|
Log-Analyse und Auswertung: Browser hängt und lädt ununterbrochenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
28.06.2014, 12:45 | #1 |
| Browser hängt und lädt ununterbrochen Hallo, mein Problem ist folgendes: Wenn ich Webseiten aufrufe, dann hängen die oft und laden ununterbrochen. Es ist egal welchen Browser ist verwenden. Immer das selbe Problem. Wenn ich mehrere Tabs offen habe, dann lässt sich der Tab, der unnormal lädt, nicht schließen. Die anderen Tabs können normal geschlossen werden. Ich kann dann nur das ganze Fenster schließen. Auch bei der Registrierung hier gab es Probleme. Ich bin bis zum Formular gekommen, aber bei Klick auf Absenden verändert sich die Seite nicht und lädt nur bis die Meldung "keine Daten empfangen" erscheint. Diese Meldung erscheint nur in Opera, aber das Problem ist bei jedem Browser. Ich musste mich deshalb über mein Handy registrieren und den Beitrag verfassen. |
28.06.2014, 12:49 | #2 |
/// the machine /// TB-Ausbilder | Browser hängt und lädt ununterbrochen hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
28.06.2014, 13:02 | #3 |
| Browser hängt und lädt ununterbrochenFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02 Ran by Emre (administrator) on EMRE on 28-06-2014 13:54:48 Running from C:\Users\Emre\Downloads Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe (GfK) C:\Program Files (x86)\GfKLSPService\GfKLspService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\Locator.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe (Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Deutsche Telekom AG) C:\Users\Emre\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe () C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Farbar) C:\Users\Emre\Downloads\FRST64 (1).exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-10-28] (Alienware) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7200984 2013-10-05] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor) HKLM\...\Run: [] => [X] HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [GfK-WatchDog] => C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2014-02-20] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [Google Update] => C:\Users\Emre\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-02] (Google Inc.) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [DellSystemDetect] => C:\Users\Emre\AppData\Local\Apps\2.0\83WCC116.LQ2\5W77M35Z.VMA\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-06-26] (Dell) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) Startup: C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\logishrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech) Startup: C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk ShortcutTarget: Mediencenter.lnk -> C:\Users\Emre\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: 01Mediencenter_InSync -> {77BC4082-DB5F-439A-8DC8-F9E24A63B0DE} => No File ShellIconOverlayIdentifiers: 02Mediencenter_ToSync -> {528EE335-5034-4EFC-834E-63E5F02D2BC2} => No File ShellIconOverlayIdentifiers: 03Mediencenter_Failed -> {6066ADF0-9EB0-43E5-ADB6-990F5A3B979C} => No File ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alienwarearena.com/welcome-de HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9B393950272CF01 SearchScopes: HKLM - DefaultScope {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKLM - {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKCU - DefaultScope {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = SearchScopes: HKCU - {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK) BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: ͬ²½Ò»¼ü°²×°Ö§³Ö - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll (同步网络平台) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9-x64 01 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 02 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 03 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 04 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 15 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL No File FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tongbu.com/tongbu,version=0.1 - C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll (同步网络平台) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Emre\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Emre\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Emre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-06] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-05-03] FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2014-05-30] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-19] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-19] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-19] ==================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO) R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] () R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-03-12] (Ellora Assets Corp.) [File not signed] R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3293672 2014-02-20] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1356264 2014-02-20] () R2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2014-02-20] (GfK) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-26] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [38472 2011-02-02] (Dell Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-19] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-06-19] (Kaspersky Lab) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-06-19] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-06-19] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-06-19] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-06-19] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-06-19] (Kaspersky Lab ZAO) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-12] (Malwarebytes Corporation) R3 mio; C:\Windows\System32\drivers\mio.sys [8192 2013-06-26] (Dell Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [10240 2013-11-04] (SMART Technologies) [File not signed] S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216 2013-11-04] (SMART Technologies) [File not signed] S3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [22184 2013-11-04] (SMART Technologies ULC) [File not signed] S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) S3 NPF; system32\drivers\NPF.sys [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-28 13:54 - 2014-06-28 13:55 - 00031576 _____ () C:\Users\Emre\Downloads\FRST.txt 2014-06-28 13:54 - 2014-06-28 13:54 - 00000000 ____D () C:\FRST 2014-06-28 13:53 - 2014-06-28 13:53 - 02083328 _____ (Farbar) C:\Users\Emre\Downloads\FRST64 (1).exe 2014-06-27 23:41 - 2014-06-28 13:49 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-06-27 23:41 - 2014-06-27 23:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-06-26 22:00 - 2014-06-26 22:00 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (1).exe 2014-06-26 21:59 - 2014-06-26 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-26 21:59 - 2014-06-26 21:58 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-06-26 21:59 - 2014-06-26 21:58 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-06-26 21:59 - 2014-06-26 21:58 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-06-26 21:59 - 2014-06-26 21:58 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2014-06-26 21:57 - 2014-06-26 21:57 - 30984104 _____ (Oracle Corporation) C:\Users\Emre\Downloads\jre-7u60-windows-x64.exe 2014-06-26 21:42 - 2014-06-26 21:42 - 00001188 _____ () C:\Users\Emre\Desktop\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00001174 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Users\Emre\AppData\Local\Telekom 2014-06-26 21:41 - 2014-06-26 21:41 - 02573688 _____ () C:\Users\Emre\Downloads\nw_33761_mediencenterpcsyncex.exe 2014-06-26 21:05 - 2014-06-26 21:05 - 02082816 _____ (Farbar) C:\Users\Emre\Downloads\FRST64.exe 2014-06-26 21:01 - 2014-06-26 21:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\Emre\Downloads\hijackthis_5833.exe 2014-06-23 20:40 - 2014-06-23 20:40 - 00000132 _____ () C:\Users\Emre\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2014-06-23 20:22 - 2014-06-23 20:43 - 00000000 ____D () C:\Users\Emre\AppData\Local\paint.net 2014-06-23 20:22 - 2014-06-23 20:22 - 00001274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00001262 _____ () C:\Users\Public\Desktop\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00000000 ____D () C:\Program Files\paint.net 2014-06-23 20:21 - 2014-06-23 20:21 - 00000000 ____D () C:\Users\Emre\Downloads\paintnetinstall_30431 2014-06-23 20:20 - 2014-06-23 20:20 - 06215962 _____ () C:\Users\Emre\Downloads\paintnetinstall_30431.zip 2014-06-21 14:27 - 2014-06-21 14:27 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer (1).exe 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\Desktop\Watch_Dogs.url 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url 2014-06-21 14:15 - 2014-06-21 16:47 - 00000000 ____D () C:\Users\Emre\AppData\Local\Ubisoft Game Launcher 2014-06-21 14:15 - 2014-06-21 14:15 - 63548256 _____ (Ubisoft) C:\Users\Emre\Downloads\UplayInstaller.exe 2014-06-21 14:15 - 2014-06-21 14:15 - 00001219 _____ () C:\Users\Emre\Desktop\Uplay.lnk 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-06-21 14:10 - 2014-06-21 14:10 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer.exe 2014-06-21 14:10 - 2014-06-21 14:10 - 00000000 ____D () C:\Users\Emre\AppData\Local\Unity 2014-06-21 00:15 - 2013-12-20 22:45 - 00000095 ____H () C:\DBAR_Ver.txt 2014-06-20 23:40 - 2014-06-20 23:40 - 01095388 _____ (pendrivelinux.com) C:\Users\Emre\Downloads\Universal-USB-Installer-1.9.5.3.exe 2014-06-20 23:36 - 2014-06-20 23:44 - 1010827264 _____ () C:\Users\Emre\Downloads\ubuntu-14.04-desktop-amd64.iso 2014-06-20 23:09 - 2014-06-20 23:09 - 00759808 _____ () C:\Users\Emre\Downloads\EOScard.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00522107 _____ (Igor Pavlov) C:\Users\Emre\Downloads\CardTricks-144-SFX.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00000000 ____D () C:\Users\Emre\Downloads\CardTricks-144-SFX 2014-06-20 22:51 - 2014-06-20 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA 2014-06-20 22:36 - 2014-06-20 22:36 - 00758176 _____ () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA.zip 2014-06-20 22:34 - 2014-06-20 22:35 - 00000000 ____D () C:\Users\Emre\Downloads\CameraVersion13 2014-06-20 22:34 - 2014-06-20 22:34 - 03784846 _____ () C:\Users\Emre\Downloads\CameraVersion13-sfx.exe 2014-06-20 22:30 - 2014-06-20 22:30 - 01785901 _____ () C:\Users\Emre\Downloads\IMG20140620222403.zip 2014-06-20 21:52 - 2014-06-20 21:52 - 04748896 _____ (Piriform Ltd) C:\Users\Emre\Downloads\ccsetup414.exe 2014-06-20 21:52 - 2014-06-20 21:52 - 00000796 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-19 21:14 - 2014-06-19 21:14 - 00001308 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus.lnk 2014-06-19 21:14 - 2014-06-19 21:14 - 00001107 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk 2014-06-19 21:14 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2014-06-19 21:13 - 2014-06-19 21:19 - 00625760 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys 2014-06-19 21:13 - 2014-06-19 21:19 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-06-19 21:13 - 2014-06-19 21:13 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-06-19 20:57 - 2014-06-19 21:02 - 243681088 _____ () C:\Users\Emre\Downloads\kav14.0.0.4651abDE_5154.exe 2014-06-18 17:34 - 2014-06-18 17:34 - 00001074 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2043858600-907271468-3293908178-1002Core1cf8b0ad4b763da.job 2014-06-17 22:41 - 2014-06-17 17:41 - 00152770 _____ () C:\Users\Emre\Desktop\Richtlinien zur Schreibweise_komplett.odt 2014-06-17 22:40 - 2014-06-17 22:40 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-06-17 22:40 - 2014-06-17 22:40 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-17 22:39 - 2014-06-17 22:39 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-17 22:38 - 2014-06-17 22:38 - 00000000 ____D () C:\Users\Emre\Desktop\OpenOffice 4.0.1 (de) Installation Files 2014-06-17 22:35 - 2014-06-17 22:38 - 163606685 _____ () C:\Users\Emre\Downloads\nw_27417_apacheopenofficewinx.exe 2014-06-15 15:09 - 2014-06-15 15:12 - 22011970 _____ () C:\Users\Emre\Downloads\Tongbu_2.17.exe 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\java 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\.minecraft 2014-06-14 17:52 - 2014-06-14 17:52 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\LolClient 2014-06-14 17:26 - 2014-06-14 17:26 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\Riot Games 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2014-06-14 17:26 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2014-06-14 17:26 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2014-06-14 17:26 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2014-06-14 17:25 - 2014-06-15 22:44 - 00000000 ____D () C:\Users\Emre\AppData\Local\PMB Files 2014-06-14 17:25 - 2014-06-15 22:44 - 00000000 ____D () C:\ProgramData\PMB Files 2014-06-14 17:25 - 2014-06-14 17:25 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-06-14 17:24 - 2014-06-14 17:25 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Riot Games 2014-06-14 17:23 - 2014-06-14 17:23 - 34888568 _____ (Riot Games) C:\Users\Emre\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2014-06-12 20:59 - 2014-06-12 20:59 - 00000219 _____ () C:\Users\Emre\Desktop\Portal First Slice.url 2014-06-12 19:10 - 2014-06-19 19:56 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Adobe 2014-06-12 19:10 - 2014-06-19 19:56 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-12 18:59 - 2014-05-15 00:47 - 04720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-06-12 18:59 - 2014-05-13 05:41 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-06-12 18:59 - 2014-05-03 09:41 - 04190208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-06-12 18:59 - 2014-05-03 05:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-06-12 18:59 - 2014-04-30 06:21 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-06-12 18:59 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-06-12 18:59 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-06-12 18:59 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2014-06-12 18:59 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2014-06-12 18:58 - 2014-06-12 18:58 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-06-12 18:58 