Windows 7 Ordner plötzlich Schreibgeschützt

HighCyber · 15.03.2014, 10:52

Hallo miteinander,

mir wurde dieser Forum empfohlen.

Beginn des Problem: Seid dem austausch von USB stick habe ich bemerkt das alle Ordner Schreibgeschützt sind und gehe von ein Virus oder Trojaner aus.
(Trotz Kaspersky Pure nichts erkannt hat)

Problembeschreibung:
Ich wollte mich auf diesen Link beziehen, da dieser User mein leiden geteilt hat und wüsste jetzt nicht ob mich daran festhalten soll. Deshalb mir einen neuen Thread erstellt habe.
http://www.trojaner-board.de/146267-...eschuetzt.html

Ich würde mich sehr freuen, wenn Ihr mir bei der Lösung helfen könntet. Falls Ihr mehr Infos braucht, fragt mich einfach.

System:
Windows 7 Professional 64 bit
Kaspersky Pure 3 ( 15.03.2014 Deinstalliert )

FRST, Addition und GMER logflie wurde als Anhang beigefügt.

Danke.

schrauber · 15.03.2014, 11:06

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

HighCyber · 15.03.2014, 11:29

FRST Logflie

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by User (administrator) on User-PC on 15-03-2014 10:16:58
Running from C:\Users\User\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(razercfg MFC Application) C:\Program Files (x86)\Razer\Lachesis\OSD.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
() C:\Program Files (x86)\Razer\Lachesis\razertra.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTXFISPI.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Lachesis\razerofa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-29] (Logitech Inc.)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [CTxfiHlp] - CTXFIHLP.EXE
HKLM-x32\...\Run: [Lachesis] - C:\Program Files (x86)\Razer\Lachesis\razerhid.exe [248320 2009-11-10] ()
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [RoccatKone+] - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] - C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1743648 2013-06-13] (Wondershare)
HKLM-x32\...\Run: [BrowserPlugInHelper] - C:\Program Files (x86)\Wondershare\Video Converter Pro\BrowserPlugInHelper.exe [1962896 2013-12-10] ()
HKU\S-1-5-21-884858723-1613936228-1444445012-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-884858723-1613936228-1444445012-1001\...\Run: [CreativeTaskScheduler] - C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-884858723-1613936228-1444445012-1001\...\Run: [Kies3PDLR.exe] - C:\Program Files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe [844360 2014-02-26] (Samsung)
HKU\S-1-5-21-884858723-1613936228-1444445012-1001\...\MountPoints2: {9ce3958d-78f1-11e2-9325-001d92f175b5} - G:\SETUP.EXE
HKU\S-1-5-21-884858723-1613936228-1444445012-1001\...\MountPoints2: {cfde652f-94c9-11e2-b68f-001d92f175b5} - H:\HTC_Sync_Manager_PC.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Wondershare Video Converter Ultimate - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Pro\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: 
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2014-03-11]
CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-11]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-11]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-11]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2014-03-11]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-11]
CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-11]
CHR Extension: (In Google Drive speichern) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-03-11]
CHR Extension: (Google Keep) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-03-11]
CHR Extension: (Chrome to Mobile) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-03-11]
CHR Extension: (theHunter) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jangaedeekciafhlanphhnalogmhefmo [2014-03-11]
CHR Extension: (Command & Conquer Tiberium Alliances) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgaeopgjojikeoiidmfaejkifhgjoooe [2014-03-11]
CHR Extension: (Google Maps) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-03-11]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-11]
CHR Extension: (Weather Underground) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2014-03-11]
CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-11]
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Pro\SVRChromePlugin.crx [2014-02-24]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\User\AppData\Roaming\Delta\delta.crx [2014-02-24]

==================== Services (Whitelisted) =================

S3 becldr3Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [176128 2011-04-19] ()
S4 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [187456 2013-02-17] (DATA BECKER GmbH & Co KG)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-02-04] ()

