:22

==================== End Of Log ============================

--- --- ---

t'john · 07.07.2013, 10:55

Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen.
Diese Nacheinander abarbeiten und die 3 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen.

Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern melde dies bitte.

1. Schritt

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKU\didi\...\Winlogon: [Shell] explorer.exe,C:\Users\didi\AppData\Roaming\skype.dat [60416 2013-06-21] () <==== ATTENTION 
S3 PCDSRVC{A368CD8C-DE499B0B-06020101}_0; \??\c:\Users\admini~1\appdata\Local\Temp\xyy5x7vocu.o\pcdrdiag\bin\pcdsrvc_x64.pkms [x] 
C:\Users\didi\AppData\Roaming\skype.dat 
C:\ProgramData\boost_interprocess 
C:\Users\didi\AppData\Roaming\skype.ini

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

dann normal neustarten, und:

2. Schritt
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

danach:

3. Schritt
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

t'john · 30.09.2013, 19:05

Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.

C:\Users\didi\AppData\Roaming\skype.dat

Log-Analyse und Auswertung: C:\Users\didi\AppData\Roaming\skype.dat