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-06-12 18:58 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2014-06-12 18:58 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-06-12 18:58 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-06-12 18:58 - 2014-05-13 06:27 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-06-12 18:58 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-06-12 18:58 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-06-12 18:58 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-06-12 18:58 - 2014-05-05 08:11 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2014-06-12 18:58 - 2014-05-05 08:11 - 00418136 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-06-12 18:58 - 2014-05-05 08:11 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2014-06-12 18:58 - 2014-05-05 08:11 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2014-06-12 18:58 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-06-12 18:58 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-06-12 18:58 - 2014-05-03 09:40 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2014-06-12 18:58 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-06-12 18:58 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll 2014-06-12 18:58 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll 2014-06-12 18:58 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll 2014-06-12 18:58 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-06-12 18:58 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll 2014-06-12 18:58 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll 2014-06-12 18:58 - 2014-05-03 05:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-06-12 18:58 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat 2014-06-12 18:58 - 2014-05-01 15:19 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-06-12 18:58 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-06-12 18:58 - 2014-05-01 07:34 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-06-12 18:58 - 2014-04-30 09:11 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-06-12 18:58 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2014-06-12 18:58 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-06-12 18:58 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2014-06-12 18:58 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2014-06-12 18:58 - 2014-04-30 08:10 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-06-12 18:58 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2014-06-12 18:58 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2014-06-12 18:58 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2014-06-12 18:58 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2014-06-12 18:58 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2014-06-12 18:58 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2014-06-12 18:58 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-06-12 18:58 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-06-12 18:58 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-06-12 18:58 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-06-12 18:58 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-06-12 18:58 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-06-12 18:58 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2014-06-12 18:58 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2014-06-12 18:58 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2014-06-12 18:58 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-06-12 18:58 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2014-06-12 18:58 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2014-06-12 18:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-06-12 18:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-06-12 18:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-06-12 18:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-06-12 18:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-06-12 18:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-06-12 18:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-06-12 18:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-06-12 18:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-06-12 18:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-06-12 18:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-06-12 18:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-06-12 18:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-06-12 18:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-06-12 18:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-06-12 18:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-06-12 18:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-06-12 18:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-06-12 18:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-06-12 18:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-06-12 18:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-06-12 18:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-06-12 18:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-06-12 18:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-06-12 18:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-06-12 18:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-06-12 18:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-06-12 18:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-06-12 18:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-06-12 18:57 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe 2014-06-12 18:57 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe 2014-06-12 18:57 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe 2014-06-12 18:57 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-06-12 18:57 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-06-12 18:57 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2014-06-12 18:57 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-06-12 18:57 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-06-12 18:57 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-12 18:57 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-12 18:57 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-06-12 18:57 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-06-12 18:57 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2014-06-12 18:57 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys 2014-06-12 18:57 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2014-06-12 18:57 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll 2014-06-12 18:57 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2014-06-12 18:57 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2014-06-12 18:57 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-06-12 18:57 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2014-06-12 18:57 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2014-06-12 18:57 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-06-12 18:57 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2014-06-12 18:57 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-06-12 18:57 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-06-12 18:57 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-06-12 18:57 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-06-12 18:57 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-06-12 18:57 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-06-12 18:57 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-06-12 18:57 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-06-12 18:57 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-06-12 18:57 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-06-12 18:57 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-06-12 18:57 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-06-12 18:57 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-06-12 18:57 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-06-10 17:15 - 2014-06-20 22:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-08 23:41 - 2014-06-08 23:41 - 11934428 _____ () C:\Users\Emre\Desktop\Produce.m2ts 2014-06-08 23:05 - 2014-06-08 23:05 - 04575407 _____ () C:\Users\Emre\Desktop\Video 13.03.14 01 49 34.mov 2014-06-04 15:06 - 2014-06-18 17:36 - 00003842 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1401478478 2014-06-03 15:35 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2014-06-03 15:35 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2014-06-02 20:53 - 2014-06-02 20:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-02 20:49 - 2014-06-02 20:50 - 38494576 _____ (Apple Inc.) C:\Users\Emre\Downloads\SafariSetup.exe 2014-06-02 20:49 - 2014-06-02 20:50 - 112616784 _____ (Apple Inc.) C:\Users\Emre\Downloads\iTunes64Setup.exe 2014-06-01 22:51 - 2014-06-01 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk 2014-06-01 22:47 - 2014-06-01 22:51 - 58443485 _____ () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk.zip 2014-05-31 00:29 - 2014-05-31 00:29 - 00057096 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll 2014-05-31 00:29 - 2014-05-31 00:29 - 00000000 ____D () C:\Users\Emre\AppData\Local\Comodo 2014-05-31 00:23 - 2014-05-31 00:23 - 37783616 _____ (COMODO) C:\Users\Emre\Downloads\DragonSetup.exe 2014-05-30 23:55 - 2014-05-30 23:55 - 00358200 _____ () C:\Users\Emre\Downloads\USB3_Driver_Renesas_W7_A00_T727T_ZPE.exe 2014-05-30 23:29 - 2014-06-02 20:53 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-30 23:29 - 2014-06-02 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-30 23:29 - 2014-05-30 23:29 - 00000000 ____D () C:\Program Files\iTunes 2014-05-30 23:29 - 2014-05-30 23:29 - 00000000 ____D () C:\Program Files\iPod 2014-05-30 23:17 - 2014-05-30 23:17 - 00961360 _____ (Chip Digital GmbH) C:\Users\Emre\Downloads\HijackThis - CHIP-Installer.exe 2014-05-30 21:34 - 2014-05-30 21:34 - 00001143 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-05-30 21:34 - 2014-05-30 21:34 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-05-30 21:31 - 2014-05-30 21:34 - 28041256 _____ (Opera Software ASA) C:\Users\Emre\Downloads\Opera_21.0.1432.67_Setup.exe 2014-05-30 17:45 - 2014-02-20 17:54 - 00381928 _____ (GfK) C:\WINDOWS\system32\GfKLSPService64.DLL 2014-05-30 17:45 - 2014-02-20 17:54 - 00314344 _____ (GfK) C:\WINDOWS\SysWOW64\GfKLSPService.DLL 2014-05-30 17:43 - 2014-06-28 13:21 - 00000000 ____D () C:\Program Files (x86)\GfKLSPService 2014-05-30 17:43 - 2014-06-28 13:20 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor 2014-05-30 17:43 - 2014-05-30 17:43 - 00003872 _____ () C:\WINDOWS\SysWOW64\GfKLSPService.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00002672 _____ () C:\WINDOWS\SysWOW64\GacelaLSPServiceOff.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00002672 _____ () C:\WINDOWS\system32\GacelaLSPServiceOff.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GfK Internet-Monitor 2014-05-30 17:42 - 2014-05-30 17:42 - 04878672 _____ (GfK) C:\Users\Emre\Downloads\GfK download manager.exe 2014-05-29 22:52 - 2014-05-29 22:52 - 00000849 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-05-29 22:41 - 2014-05-29 22:47 - 1295502184 _____ () C:\Users\Emre\Downloads\taxman_spezial_2014.exe 2014-05-29 13:00 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2014-05-29 12:58 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys 2014-05-29 12:58 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433788.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433788.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00492376 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00416712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00382240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00335704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2014-05-29 12:58 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll ==================== One Month Modified Files and Folders ======= 2014-06-28 13:55 - 2014-06-28 13:54 - 00031576 _____ () C:\Users\Emre\Downloads\FRST.txt 2014-06-28 13:54 - 2014-06-28 13:54 - 00000000 ____D () C:\FRST 2014-06-28 13:53 - 2014-06-28 13:53 - 02083328 _____ (Farbar) C:\Users\Emre\Downloads\FRST64 (1).exe 2014-06-28 13:49 - 2014-06-27 23:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-06-28 13:49 - 2013-12-27 21:52 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-28 13:46 - 2014-01-06 16:15 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-28 13:21 - 2014-05-30 17:43 - 00000000 ____D () C:\Program Files (x86)\GfKLSPService 2014-06-28 13:20 - 2014-05-30 17:43 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor 2014-06-28 13:12 - 2014-01-21 18:12 - 01830497 _____ () C:\WINDOWS\WindowsUpdate.log 2014-06-28 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-06-28 12:52 - 2014-01-21 18:12 - 00097056 _____ () C:\WINDOWS\system32\lvcoinst.log 2014-06-28 11:37 - 2014-01-27 18:17 - 00000000 ___RD () C:\Users\Emre\Mediencenter 2014-06-28 11:36 - 2014-03-06 01:39 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-06-28 11:36 - 2014-01-21 18:38 - 00000000 ___DO () C:\Users\Emre\SkyDrive 2014-06-28 11:36 - 2014-01-06 16:15 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-27 23:46 - 2014-02-09 19:48 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87C12940-479F-4E1A-A4EA-5BE588A2BAFD} 2014-06-27 23:41 - 2014-06-27 23:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-06-27 20:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp 2014-06-27 17:36 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-06-26 22:05 - 2014-01-06 15:52 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2043858600-907271468-3293908178-1002 2014-06-26 22:00 - 2014-06-26 22:00 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (1).exe 2014-06-26 22:00 - 2014-01-21 18:36 - 00000000 ____D () C:\Users\Emre\AppData\Local\Deployment 2014-06-26 21:59 - 2014-06-26 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-26 21:58 - 2014-06-26 21:59 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-06-26 21:58 - 2014-06-26 21:59 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-06-26 21:58 - 2014-06-26 21:59 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-06-26 21:58 - 2014-06-26 21:59 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2014-06-26 21:58 - 2014-03-31 14:38 - 00000000 ____D () C:\Program Files\Java 2014-06-26 21:57 - 2014-06-26 21:57 - 30984104 _____ (Oracle Corporation) C:\Users\Emre\Downloads\jre-7u60-windows-x64.exe 2014-06-26 21:42 - 