==================== Drivers (Whitelisted) ====================

S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] ()
R3 hcw66xxx; C:\Windows\System32\Drivers\hcw66x64.sys [758016 2011-02-08] (Hauppauge Computer Works, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 uisp; C:\Windows\System32\Drivers\usbicp.sys [20480 2010-08-24] (Motorola)
R3 VaneFltr; C:\Windows\System32\drivers\Lachesis.sys [29952 2009-10-16] (Razer (Asia-Pacific) Pte Ltd)
S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire)
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GPU-Z; \??\C:\Users\User\AppData\Local\Temp\GPU-Z.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-15 10:16 - 2014-03-15 10:17 - 00014985 _____ () C:\Users\User\Desktop\FRST.txt
2014-03-15 10:16 - 2014-03-15 10:16 - 00000000 ____D () C:\FRST
2014-03-15 10:15 - 2014-03-15 10:15 - 02157056 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-03-15 10:13 - 2014-03-15 10:14 - 00000472 _____ () C:\Users\User\Desktop\defogger_disable.log
2014-03-15 10:13 - 2014-03-15 10:13 - 00000000 _____ () C:\Users\User\defogger_reenable
2014-03-15 10:12 - 2014-03-15 10:12 - 00050477 _____ () C:\Users\User\Desktop\Defogger.exe
2014-03-13 12:22 - 2014-02-25 16:48 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-03-12 18:10 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 18:10 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-12 18:10 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-12 18:10 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 18:10 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-12 18:10 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-12 18:10 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-12 18:10 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-12 18:10 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-12 18:10 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-12 18:10 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-12 18:10 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-12 18:10 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 18:10 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-12 18:10 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 18:10 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-12 18:10 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-12 18:10 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 18:10 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-12 18:10 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-12 18:10 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 18:10 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-12 18:10 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-12 18:10 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 18:10 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-12 18:10 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-12 18:10 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-12 18:10 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-12 18:10 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 18:10 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-12 18:10 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 18:10 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 18:10 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 18:10 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-12 18:10 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 18:10 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 18:10 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 18:10 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 18:10 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 18:10 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 18:10 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 18:10 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-12 18:10 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 18:10 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-12 18:10 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 18:10 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-12 18:10 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-12 18:10 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-12 14:48 - 2014-03-12 14:48 - 00000000 ____D () C:\Users\User\AppData\Local\Blizzard
2014-03-11 21:44 - 2014-03-11 21:44 - 00005656 _____ () C:\Users\User\Downloads\relink.us__PB_-_GirlsDoPorn.E248.19.Years.Old.XXX.720p.WMV-KTR_3d33662e297d81609728b08348b7c3.dlc
2014-03-11 20:55 - 2014-03-15 10:03 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-11 20:55 - 2014-03-11 20:55 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-03-11 20:55 - 2014-03-11 20:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-11 20:10 - 2014-03-04 12:32 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-11 20:07 - 2014-03-04 15:35 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-11 20:07 - 2014-03-04 15:35 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-11 20:07 - 2014-03-04 15:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-11 00:08 - 2014-03-11 00:08 - 00001732 _____ () C:\Users\User\Downloads\relink.us__06-03-2014_006_279760f1ae68ab30c34fa3d2282e68 (1).dlc
2014-03-11 00:07 - 2014-03-11 00:07 - 00001732 _____ () C:\Users\User\Downloads\relink.us__06-03-2014_006_279760f1ae68ab30c34fa3d2282e68.dlc
2014-03-10 19:24 - 2014-03-10 19:24 - 00000792 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 16:45 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-03-10 16:45 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-03-09 23:47 - 2014-03-09 23:47 - 00283648 _____ () C:\Windows\{125528D1-A7C7-11E3-B973-001D92F175B5}
2014-03-08 17:03 - 2014-03-08 17:03 - 16892157 _____ () C:\Users\User\Downloads\kisandroid_11.1.3.166_de (1).apk
2014-03-08 17:02 - 2014-03-08 17:03 - 16892157 _____ () C:\Users\User\Downloads\kisandroid_11.1.3.166_de.apk
2014-02-28 14:15 - 2014-03-15 09:49 - 00009896 _____ () C:\Windows\setupact.log
2014-02-28 14:15 - 2014-02-28 14:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 11:11 - 2014-02-28 11:11 - 00007920 _____ () C:\Users\User\Downloads\dd41-5qfjeum12so.dlc
2014-02-28 11:01 - 2014-02-28 11:01 - 00006852 _____ () C:\Users\User\Downloads\relink.us__PB_-_DareDorm.14.02.07.Party.Time.XXX.HR.FLV-KTR_f594221e6db7a4d5870ddeafb2e697 (1).dlc
2014-02-28 11:00 - 2014-02-28 11:00 - 00006852 _____ () C:\Users\User\Downloads\relink.us__PB_-_DareDorm.14.02.07.Party.Time.XXX.HR.FLV-KTR_f594221e6db7a4d5870ddeafb2e697.dlc
2014-02-27 15:03 - 2014-02-27 15:03 - 24406204 _____ () C:\Users\User\Downloads\AVS Image Converter 3.0.2.270 + Patch.rar
2014-02-27 15:03 - 2014-02-27 15:03 - 00000000 ____D () C:\Users\User\Downloads\AVS Image Converter 3.0.2.270 + Patch
2014-02-27 14:31 - 2014-02-27 14:31 - 00008669 _____ () C:\Users\User\Downloads\QuickJPGfromCR2.zip
2014-02-27 14:16 - 2014-02-27 14:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\RCP 6
2014-02-27 14:16 - 2014-02-27 14:28 - 00000000 ____D () C:\ProgramData\ReaConverter
2014-02-27 14:16 - 2014-02-27 14:16 - 29543885 _____ (ReaSoft ) C:\Users\User\Downloads\ReaConverter (1).exe
2014-02-27 14:15 - 2014-02-27 14:16 - 29543885 _____ (ReaSoft ) C:\Users\User\Downloads\ReaConverter.exe
2014-02-27 14:11 - 2014-02-27 14:12 - 49861264 _____ () C:\Users\User\Downloads\setup-contenta-converter-en-premium.exe
2014-02-27 14:09 - 2014-02-27 14:09 - 24638816 _____ (CANON INC.) C:\Users\User\Downloads\k8523dex.exe
2014-02-27 14:04 - 2014-02-27 14:05 - 15255792 _____ (Graphic-Region Development ) C:\Users\User\Downloads\batchconverter_setup.exe
2014-02-27 14:02 - 2014-02-27 14:02 - 02328552 _____ (Graphic-Region Development ) C:\Users\User\Downloads\ablerawer_setup.exe
2014-02-27 14:00 - 2014-02-27 14:00 - 00832856 _____ (Canon Inc ) C:\Users\User\Downloads\k6403enx.exe
2014-02-27 13:42 - 2014-02-27 13:42 - 00949280 _____ (cr2converter.com ) C:\Users\User\Downloads\cr2converter_setup.exe
2014-02-27 13:34 - 2014-02-27 13:34 - 00000769 _____ () C:\Users\User\Desktop\Nisan bilder bearbeitung - Verknüpfung.lnk
2014-02-25 14:31 - 2014-02-25 14:31 - 00000000 ____D () C:\Windows\de
2014-02-25 14:30 - 2014-02-25 14:30 - 00002156 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-24 21:56 - 2014-02-24 21:58 - 00000000 ____D () C:\Users\User\Documents\Wondershare Video Converter Pro
2014-02-24 21:56 - 2014-02-24 21:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\Wondershare Video Converter Pro
2014-02-24 21:56 - 2014-02-24 21:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-02-24 21:55 - 2014-02-24 21:58 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Pro
2014-02-24 21:55 - 2014-02-24 21:55 - 00001405 _____ () C:\Users\Public\Desktop\Wondershare Video Converter Pro.lnk
2014-02-24 21:55 - 2014-02-24 21:55 - 00000000 ____D () C:\Users\User\AppData\Local\Wondershare
2014-02-24 21:55 - 2014-02-24 21:55 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-02-24 21:55 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2014-02-24 21:55 - 2013-08-07 14:31 - 00214528 _____ () C:\Windows\SysWOW64\WSCM32.dll
2014-02-24 21:53 - 2014-02-24 21:54 - 38210696 _____ (Wondershare Software ) C:\Users\User\Downloads\vc2013_full891.exe
2014-02-24 14:12 - 2014-02-24 14:12 - 00517128 _____ () C:\Users\User\Downloads\Download.htm
2014-02-23 12:43 - 2014-02-23 12:43 - 00279552 _____ () C:\Windows\{3376F3B9-9C7F-11E3-9FA0-001D92F175B5}
2014-02-23 00:18 - 2014-02-23 00:18 - 00260412 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-22 19:45 - 2014-02-22 19:45 - 00287744 _____ () C:\Windows\{658CAB8D-9BAC-11E3-A5EA-001D92F175B5}
2014-02-22 19:12 - 2014-02-22 19:12 - 00000516 _____ () C:\Users\User\Downloads\url.htm
2014-02-22 11:29 - 2014-02-22 11:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\simplitec
2014-02-22 00:03 - 2014-02-22 00:03 - 00001055 _____ () C:\Users\User\Desktop\mp3DirectCut.lnk
2014-02-22 00:03 - 2014-02-22 00:03 - 00000000 ____D () C:\Program Files (x86)\mp3DirectCut
2014-02-22 00:02 - 2014-02-22 00:02 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\mp3DirectCut - CHIP-Downloader.exe
2014-02-21 23:52 - 2014-02-22 00:01 - 00773784 _____ () C:\Users\User\Desktop\Gülpembe - 1.HM2
2014-02-21 23:52 - 2014-02-22 00:01 - 00048664 _____ () C:\Users\User\Desktop\Gülpembe - 1.HMP
2014-02-21 23:50 - 2014-02-21 23:50 - 00000532 _____ () C:\Windows\WMFDist64.log
2014-02-21 23:44 - 2014-02-21 23:44 - 00000000 ____D () C:\Users\User\Documents\MAGIX_MusicEditor
2014-02-21 23:41 - 2014-02-21 23:41 - 02877784 _____ (MAGIX AG) C:\Users\User\Downloads\trial_sms2014_dlm.exe
2014-02-21 23:40 - 2014-02-21 23:41 - 04075544 _____ (MAGIX AG) C:\Users\User\Downloads\trial_mp3deluxemx_dlm.exe
2014-02-21 23:38 - 2014-02-22 19:47 - 00000000 ____D () C:\Users\User\Desktop\Nisan
2014-02-21 23:32 - 2014-02-24 22:47 - 00000000 ___RD () C:\Users\User\Documents\MAGIX
2014-02-21 23:32 - 2014-02-21 23:32 - 00001167 _____ () C:\Users\Public\Desktop\MAGIX Fotos auf DVD 2013 Deluxe.lnk
2014-02-21 23:32 - 2014-02-21 23:32 - 00000000 ____D () C:\Users\User\Documents\Fotos auf DVD 2013 Deluxe
2014-02-21 23:32 - 2014-02-21 23:32 - 00000000 ____D () C:\Users\User\AppData\Local\Xara
2014-02-21 23:32 - 2014-02-21 23:32 - 00000000 ____D () C:\Users\User\AppData\Local\MAGIX
2014-02-21 23:31 - 2014-02-24 22:47 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-02-21 23:31 - 2014-02-24 20:16 - 00000000 ____D () C:\ProgramData\MAGIX
2014-02-21 23:31 - 2014-02-21 23:31 - 00000000 ____D () C:\ProgramData\simplitec
2014-02-21 23:24 - 2014-02-21 23:51 - 00000000 ____D () C:\Users\User\AppData\Roaming\MAGIX
2014-02-21 23:24 - 2014-02-21 23:24 - 02855560 _____ (MAGIX AG) C:\Users\User\Downloads\fotos2013deluxe_dlm.exe
2014-02-21 23:17 - 2014-02-21 23:17 - 39178560 _____ (Atomix Productions) C:\Users\User\Downloads\install_virtualdj_home_v7.4.1.exe
2014-02-21 23:13 - 2014-02-21 23:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\Audacity
2014-02-21 23:13 - 2014-02-21 23:13 - 00001007 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-02-21 23:13 - 2014-02-21 23:13 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-02-21 23:12 - 2014-02-21 23:12 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Audacity - CHIP-Downloader.exe
2014-02-21 23:10 - 2014-02-21 23:10 - 00287744 _____ () C:\Windows\{C1DF3699-9B43-11E3-BE36-001D92F175B5}
2014-02-21 18:29 - 2014-02-21 18:29 - 07528194 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ozgun - Sadece Arkadasiz.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 07450502 _____ () C:\Users\User\Downloads\Kadir- Tabi Guzelim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 06719999 _____ () C:\Users\User\Downloads\DJMUMIN vs.Babutsa - Tabi Guzelim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 06242336 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ercan Demirel - Yildizim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 06242336 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ercan Demirel - Yildizim (1).zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05943353 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ebru Gundes - Kime Ne.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05844287 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ibrahim Tatlises - Kursuna Gerek Yok.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05491694 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ozgun - Istiklal.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05447967 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ozan Ulusoy-Heykel.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05374042 _____ () C:\Users\User\Downloads\GokhanTepe-Vur(DJMUMIN.com).zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05246048 _____ () C:\Users\User\Downloads\Faruk-BiraktiginGibi(DJMUMIN.com).zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04901997 _____ () C:\Users\User\Downloads\DJMUMIN vs.Dj Akman - Apachi.mp3.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04749615 _____ () C:\Users\User\Downloads\DJMUMIN vs.Gokhan Ozen - Taniman Lazim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04604022 _____ () C:\Users\User\Downloads\DJMUMIN ft. Ozgun - Milli Takim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04509403 _____ () C:\Users\User\Downloads\IsmailYk-HaydiBastir(DJMUMIN.com).zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04177601 _____ () C:\Users\User\Downloads\DJMUMIN vs.Lara - Bilmece.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04105511 _____ () C:\Users\User\Downloads\DJMUMIN vs.Gulsen - Dillere Dusecegiz.zip
2014-02-21 18:28 - 2014-02-21 18:29 - 07308268 _____ () C:\Users\User\Downloads\DJMUMIN vs.Bendeniz - O Biliyor.zip
2014-02-21 18:28 - 2014-02-21 18:29 - 07191170 _____ () C:\Users\User\Downloads\DJMUMIN vs.Mustafa Sandal & Gulben Ergen - Sikir Sikir.zip
2014-02-21 18:28 - 2014-02-21 18:29 - 07002357 _____ () C:\Users\User\Downloads\DJMUMIN vs.Dogus - Kirila Kirila.zip
2014-02-21 18:28 - 2014-02-21 18:29 - 06857280 _____ () C:\Users\User\Downloads\DJMUMIN vs.Fettah Can - Sana Affetmek Yakisir.zip
2014-02-21 18:28 - 2014-02-21 18:29 - 06061388 _____ () C:\Users\User\Downloads\DJMUMIN vs.Bendeniz - O Biliyor 2.zip
2014-02-21 18:28 - 2014-02-21 18:29 - 05972497 _____ () C:\Users\User\Downloads\DJMUMIN vs.Serdar Ortac - Elimle.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 09581184 _____ () C:\Users\User\Downloads\DJMUMIN ft.Serdar Ortac - Ray.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 09317477 _____ () C:\Users\User\Downloads\DJMUMIN vs.Serdar Ortac - Uzecek Adam Cok.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 08586633 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Gokhan Turkmen - Ask Lazim.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 08543605 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Serdar Ortac - Gucum Yok.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07771104 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Soner Sarikabadayi - Insan Sevmez Mi.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07669249 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Emre Kaya - Tesekkur Ederim.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07496528 _____ () C:\Users\User\Downloads\DJMUMIN ft.Serdar Ortac - Tez.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07384733 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Ozan - Falan Filan.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07081625 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Ebru Gundes - Seni Istiyorum.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06927309 _____ () C:\Users\User\Downloads\DJMUMIN ft.Gulsen - Seyre Dursun Ask.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06767819 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Gulsen - Kardan Adam.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06757592 _____ () C:\Users\User\Downloads\DJMUMIN vs.Tan - Canta.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06720707 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Soner Sarikabadayi - Burada Biri Var.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06560664 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Ercan Demirel & Musa - Adim Adim.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06496432 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Fettah Can - Bos Bardak.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06481708 _____ () C:\Users\User\Downloads\DJMUMIN vs.Atiye - Askistan.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06432553 _____ () C:\Users\User\Downloads\DJMUMIN vs.Mustafa Ceceli - Zillerime Basıp Kaçıyor.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06332349 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Ibrahim Tatlises - Derya.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06320658 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Gokhan Ozen - Budala.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06319711 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ebru Gundes - Aldirma.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06151289 _____ () C:\Users\User\Downloads\DJMUMIN ft.Mustafa Ceceli - Bir Yanlis Kac Dogru.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05938594 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Erdem Kinay & Merve - Duman.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05938314 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Linet & Sila - Aslan Gibi.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05893008 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Linet - Aslan Gibi.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05599197 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Emir - Veda Gecesi.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05534629 _____ () C:\Users\User\Downloads\DJMUMIN ft.Ebru Gundes - Yaparim Bilirsin.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05453616 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Hasan Yilmaz - Senin Agzini Yerim.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05385769 _____ () C:\Users\User\Downloads\DJMUMIN ft.Mustafa Sandal - Ego.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05385769 _____ () C:\Users\User\Downloads\DJMUMIN ft.Mustafa Sandal - Ego (1).zip
2014-02-21 15:17 - 2014-02-21 15:17 - 00612352 _____ () C:\Windows\{710242C7-9B02-11E3-85C4-001D92F175B5}
2014-02-21 15:17 - 2014-02-21 15:17 - 00448000 _____ () C:\Windows\{710242CD-9B02-11E3-85C4-001D92F175B5}
2014-02-21 15:04 - 2014-02-21 15:04 - 00032768 _____ () C:\Windows\{650B86AC-9AEC-11E3-97D0-001D92F175B5}
2014-02-21 15:03 - 2014-02-21 15:03 - 00219136 _____ () C:\Windows\{650B86A6-9AEC-11E3-97D0-001D92F175B5}
2014-02-20 19:18 - 2014-02-20 19:18 - 00000000 ____D () C:\Users\User\Downloads\Dizi Fon Müzikleri
2014-02-20 18:27 - 2014-02-20 19:02 - 107979678 _____ () C:\Users\User\Downloads\Dizi Fon Müzikleri.rar
2014-02-20 18:04 - 2014-02-20 18:04 - 03347712 _____ () C:\Users\User\Downloads\23nisangirismuzigi.rar
2014-02-20 18:04 - 2014-02-20 18:04 - 03347712 _____ () C:\Users\User\Downloads\23nisangirismuzigi (1).rar
2014-02-20 18:04 - 2014-02-20 18:04 - 00000000 ____D () C:\Users\User\Downloads\23nisangirismuzigi (1)
2014-02-17 17:42 - 2014-03-13 00:02 - 00000000 ____D () C:\Users\User\Documents\Respawn
2014-02-17 17:30 - 2014-02-17 17:30 - 00000989 _____ () C:\Users\User\Desktop\Gw2.exe - Verknüpfung.lnk