2014-06-26 21:42 - 00001188 _____ () C:\Users\Emre\Desktop\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00001174 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Users\Emre\AppData\Local\Telekom 2014-06-26 21:41 - 2014-06-26 21:41 - 02573688 _____ () C:\Users\Emre\Downloads\nw_33761_mediencenterpcsyncex.exe 2014-06-26 21:23 - 2013-12-27 21:58 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn 2014-06-26 21:18 - 2013-12-27 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware 2014-06-26 21:15 - 2014-01-21 18:12 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-26 21:15 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-06-26 21:07 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI 2014-06-26 21:05 - 2014-06-26 21:05 - 02082816 _____ (Farbar) C:\Users\Emre\Downloads\FRST64.exe 2014-06-26 21:01 - 2014-06-26 21:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\Emre\Downloads\hijackthis_5833.exe 2014-06-26 21:01 - 2014-02-28 18:09 - 00018010 _____ () C:\Users\Emre\Downloads\hijackthis.log 2014-06-24 20:50 - 2014-01-06 15:45 - 00000000 ____D () C:\Users\Emre\AppData\Local\Packages 2014-06-23 20:43 - 2014-06-23 20:22 - 00000000 ____D () C:\Users\Emre\AppData\Local\paint.net 2014-06-23 20:40 - 2014-06-23 20:40 - 00000132 _____ () C:\Users\Emre\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2014-06-23 20:22 - 2014-06-23 20:22 - 00001274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00001262 _____ () C:\Users\Public\Desktop\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00000000 ____D () C:\Program Files\paint.net 2014-06-23 20:21 - 2014-06-23 20:21 - 00000000 ____D () C:\Users\Emre\Downloads\paintnetinstall_30431 2014-06-23 20:20 - 2014-06-23 20:20 - 06215962 _____ () C:\Users\Emre\Downloads\paintnetinstall_30431.zip 2014-06-23 20:13 - 2013-11-14 09:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-06-23 20:13 - 2013-11-14 09:11 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat 2014-06-23 20:13 - 2013-11-14 09:11 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat 2014-06-23 20:10 - 2013-08-22 16:46 - 00313959 _____ () C:\WINDOWS\setupact.log 2014-06-22 00:41 - 2014-01-06 16:15 - 00004088 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-22 00:41 - 2014-01-06 16:15 - 00003852 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-21 16:47 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\Emre\AppData\Local\Ubisoft Game Launcher 2014-06-21 16:35 - 2014-01-07 19:37 - 00000000 ____D () C:\Users\Emre\Documents\My Games 2014-06-21 16:33 - 2014-01-06 20:04 - 00152954 _____ () C:\WINDOWS\DirectX.log 2014-06-21 14:27 - 2014-06-21 14:27 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer (1).exe 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\Desktop\Watch_Dogs.url 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url 2014-06-21 14:15 - 2014-06-21 14:15 - 63548256 _____ (Ubisoft) C:\Users\Emre\Downloads\UplayInstaller.exe 2014-06-21 14:15 - 2014-06-21 14:15 - 00001219 _____ () C:\Users\Emre\Desktop\Uplay.lnk 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-06-21 14:10 - 2014-06-21 14:10 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer.exe 2014-06-21 14:10 - 2014-06-21 14:10 - 00000000 ____D () C:\Users\Emre\AppData\Local\Unity 2014-06-20 23:51 - 2013-11-14 00:18 - 01438054 _____ () C:\WINDOWS\PFRO.log 2014-06-20 23:44 - 2014-06-20 23:36 - 1010827264 _____ () C:\Users\Emre\Downloads\ubuntu-14.04-desktop-amd64.iso 2014-06-20 23:40 - 2014-06-20 23:40 - 01095388 _____ (pendrivelinux.com) C:\Users\Emre\Downloads\Universal-USB-Installer-1.9.5.3.exe 2014-06-20 23:09 - 2014-06-20 23:09 - 00759808 _____ () C:\Users\Emre\Downloads\EOScard.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00522107 _____ (Igor Pavlov) C:\Users\Emre\Downloads\CardTricks-144-SFX.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00000000 ____D () C:\Users\Emre\Downloads\CardTricks-144-SFX 2014-06-20 22:51 - 2014-06-20 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA 2014-06-20 22:36 - 2014-06-20 22:36 - 00758176 _____ () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA.zip 2014-06-20 22:35 - 2014-06-20 22:34 - 00000000 ____D () C:\Users\Emre\Downloads\CameraVersion13 2014-06-20 22:34 - 2014-06-20 22:34 - 03784846 _____ () C:\Users\Emre\Downloads\CameraVersion13-sfx.exe 2014-06-20 22:30 - 2014-06-20 22:30 - 01785901 _____ () C:\Users\Emre\Downloads\IMG20140620222403.zip 2014-06-20 22:03 - 2014-06-10 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-20 22:03 - 2014-01-16 17:31 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Mozilla 2014-06-20 21:52 - 2014-06-20 21:52 - 04748896 _____ (Piriform Ltd) C:\Users\Emre\Downloads\ccsetup414.exe 2014-06-20 21:52 - 2014-06-20 21:52 - 00000796 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-20 21:52 - 2014-02-21 15:36 - 00000000 ____D () C:\Program Files\CCleaner 2014-06-20 21:50 - 2014-04-22 16:26 - 00000000 ____D () C:\Program Files\Recuva 2014-06-20 21:50 - 2014-02-21 15:37 - 00000000 ____D () C:\Users\Emre\Documents\CCleaner Registry 2014-06-20 17:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-06-19 21:19 - 2014-06-19 21:13 - 00625760 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys 2014-06-19 21:19 - 2014-06-19 21:13 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-06-19 21:19 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys 2014-06-19 21:19 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klkbdflt.sys 2014-06-19 21:19 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys 2014-06-19 21:19 - 2013-05-07 17:56 - 00065120 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys 2014-06-19 21:19 - 2012-07-27 18:38 - 00029792 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klelam.sys 2014-06-19 21:14 - 2014-06-19 21:14 - 00001308 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus.lnk 2014-06-19 21:14 - 2014-06-19 21:14 - 00001107 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk 2014-06-19 21:13 - 2014-06-19 21:13 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-06-19 21:13 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\ELAMBKUP 2014-06-19 21:07 - 2014-05-01 14:00 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-19 21:07 - 2013-08-22 16:44 - 00526384 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-06-19 21:02 - 2014-06-19 20:57 - 243681088 _____ () C:\Users\Emre\Downloads\kav14.0.0.4651abDE_5154.exe 2014-06-19 20:58 - 2014-04-28 19:43 - 00000000 ____D () C:\Users\Emre\Downloads\Service Mode Tools Version 1.050 2014-06-19 19:56 - 2014-06-12 19:10 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Adobe 2014-06-19 19:56 - 2014-06-12 19:10 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-19 17:10 - 2014-05-05 14:54 - 00002471 _____ () C:\Users\Emre\Desktop\Google Chrome Canary.lnk 2014-06-18 18:17 - 2014-02-09 00:15 - 00000000 ____D () C:\Users\Emre\Documents\Tongbu 2014-06-18 17:36 - 2014-06-04 15:06 - 00003842 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1401478478 2014-06-18 17:36 - 2014-03-27 19:43 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-06-18 17:34 - 2014-06-18 17:34 - 00001074 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2043858600-907271468-3293908178-1002Core1cf8b0ad4b763da.job 2014-06-17 22:40 - 2014-06-17 22:40 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-06-17 22:40 - 2014-06-17 22:40 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-17 22:39 - 2014-06-17 22:39 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-17 22:38 - 2014-06-17 22:38 - 00000000 ____D () C:\Users\Emre\Desktop\OpenOffice 4.0.1 (de) Installation Files 2014-06-17 22:38 - 2014-06-17 22:35 - 163606685 _____ () C:\Users\Emre\Downloads\nw_27417_apacheopenofficewinx.exe 2014-06-17 17:41 - 2014-06-17 22:41 - 00152770 _____ () C:\Users\Emre\Desktop\Richtlinien zur Schreibweise_komplett.odt 2014-06-15 22:44 - 2014-06-14 17:25 - 00000000 ____D () C:\Users\Emre\AppData\Local\PMB Files 2014-06-15 22:44 - 2014-06-14 17:25 - 00000000 ____D () C:\ProgramData\PMB Files 2014-06-15 15:12 - 2014-06-15 15:09 - 22011970 _____ () C:\Users\Emre\Downloads\Tongbu_2.17.exe 2014-06-15 15:06 - 2014-02-09 13:25 - 00000000 ____D () C:\Program Files (x86)\Tongbu 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\java 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\.minecraft 2014-06-14 17:52 - 2014-06-14 17:52 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\LolClient 2014-06-14 17:26 - 2014-06-14 17:26 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\Riot Games 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2014-06-14 17:25 - 2014-06-14 17:25 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-06-14 17:25 - 2014-06-14 17:24 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Riot Games 2014-06-14 17:23 - 2014-06-14 17:23 - 34888568 _____ (Riot Games) C:\Users\Emre\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2014-06-12 22:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-06-12 20:59 - 2014-06-12 20:59 - 00000219 _____ () C:\Users\Emre\Desktop\Portal First Slice.url 2014-06-12 20:59 - 2014-01-18 13:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-12 20:46 - 2014-01-06 21:31 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\vlc 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-06-12 19:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-06-12 19:02 - 2014-01-06 17:22 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-12 19:02 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-06-12 19:01 - 2014-01-06 16:46 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-06-12 18:59 - 2014-01-06 16:46 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-06-12 18:58 - 2014-06-12 18:58 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-06-11 16:15 - 2014-05-23 18:33 - 00000000 ____D () C:\Program Files (x86)\Symantec 2014-06-08 23:41 - 2014-06-08 23:41 - 11934428 _____ () C:\Users\Emre\Desktop\Produce.m2ts 2014-06-08 23:05 - 2014-06-08 23:05 - 04575407 _____ () C:\Users\Emre\Desktop\Video 13.03.14 01 49 34.mov 2014-06-08 12:55 - 2014-01-27 18:15 - 00000000 ____D () C:\Users\Emre\Documents\Outlook-Dateien 2014-06-03 15:35 - 2014-01-21 18:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-02 20:53 - 2014-06-02 20:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-02 20:53 - 2014-05-30 23:29 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-06-02 20:53 - 2014-05-30 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-06-02 20:51 - 2014-01-06 19:54 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Apple Computer 2014-06-02 20:51 - 2014-01-06 19:54 - 00000000 ____D () C:\Users\Emre\AppData\Local\Apple Computer 2014-06-02 20:50 - 2014-06-02 20:49 - 38494576 _____ (Apple Inc.) C:\Users\Emre\Downloads\SafariSetup.exe 2014-06-02 20:50 - 2014-06-02 20:49 - 112616784 _____ (Apple Inc.) C:\Users\Emre\Downloads\iTunes64Setup.exe 2014-06-01 22:51 - 2014-06-01 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk 2014-06-01 22:51 - 2014-06-01 22:47 - 58443485 _____ () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk.zip 2014-05-31 08:27 - 2014-06-12 18:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-05-31 07:13 - 2013-08-22 17:38 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-05-31 07:13 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-31 00:29 - 2014-05-31 00:29 - 00057096 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll 2014-05-31 00:29 - 2014-05-31 00:29 - 00000000 ____D () C:\Users\Emre\AppData\Local\Comodo 2014-05-31 00:29 - 2014-01-11 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2014-05-31 00:29 - 2014-01-11 11:41 - 00000000 ____D () C:\Program Files (x86)\Comodo 2014-05-31 00:23 - 2014-05-31 00:23 - 37783616 _____ (COMODO) C:\Users\Emre\Downloads\DragonSetup.exe 2014-05-30 23:55 - 2014-05-30 23:55 - 00358200 _____ () C:\Users\Emre\Downloads\USB3_Driver_Renesas_W7_A00_T727T_ZPE.exe 2014-05-30 23:50 - 2014-01-06 17:50 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect.exe 2014-05-30 23:50 - 2013-12-27 21:52 - 00000000 ____D () C:\ProgramData\PCDr 2014-05-30 23:29 - 2014-05-30 23:29 - 00000000 ____D () C:\Program Files\iTunes 2014-05-30 23:29 - 2014-05-30 23:29 - 00000000 ____D () C:\Program Files\iPod 2014-05-30 23:29 - 2014-01-06 19:53 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-30 23:25 - 2014-01-07 22:12 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-30 23:17 - 2014-05-30 23:17 - 00961360 _____ (Chip Digital GmbH) C:\Users\Emre\Downloads\HijackThis - CHIP-Installer.exe 2014-05-30 21:34 - 2014-05-30 21:34 - 00001143 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-05-30 21:34 - 2014-05-30 21:34 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-05-30 21:34 - 2014-05-30 21:31 - 28041256 _____ (Opera Software ASA) C:\Users\Emre\Downloads\Opera_21.0.1432.67_Setup.exe 2014-05-30 21:34 - 2014-01-24 20:08 - 00000000 ____D () C:\Users\Emre\AppData\Local\Opera Software 2014-05-30 21:34 - 2014-01-24 20:07 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Opera Software 2014-05-30 17:43 - 2014-05-30 17:43 - 00003872 _____ () C:\WINDOWS\SysWOW64\GfKLSPService.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00002672 _____ () C:\WINDOWS\SysWOW64\GacelaLSPServiceOff.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00002672 _____ () C:\WINDOWS\system32\GacelaLSPServiceOff.