==================== One Month Modified Files and Folders =======

2014-03-15 10:17 - 2014-03-15 10:16 - 00014985 _____ () C:\Users\User\Desktop\FRST.txt
2014-03-15 10:16 - 2014-03-15 10:16 - 00000000 ____D () C:\FRST
2014-03-15 10:15 - 2014-03-15 10:15 - 02157056 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2014-03-15 10:14 - 2014-03-15 10:13 - 00000472 _____ () C:\Users\User\Desktop\defogger_disable.log
2014-03-15 10:13 - 2014-03-15 10:13 - 00000000 _____ () C:\Users\User\defogger_reenable
2014-03-15 10:13 - 2013-01-22 18:31 - 00000000 ____D () C:\Users\User
2014-03-15 10:13 - 2009-07-14 05:45 - 00026368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-15 10:13 - 2009-07-14 05:45 - 00026368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-15 10:12 - 2014-03-15 10:12 - 00050477 _____ () C:\Users\User\Desktop\Defogger.exe
2014-03-15 10:03 - 2014-03-11 20:55 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-15 10:03 - 2013-01-22 19:12 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-15 09:56 - 2013-11-08 16:37 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{56878F6C-8182-4709-92D2-F1ACA418179A}
2014-03-15 09:53 - 2009-07-14 18:58 - 10912636 _____ () C:\Windows\system32\perfh007.dat
2014-03-15 09:53 - 2009-07-14 18:58 - 03390950 _____ () C:\Windows\system32\perfc007.dat
2014-03-15 09:53 - 2009-07-14 06:13 - 00006488 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-15 09:52 - 2013-01-22 18:31 - 01515408 _____ () C:\Windows\WindowsUpdate.log
2014-03-15 09:49 - 2014-02-28 14:15 - 00009896 _____ () C:\Windows\setupact.log
2014-03-15 09:49 - 2013-09-03 22:02 - 00002896 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-03-15 09:49 - 2013-09-03 22:02 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-03-15 09:49 - 2013-03-24 23:06 - 00000000 ____D () C:\Users\User\AppData\Local\HTC MediaHub
2014-03-15 09:49 - 2013-01-22 19:18 - 00226184 _____ () C:\Windows\PFRO.log
2014-03-15 09:49 - 2013-01-22 19:12 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-15 09:49 - 2013-01-22 18:39 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-15 09:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 09:47 - 2013-04-07 16:33 - 00000000 ____D () C:\Users\hedev
2014-03-15 09:47 - 2013-03-04 20:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-15 09:47 - 2013-01-22 20:30 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-14 18:46 - 2013-01-25 14:11 - 00000000 ____D () C:\ProgramData\Origin
2014-03-14 18:45 - 2014-01-30 16:23 - 00000000 ____D () C:\Users\User\AppData\Local\Battle.net
2014-03-14 17:27 - 2013-01-22 20:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\TS3Client
2014-03-14 11:21 - 2013-01-22 20:44 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-13 12:22 - 2013-11-29 18:10 - 00001969 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-03-13 12:22 - 2013-02-22 11:32 - 00000000 ____D () C:\Users\User\AppData\Local\Downloaded Installations
2014-03-13 12:21 - 2013-02-22 11:39 - 00000000 ____D () C:\Users\User\Documents\samsung
2014-03-13 09:25 - 2013-02-02 23:32 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 09:25 - 2013-02-02 23:32 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-13 09:25 - 2009-07-14 05:45 - 00497464 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 02:34 - 2013-09-03 21:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 00:02 - 2014-02-17 17:42 - 00000000 ____D () C:\Users\User\Documents\Respawn
2014-03-12 14:48 - 2014-03-12 14:48 - 00000000 ____D () C:\Users\User\AppData\Local\Blizzard
2014-03-11 22:03 - 2013-02-19 00:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\vlc
2014-03-11 21:44 - 2014-03-11 21:44 - 00005656 _____ () C:\Users\User\Downloads\relink.us__PB_-_GirlsDoPorn.E248.19.Years.Old.XXX.720p.WMV-KTR_3d33662e297d81609728b08348b7c3.dlc
2014-03-11 20:55 - 2014-03-11 20:55 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2014-03-11 20:55 - 2014-03-11 20:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-11 20:55 - 2013-01-22 19:12 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-11 20:55 - 2013-01-22 19:12 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-11 20:55 - 2013-01-22 19:11 - 00000000 ____D () C:\Users\User\AppData\Local\Deployment
2014-03-11 20:10 - 2013-01-22 18:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-11 00:08 - 2014-03-11 00:08 - 00001732 _____ () C:\Users\User\Downloads\relink.us__06-03-2014_006_279760f1ae68ab30c34fa3d2282e68 (1).dlc
2014-03-11 00:07 - 2014-03-11 00:07 - 00001732 _____ () C:\Users\User\Downloads\relink.us__06-03-2014_006_279760f1ae68ab30c34fa3d2282e68.dlc
2014-03-10 20:02 - 2013-01-25 15:31 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-03-10 19:29 - 2013-01-25 15:31 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-03-10 19:24 - 2014-03-10 19:24 - 00000792 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-03-10 18:56 - 2013-01-22 20:15 - 00769067 _____ () C:\Windows\DirectX.log
2014-03-09 23:47 - 2014-03-09 23:47 - 00283648 _____ () C:\Windows\{125528D1-A7C7-11E3-B973-001D92F175B5}
2014-03-08 17:03 - 2014-03-08 17:03 - 16892157 _____ () C:\Users\User\Downloads\kisandroid_11.1.3.166_de (1).apk
2014-03-08 17:03 - 2014-03-08 17:02 - 16892157 _____ () C:\Users\User\Downloads\kisandroid_11.1.3.166_de.apk
2014-03-06 22:42 - 2013-03-16 16:51 - 00000000 ____D () C:\Users\User\AppData\Roaming\dvdcss
2014-03-06 20:13 - 2013-02-19 00:43 - 00000871 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-04 15:35 - 2014-03-11 20:07 - 25255256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 23716640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 18302384 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 17755424 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 15783992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 12708128 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-04 15:35 - 2014-03-11 20:07 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 03143456 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 02958792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 02783008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 02411976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433523.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 01516488 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433523.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 00877856 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 00863064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 00846168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 00832936 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-04 15:35 - 2014-03-11 20:07 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-04 15:35 - 2013-10-09 19:00 - 14709720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-03-04 15:35 - 2013-10-09 19:00 - 03093280 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-03-04 15:35 - 2013-10-09 19:00 - 02715264 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-03-04 15:35 - 2013-10-09 19:00 - 00947808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-03-04 15:35 - 2013-10-09 18:40 - 00062408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-03-04 15:35 - 2013-10-09 18:40 - 00054216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-03-04 15:35 - 2013-09-02 17:51 - 31474976 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-04 15:35 - 2013-09-02 17:51 - 00024544 _____ () C:\Windows\system32\nvinfo.pb
2014-03-04 14:06 - 2013-10-09 18:41 - 06714312 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-03-04 14:06 - 2013-10-09 18:41 - 03497816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-03-04 14:05 - 2013-10-09 18:41 - 03649185 _____ () C:\Windows\system32\nvcoproc.bin
2014-03-04 14:05 - 2013-10-09 18:41 - 02558808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-03-04 14:05 - 2013-10-09 18:41 - 00922968 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-03-04 14:05 - 2013-10-09 18:41 - 00386336 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-03-04 14:05 - 2013-10-09 18:41 - 00064968 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-03-04 12:32 - 2014-03-11 20:10 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-03 10:22 - 2014-01-30 16:32 - 00000000 ____D () C:\Users\User\Documents\Diablo III
2014-03-02 23:09 - 2013-02-01 23:41 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live
2014-03-01 07:05 - 2014-03-12 18:10 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-12 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-12 18:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-12 18:10 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-12 18:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-12 18:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-12 18:10 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-12 18:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-12 18:10 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-12 18:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-12 18:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-12 18:10 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-12 18:10 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-12 18:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-12 18:10 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-12 18:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-12 18:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-12 18:10 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-12 18:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-12 18:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-12 18:10 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-12 18:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-12 18:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-12 18:10 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-12 18:10 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-12 18:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-12 18:10 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-12 18:10 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-12 18:10 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-12 18:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-12 18:10 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-12 18:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-12 18:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-12 18:10 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-12 18:10 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-12 18:10 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-12 18:10 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-12 18:10 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-12 18:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-12 18:10 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 16:35 - 2013-01-22 19:11 - 00151536 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-28 14:15 - 2014-02-28 14:15 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 11:11 - 2014-02-28 11:11 - 00007920 _____ () C:\Users\User\Downloads\dd41-5qfjeum12so.dlc
2014-02-28 11:01 - 2014-02-28 11:01 - 00006852 _____ () C:\Users\User\Downloads\relink.us__PB_-_DareDorm.14.02.07.Party.Time.XXX.HR.FLV-KTR_f594221e6db7a4d5870ddeafb2e697 (1).dlc
2014-02-28 11:00 - 2014-02-28 11:00 - 00006852 _____ () C:\Users\User\Downloads\relink.us__PB_-_DareDorm.14.02.07.Party.Time.XXX.HR.FLV-KTR_f594221e6db7a4d5870ddeafb2e697.dlc
2014-02-28 10:00 - 2013-01-22 19:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-02-28 09:58 - 2013-02-13 21:15 - 00000000 ____D () C:\Program Files (x86)\OpenOffice.org 3
2014-02-27 15:03 - 2014-02-27 15:03 - 24406204 _____ () C:\Users\User\Downloads\AVS Image Converter 3.0.2.270 + Patch.rar
2014-02-27 15:03 - 2014-02-27 15:03 - 00000000 ____D () C:\Users\User\Downloads\AVS Image Converter 3.0.2.270 + Patch
2014-02-27 14:34 - 2014-02-27 14:16 - 00000000 ____D () C:\Users\User\AppData\Roaming\RCP 6
2014-02-27 14:31 - 2014-02-27 14:31 - 00008669 _____ () C:\Users\User\Downloads\QuickJPGfromCR2.zip
2014-02-27 14:28 - 2014-02-27 14:16 - 00000000 ____D () C:\ProgramData\ReaConverter
2014-02-27 14:16 - 2014-02-27 14:16 - 29543885 _____ (ReaSoft ) C:\Users\User\Downloads\ReaConverter (1).exe
2014-02-27 14:16 - 2014-02-27 14:15 - 29543885 _____ (ReaSoft ) C:\Users\User\Downloads\ReaConverter.exe
2014-02-27 14:12 - 2014-02-27 14:11 - 49861264 _____ () C:\Users\User\Downloads\setup-contenta-converter-en-premium.exe
2014-02-27 14:09 - 2014-02-27 14:09 - 24638816 _____ (CANON INC.) C:\Users\User\Downloads\k8523dex.exe
2014-02-27 14:05 - 2014-02-27 14:04 - 15255792 _____ (Graphic-Region Development ) C:\Users\User\Downloads\batchconverter_setup.exe
2014-02-27 14:02 - 2014-02-27 14:02 - 02328552 _____ (Graphic-Region Development ) C:\Users\User\Downloads\ablerawer_setup.exe
2014-02-27 14:01 - 2013-02-17 17:06 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-02-27 14:00 - 2014-02-27 14:00 - 00832856 _____ (Canon Inc ) C:\Users\User\Downloads\k6403enx.exe
2014-02-27 13:42 - 2014-02-27 13:42 - 00949280 _____ (cr2converter.com ) C:\Users\User\Downloads\cr2converter_setup.exe
2014-02-27 13:34 - 2014-02-27 13:34 - 00000769 _____ () C:\Users\User\Desktop\Nisan bilder bearbeitung - Verknüpfung.lnk
2014-02-25 16:48 - 2014-03-13 12:22 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2014-02-25 15:20 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-02-25 14:31 - 2014-02-25 14:31 - 00000000 ____D () C:\Windows\de
2014-02-25 14:31 - 2013-02-01 23:44 - 00000000 ____D () C:\Program Files\Windows Live
2014-02-25 14:31 - 2013-02-01 23:44 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-02-25 14:30 - 2014-02-25 14:30 - 00002156 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2014-02-24 22:47 - 2014-02-21 23:32 - 00000000 ___RD () C:\Users\User\Documents\MAGIX
2014-02-24 22:47 - 2014-02-21 23:31 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-02-24 21:58 - 2014-02-24 21:56 - 00000000 ____D () C:\Users\User\Documents\Wondershare Video Converter Pro
2014-02-24 21:58 - 2014-02-24 21:55 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Pro
2014-02-24 21:56 - 2014-02-24 21:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\Wondershare Video Converter Pro
2014-02-24 21:56 - 2014-02-24 21:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-02-24 21:55 - 2014-02-24 21:55 - 00001405 _____ () C:\Users\Public\Desktop\Wondershare Video Converter Pro.lnk
2014-02-24 21:55 - 2014-02-24 21:55 - 00000000 ____D () C:\Users\User\AppData\Local\Wondershare
2014-02-24 21:55 - 2014-02-24 21:55 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-02-24 21:54 - 2014-02-24 21:53 - 38210696 _____ (Wondershare Software ) C:\Users\User\Downloads\vc2013_full891.exe
2014-02-24 20:16 - 2014-02-21 23:31 - 00000000 ____D () C:\ProgramData\MAGIX
2014-02-24 14:12 - 2014-02-24 14:12 - 00517128 _____ () C:\Users\User\Downloads\Download.htm
2014-02-23 12:43 - 2014-02-23 12:43 - 00279552 _____ () C:\Windows\{3376F3B9-9C7F-11E3-9FA0-001D92F175B5}
2014-02-23 12:39 - 2013-02-16 11:41 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-02-23 00:18 - 2014-02-23 00:18 - 00260412 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-02-22 19:48 - 2013-02-16 11:41 - 00001949 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-02-22 19:47 - 2014-02-21 23:38 - 00000000 ____D () C:\Users\User\Desktop\Nisan
2014-02-22 19:45 - 2014-02-22 19:45 - 00287744 _____ () C:\Windows\{658CAB8D-9BAC-11E3-A5EA-001D92F175B5}
2014-02-22 19:12 - 2014-02-22 19:12 - 00000516 _____ () C:\Users\User\Downloads\url.htm
2014-02-22 11:29 - 2014-02-22 11:29 - 00000000 ____D () C:\Users\User\AppData\Roaming\simplitec
2014-02-22 01:22 - 2013-01-28 12:20 - 00001080 _____ () C:\Windows\system32\settingsbkup.sfm
2014-02-22 01:22 - 2013-01-28 12:20 - 00001080 _____ () C:\Windows\system32\settings.sfm
2014-02-22 00:03 - 2014-02-22 00:03 - 00001055 _____ () C:\Users\User\Desktop\mp3DirectCut.lnk
2014-02-22 00:03 - 2014-02-22 00:03 - 00000000 ____D () C:\Program Files (x86)\mp3DirectCut
2014-02-22 00:02 - 2014-02-22 00:02 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\mp3DirectCut - CHIP-Downloader.exe
2014-02-22 00:01 - 2014-02-21 23:52 - 00773784 _____ () C:\Users\User\Desktop\Gülpembe - 1.HM2
2014-02-22 00:01 - 2014-02-21 23:52 - 00048664 _____ () C:\Users\User\Desktop\Gülpembe - 1.HMP
2014-02-22 00:01 - 2009-07-14 03:34 - 00000565 _____ () C:\Windows\win.ini
2014-02-21 23:51 - 2014-02-21 23:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\MAGIX
2014-02-21 23:50 - 2014-02-21 23:50 - 00000532 _____ () C:\Windows\WMFDist64.log
2014-02-21 23:44 - 2014-02-21 23:44 - 00000000 ____D () C:\Users\User\Documents\MAGIX_MusicEditor
2014-02-21 23:41 - 2014-02-21 23:41 - 02877784 _____ (MAGIX AG) C:\Users\User\Downloads\trial_sms2014_dlm.exe
2014-02-21 23:41 - 2014-02-21 23:40 - 04075544 _____ (MAGIX AG) C:\Users\User\Downloads\trial_mp3deluxemx_dlm.exe
2014-02-21 23:32 - 2014-02-21 23:32 - 00001167 _____ () C:\Users\Public\Desktop\MAGIX Fotos auf DVD 2013 Deluxe.lnk
2014-02-21 23:32 - 2014-02-21 23:32 - 00000000 ____D () C:\Users\User\Documents\Fotos auf DVD 2013 Deluxe
2014-02-21 23:32 - 2014-02-21 23:32 - 00000000 ____D () C:\Users\User\AppData\Local\Xara
2014-02-21 23:32 - 2014-02-21 23:32 - 00000000 ____D () C:\Users\User\AppData\Local\MAGIX
2014-02-21 23:32 - 2007-04-27 10:43 - 00120200 _____ () C:\Windows\SysWOW64\DLLDEV32i.dll
2014-02-21 23:31 - 2014-02-21 23:31 - 00000000 ____D () C:\ProgramData\simplitec
2014-02-21 23:31 - 2013-03-25 00:50 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-02-21 23:24 - 2014-02-21 23:24 - 02855560 _____ (MAGIX AG) C:\Users\User\Downloads\fotos2013deluxe_dlm.exe
2014-02-21 23:17 - 2014-02-21 23:17 - 39178560 _____ (Atomix Productions) C:\Users\User\Downloads\install_virtualdj_home_v7.4.1.exe
2014-02-21 23:16 - 2014-02-21 23:13 - 00000000 ____D () C:\Users\User\AppData\Roaming\Audacity
2014-02-21 23:13 - 2014-02-21 23:13 - 00001007 _____ () C:\Users\Public\Desktop\Audacity.lnk
2014-02-21 23:13 - 2014-02-21 23:13 - 00000000 ____D () C:\Program Files (x86)\Audacity
2014-02-21 23:12 - 2014-02-21 23:12 - 00614816 _____ (Chip Digital GmbH) C:\Users\User\Downloads\Audacity - CHIP-Downloader.exe
2014-02-21 23:10 - 2014-02-21 23:10 - 00287744 _____ () C:\Windows\{C1DF3699-9B43-11E3-BE36-001D92F175B5}
2014-02-21 18:29 - 2014-02-21 18:29 - 07528194 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ozgun - Sadece Arkadasiz.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 07450502 _____ () C:\Users\User\Downloads\Kadir- Tabi Guzelim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 06719999 _____ () C:\Users\User\Downloads\DJMUMIN vs.Babutsa - Tabi Guzelim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 06242336 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ercan Demirel - Yildizim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 06242336 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ercan Demirel - Yildizim (1).zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05943353 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ebru Gundes - Kime Ne.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05844287 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ibrahim Tatlises - Kursuna Gerek Yok.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05491694 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ozgun - Istiklal.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05447967 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ozan Ulusoy-Heykel.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05374042 _____ () C:\Users\User\Downloads\GokhanTepe-Vur(DJMUMIN.com).zip
2014-02-21 18:29 - 2014-02-21 18:29 - 05246048 _____ () C:\Users\User\Downloads\Faruk-BiraktiginGibi(DJMUMIN.com).zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04901997 _____ () C:\Users\User\Downloads\DJMUMIN vs.Dj Akman - Apachi.mp3.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04749615 _____ () C:\Users\User\Downloads\DJMUMIN vs.Gokhan Ozen - Taniman Lazim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04604022 _____ () C:\Users\User\Downloads\DJMUMIN ft. Ozgun - Milli Takim.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04509403 _____ () C:\Users\User\Downloads\IsmailYk-HaydiBastir(DJMUMIN.com).zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04177601 _____ () C:\Users\User\Downloads\DJMUMIN vs.Lara - Bilmece.zip
2014-02-21 18:29 - 2014-02-21 18:29 - 04105511 _____ () C:\Users\User\Downloads\DJMUMIN vs.Gulsen - Dillere Dusecegiz.zip
2014-02-21 18:29 - 2014-02-21 18:28 - 07308268 _____ () C:\Users\User\Downloads\DJMUMIN vs.Bendeniz - O Biliyor.zip
2014-02-21 18:29 - 2014-02-21 18:28 - 07191170 _____ () C:\Users\User\Downloads\DJMUMIN vs.Mustafa Sandal & Gulben Ergen - Sikir Sikir.zip
2014-02-21 18:29 - 2014-02-21 18:28 - 07002357 _____ () C:\Users\User\Downloads\DJMUMIN vs.Dogus - Kirila Kirila.zip
2014-02-21 18:29 - 2014-02-21 18:28 - 06857280 _____ () C:\Users\User\Downloads\DJMUMIN vs.Fettah Can - Sana Affetmek Yakisir.zip
2014-02-21 18:29 - 2014-02-21 18:28 - 06061388 _____ () C:\Users\User\Downloads\DJMUMIN vs.Bendeniz - O Biliyor 2.zip
2014-02-21 18:29 - 2014-02-21 18:28 - 05972497 _____ () C:\Users\User\Downloads\DJMUMIN vs.Serdar Ortac - Elimle.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 09581184 _____ () C:\Users\User\Downloads\DJMUMIN ft.Serdar Ortac - Ray.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 09317477 _____ () C:\Users\User\Downloads\DJMUMIN vs.Serdar Ortac - Uzecek Adam Cok.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 08586633 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Gokhan Turkmen - Ask Lazim.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 08543605 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Serdar Ortac - Gucum Yok.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07771104 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Soner Sarikabadayi - Insan Sevmez Mi.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07669249 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Emre Kaya - Tesekkur Ederim.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07496528 _____ () C:\Users\User\Downloads\DJMUMIN ft.Serdar Ortac - Tez.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07384733 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Ozan - Falan Filan.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 07081625 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Ebru Gundes - Seni Istiyorum.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06927309 _____ () C:\Users\User\Downloads\DJMUMIN ft.Gulsen - Seyre Dursun Ask.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06767819 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Gulsen - Kardan Adam.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06757592 _____ () C:\Users\User\Downloads\DJMUMIN vs.Tan - Canta.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06720707 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Soner Sarikabadayi - Burada Biri Var.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06560664 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Ercan Demirel & Musa - Adim Adim.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06496432 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Fettah Can - Bos Bardak.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06481708 _____ () C:\Users\User\Downloads\DJMUMIN vs.Atiye - Askistan.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06432553 _____ () C:\Users\User\Downloads\DJMUMIN vs.Mustafa Ceceli - Zillerime Basıp Kaçıyor.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06332349 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Ibrahim Tatlises - Derya.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06320658 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Gokhan Ozen - Budala.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06319711 _____ () C:\Users\User\Downloads\DJMUMIN vs.Ebru Gundes - Aldirma.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 06151289 _____ () C:\Users\User\Downloads\DJMUMIN ft.Mustafa Ceceli - Bir Yanlis Kac Dogru.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05938594 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Erdem Kinay & Merve - Duman.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05938314 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Linet & Sila - Aslan Gibi.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05893008 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Linet - Aslan Gibi.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05599197 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Emir - Veda Gecesi.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05534629 _____ () C:\Users\User\Downloads\DJMUMIN ft.Ebru Gundes - Yaparim Bilirsin.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05453616 _____ () C:\Users\User\Downloads\Mumin Beyaz ft.Hasan Yilmaz - Senin Agzini Yerim.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05385769 _____ () C:\Users\User\Downloads\DJMUMIN ft.Mustafa Sandal - Ego.zip
2014-02-21 18:28 - 2014-02-21 18:28 - 05385769 _____ () C:\Users\User\Downloads\DJMUMIN ft.Mustafa Sandal - Ego (1).zip
2014-02-21 15:17 - 2014-02-21 15:17 - 00612352 _____ () C:\Windows\{710242C7-9B02-11E3-85C4-001D92F175B5}
2014-02-21 15:17 - 2014-02-21 15:17 - 00448000 _____ () C:\Windows\{710242CD-9B02-11E3-85C4-001D92F175B5}
2014-02-21 15:04 - 2014-02-21 15:04 - 00032768 _____ () C:\Windows\{650B86AC-9AEC-11E3-97D0-001D92F175B5}
2014-02-21 15:03 - 2014-02-21 15:03 - 00219136 _____ () C:\Windows\{650B86A6-9AEC-11E3-97D0-001D92F175B5}
2014-02-20 19:18 - 2014-02-20 19:18 - 00000000 ____D () C:\Users\User\Downloads\Dizi Fon Müzikleri
2014-02-20 19:02 - 2014-02-20 18:27 - 107979678 _____ () C:\Users\User\Downloads\Dizi Fon Müzikleri.rar
2014-02-20 18:04 - 2014-02-20 18:04 - 03347712 _____ () C:\Users\User\Downloads\23nisangirismuzigi.rar
2014-02-20 18:04 - 2014-02-20 18:04 - 03347712 _____ () C:\Users\User\Downloads\23nisangirismuzigi (1).rar
2014-02-20 18:04 - 2014-02-20 18:04 - 00000000 ____D () C:\Users\User\Downloads\23nisangirismuzigi (1)
2014-02-19 17:38 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-17 17:31 - 2013-12-25 14:46 - 00000000 ____D () C:\Users\User\Desktop\101CANON
2014-02-17 17:30 - 2014-02-17 17:30 - 00000989 _____ () C:\Users\User\Desktop\Gw2.exe - Verknüpfung.lnk
2014-02-17 02:06 - 2013-08-14 17:32 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 02:05 - 2013-01-22 18:51 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-13 17:29 - 2014-01-30 16:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Battle.net