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GfK Internet-Monitor 2014-05-30 17:42 - 2014-05-30 17:42 - 04878672 _____ (GfK) C:\Users\Emre\Downloads\GfK download manager.exe 2014-05-30 12:21 - 2014-06-12 18:57 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-05-30 11:45 - 2014-06-12 18:57 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-05-30 11:28 - 2014-06-12 18:57 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-05-30 11:20 - 2014-06-12 18:57 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-12 18:57 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-05-30 11:08 - 2014-06-12 18:57 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-12 18:57 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-05-30 10:46 - 2014-06-12 18:57 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-12 18:57 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-12 18:57 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-05-30 10:38 - 2014-06-12 18:57 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-12 18:57 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-05-30 10:29 - 2014-06-12 18:57 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-05-30 10:27 - 2014-06-12 18:57 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-05-30 10:23 - 2014-06-12 18:57 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-12 18:57 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-05-30 10:04 - 2014-06-12 18:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-12 18:57 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-12 18:57 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-12 18:57 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-05-30 09:54 - 2014-06-12 18:57 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-05-30 09:49 - 2014-06-12 18:57 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-12 18:57 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-12 18:57 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-12 18:57 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-12 18:57 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-12 18:57 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-12 18:57 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-12 18:57 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-05-30 01:07 - 2014-06-03 15:35 - 01715176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2014-05-30 01:07 - 2014-06-03 15:35 - 01291232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2014-05-30 01:07 - 2014-04-26 16:02 - 01279480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2014-05-30 01:07 - 2014-04-26 16:02 - 01122312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2014-05-29 22:52 - 2014-05-29 22:52 - 00000849 _____ () C:\Users\Public\Desktop\VLC media player.lnk 2014-05-29 22:51 - 2014-01-06 16:15 - 00000000 ____D () C:\Users\Emre\AppData\Local\Google 2014-05-29 22:51 - 2014-01-06 16:15 - 00000000 ____D () C:\Program Files (x86)\Google 2014-05-29 22:47 - 2014-05-29 22:41 - 1295502184 _____ () C:\Users\Emre\Downloads\taxman_spezial_2014.exe 2014-05-29 13:47 - 2014-01-06 17:31 - 00000000 ____D () C:\ProgramData\Oracle 2014-05-29 13:01 - 2013-12-27 21:59 - 00000000 ____D () C:\Temp 2014-05-29 13:00 - 2014-01-21 18:12 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-05-29 13:00 - 2013-12-27 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation Some content of TEMP: ==================== C:\Users\Emre\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Emre\AppData\Local\Temp\Mediencenter_3.9.1055.64.exe C:\Users\Emre\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\Emre\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Emre\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Emre\AppData\Local\Temp\nvStereoApiI.dll C:\Users\Emre\AppData\Local\Temp\nvStInst.exe C:\Users\Emre\AppData\Local\Temp\pyl23DD.tmp.exe C:\Users\Emre\AppData\Local\Temp\pylFF01.tmp.exe C:\Users\Emre\AppData\Local\Temp\pylFFA8.tmp.exe C:\Users\Emre\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Emre\AppData\Local\Temp\tbIEAddin.dll C:\Users\Emre\AppData\Local\Temp\vlc-2.1.4-win64.exe C:\Users\Emre\AppData\Local\Temp\_is12E2.exe C:\Users\Emre\AppData\Local\Temp\_isE4F6.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-26 22:05 ==================== End Of Log ============================ [/CODE] |
28.06.2014, 13:03 | #4 |
| Browser hängt und lädt ununterbrochenCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-06-2014 02 Ran by Emre at 2014-06-28 13:55:37 Running from C:\Users\Emre\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== 7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.) AlienAutopsy (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.) AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.6.2.4 - Alienware) AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.6.2.4 - Alienware) Alienware Command Center (HKLM-x32\...\InstallShield_{2E70AFA8-D2C9-4AD7-88F7-538D97C5FB2D}) (Version: 3.5.10.0 - Alienware Corp.) Alienware Command Center (Version: 3.5.10.0 - Alienware Corp.) Hidden Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.302 - ArcSoft) Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.) AudibleManager (HKLM-x32\...\AudibleManager) (Version: 721420586.4759644.48.2147344384 - Audible, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Bus- & Cable Car-Simulator (HKLM-x32\...\Bus- & Cable Car-Simulator_is1) (Version: - astragon) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.1.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.1.0 - Canon Inc.) Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.8.0.17 - Canon Inc.) Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) Cities in Motion (HKLM-x32\...\Steam App 73010) (Version: - Colossal Order Ltd.) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO) CyberLink LabelPrint 2.5 (x32 Version: 2.5.0.6603 - CyberLink Corp.) Hidden CyberLink Media Suite 11 (x32 Version: 11.0.1.3313 - CyberLink Corp.) Hidden CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.) CyberLink Power2Go 8 (x32 Version: 8.0.0.3123 - CyberLink Corp.) Hidden CyberLink PowerDirector 10 (x32 Version: 10.0.1.3316 - CyberLink Corp.) Hidden CyberLink PowerDVD 12 (x32 Version: 12.0.3324.55 - CyberLink Corp.) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Das große Tafelwerk interaktiv (HKLM-x32\...\{3749D33C-26C8-4669-ACAA-DA3B0ADA67B6}) (Version: - ) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version: - Microsoft) Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell) Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts) Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts) Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts) Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts) Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts) Die Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts) Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts) Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts) Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts) Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts) Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.17.2 - Electronic Arts) Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts) Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts) Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts) Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts) Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts) Diercke Globus Online (HKLM-x32\...\Diercke Globus Online) (Version: 3.1.0 - Imagon GmbH) Epson Benutzerhandbuch WF-3520 Series (HKLM-x32\...\WF-3520 Series Useg) (Version: - ) Epson Connect Guide (HKLM-x32\...\Epson Connect Guide) (Version: - ) Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2) Epson Event Manager (HKLM-x32\...\{8F01524C-0676-4CC1-B4AE-64753C723391}) (Version: 3.01.0005 - Seiko Epson Corporation) Epson E-Web Print (HKLM-x32\...\{CEC98C2A-9ED5-49DA-9F3A-92434E0A4FA3}) (Version: 1.19.0000 - SEIKO EPSON CORPORATION) Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.31.00 - SEIKO EPSON CORPORATION) Epson Netzwerkhandbuch WF-3520 Series (HKLM-x32\...\WF-3520 Series Netg) (Version: - ) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden FlatOut 2 (HKLM-x32\...\Steam App 2990) (Version: - Bugbear Entertainment) Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation) GfK Internet-Monitor (HKLM-x32\...\39992AD7-103F-4308-8BB7-3F65F543604D) (Version: 13.4.568 - GfK) Google Chrome Canary (HKCU\...\Google Chrome SxS) (Version: 37.0.2058.2 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North) Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden Greenfoot (HKLM-x32\...\{8C838B70-3A71-41E8-91A6-4ADCF2E483D0}) (Version: 2.3.0 - Greenfoot Team) iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation) Intel(R) Rapid Storage Technology (Version: 12.8.2.1000 - Intel Corporation) Hidden Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.) Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle) Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation) Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab) Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech) Logitech Unifying-Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech) Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.) LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden Mediencenter 3.9.1055.64 (HKCU\...\Mediencenter) (Version: 3.9.1055.64 - Deutsche Telekom AG) Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Language Pack 2010 - German/Deutsch (HKLM-x32\...\Office14.OMUI.de-de) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office O MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office ScreenTip Language 2010 - Deutsch (HKLM-x32\...\{90140000-00BD-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office SharePoint Designer MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office X MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50330 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.50325 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50325 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA) Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.) paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Portal: First Slice (HKLM-x32\...\Steam App 410) (Version: - Valve) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Rapid CSS 2014 v12.2 (HKLM-x32\...\Rapid CSS 2014_is1) (Version: 12.0 - Karlis Blumentals) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{F3E80B62-3C51-4940-A434-A1F517AB8D6A}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (x32 Version: - Microsoft) Hidden SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts) Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version: - United Front Games) SMART Common Files (HKLM-x32\...\{26A95DBF-A866-4838-A8C9-FA219FCBD22E}) (Version: 11.5.159.0 - SMART Technologies ULC) SMART German Language Pack (HKLM-x32\...\{8F98EED9-2AB7-4B92-B37F-70C6877C1783}) (Version: 11.4.27.0 - SMART Technologies ULC) SMART Notebook (HKLM-x32\...\{79660EE7-9C0B-4962-B566-2693FE34719D}) (Version: 11.4.564.0 - SMART Technologies ULC) Software Updater (HKLM-x32\...\{C09D747A-BD47-42A9-915E-CEB6B1BB7C11}) (Version: 4.2.7 - SEIKO EPSON CORPORATION) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Tongbu Assistant 2.1.3.0 (HKLM-x32\...\Tongbu2) (Version: 2.1.3.0 - Xiamen Tongbu Network Ltd.) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.OMUI.de-de_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0410-0000-0000000FF1CE}_Office14.OMUI.de-de_{4B93560B-F33D-4A67-A224-F5E1C329BD22}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.OMUI.de-de_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.5 - Ubisoft) VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN) VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.) Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) Webocton - Scriptly 0.8.95.6 (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton) Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 17-06-2014 20:38:37 OpenOffice 4.0.1 wird installiert 19-06-2014 18:59:15 avast! antivirus system restore point 21-06-2014 14:30:39 DirectX wurde installiert 23-06-2014 18:22:03 paint.net v4.0 (RC 4.0.5284.41812) 26-06-2014 19:48:26 Removed Java 7 Update 60 ==================== Hosts content: ========================== 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {1FF39EF2-51BC-428B-8165-D8C1E751ED5A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-27] (Adobe Systems Incorporated) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {242162BB-6DE5-4954-B764-B689AF43FF1A} - System32\Tasks\Opera scheduled Autoupdate 1401478478 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software) Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {4ADD886A-B467-41A0-9915-55BCFF7E58B8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-12] (Microsoft Corporation) Task: {59079EB5-37CF-4B8F-956A-45C7488693DA} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\AlienAutopsy\uaclauncher.exe [2014-01-11] (PC-Doctor, Inc.) Task: {5AA6D971-E12E-40DD-9B79-974DCCDEC399} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {66EC2E80-8288-45FC-BEA3-DB9F7DE44AD3} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {750AA2D2-3CEC-4786-87D0-F50D27DBEBF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-06] (Google Inc.) Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {8FBE8E6B-2E32-4AAB-83B6-9075D1548F5F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {9EA9A5A2-6BDF-4E2D-A0D6-E8B412B49980} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-22] (CyberLink Corp.) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A1415EFE-7DC4-45A0-B1AE-4A2AF20611A8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-06] (Google Inc.) Task: {A3D20950-21E0-43DF-84E0-FBDAD8DB147F} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {BB5FEE30-1A18-4AD1-BCEF-C691DC8EE780} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DAF8B4A9-0C1C-4A7F-83AE-390846F50486} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\AlienAutopsy\sessionchecker.exe [2014-01-11] (PC-Doctor, Inc.) Task: {DCD296A1-0E1B-4FEA-AAB0-008D6772A5DA} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-05] (CyberLink) Task: {DE331F27-49DD-4B84-9386-3D8E82C1C265} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {DF265846-E693-4435-A5A6-54B5D611D1A8} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2043858600-907271468-3293908178-1002Core1cf8b0ad4b763da.job => C:\Users\Emre\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-05-21 12:22 - 2014-05-21 12:22 - 02135232 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe 2014-05-30 17:43 - 2014-02-20 18:25 - 03293672 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe 2014-05-30 17:43 - 2014-02-20 18:25 - 01356264 _____ () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe 2014-01-21 18:12 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-12-27 21:59 - 2013-08-19 11:21 - 00020256 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayIcon.dll 2013-12-27 21:59 - 2013-08-19 11:21 - 00019232 _____ () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBROverlayNotBackuped.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-02-20 17:54 - 2014-02-20 17:54 - 00058856 _____ () C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe 2014-06-18 17:35 - 2014-06-18 17:35 - 01396344 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe 2014-05-23 17:54 - 2014-05-23 17:54 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\ErrorReporting.dll 2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-06-17 12:35 - 2013-06-17 12:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll 2013-05-08 14:52 - 2013-05-08 14:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll 2014-05-30 17:43 - 2014-02-20 18:25 - 03059176 _____ () C:\Program Files (x86)\GfK Internet-Monitor\UpdateHelper.dll 2014-02-20 17:54 - 2014-02-20 17:54 - 02180584 _____ () C:\Program Files (x86)\gfklspservice\pcproxydll.dll 2013-12-27 21:47 - 2013-05-14 16:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2014-01-11 23:39 - 2013-03-05 05:40 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-05 12:41 - 2013-03-05 12:41 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2014-06-18 17:35 - 2014-06-18 17:35 - 00877688 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\libglesv2.dll 2014-06-18 17:35 - 2014-06-18 17:35 - 00135800 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\libegl.dll 2014-06-18 17:35 - 2014-06-18 17:35 - 00957048 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\ffmpegsumo.dll 2014-06-12 20:57 - 2014-04-30 02:08 - 01135104 _____ () c:\Program Files (x86)\Steam\libavcodec-55.dll 2014-06-12 20:57 - 2014-04-30 02:08 - 00404992 _____ () c:\Program Files (x86)\Steam\libavformat-55.dll 2014-01-13 15:41 - 2014-04-30 02:08 - 00340992 _____ () c:\Program Files (x86)\Steam\libavresample-1.dll 2014-04-25 16:53 - 2014-04-30 02:08 - 00471552 _____ () c:\Program Files (x86)\Steam\libavutil-53.dll 2013-11-06 14:48 - 2014-05-17 03:36 - 00756224 _____ () c:\Program Files (x86)\Steam\SDL2.dll 2014-06-12 20:57 - 2014-05-29 19:37 - 02139840 _____ () c:\Program Files (x86)\Steam\video.dll 2014-06-12 20:57 - 2014-04-29 02:37 - 00519168 _____ () c:\Program Files (x86)\Steam\libswscale-2.dll 2013-12-27 21:52 - 2014-05-29 19:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2013-12-27 21:52 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2013-12-27 21:52 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll 2013-12-27 21:52 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll 2013-12-27 21:52 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Users\Emre\SkyDrive:ms-properties AlternateDataStreams: C:\Users\Emre\Downloads\88E0.tmp:BDU AlternateDataStreams: C:\Users\Emre\Downloads\A17.tmp:BDU AlternateDataStreams: C:\Users\Emre\Downloads\adwcleaner3023.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\avast_free18_antivirus_setup.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\CouponPrinterCPS.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\dotNetFx35setup.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\dxwebsetup.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\epson374631eu.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\epson375513eu (1).exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\epson375513eu (2).exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\epson375513eu.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\epson376026eu.EXE:BDU AlternateDataStreams: C:\Users\Emre\Downloads\epson377454eu.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\GeForce_Experience_v2.0.0.0.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\gfwlive35setup (1).exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\gfwlive35setup.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\gfwlivesetup (1).exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\gfwlivesetup (2).exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\jre-7u55-windows-x64 (1).exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\jre-7u55-windows-x64.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\mbam-setup-2.0.1.1004.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\mp68-win-mp560-1_06-ea24.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\mpnx_3_0-win-3_05-ea23_2 (4).exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\NDP451-KB2859818-Web.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\rcsetup151_slim.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\Shockwave_Installer_Slim.exe:BDU AlternateDataStreams: C:\Users\Emre\Downloads\vcredist_x64.exe:BDU ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= HKLM\...\StartupApproved\StartupFolder: => "ImageBrowser EX Agent.lnk" HKLM\...\StartupApproved\StartupFolder: => "TMMonitor.lnk" HKLM\...\StartupApproved\Run: => "CanonSolutionMenu" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "EvtMgr6" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "BCSSync" HKLM\...\StartupApproved\Run32: => "LWS" HKLM\...\StartupApproved\Run32: => "sbsdk-server" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "SMART Board Service" HKLM\...\StartupApproved\Run32: => "SMART Floating Tools" HKLM\...\StartupApproved\Run32: => "SMARTNotification" HKLM\...\StartupApproved\Run32: => "SMART Tray Tools" HKLM\...\StartupApproved\Run32: => "SMART Ink" HKLM\...\StartupApproved\Run32: => "FUFAXSTM" HKLM\...\StartupApproved\Run32: => "FUFAXRCV" HKCU\...\StartupApproved\StartupFolder: => "Logitech . Produktregistrierung.lnk" HKCU\...\StartupApproved\Run: => "DellSystemDetect" HKCU\...\StartupApproved\Run: => "Google Update" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/27/2014 11:51:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: Explorer.EXE Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00007FFBB240792C Error: (06/26/2014 09:44:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm explorer.exe, Version 6.3.9600.17039 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 25b4 Startzeit: 01cf9176c85409b3 Endzeit: 0 Anwendungspfad: C:\WINDOWS\explorer.exe Berichts-ID: 38b7d1c4-fd6a-11e3-bec1-7845c4fecb43 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (06/26/2014 09:18:27 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT) Description: Product: Alienware Digital Delivery -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Dell\Digital Delivery\Downloads\delldigitaldelivery.2.9.901.0\delldigitaldelivery.2.9.901.0.msi Error: (06/25/2014 10:33:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMRE) Description: Bei der Aktivierung der App „Microsoft.BingNews_8wekyb3d8bbwe!AppexNews“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (06/25/2014 10:32:59 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a58 Startzeit: 01cf90b49b98d394 Endzeit: 4294967295 Anwendungspfad: C:\WINDOWS\system32\wwahost.exe Berichts-ID: e31daf20-fca7-11e3-bec0-7845c4fecb43 Vollständiger Name des fehlerhaften Pakets: Microsoft.BingNews_3.0.2.261_x64__8wekyb3d8bbwe Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexNews Error: (06/25/2014 10:32:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: EMRE) Description: Die App „Microsoft.BingNews_3.0.2.261_x64__8wekyb3d8bbwe+AppexNews“ wurde nicht innerhalb der vorgesehenen Zeit gestartet. Error: (06/24/2014 10:59:17 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3. Ungültige XML-Syntax. Error: (06/22/2014 11:50:28 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: nvstreamsvc.exe, Version: 2.1.214.0, Zeitstempel: 0x53809acd Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17114, Zeitstempel: 0x53649e73 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000006361a ID des fehlerhaften Prozesses: 0xb40 Startzeit der fehlerhaften Anwendung: 0xnvstreamsvc.exe0 Pfad der fehlerhaften Anwendung: nvstreamsvc.exe1 Pfad des fehlerhaften Moduls: nvstreamsvc.exe2 Berichtskennung: nvstreamsvc.exe3 Vollständiger Name des fehlerhaften Pakets: nvstreamsvc.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvstreamsvc.exe5 Error: (06/20/2014 11:07:52 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm CardTricks144.exe, Version 1.4.4.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 280c Startzeit: 01cf8ccba7a0ce31 Endzeit: 3 Anwendungspfad: C:\Users\Emre\Downloads\CardTricks-144-SFX\CardTricks144.exe Berichts-ID: ef0d1a61-f8be-11e3-bebd-7845c4fecb43 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (06/20/2014 10:50:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. System errors: ============= Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (06/27/2014 11:51:20 PM) (Source: DCOM) (EventID: 10010) (User: EMRE) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Microsoft Office Sessions: ========================= Error: (06/27/2014 11:51:21 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Anwendung: Explorer.EXE Frameworkversion: v4.0.30319 Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet. Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00007FFBB240792C Error: (06/26/2014 09:44:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: explorer.exe6.3.9600.1703925b401cf9176c85409b30C:\WINDOWS\explorer.exe38b7d1c4-fd6a-11e3-bec1-7845c4fecb43 Error: (06/26/2014 09:18:27 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT-AUTORITÄT) Description: Product: Alienware Digital Delivery -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Dell\Digital Delivery\Downloads\delldigitaldelivery.2.9.901.0\delldigitaldelivery.2.9.901.0.msi(NULL)(NULL)(NULL)(NULL)(NULL) Error: (06/25/2014 10:33:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: EMRE) Description: Microsoft.BingNews_8wekyb3d8bbwe!AppexNews-2144927142 Error: (06/25/2014 10:32:59 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: wwahost.exe6.3.9600.17031a5801cf90b49b98d3944294967295C:\WINDOWS\system32\wwahost.exee31daf20-fca7-11e3-bec0-7845c4fecb43Microsoft.BingNews_3.0.2.261_x64__8wekyb3d8bbweAppexNews Error: (06/25/2014 10:32:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: EMRE) Description: Microsoft.BingNews_3.0.2.261_x64__8wekyb3d8bbwe+AppexNews Error: (06/24/2014 10:59:17 PM) (Source: SideBySide) (EventID: 59) (User: ) Description: C:\Windows\System32\SettingSyncHost.exeC:\Windows\System32\SettingSyncHost.exe0 Error: (06/22/2014 11:50:28 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: nvstreamsvc.exe2.1.214.053809acdntdll.dll6.3.9600.1711453649e73c0000005000000000006361ab4001cf8d47b9b0f888C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\WINDOWS\SYSTEM32\ntdll.dlla3a80b61-f9f2-11e3-bec0-7845c4fecb43 Error: (06/20/2014 11:07:52 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: CardTricks144.exe1.4.4.0280c01cf8ccba7a0ce313C:\Users\Emre\Downloads\CardTricks-144-SFX\CardTricks144.exeef0d1a61-f8be-11e3-bebd-7845c4fecb43 Error: (06/20/2014 10:50:44 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Users\Emre\Downloads\WebInstaller.exe ==================== Memory info =========================== Percentage of memory in use: 32% Total physical RAM: 8110.16 MB Available physical RAM: 5476.2 MB Total Pagefile: 9390.16 MB Available Pagefile: 5809.89 MB Total Virtual: 131072 MB Available Virtual: 131071.75 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:921.94 GB) (Free:613.09 GB) NTFS Drive e: (TRANSCEND) (Removable) (Total:15.11 GB) (Free:0.1 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 6A17725D) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 15 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=15 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
29.06.2014, 10:53 | #5 |
/// the machine /// TB-Ausbilder | Browser hängt und lädt ununterbrochen Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
29.06.2014, 14:21 | #6 |
| Browser hängt und lädt ununterbrochenCode:
ATTFilter <isadmin>yes</isadmin> </header> <engine> <version>2.00.2.1012</version> <malware-database>v2014.06.29.02</malware-database> <rootkit-database>v2014.06.23.02</rootkit-database> <license>free</license> <file-protection>disabled</file-protection> <web-protection>disabled</web-protection> <self-protection>disabled</self-protection> </engine> <system> <osversion>Windows 8.1</osversion> <arch>x64</arch> <username>Emre</username> <filesys>NTFS</filesys> </system> <summary> <type>threat</type> <result>completed</result> <objects>331665</objects> <time>1009</time> <processes>0</processes> <modules>0</modules> <keys>0</keys> <values>0</values> <datas>0</datas> <folders>0</folders> <files>6</files> <sectors>0</sectors> </summary> <options> <memory>enabled</memory> <startup>enabled</startup> <filesystem>enabled</filesystem> <archives>enabled</archives> <rootkits>disabled</rootkits> <deeprootkit>disabled</deeprootkit> <heuristics>enabled</heuristics> <pup>enabled</pup> <pum>enabled</pum> </options> <items> <file><path>C:\Users\Emre\AppData\Local\Temp\nsdD4AF.exe</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>cb6b720ca5d61a1c87f5810661a00000</hash></file> <file><path>C:\Users\Emre\AppData\Local\Temp\nsiC647.tmp</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>0b2bf28c621985b1a6fb39587d8402fe</hash></file> <file><path>C:\Users\Emre\AppData\Local\Temp\nsmFC0.exe</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>dc5a86f82f4ccb6bb6c67512b948d52b</hash></file> <file><path>C:\Users\Emre\AppData\Local\Temp\nst7CCD.exe</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>62d44d31a0dbc0767309fa8dec15b24e</hash></file> <file><path>C:\Users\Emre\AppData\Local\Temp\nsv4D5E.tmp</path><vendor>PUP.Optional.SearchProtect.A</vendor><action>success</action><hash>f0464539accf84b2673ad2bf4fb20bf5</hash></file> <file><path>C:\Users\Emre\AppData\Local\Temp\nsx6079.exe</path><vendor>PUP.Optional.Conduit.A</vendor><action>success</action><hash>ed493e40ec8f999d5e1e12757a8712ee</hash></file> </items> </mbam-log> Code:
ATTFilter # AdwCleaner v3.213 - Bericht erstellt am 29/06/2014 um 14:50:49 # Aktualisiert 23/06/2014 von Xplode # Betriebssystem : Windows 8.1 (64 bits) # Benutzername : Emre - EMRE # Gestartet von : C:\Users\Emre\Downloads\adwcleaner_3.213.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\Kaspersky Lab\SafeBrowser Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup Ordner Gelöscht : C:\Users\Emre\AppData\Local\Temp\OCS Ordner Gelöscht : C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\mData\Kaspersky Lab\SafeBrowser ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blbkdnmdcafmfhinpmnlhhddbepgkeaa Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PCProxy.DataContainer Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8} Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Mozilla Firefox v ************************* AdwCleaner[R0].txt - [2984 octets] - [12/04/2014 21:50:40] AdwCleaner[R1].txt - [2505 octets] - [29/06/2014 14:48:17] AdwCleaner[S0].txt - [3002 octets] - [12/04/2014 21:51:47] AdwCleaner[S1].txt - [2380 octets] - [29/06/2014 14:50:49] ########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2440 octets] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 8.1 x64 Ran by Emre on 29.06.2014 at 15:07:46,06 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin" FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02 Ran by Emre (administrator) on EMRE on 29-06-2014 15:19:07 Running from C:\Users\Emre\Downloads Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\Locator.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20498_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE (Deutsche Telekom AG) C:\Users\Emre\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe () C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\DBRUpd.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe (Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-10-28] (Alienware) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7200984 2013-10-05] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor) HKLM\...\Run: [] => [X] HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [GfK-WatchDog] => C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2014-02-20] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [Google Update] => C:\Users\Emre\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-04-02] (Google Inc.) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [DellSystemDetect] => C:\Users\Emre\AppData\Local\Apps\2.0\83WCC116.LQ2\5W77M35Z.VMA\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-06-26] (Dell) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) Startup: C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\logishrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech) Startup: C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk ShortcutTarget: Mediencenter.lnk -> C:\Users\Emre\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: 01Mediencenter_InSync -> {77BC4082-DB5F-439A-8DC8-F9E24A63B0DE} => No File ShellIconOverlayIdentifiers: 02Mediencenter_ToSync -> {528EE335-5034-4EFC-834E-63E5F02D2BC2} => No File ShellIconOverlayIdentifiers: 03Mediencenter_Failed -> {6066ADF0-9EB0-43E5-ADB6-990F5A3B979C} => No File ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alienwarearena.com/welcome-de HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9B393950272CF01 SearchScopes: HKLM - DefaultScope {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKLM - {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKCU - {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK) BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: SMART Notebook Download Utility - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll (SMART Technologies ULC.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: ͬ²½Ò»¼ü°²×°Ö§³Ö - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll (同步网络平台) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9-x64 01 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 02 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 03 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 04 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 15 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL No File FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tongbu.com/tongbu,version=0.1 - C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll (同步网络平台) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Emre\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Emre\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Emre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-06] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-05-03] FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2014-05-30] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-19] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-19] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-19] ==================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO) R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] () R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-03-12] (Ellora Assets Corp.) [File not signed] R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3293672 2014-02-20] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1356264 2014-02-20] () S2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2014-02-20] (GfK) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-26] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [38472 2011-02-02] (Dell Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-19] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-06-19] (Kaspersky Lab) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-06-19] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-06-19] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-06-19] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-06-19] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-06-19] (Kaspersky Lab ZAO) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-29] (Malwarebytes Corporation) R3 mio; C:\Windows\System32\drivers\mio.sys [8192 2013-06-26] (Dell Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [10240 2013-11-04] (SMART Technologies) [File not signed] S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216 2013-11-04] (SMART Technologies) [File not signed] S3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [22184 2013-11-04] (SMART Technologies ULC) [File not signed] S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) S3 NPF; system32\drivers\NPF.sys [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-29 15:19 - 2014-06-29 15:19 - 00000000 ____D () C:\Users\Emre\Downloads\FRST-OlderVersion 2014-06-29 15:10 - 2014-06-29 15:10 - 00000683 _____ () C:\Users\Emre\Desktop\JRT.txt 2014-06-29 14:57 - 2014-06-29 14:57 - 01016261 _____ (Thisisu) C:\Users\Emre\Downloads\JRT.exe 2014-06-29 14:55 - 2014-06-29 14:55 - 00002520 _____ () C:\Users\Emre\Desktop\AdwCleaner[S1].txt 2014-06-29 14:47 - 2014-06-29 14:47 - 01342659 _____ () C:\Users\Emre\Downloads\adwcleaner_3.213.exe 2014-06-29 14:30 - 2014-06-29 14:30 - 00001806 _____ () C:\Users\Emre\Desktop\ Malwarebytes Anti-Malware .txt 2014-06-29 14:12 - 2014-06-29 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\77883FEE.sys 2014-06-29 14:12 - 2014-06-29 14:12 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-29 14:12 - 2014-06-29 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-29 14:12 - 2014-06-29 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-29 14:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-06-29 14:12 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-06-29 14:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-06-29 14:11 - 2014-06-29 14:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Emre\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Users\Emre\AppData\Local\Adobe 2014-06-28 23:09 - 2014-06-28 23:09 - 04990544 _____ (Adobe Systems Inc.) C:\Users\Emre\Downloads\Shockwave_Installer_Slim (1).exe 2014-06-28 23:08 - 2014-06-29 14:59 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-06-28 23:08 - 2014-06-28 23:08 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-06-28 15:06 - 2014-06-28 23:06 - 00000000 ____D () C:\Program Files (x86)\AutoClickerbyShocker 2014-06-28 15:04 - 2014-06-28 15:04 - 00929416 _____ (CNET Download.com) C:\Users\Emre\Downloads\cbsidlm-cbsi188-Auto_Clicker_by_Shocker-ORG-75742161.exe 2014-06-28 14:05 - 2014-06-28 14:05 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (2).exe 2014-06-28 13:56 - 2014-06-28 13:56 - 00086041 _____ () C:\Users\Emre\Desktop\FRST.txt 2014-06-28 13:56 - 2014-06-28 13:56 - 00057626 _____ () C:\Users\Emre\Desktop\Addition.txt 2014-06-28 13:55 - 2014-06-28 13:56 - 00057626 _____ () C:\Users\Emre\Downloads\Addition.txt 2014-06-28 13:54 - 2014-06-29 15:19 - 00031434 _____ () C:\Users\Emre\Downloads\FRST.txt 2014-06-28 13:54 - 2014-06-29 15:19 - 00000000 ____D () C:\FRST 2014-06-26 22:00 - 2014-06-26 22:00 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (1).exe 2014-06-26 21:59 - 2014-06-26 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-26 21:59 - 2014-06-26 21:58 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-06-26 21:59 - 2014-06-26 21:58 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-06-26 21:59 - 2014-06-26 21:58 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-06-26 21:59 - 2014-06-26 21:58 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2014-06-26 21:57 - 2014-06-26 21:57 - 30984104 _____ (Oracle Corporation) C:\Users\Emre\Downloads\jre-7u60-windows-x64.exe 2014-06-26 21:42 - 2014-06-26 21:42 - 00001188 _____ () C:\Users\Emre\Desktop\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00001174 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Users\Emre\AppData\Local\Telekom 2014-06-26 21:41 - 2014-06-26 21:41 - 02573688 _____ () C:\Users\Emre\Downloads\nw_33761_mediencenterpcsyncex.exe 2014-06-26 21:05 - 2014-06-29 15:19 - 02083328 _____ (Farbar) C:\Users\Emre\Downloads\FRST64.exe 2014-06-26 21:01 - 2014-06-26 21:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\Emre\Downloads\hijackthis_5833.exe 2014-06-23 20:40 - 2014-06-23 20:40 - 00000132 _____ () C:\Users\Emre\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2014-06-23 20:22 - 2014-06-23 20:43 - 00000000 ____D () C:\Users\Emre\AppData\Local\paint.net 2014-06-23 20:22 - 2014-06-23 20:22 - 00001274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00001262 _____ () C:\Users\Public\Desktop\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00000000 ____D () C:\Program Files\paint.net 2014-06-23 20:21 - 2014-06-23 20:21 - 00000000 ____D () C:\Users\Emre\Downloads\paintnetinstall_30431 2014-06-23 20:20 - 2014-06-23 20:20 - 06215962 _____ () C:\Users\Emre\Downloads\paintnetinstall_30431.zip 2014-06-21 14:27 - 2014-06-21 14:27 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer (1).exe 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\Desktop\Watch_Dogs.url 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url 2014-06-21 14:15 - 2014-06-21 16:47 - 00000000 ____D () C:\Users\Emre\AppData\Local\Ubisoft Game Launcher 2014-06-21 14:15 - 2014-06-21 14:15 - 63548256 _____ (Ubisoft) C:\Users\Emre\Downloads\UplayInstaller.exe 2014-06-21 14:15 - 2014-06-21 14:15 - 00001219 _____ () C:\Users\Emre\Desktop\Uplay.lnk 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-06-21 14:10 - 2014-06-21 14:10 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer.exe 2014-06-21 14:10 - 2014-06-21 14:10 - 00000000 ____D () C:\Users\Emre\AppData\Local\Unity 2014-06-21 00:15 - 2013-12-20 22:45 - 00000095 ____H () C:\DBAR_Ver.txt 2014-06-20 23:40 - 2014-06-20 23:40 - 01095388 _____ (pendrivelinux.com) C:\Users\Emre\Downloads\Universal-USB-Installer-1.9.5.3.exe 2014-06-20 23:36 - 2014-06-20 23:44 - 1010827264 _____ () C:\Users\Emre\Downloads\ubuntu-14.04-desktop-amd64.iso 2014-06-20 23:09 - 2014-06-20 23:09 - 00759808 _____ () C:\Users\Emre\Downloads\EOScard.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00522107 _____ (Igor Pavlov) C:\Users\Emre\Downloads\CardTricks-144-SFX.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00000000 ____D () C:\Users\Emre\Downloads\CardTricks-144-SFX 2014-06-20 22:51 - 2014-06-20 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA 2014-06-20 22:36 - 2014-06-20 22:36 - 00758176 _____ () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA.zip 2014-06-20 22:34 - 2014-06-20 22:35 - 00000000 ____D () C:\Users\Emre\Downloads\CameraVersion13 2014-06-20 22:34 - 2014-06-20 22:34 - 03784846 _____ () C:\Users\Emre\Downloads\CameraVersion13-sfx.exe 2014-06-20 22:30 - 2014-06-20 22:30 - 01785901 _____ () C:\Users\Emre\Downloads\IMG20140620222403.zip 2014-06-20 21:52 - 2014-06-20 21:52 - 04748896 _____ (Piriform Ltd) C:\Users\Emre\Downloads\ccsetup414.exe 2014-06-20 21:52 - 2014-06-20 21:52 - 00000796 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-19 21:14 - 2014-06-19 21:14 - 00001308 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus.lnk 2014-06-19 21:14 - 2014-06-19 21:14 - 00001107 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk 2014-06-19 21:14 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2014-06-19 21:13 - 2014-06-19 21:19 - 00625760 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys 2014-06-19 21:13 - 2014-06-19 21:19 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-06-19 21:13 - 2014-06-19 21:13 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-06-19 20:57 - 2014-06-19 21:02 - 243681088 _____ () C:\Users\Emre\Downloads\kav14.0.0.4651abDE_5154.exe 2014-06-18 17:34 - 2014-06-18 17:34 - 00001074 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2043858600-907271468-3293908178-1002Core1cf8b0ad4b763da.job 2014-06-17 22:41 - 2014-06-17 17:41 - 00152770 _____ () C:\Users\Emre\Desktop\Richtlinien zur Schreibweise_komplett.odt 2014-06-17 22:40 - 2014-06-17 22:40 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-06-17 22:40 - 2014-06-17 22:40 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-17 22:39 - 2014-06-17 22:39 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-17 22:38 - 2014-06-17 22:38 - 00000000 ____D () C:\Users\Emre\Desktop\OpenOffice 4.0.1 (de) Installation Files 2014-06-17 22:35 - 2014-06-17 22:38 - 163606685 _____ () C:\Users\Emre\Downloads\nw_27417_apacheopenofficewinx.exe 2014-06-15 15:09 - 2014-06-15 15:12 - 22011970 _____ () C:\Users\Emre\Downloads\Tongbu_2.17.exe 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\java 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\.minecraft 2014-06-14 17:52 - 2014-06-14 17:52 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\LolClient 2014-06-14 17:26 - 2014-06-14 17:26 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\Riot Games 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2014-06-14 17:26 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2014-06-14 17:26 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2014-06-14 17:26 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2014-06-14 17:25 - 2014-06-15 22:44 - 00000000 ____D () C:\Users\Emre\AppData\Local\PMB Files 2014-06-14 17:25 - 2014-06-15 22:44 - 00000000 ____D () C:\ProgramData\PMB Files 2014-06-14 17:25 - 2014-06-14 17:25 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-06-14 17:24 - 2014-06-14 17:25 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Riot Games 2014-06-14 17:23 - 2014-06-14 17:23 - 34888568 _____ (Riot Games) C:\Users\Emre\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2014-06-12 20:59 - 2014-06-12 20:59 - 00000219 _____ () C:\Users\Emre\Desktop\Portal First Slice.url 2014-06-12 19:10 - 2014-06-19 19:56 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Adobe 2014-06-12 19:10 - 2014-06-19 19:56 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-12 18:59 - 2014-05-15 00:47 - 04720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-06-12 