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Execute2App.exe
C:\Users\User\AppData\Local\Temp\msvcp90.dll
C:\Users\User\AppData\Local\Temp\msvcr90.dll
C:\Users\User\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\User\AppData\Local\Temp\nvStInst.exe
C:\Users\User\AppData\Local\Temp\ose00000.exe
C:\Users\User\AppData\Local\Temp\vlc-2.1.4-win64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 13:27

==================== End Of Log ============================

--- --- ---

Addition logflie

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by User at 2014-03-15 10:17:24
Running from C:\Users\User\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis*True*Image*Home 2011 (HKLM-x32\...\{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}) (Version: 14.0.6942 - Acronis)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Alien Breed 2: Assault (HKLM-x32\...\Steam App 22650) (Version:  - Team17 Software Ltd.)
Alien Breed 3: Descent (HKLM-x32\...\Steam App 22670) (Version:  - Team17 Software Ltd.)
Alien Breed: Impact (HKLM-x32\...\Steam App 22610) (Version:  - Team17 Software Ltd. )
Aliens: Colonial Marines (HKLM-x32\...\Steam App 49540) (Version:  - Gearbox Software)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Arma 3 Beta (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.5.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
BCL easyConverter 3.0 Licensing Module (BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Loader SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (Loader, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 Module (RTF, BCL License) (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 RTF SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BCL easyConverter 3.0 SDK Module (x32 Version: 3.0.18 - BCL Technologies) Hidden
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bulletstorm (HKLM-x32\...\GFWL_{45410935-3E72-472B-8C35-AB1000008200}) (Version: 1.0.0000.130 - EA)
Bulletstorm (x32 Version: 1.0.0000.130 - EA) Hidden
BulletStorm (x32 Version: 1.0.0005.130 - EA) Hidden
Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version:  - ) <==== ATTENTION
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon iP4900 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series) (Version:  - )
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CanoScan LiDE 200 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807) (Version:  - )
Carbon (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Cities XL 2012 (HKLM-x32\...\Steam App 201760) (Version:  - )
Command & Conquer™ Alarmstufe Rot™ 3 (HKLM-x32\...\{296D8550-CB06-48E4-9A8B-E5034FB64715}) (Version: 1.0.1.0 - Electronic Arts)
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version:  - Relic Entertainment)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - )
Company of Heroes 2 (HKLM-x32\...\Q29tcGFueW9mSGVyb2VzMg==_is1) (Version: 1 - )
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{DEAEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.263 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 2.00 - Creative Technology Limited)
Creative Konsole Starter (HKLM-x32\...\Console Launcher) (Version:  - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version:  - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts)
CUEcards 2000 (HKLM-x32\...\CUEcards 2000) (Version:  - Marcus Humann Software-Technik)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER Etiketten-Druckerei 7 (HKLM-x32\...\Etiketten-Druckerei 7_is1) (Version: 7.0 - DATA BECKER GmbH & Co. KG)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
Delta Chrome Toolbar (HKLM-x32\...\{177586E7-E42E-4F38-83D1-D15B4AF5B714}) (Version: 1.0.0.0 - DeltaInstaller) <==== ATTENTION
DH Driver Cleaner Professional Edition (HKLM-x32\...\Driver Cleaner Pro) (Version: Version 1.5 - Ruud Ketelaars)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DiRT 2 (HKLM-x32\...\Steam App 12840) (Version:  - Codemasters Racing Studio)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version:  - Codemasters Racing Studio)
doPDF 7.3 printer (HKLM\...\doPDF 7 printer_is1) (Version: 7.3.393 - Softland)
Dragon Age™ II (HKLM-x32\...\{E1EB9F56-AFE2-4204-B28F-AD8DA793B9F4}) (Version: 1.04.8524.0 - Electronic Arts)
Driver San Francisco (HKLM-x32\...\Steam App 33440) (Version:  - Ubisoft Reflections)
Dropbox (HKCU\...\Dropbox) (Version: 2.2.8 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.00 - Ubisoft)
FIFA 11 (HKLM-x32\...\{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}) (Version: 1.0.0.0 - Electronic Arts)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Ghost Recon Online (EU) (HKCU\...\d8be6c3f847d7d92) (Version: 1.32.6606.1 - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version:  - Stripf Software)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.0.1.002 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{5002C5B1-B688-474A-AB3A-9B65DBD38FF9}) (Version: 2.0.41.0 - HTC)
iBomber Defense (HKLM-x32\...\Steam App 104000) (Version:  - Cobra Mobile)
iBomber Defense Pacific (HKLM-x32\...\Steam App 206690) (Version:  - Cobra Mobile)
ICA (x32 Version: 1.6.1.263 - Corel Corporation) Hidden
IPM_PSP_CL (x32 Version: 1.00.0000 - Your Company Name) Hidden
IPM_PSP_COM (x32 Version: 1.00.0000 - Your Company Name) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JPG2PDF 2.2 (HKLM-x32\...\JPG2PDF_is1) (Version:  - JPG2PDF Developer Team)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Logitech Gaming Software (Version: 8.40.83 - Logitech Inc.) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
MAGIX Fotos auf DVD 2013 Deluxe (HKLM-x32\...\MAGIX_{57F4B170-E76D-47F9-B6BA-F3D4FB7445B6}) (Version: 12.0.2.78 - MAGIX AG)
MAGIX Fotos auf DVD 2013 Deluxe (Version: 12.0.2.78 - MAGIX AG) Hidden
Marvel Heroes (HKLM-x32\...\Steam App 226320) (Version:  - )
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version:  - Rockstar Studios)
Metro 2033 (HKLM-x32\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4024.1220 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NavyField2 (HKLM-x32\...\NavyField2 EU) (Version:  - )
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OLmailRestore (HKLM-x32\...\{1CA51385-DC47-4BFA-8355-0D99C2B6D5F9}) (Version: 2.1.2 - za-ass-Software)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.11.2678 - Electronic Arts, Inc.)
PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version:  - )
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDF2Word Converter Version 1.0.9 (Build 174) (HKLM-x32\...\PDF2Word Converter_is1) (Version: PDF2Word Converter - Version 1.0.9 (Build 174) - Th. Hodes Software)
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Lachesis (HKLM-x32\...\{CB4532F7-A1BD-46D2-9938-3E7D4656FB18}) (Version: 1.10.0000 - Razer USA Ltd.)
ROCCAT Kone[+] Mouse Driver (HKLM-x32\...\{B99CB207-4704-4C51-9309-0FA90AA26DD4}) (Version:  - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14024.11 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Setup (x32 Version: 1.6.1.263 - Corel Corporation) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Star Conflict (HKLM-x32\...\Steam App 212070) (Version:  - )
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Street Fighter IV (HKLM-x32\...\Steam App 21660) (Version:  - Capcom)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24482 - TeamViewer)
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.0.3 - Electronic Arts)
UE3Redist (HKCU\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{32E700B9-1A94-48B4-99E1-CB8BD5F7340A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{0C175ED0-26B9-4B09-AFA9-3F16A03A29B9}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{81CA2EFA-7250-4B1E-B3A6-E0595224E2CD}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Wondershare Video Converter Pro(Build 6.7.0.1) (HKLM-x32\...\Wondershare Video Converter Pro_is1) (Version: 6.7.0.1 - Wondershare Software)
WordToPDF 2.9 (HKLM-x32\...\WordToPDF_is1) (Version: 2.9 - Mario Noack)
WordToPDFConverter (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.1.0 - TaoRuan)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version:  - Wargaming.net)
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version:  - )
Zeugnis-Generator 12.0 (HKLM-x32\...\{6A5D6552-7645-48F4-8922-475ADA18EBD4}) (Version: 12.00.0001 - H&P Infomedia)

==================== Restore Points  =========================

12-03-2014 17:09:34 Windows Update
13-03-2014 01:32:23 Windows Update
13-03-2014 11:22:18 Installed Samsung Kies3

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1D11C570-A441-4081-9DFE-DC2DD6C2C487} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {35F1E13D-DB7D-4179-BEED-900D2AB6F451} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-11] (Google Inc.)
Task: {49B13E1F-6762-419E-9F9C-0D9ABA15E877} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-11] (Google Inc.)
Task: {50F7A4FC-CCC3-4C42-80A0-3437BB64869E} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-09-03] ()
Task: {8C9265CC-A5A9-45B1-8B91-C671AD8740D8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-09 18:41 - 2014-03-04 14:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-24 23:05 - 2012-12-07 17:26 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-01-25 15:31 - 2014-02-04 20:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-02-24 21:55 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2010-10-01 10:54 - 2011-08-04 14:06 - 00139264 _____ () D:\Programme\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll
2013-06-27 15:52 - 2009-11-10 17:05 - 00248320 _____ () C:\Program Files (x86)\Razer\Lachesis\razerhid.exe
2013-03-07 10:19 - 2013-03-07 10:19 - 00169312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2013-06-27 15:52 - 2009-11-04 15:28 - 00143360 _____ () C:\Program Files (x86)\Razer\Lachesis\razertra.exe
2013-03-07 10:18 - 2013-03-07 10:18 - 00025960 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2013-03-07 10:18 - 2013-03-07 10:18 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2013-03-07 10:18 - 2013-03-07 10:18 - 00044392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2013-03-07 10:18 - 2013-03-07 10:18 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-03-07 10:19 - 2013-03-07 10:19 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-03-07 10:21 - 2013-03-07 10:21 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2014-03-11 20:55 - 2014-03-06 21:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.149\chrome_elf.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-03-11 20:55 - 2014-03-06 21:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.149\libglesv2.dll
2014-03-11 20:55 - 2014-03-06 21:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.149\libegl.dll
2011-08-22 12:57 - 2011-08-22 12:57 - 00002560 _____ () C:\Windows\SysWOW64\CTXFIRES.DLL
2014-03-11 20:55 - 2014-03-06 21:36 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.149\pdf.dll
2014-03-11 20:55 - 2014-03-06 21:36 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.149\ppGoogleNaClPluginChrome.dll
2014-03-11 20:55 - 2014-03-06 21:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.149\ffmpegsumo.dll
2013-11-30 23:49 - 2010-06-22 13:50 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll
2013-01-22 19:59 - 2009-03-26 14:46 - 00148480 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\User\Desktop\2013-05-04 22.47.31-1.jpg:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: DBService => 2
MSCONFIG\Services: SamsungAllShareV2.0 => 2
MSCONFIG\Services: SimpleSlideShowServer => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: Corel File Shell Monitor => D:\Programme\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SAOB Monitor => C:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/15/2014 09:53:49 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/15/2014 09:53:49 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/15/2014 09:53:49 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/15/2014 09:49:19 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (03/15/2014 09:49:19 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (03/15/2014 09:49:19 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (03/15/2014 09:45:15 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (03/15/2014 09:45:15 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/15/2014 09:45:15 AM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (03/15/2014 09:39:30 AM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]


System errors:
=============
Error: (03/14/2014 09:06:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Diagnosesystemhost" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1115

Error: (03/14/2014 09:06:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Enumeratordienst für tragbare Geräte" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1115

Error: (03/14/2014 09:06:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (03/14/2014 09:06:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "netprofm" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (03/14/2014 09:06:47 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Office Software Protection Platform" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109

Error: (03/12/2014 07:00:20 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR3 gefunden.

Error: (03/11/2014 08:00:45 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (03/11/2014 08:00:15 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.

Error: (03/11/2014 07:59:48 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (03/10/2014 04:11:36 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.