18:59 - 2014-05-13 05:41 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-06-12 18:59 - 2014-05-03 09:41 - 04190208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-06-12 18:59 - 2014-05-03 05:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-06-12 18:59 - 2014-04-30 06:21 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-06-12 18:59 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-06-12 18:59 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-06-12 18:59 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2014-06-12 18:59 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2014-06-12 18:58 - 2014-06-12 18:58 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-06-12 18:58 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-06-12 18:58 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2014-06-12 18:58 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-06-12 18:58 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-06-12 18:58 - 2014-05-13 06:27 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-06-12 18:58 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-06-12 18:58 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-06-12 18:58 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-06-12 18:58 - 2014-05-05 08:11 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2014-06-12 18:58 - 2014-05-05 08:11 - 00418136 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-06-12 18:58 - 2014-05-05 08:11 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2014-06-12 18:58 - 2014-05-05 08:11 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2014-06-12 18:58 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-06-12 18:58 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-06-12 18:58 - 2014-05-03 09:40 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2014-06-12 18:58 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-06-12 18:58 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll 2014-06-12 18:58 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll 2014-06-12 18:58 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll 2014-06-12 18:58 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-06-12 18:58 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll 2014-06-12 18:58 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll 2014-06-12 18:58 - 2014-05-03 05:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-06-12 18:58 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat 2014-06-12 18:58 - 2014-05-01 15:19 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-06-12 18:58 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-06-12 18:58 - 2014-05-01 07:34 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-06-12 18:58 - 2014-04-30 09:11 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-06-12 18:58 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2014-06-12 18:58 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-06-12 18:58 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2014-06-12 18:58 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2014-06-12 18:58 - 2014-04-30 08:10 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-06-12 18:58 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2014-06-12 18:58 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2014-06-12 18:58 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2014-06-12 18:58 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2014-06-12 18:58 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2014-06-12 18:58 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2014-06-12 18:58 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-06-12 18:58 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-06-12 18:58 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-06-12 18:58 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-06-12 18:58 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-06-12 18:58 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-06-12 18:58 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2014-06-12 18:58 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2014-06-12 18:58 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2014-06-12 18:58 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-06-12 18:58 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2014-06-12 18:58 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2014-06-12 18:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-06-12 18:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-06-12 18:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-06-12 18:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-06-12 18:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-06-12 18:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-06-12 18:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-06-12 18:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-06-12 18:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-06-12 18:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-06-12 18:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-06-12 18:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-06-12 18:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-06-12 18:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-06-12 18:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-06-12 18:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-06-12 18:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-06-12 18:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-06-12 18:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-06-12 18:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-06-12 18:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-06-12 18:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-06-12 18:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-06-12 18:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-06-12 18:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-06-12 18:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-06-12 18:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-06-12 18:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-06-12 18:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-06-12 18:57 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe 2014-06-12 18:57 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe 2014-06-12 18:57 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe 2014-06-12 18:57 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-06-12 18:57 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-06-12 18:57 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2014-06-12 18:57 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-06-12 18:57 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-06-12 18:57 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-12 18:57 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-12 18:57 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-06-12 18:57 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-06-12 18:57 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2014-06-12 18:57 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys 2014-06-12 18:57 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2014-06-12 18:57 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll 2014-06-12 18:57 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2014-06-12 18:57 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2014-06-12 18:57 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-06-12 18:57 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2014-06-12 18:57 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2014-06-12 18:57 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-06-12 18:57 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2014-06-12 18:57 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-06-12 18:57 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-06-12 18:57 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-06-12 18:57 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-06-12 18:57 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-06-12 18:57 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-06-12 18:57 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-06-12 18:57 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-06-12 18:57 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-06-12 18:57 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-06-12 18:57 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-06-12 18:57 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-06-12 18:57 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-06-12 18:57 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-06-10 17:15 - 2014-06-20 22:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-08 23:41 - 2014-06-08 23:41 - 11934428 _____ () C:\Users\Emre\Desktop\Produce.m2ts 2014-06-08 23:05 - 2014-06-08 23:05 - 04575407 _____ () C:\Users\Emre\Desktop\Video 13.03.14 01 49 34.mov 2014-06-04 15:06 - 2014-06-18 17:36 - 00003842 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1401478478 2014-06-03 15:35 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2014-06-03 15:35 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2014-06-02 20:53 - 2014-06-02 20:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-02 20:49 - 2014-06-02 20:50 - 38494576 _____ (Apple Inc.) C:\Users\Emre\Downloads\SafariSetup.exe 2014-06-02 20:49 - 2014-06-02 20:50 - 112616784 _____ (Apple Inc.) C:\Users\Emre\Downloads\iTunes64Setup.exe 2014-06-01 22:51 - 2014-06-01 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk 2014-06-01 22:47 - 2014-06-01 22:51 - 58443485 _____ () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk.zip 2014-05-31 00:29 - 2014-05-31 00:29 - 00057096 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll 2014-05-31 00:29 - 2014-05-31 00:29 - 00000000 ____D () C:\Users\Emre\AppData\Local\Comodo 2014-05-31 00:23 - 2014-05-31 00:23 - 37783616 _____ (COMODO) C:\Users\Emre\Downloads\DragonSetup.exe 2014-05-30 23:55 - 2014-05-30 23:55 - 00358200 _____ () C:\Users\Emre\Downloads\USB3_Driver_Renesas_W7_A00_T727T_ZPE.exe 2014-05-30 23:29 - 2014-06-02 20:53 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-05-30 23:29 - 2014-06-02 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-05-30 23:29 - 2014-05-30 23:29 - 00000000 ____D () C:\Program Files\iTunes 2014-05-30 23:29 - 2014-05-30 23:29 - 00000000 ____D () C:\Program Files\iPod 2014-05-30 23:17 - 2014-05-30 23:17 - 00961360 _____ (Chip Digital GmbH) C:\Users\Emre\Downloads\HijackThis - CHIP-Installer.exe 2014-05-30 21:34 - 2014-05-30 21:34 - 00001143 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-05-30 21:34 - 2014-05-30 21:34 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-05-30 21:31 - 2014-05-30 21:34 - 28041256 _____ (Opera Software ASA) C:\Users\Emre\Downloads\Opera_21.0.1432.67_Setup.exe 2014-05-30 17:45 - 2014-02-20 17:54 - 00381928 _____ (GfK) C:\WINDOWS\system32\GfKLSPService64.DLL 2014-05-30 17:45 - 2014-02-20 17:54 - 00314344 _____ (GfK) C:\WINDOWS\SysWOW64\GfKLSPService.DLL 2014-05-30 17:43 - 2014-06-29 14:52 - 00000000 ____D () C:\Program Files (x86)\GfKLSPService 2014-05-30 17:43 - 2014-06-29 14:52 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor 2014-05-30 17:43 - 2014-05-30 17:43 - 00003872 _____ () C:\WINDOWS\SysWOW64\GfKLSPService.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00002672 _____ () C:\WINDOWS\SysWOW64\GacelaLSPServiceOff.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00002672 _____ () C:\WINDOWS\system32\GacelaLSPServiceOff.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GfK Internet-Monitor 2014-05-30 17:42 - 2014-05-30 17:42 - 04878672 _____ (GfK) C:\Users\Emre\Downloads\GfK download manager.exe ==================== One Month Modified Files and Folders ======= 2014-06-29 15:19 - 2014-06-29 15:19 - 00000000 ____D () C:\Users\Emre\Downloads\FRST-OlderVersion 2014-06-29 15:19 - 2014-06-28 13:54 - 00031434 _____ () C:\Users\Emre\Downloads\FRST.txt 2014-06-29 15:19 - 2014-06-28 13:54 - 00000000 ____D () C:\FRST 2014-06-29 15:19 - 2014-06-26 21:05 - 02083328 _____ (Farbar) C:\Users\Emre\Downloads\FRST64.exe 2014-06-29 15:11 - 2014-03-06 01:39 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-06-29 15:10 - 2014-06-29 15:10 - 00000683 _____ () C:\Users\Emre\Desktop\JRT.txt 2014-06-29 15:07 - 2014-01-21 18:12 - 01896810 _____ () C:\WINDOWS\WindowsUpdate.log 2014-06-29 15:03 - 2014-01-06 15:52 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2043858600-907271468-3293908178-1002 2014-06-29 15:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-06-29 14:59 - 2014-06-28 23:08 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-06-29 14:59 - 2013-12-27 21:58 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn 2014-06-29 14:57 - 2014-06-29 14:57 - 01016261 _____ (Thisisu) C:\Users\Emre\Downloads\JRT.exe 2014-06-29 14:55 - 2014-06-29 14:55 - 00002520 _____ () C:\Users\Emre\Desktop\AdwCleaner[S1].txt 2014-06-29 14:55 - 2014-04-12 21:50 - 00000000 ____D () C:\AdwCleaner 2014-06-29 14:52 - 2014-05-30 17:43 - 00000000 ____D () C:\Program Files (x86)\GfKLSPService 2014-06-29 14:52 - 2014-05-30 17:43 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor 2014-06-29 14:52 - 2014-01-27 18:17 - 00000000 ___RD () C:\Users\Emre\Mediencenter 2014-06-29 14:52 - 2014-01-21 18:38 - 00000000 ___DO () C:\Users\Emre\SkyDrive 2014-06-29 14:52 - 2014-01-06 16:15 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-29 14:51 - 2014-01-21 18:12 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-29 14:51 - 2013-11-14 00:18 - 01441030 _____ () C:\WINDOWS\PFRO.log 2014-06-29 14:51 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-06-29 14:51 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI 2014-06-29 14:47 - 2014-06-29 14:47 - 01342659 _____ () C:\Users\Emre\Downloads\adwcleaner_3.213.exe 2014-06-29 14:46 - 2014-01-06 16:15 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-29 14:39 - 2014-04-12 18:57 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-06-29 14:32 - 2013-11-14 09:13 - 00000000 ____D () C:\WINDOWS\ShellNew 2014-06-29 14:30 - 2014-06-29 14:30 - 00001806 _____ () C:\Users\Emre\Desktop\ Malwarebytes Anti-Malware .txt 2014-06-29 14:12 - 2014-06-29 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\77883FEE.sys 2014-06-29 14:12 - 2014-06-29 14:12 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-29 14:12 - 2014-06-29 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-29 