Microsoft Office Sessions:
=========================
Error: (03/15/2014 09:53:49 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/15/2014 09:53:49 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (03/15/2014 09:53:49 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (03/15/2014 09:49:19 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]

Error: (03/15/2014 09:49:19 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]

Error: (03/15/2014 09:49:19 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]

Error: (03/15/2014 09:45:15 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (03/15/2014 09:45:15 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (03/15/2014 09:45:15 AM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (03/15/2014 09:39:30 AM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]


CodeIntegrity Errors:
===================================
  Date: 2014-03-14 17:58:10.982
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-14 17:58:10.981
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-14 17:58:10.979
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-14 17:58:10.976
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-14 17:58:10.974
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-14 17:58:10.973
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 13:28:04.224
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 13:28:04.223
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 13:28:04.221
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-10 13:28:04.218
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 34%
Total physical RAM: 6143.16 MB
Available physical RAM: 4054.37 MB
Total Pagefile: 12284.5 MB
Available Pagefile: 9659.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:38.41 GB) NTFS
Drive d: (BackUp) (Fixed) (Total:1863.01 GB) (Free:306.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D5BE2C26)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119 GB) (Disk ID: 2882A16F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119 GB) - (Type=07 NTFS)

==================== End Of Log ============================

HighCyber · 15.03.2014, 11:31

gmer logflie

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-15 10:31:38
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T1L0-6 SAMSUNG_SSD_830_Series rev.CXM03B1Q 119,24GB
Running: Gmer-19357.exe; Driver: C:\Users\User\AppData\Local\Temp\aglorpow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322                                                                 000000006f651a22 2 bytes [65, 6F]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496                                                                 000000006f651ad0 2 bytes [65, 6F]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552                                                                 000000006f651b08 2 bytes [65, 6F]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730                                                                 000000006f651bba 2 bytes [65, 6F]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762                                                                 000000006f651bda 2 bytes [65, 6F]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                          0000000077c11465 2 bytes [C1, 77]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[2244] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                         0000000077c114bb 2 bytes [C1, 77]
.text  ...                                                                                                                                                     * 2
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                       0000000077c11465 2 bytes [C1, 77]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3492] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                      0000000077c114bb 2 bytes [C1, 77]
.text  ...                                                                                                                                                     * 2
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                   0000000077c11465 2 bytes [C1, 77]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                  0000000077c114bb 2 bytes [C1, 77]
.text  ...                                                                                                                                                     * 2
.text  C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe[3344] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000077c11465 2 bytes [C1, 77]
.text  C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe[3344] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000077c114bb 2 bytes [C1, 77]
.text  ...                                                                                                                                                     * 2
.text  C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                            0000000077c11465 2 bytes [C1, 77]
.text  C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5004] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                           0000000077c114bb 2 bytes [C1, 77]
.text  ...                                                                                                                                                     * 2
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                          0000000077c11465 2 bytes [C1, 77]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe[3096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                         0000000077c114bb 2 bytes [C1, 77]
.text  ...                                                                                                                                                     * 2

---- EOF - GMER 2.1 ----

danke

schrauber · 15.03.2014, 17:33

um welche Ordner geht es genau?

HighCyber · 15.03.2014, 22:56

Hallo schrauber,

alle Ordner in mein System sind schreibgeschützt, das betrifft auch die zusätzliche Platte die angeschlossen sind.

Wenn ich einen neuen Ordner erstelle ist es ohne zusätzliche Einstellung sofort schreibgeschützt.

schrauber · 16.03.2014, 17:48

Screenshot davon bitte. Ebenso bitte REchtsklick auf einen Ordner, Eigenschaften, davon auch bitte einen Screenshot.

HighCyber · 16.03.2014, 18:13

Wie es zusehen ist, ist das

Zitat:

"Änderungen nur für diesen Ordner Übernehmen"

ausgegrault.

Wenn ich die Option

Zitat:

" Änderungen für diesen Ordner, untergeordnete Ordner und Dateien übernehmen"

bestätige und darauf bei Eigenschaften Übernehmen und daraufhin Ok betätige wird sich bei wiederaufrufen von Eigenschaften nichts verändert haben.

Der Haken im Schreibgeschützt wird wieder angezeigt.

schrauber · 17.03.2014, 10:22

Ich hasse meinen Arbeitsrechner....

Bitte mal heute Abend ne PM schicken, ich seh die Bilder nicht, die werden geblockt.

HighCyber · 21.03.2014, 14:11

PM ist raus, hoffe Sie konnten die nachricht empfangen.

schrauber · 22.03.2014, 10:31

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

HighCyber · 22.03.2014, 13:26

Code:

ATTFilter

ComboFix 14-03-19.01 - user 22.03.2014  13:19:30.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.6143.4217 [GMT 1:00]
ausgeführt von:: c:\users\user\Desktop\ComboFix.exe
AV: Kaspersky PURE 3.0 *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
FW: Kaspersky PURE 3.0 *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Kaspersky PURE 3.0 *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-02-22 bis 2014-03-22  ))))))))))))))))))))))))))))))
.
.
2014-03-21 13:53 . 2014-03-21 14:02	--------	d-----w-	C:\AdwCleaner
2014-03-21 13:08 . 2014-03-07 04:43	10521840	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{BABC6945-B78A-4EC5-AF96-A89E64534205}\mpengine.dll
2014-03-20 20:20 . 2014-03-20 20:20	--------	d-----w-	c:\program files (x86)\CR2 Converter
2014-03-18 20:51 . 2014-03-18 20:51	--------	d--h--w-	c:\programdata\CanonIJEPPEX2
2014-03-18 20:51 . 2014-03-18 20:51	--------	d--h--w-	c:\programdata\CanonEPP
2014-03-18 20:50 . 2014-03-18 20:50	--------	d-----w-	c:\program files\Canon
2014-03-16 01:37 . 2011-06-02 13:39	84536	----a-w-	c:\windows\system32\drivers\CSCrySec.sys
2014-03-16 01:37 . 2011-06-02 13:39	66616	----a-w-	c:\windows\system32\drivers\CSVirtualDiskDrv.sys
2014-03-16 01:37 . 2014-03-16 01:37	--------	d-----w-	c:\windows\ELAMBKUP
2014-03-16 01:37 . 2014-03-16 01:37	--------	d-----w-	c:\program files (x86)\Common Files\InfoWatch
2014-03-16 01:37 . 2013-11-11 18:13	90208	----a-w-	c:\windows\system32\drivers\klflt.sys
2014-03-16 01:37 . 2013-11-11 18:13	626272	----a-w-	c:\windows\system32\drivers\klif.sys
2014-03-16 01:33 . 2013-11-11 18:13	64856	----a-w-	c:\windows\system32\klfphc.dll
2014-03-16 01:32 . 2014-03-16 01:32	--------	d-----w-	c:\program files (x86)\Kaspersky Lab
2014-03-15 09:16 . 2014-03-15 09:17	--------	d-----w-	C:\FRST
2014-03-13 11:22 . 2014-02-25 15:48	144664	----a-w-	c:\windows\SysWow64\secman.dll
2014-03-12 13:48 . 2014-03-12 13:48	--------	d-----w-	c:\users\user\AppData\Local\Blizzard
2014-03-11 20:07 . 2014-03-11 20:07	4550656	----a-w-	c:\windows\SysWow64\GPhotos.scr
2014-03-11 19:55 . 2014-03-20 20:32	--------	d-----w-	c:\users\user\AppData\Local\Google
2014-03-11 19:55 . 2014-03-20 20:31	--------	d-----w-	c:\program files (x86)\Google
2014-03-11 19:10 . 2014-03-04 11:32	599840	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-03-10 15:45 . 2014-02-08 18:34	1885472	----a-w-	c:\windows\system32\nvdispco6433489.dll
2014-03-10 15:45 . 2014-02-08 18:34	1515296	----a-w-	c:\windows\system32\nvdispgenco6433489.dll
2014-02-27 13:16 . 2014-02-27 13:34	--------	d-----w-	c:\users\user\AppData\Roaming\RCP 6
2014-02-27 13:16 . 2014-02-27 13:28	--------	d-----w-	c:\programdata\ReaConverter
2014-02-27 13:10 . 2014-02-27 13:10	--------	d-----w-	c:\program files (x86)\Common Files\Canon
2014-02-25 13:31 . 2014-02-25 13:31	--------	d-----w-	c:\windows\de
2014-02-25 13:30 . 2014-02-25 13:29	6072008	-c--a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\9e398a731cf322d01\onedrivesetup.exe
2014-02-25 12:26 . 2014-02-25 12:26	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2014-02-25 12:25 . 2014-02-25 12:25	--------	d-----w-	c:\windows\Migration
2014-02-24 20:56 . 2014-02-24 20:56	--------	d-----w-	c:\users\user\AppData\Roaming\Wondershare Video Converter Pro
2014-02-24 20:56 . 2014-02-24 20:56	--------	d-----w-	c:\users\user\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-02-24 20:55 . 2014-02-24 20:55	--------	d-----w-	c:\users\user\AppData\Local\Wondershare
2014-02-24 20:55 . 2014-02-24 20:55	--------	d-----w-	c:\program files (x86)\Common Files\Wondershare
2014-02-24 20:55 . 2013-08-23 12:36	721263	----a-w-	c:\windows\SysWow64\WSCM64.dll
2014-02-24 20:55 . 2013-08-07 13:31	214528	----a-w-	c:\windows\SysWow64\WSCM32.dll
2014-02-24 20:55 . 2014-02-24 20:58	--------	d-----w-	c:\programdata\Wondershare Video Converter Pro
2014-02-24 20:55 . 2014-02-24 20:55	--------	d-----w-	c:\program files (x86)\Wondershare
2014-02-21 23:03 . 2014-02-21 23:03	--------	d-----w-	c:\program files (x86)\mp3DirectCut
2014-02-21 22:32 . 2014-02-21 22:32	--------	d-----w-	c:\users\user\AppData\Local\Xara
2014-02-21 22:32 . 2014-02-21 22:32	--------	d-----w-	c:\users\user\AppData\Local\MAGIX
2014-02-21 22:32 . 2014-02-21 22:32	--------	d-----w-	c:\program files (x86)\Common Files\MAGIX Shared
2014-02-21 22:31 . 2014-02-24 21:47	--------	d-----w-	c:\program files (x86)\MAGIX
2014-02-21 22:31 . 2014-02-24 19:16	--------	d-----w-	c:\programdata\MAGIX
2014-02-21 22:31 . 2014-02-21 22:31	--------	d-----w-	c:\program files (x86)\Common Files\MAGIX Services
2014-02-21 22:24 . 2014-02-21 22:51	--------	d-----w-	c:\users\user\AppData\Roaming\MAGIX
2014-02-21 22:13 . 2014-02-21 22:16	--------	d-----w-	c:\users\user\AppData\Roaming\Audacity
2014-02-21 22:13 . 2014-02-21 22:13	--------	d-----w-	c:\program files (x86)\Audacity
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-18 00:05 . 2013-01-22 17:51	90015360	----a-w-	c:\windows\system32\MRT.exe
2014-03-10 19:02 . 2013-01-25 14:31	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-03-10 18:29 . 2013-01-25 14:31	214392	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-03-04 14:35 . 2013-10-09 18:00	3093280	----a-w-	c:\windows\system32\nvapi64.dll
2014-03-04 14:35 . 2013-10-09 18:00	2715264	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-03-04 14:35 . 2013-10-09 18:00	14709720	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2013-10-09 18:00	947808	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-03-04 14:35 . 2013-10-09 17:40	62408	----a-w-	c:\windows\system32\OpenCL.dll
2014-03-04 14:35 . 2013-10-09 17:40	54216	----a-w-	c:\windows\SysWow64\OpenCL.dll
2014-03-04 14:35 . 2013-09-02 16:51	31474976	----a-w-	c:\windows\system32\nvoglv64.dll
2014-03-04 13:06 . 2013-10-09 17:41	6714312	----a-w-	c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2013-10-09 17:41	3497816	----a-w-	c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2013-10-09 17:41	922968	----a-w-	c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2013-10-09 17:41	64968	----a-w-	c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2013-10-09 17:41	2558808	----a-w-	c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2013-10-09 17:41	386336	----a-w-	c:\windows\system32\nvmctray.dll
2014-03-04 13:05 . 2013-10-09 17:41	3649185	----a-w-	c:\windows\system32\nvcoproc.bin
2014-02-25 12:26 . 2013-01-28 17:28	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2014-02-25 12:26 . 2013-01-28 17:27	42168	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2014-02-21 22:32 . 2007-04-27 09:43	120200	----a-w-	c:\windows\SysWow64\DLLDEV32i.dll
2014-02-09 13:50 . 2013-10-19 12:01	952	--sha-w-	c:\programdata\KGyGaAvL.sys
2014-02-04 19:03 . 2013-01-25 14:31	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2014-01-22 07:52 . 2014-01-22 07:52	206080	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2014-01-22 07:52 . 2014-01-22 07:52	108800	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2014-01-15 23:13 . 2014-01-29 10:45	1885472	----a-w-	c:\windows\system32\nvdispco6433467.dll
2014-01-15 23:13 . 2014-01-29 10:45	1515296	----a-w-	c:\windows\system32\nvdispgenco6433467.dll
2014-01-10 12:31 . 2014-01-10 12:31	322240	----a-w-	c:\windows\WLXPGSS.SCR
2013-12-24 23:09 . 2014-02-12 16:54	1987584	----a-w-	c:\windows\SysWow64\d3d10warp.dll
2013-12-24 22:48 . 2014-02-12 16:54	2565120	----a-w-	c:\windows\system32\d3d10warp.dll
2011-08-23 16:42 . 2013-10-19 12:22	332144	----a-w-	c:\program files (x86)\Common Files\MediaOrganizer.dll
2011-08-23 16:35 . 2013-10-19 12:22	33136	----a-w-	c:\program files (x86)\Common Files\FlickrProvider.dll
2011-08-23 16:35 . 2013-10-19 12:22	402800	----a-w-	c:\program files (x86)\Common Files\facebook.dll
2011-08-23 16:35 . 2013-10-19 12:22	130416	----a-w-	c:\program files (x86)\Common Files\PluginCommon.dll
2011-08-23 16:34 . 2013-10-19 12:22	465264	----a-w-	c:\program files (x86)\Common Files\AppFramework.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-02-25 13:30	222920	----a-w-	c:\users\user\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-02-25 13:30	222920	----a-w-	c:\users\user\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-02-25 13:30	222920	----a-w-	c:\users\user\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	130736	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-12-20 17:20	459784	----a-w-	c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CreativeTaskScheduler"="c:\program files (x86)\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"Kies3PDLR.exe"="c:\program files (x86)\Samsung\Kies3\FirmwareUpdate\Kies3PDLR.exe" [2014-02-26 844360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"CTxfiHlp"="CTXFIHLP.EXE" [2011-08-22 25600]
"Lachesis"="c:\program files (x86)\Razer\Lachesis\razerhid.exe" [2009-11-10 248320]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2013-12-12 186408]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Wondershare Helper Compact.exe"="c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" [2013-06-13 1743648]
"BrowserPlugInHelper"="c:\program files (x86)\Wondershare\Video Converter Pro\BrowserPlugInHelper.exe" [2013-12-10 1962896]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" [2013-11-11 356128]
"CanonQuickMenu"="c:\program files (x86)\Canon\Quick Menu\CNQMMAIN.EXE" [2013-07-23 1282632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 becldr3Service;BCL EasyConverter SDK 3 Loader;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe;c:\program files (x86)\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GPU-Z;GPU-Z;c:\users\user\AppData\Local\Temp\GPU-Z.sys;c:\users\user\AppData\Local\Temp\GPU-Z.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
R4 afcdpsrv;Acronis Nonstop Backup-Dienst;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 DBService;DATA BECKER Update Service;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe;c:\program files (x86)\Common Files\DATA BECKER Shared\DBService.exe [x]
S0 CSCrySec;InfoWatch Encrypt Sector Library driver;c:\windows\system32\DRIVERS\CSCrySec.sys;c:\windows\SYSNATIVE\DRIVERS\CSCrySec.sys [x]
S0 tdrpman273;Acronis Try&Decide and Restore Points filter (build 273);c:\windows\system32\DRIVERS\tdrpm273.sys;c:\windows\SYSNATIVE\DRIVERS\tdrpm273.sys [x]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;c:\windows\system32\DRIVERS\CSVirtualDiskDrv.sys;c:\windows\SYSNATIVE\DRIVERS\CSVirtualDiskDrv.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 CSObjectsSrv;Verwaltungsservice vom CryproStorage-System;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe;c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 hcw66xxx;WinTV HVR-900H;c:\windows\system32\Drivers\hcw66x64.sys;c:\windows\SYSNATIVE\Drivers\hcw66x64.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VaneFltr;Lachesis Mouse Driver;c:\windows\system32\drivers\Lachesis.sys;c:\windows\SYSNATIVE\drivers\Lachesis.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 09:01	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-04 19:42]
.
2014-03-22 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2013-09-03 21:02]
.
2014-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-11 19:55]
.
2014-03-22 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-11 19:55]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2014-02-25 13:30	261832	----a-w-	c:\users\user\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2014-02-25 13:30	261832	----a-w-	c:\users\user\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2014-02-25 13:30	261832	----a-w-	c:\users\user\AppData\Local\Microsoft\SkyDrive\17.0.4024.1220\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	164016	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	164016	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	164016	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-24 17:59	164016	----a-w-	c:\users\user\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2012-12-20 17:22	492040	----a-w-	c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2012-11-29 7406392]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.178.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-Guild Wars 2 - c:\program files (x86)\Guild Wars 2\Gw2.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-884858723-1613936228-1444445012-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-884858723-1613936228-1444445012-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-884858723-1613936228-1444445012-1001\Software\SecuROM\License information*]
"datasecu"=hex:d8,14,76,e0,00,25,f5,fa,56,69,86,f2,47,93,77,55,a1,91,6b,64,80,
   95,61,c1,ee,ae,49,01,8f,a4,79,4a,49,64,f6,08,74,50,d9,6f,45,bb,3c,b3,77,fd,\
"rkeysecu"=hex:e4,98,43,de,6a,1a,c0,9e,c6,73,ad,2f,4d,75,24,91
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-03-22  13:26:50
ComboFix-quarantined-files.txt  2014-03-22 12:26
.
Vor Suchlauf: 19 Verzeichnis(se), 37.022.367.744 Bytes frei
Nach Suchlauf: 24 Verzeichnis(se), 46.256.963.584 Bytes frei
.
- - End Of File - - 123347A027D20E5373BE104BB625A3E7
A36C5E4F47E84449FF07ED3517B43A31

schrauber · 23.03.2014, 10:51

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

HighCyber · 23.03.2014, 18:16

Malwarebytes

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.23.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
User :: User-PC [Administrator]

Schutz: Aktiviert

23.03.2014 16:24:55
mbam-log-2014-03-23 (16-24-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 889457
Laufzeit: 1 Stunde(n), 48 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BK3RXTW3\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BK3RXTW3\spstub[1].exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\User\Local Settings\Application Data\Bundled software uninstaller\bi_client.exe (PUP.Optional.Somoto.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\AutoKMS\AutoKMS.exe (Trojan.AutoKMS) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

adwcleaner

Code:

ATTFilter

# AdwCleaner v3.022 - Bericht erstellt am 21/03/2014 um 14:59:18
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : User - User-PC
# Gestartet von : C:\Users\User\Desktop\AdwCleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [848 octets] - [21/03/2014 14:53:07]
AdwCleaner[R1].txt - [914 octets] - [21/03/2014 14:55:49]
AdwCleaner[R2].txt - [1032 octets] - [21/03/2014 14:58:40]
AdwCleaner[S0].txt - [910 octets] - [21/03/2014 14:54:09]
AdwCleaner[S1].txt - [974 octets] - [21/03/2014 14:57:00]
AdwCleaner[S2].txt - [955 octets] - [21/03/2014 14:59:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1014 octets] ##########

Zitat:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Professional x64
Ran by User on 23.03.2014 at 18:38:01,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{02DD8284-A49F-43E5-9D84-CF19DC9AD21D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{27DE7D30-BCCD-44D1-ADCB-A74A4259EBEF}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3A0EFC4E-F167-4D0E-9C24-FC5519237993}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{65DEE40A-3E93-4CAE-9F98-B8E06DCEE2BF}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\backupstack_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{65DEE40A-3E93-4CAE-9F98-B8E06DCEE2BF}

~~~ Files

Successfully deleted: [File] "C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\user pinned\taskbar\startfenster.lnk"
Successfully deleted: [File] "C:\Windows\syswow64\wscm32.dll"
Successfully deleted: [File] "C:\Windows\syswow64\wscm64.dll"

~~~ Folders

~~~ Chrome

Successfully deleted: [Folder] C:\Users\User\appdata\local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Google\Chrome\Extensions\chgdeabpmphfhkoemjjglmilajldekbp

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.03.2014 at 18:43:12,96
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 24.03.2014, 12:06

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

15.03.2014, 17:33	#5
schrauber /// the machine /// TB-Ausbilder	Windows 7 Ordner plötzlich Schreibgeschützt um welche Ordner geht es genau? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

16.03.2014, 17:48	#7
schrauber /// the machine /// TB-Ausbilder	Windows 7 Ordner plötzlich Schreibgeschützt Screenshot davon bitte. Ebenso bitte REchtsklick auf einen Ordner, Eigenschaften, davon auch bitte einen Screenshot. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

17.03.2014, 10:22	#9
schrauber /// the machine /// TB-Ausbilder	Windows 7 Ordner plötzlich Schreibgeschützt Ich hasse meinen Arbeitsrechner.... Bitte mal heute Abend ne PM schicken, ich seh die Bilder nicht, die werden geblockt. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 7 Ordner plötzlich Schreibgeschützt

Log-Analyse und Auswertung: Windows 7 Ordner plötzlich Schreibgeschützt