14:12 - 2014-06-29 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-29 14:11 - 2014-06-29 14:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Emre\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-29 12:01 - 2014-01-21 18:12 - 00098236 _____ () C:\WINDOWS\system32\lvcoinst.log 2014-06-29 11:26 - 2014-02-09 19:48 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87C12940-479F-4E1A-A4EA-5BE588A2BAFD} 2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Users\Emre\AppData\Local\Adobe 2014-06-28 23:09 - 2014-06-28 23:09 - 04990544 _____ (Adobe Systems Inc.) C:\Users\Emre\Downloads\Shockwave_Installer_Slim (1).exe 2014-06-28 23:08 - 2014-06-28 23:08 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-06-28 23:06 - 2014-06-28 15:06 - 00000000 ____D () C:\Program Files (x86)\AutoClickerbyShocker 2014-06-28 21:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp 2014-06-28 20:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-06-28 16:03 - 2014-01-27 18:15 - 00000000 ____D () C:\Users\Emre\Documents\Outlook-Dateien 2014-06-28 15:04 - 2014-06-28 15:04 - 00929416 _____ (CNET Download.com) C:\Users\Emre\Downloads\cbsidlm-cbsi188-Auto_Clicker_by_Shocker-ORG-75742161.exe 2014-06-28 14:20 - 2013-12-27 21:52 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-28 14:05 - 2014-06-28 14:05 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (2).exe 2014-06-28 14:05 - 2014-01-21 18:36 - 00000000 ____D () C:\Users\Emre\AppData\Local\Deployment 2014-06-28 13:56 - 2014-06-28 13:56 - 00086041 _____ () C:\Users\Emre\Desktop\FRST.txt 2014-06-28 13:56 - 2014-06-28 13:56 - 00057626 _____ () C:\Users\Emre\Desktop\Addition.txt 2014-06-28 13:56 - 2014-06-28 13:55 - 00057626 _____ () C:\Users\Emre\Downloads\Addition.txt 2014-06-26 22:00 - 2014-06-26 22:00 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (1).exe 2014-06-26 21:59 - 2014-06-26 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-26 21:58 - 2014-06-26 21:59 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-06-26 21:58 - 2014-06-26 21:59 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-06-26 21:58 - 2014-06-26 21:59 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-06-26 21:58 - 2014-06-26 21:59 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2014-06-26 21:58 - 2014-03-31 14:38 - 00000000 ____D () C:\Program Files\Java 2014-06-26 21:57 - 2014-06-26 21:57 - 30984104 _____ (Oracle Corporation) C:\Users\Emre\Downloads\jre-7u60-windows-x64.exe 2014-06-26 21:42 - 2014-06-26 21:42 - 00001188 _____ () C:\Users\Emre\Desktop\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00001174 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Users\Emre\AppData\Local\Telekom 2014-06-26 21:41 - 2014-06-26 21:41 - 02573688 _____ () C:\Users\Emre\Downloads\nw_33761_mediencenterpcsyncex.exe 2014-06-26 21:18 - 2013-12-27 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware 2014-06-26 21:01 - 2014-06-26 21:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\Emre\Downloads\hijackthis_5833.exe 2014-06-26 21:01 - 2014-02-28 18:09 - 00018010 _____ () C:\Users\Emre\Downloads\hijackthis.log 2014-06-24 20:50 - 2014-01-06 15:45 - 00000000 ____D () C:\Users\Emre\AppData\Local\Packages 2014-06-23 20:43 - 2014-06-23 20:22 - 00000000 ____D () C:\Users\Emre\AppData\Local\paint.net 2014-06-23 20:40 - 2014-06-23 20:40 - 00000132 _____ () C:\Users\Emre\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2014-06-23 20:22 - 2014-06-23 20:22 - 00001274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00001262 _____ () C:\Users\Public\Desktop\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00000000 ____D () C:\Program Files\paint.net 2014-06-23 20:21 - 2014-06-23 20:21 - 00000000 ____D () C:\Users\Emre\Downloads\paintnetinstall_30431 2014-06-23 20:20 - 2014-06-23 20:20 - 06215962 _____ () C:\Users\Emre\Downloads\paintnetinstall_30431.zip 2014-06-23 20:13 - 2013-11-14 09:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-06-23 20:13 - 2013-11-14 09:11 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat 2014-06-23 20:13 - 2013-11-14 09:11 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat 2014-06-23 20:10 - 2013-08-22 16:46 - 00313959 _____ () C:\WINDOWS\setupact.log 2014-06-22 00:41 - 2014-01-06 16:15 - 00004088 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-22 00:41 - 2014-01-06 16:15 - 00003852 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-21 16:47 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\Emre\AppData\Local\Ubisoft Game Launcher 2014-06-21 16:35 - 2014-01-07 19:37 - 00000000 ____D () C:\Users\Emre\Documents\My Games 2014-06-21 16:33 - 2014-01-06 20:04 - 00152954 _____ () C:\WINDOWS\DirectX.log 2014-06-21 14:27 - 2014-06-21 14:27 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer (1).exe 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\Desktop\Watch_Dogs.url 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url 2014-06-21 14:15 - 2014-06-21 14:15 - 63548256 _____ (Ubisoft) C:\Users\Emre\Downloads\UplayInstaller.exe 2014-06-21 14:15 - 2014-06-21 14:15 - 00001219 _____ () C:\Users\Emre\Desktop\Uplay.lnk 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-06-21 14:10 - 2014-06-21 14:10 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer.exe 2014-06-21 14:10 - 2014-06-21 14:10 - 00000000 ____D () C:\Users\Emre\AppData\Local\Unity 2014-06-20 23:44 - 2014-06-20 23:36 - 1010827264 _____ () C:\Users\Emre\Downloads\ubuntu-14.04-desktop-amd64.iso 2014-06-20 23:40 - 2014-06-20 23:40 - 01095388 _____ (pendrivelinux.com) C:\Users\Emre\Downloads\Universal-USB-Installer-1.9.5.3.exe 2014-06-20 23:09 - 2014-06-20 23:09 - 00759808 _____ () C:\Users\Emre\Downloads\EOScard.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00522107 _____ (Igor Pavlov) C:\Users\Emre\Downloads\CardTricks-144-SFX.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00000000 ____D () C:\Users\Emre\Downloads\CardTricks-144-SFX 2014-06-20 22:51 - 2014-06-20 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA 2014-06-20 22:36 - 2014-06-20 22:36 - 00758176 _____ () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA.zip 2014-06-20 22:35 - 2014-06-20 22:34 - 00000000 ____D () C:\Users\Emre\Downloads\CameraVersion13 2014-06-20 22:34 - 2014-06-20 22:34 - 03784846 _____ () C:\Users\Emre\Downloads\CameraVersion13-sfx.exe 2014-06-20 22:30 - 2014-06-20 22:30 - 01785901 _____ () C:\Users\Emre\Downloads\IMG20140620222403.zip 2014-06-20 22:03 - 2014-06-10 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-20 22:03 - 2014-01-16 17:31 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Mozilla 2014-06-20 21:52 - 2014-06-20 21:52 - 04748896 _____ (Piriform Ltd) C:\Users\Emre\Downloads\ccsetup414.exe 2014-06-20 21:52 - 2014-06-20 21:52 - 00000796 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-06-20 21:52 - 2014-02-21 15:36 - 00000000 ____D () C:\Program Files\CCleaner 2014-06-20 21:50 - 2014-04-22 16:26 - 00000000 ____D () C:\Program Files\Recuva 2014-06-20 21:50 - 2014-02-21 15:37 - 00000000 ____D () C:\Users\Emre\Documents\CCleaner Registry 2014-06-20 17:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-06-19 21:19 - 2014-06-19 21:13 - 00625760 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys 2014-06-19 21:19 - 2014-06-19 21:13 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-06-19 21:19 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys 2014-06-19 21:19 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klkbdflt.sys 2014-06-19 21:19 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys 2014-06-19 21:19 - 2013-05-07 17:56 - 00065120 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys 2014-06-19 21:19 - 2012-07-27 18:38 - 00029792 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klelam.sys 2014-06-19 21:14 - 2014-06-19 21:14 - 00001308 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus.lnk 2014-06-19 21:14 - 2014-06-19 21:14 - 00001107 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk 2014-06-19 21:13 - 2014-06-19 21:13 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-06-19 21:13 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\ELAMBKUP 2014-06-19 21:07 - 2014-05-01 14:00 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-19 21:07 - 2013-08-22 16:44 - 00526384 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-06-19 21:02 - 2014-06-19 20:57 - 243681088 _____ () C:\Users\Emre\Downloads\kav14.0.0.4651abDE_5154.exe 2014-06-19 20:58 - 2014-04-28 19:43 - 00000000 ____D () C:\Users\Emre\Downloads\Service Mode Tools Version 1.050 2014-06-19 19:56 - 2014-06-12 19:10 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Adobe 2014-06-19 19:56 - 2014-06-12 19:10 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-19 17:10 - 2014-05-05 14:54 - 00002471 _____ () C:\Users\Emre\Desktop\Google Chrome Canary.lnk 2014-06-18 18:17 - 2014-02-09 00:15 - 00000000 ____D () C:\Users\Emre\Documents\Tongbu 2014-06-18 17:36 - 2014-06-04 15:06 - 00003842 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1401478478 2014-06-18 17:36 - 2014-03-27 19:43 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-06-18 17:34 - 2014-06-18 17:34 - 00001074 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2043858600-907271468-3293908178-1002Core1cf8b0ad4b763da.job 2014-06-17 22:40 - 2014-06-17 22:40 - 00001132 _____ () C:\Users\Public\Desktop\OpenOffice 4.0.1.lnk 2014-06-17 22:40 - 2014-06-17 22:40 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-17 22:39 - 2014-06-17 22:39 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-17 22:38 - 2014-06-17 22:38 - 00000000 ____D () C:\Users\Emre\Desktop\OpenOffice 4.0.1 (de) Installation Files 2014-06-17 22:38 - 2014-06-17 22:35 - 163606685 _____ () C:\Users\Emre\Downloads\nw_27417_apacheopenofficewinx.exe 2014-06-17 17:41 - 2014-06-17 22:41 - 00152770 _____ () C:\Users\Emre\Desktop\Richtlinien zur Schreibweise_komplett.odt 2014-06-15 22:44 - 2014-06-14 17:25 - 00000000 ____D () C:\Users\Emre\AppData\Local\PMB Files 2014-06-15 22:44 - 2014-06-14 17:25 - 00000000 ____D () C:\ProgramData\PMB Files 2014-06-15 15:12 - 2014-06-15 15:09 - 22011970 _____ () C:\Users\Emre\Downloads\Tongbu_2.17.exe 2014-06-15 15:06 - 2014-02-09 13:25 - 00000000 ____D () C:\Program Files (x86)\Tongbu 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\java 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\.minecraft 2014-06-14 17:52 - 2014-06-14 17:52 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\LolClient 2014-06-14 17:26 - 2014-06-14 17:26 - 00001625 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\Riot Games 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2014-06-14 17:25 - 2014-06-14 17:25 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-06-14 17:25 - 2014-06-14 17:24 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Riot Games 2014-06-14 17:23 - 2014-06-14 17:23 - 34888568 _____ (Riot Games) C:\Users\Emre\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2014-06-12 22:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-06-12 20:59 - 2014-06-12 20:59 - 00000219 _____ () C:\Users\Emre\Desktop\Portal First Slice.url 2014-06-12 20:59 - 2014-01-18 13:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-12 20:46 - 2014-01-06 21:31 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\vlc 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-06-12 19:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-06-12 19:02 - 2014-01-06 17:22 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-12 19:02 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-06-12 19:01 - 2014-01-06 16:46 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-06-12 18:59 - 2014-01-06 16:46 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-06-12 18:58 - 2014-06-12 18:58 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-06-11 16:15 - 2014-05-23 18:33 - 00000000 ____D () C:\Program Files (x86)\Symantec 2014-06-08 23:41 - 2014-06-08 23:41 - 11934428 _____ () C:\Users\Emre\Desktop\Produce.m2ts 2014-06-08 23:05 - 2014-06-08 23:05 - 04575407 _____ () C:\Users\Emre\Desktop\Video 13.03.14 01 49 34.mov 2014-06-03 15:35 - 2014-01-21 18:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-02 20:53 - 2014-06-02 20:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-02 20:53 - 2014-05-30 23:29 - 00001797 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-06-02 20:53 - 2014-05-30 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-06-02 20:51 - 2014-01-06 19:54 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Apple Computer 2014-06-02 20:51 - 2014-01-06 19:54 - 00000000 ____D () C:\Users\Emre\AppData\Local\Apple Computer 2014-06-02 20:50 - 2014-06-02 20:49 - 38494576 _____ (Apple Inc.) C:\Users\Emre\Downloads\SafariSetup.exe 2014-06-02 20:50 - 2014-06-02 20:49 - 112616784 _____ (Apple Inc.) C:\Users\Emre\Downloads\iTunes64Setup.exe 2014-06-01 22:51 - 2014-06-01 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk 2014-06-01 22:51 - 2014-06-01 22:47 - 58443485 _____ () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk.zip 2014-05-31 08:27 - 2014-06-12 18:58 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-05-31 07:13 - 2013-08-22 17:38 - 00703992 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-05-31 07:13 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-31 00:29 - 2014-05-31 00:29 - 00057096 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll 2014-05-31 00:29 - 2014-05-31 00:29 - 00000000 ____D () C:\Users\Emre\AppData\Local\Comodo 2014-05-31 00:29 - 2014-01-11 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2014-05-31 00:29 - 2014-01-11 11:41 - 00000000 ____D () C:\Program Files (x86)\Comodo 2014-05-31 00:23 - 2014-05-31 00:23 - 37783616 _____ (COMODO) C:\Users\Emre\Downloads\DragonSetup.exe 2014-05-30 23:55 - 2014-05-30 23:55 - 00358200 _____ () C:\Users\Emre\Downloads\USB3_Driver_Renesas_W7_A00_T727T_ZPE.exe 2014-05-30 23:50 - 2014-01-06 17:50 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect.exe 2014-05-30 23:50 - 2013-12-27 21:52 - 00000000 ____D () C:\ProgramData\PCDr 2014-05-30 23:29 - 2014-05-30 23:29 - 00000000 ____D () C:\Program Files\iTunes 2014-05-30 23:29 - 2014-05-30 23:29 - 00000000 ____D () C:\Program Files\iPod 2014-05-30 23:29 - 2014-01-06 19:53 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-05-30 23:25 - 2014-01-07 22:12 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-05-30 23:17 - 2014-05-30 23:17 - 00961360 _____ (Chip Digital GmbH) C:\Users\Emre\Downloads\HijackThis - CHIP-Installer.exe 2014-05-30 21:34 - 2014-05-30 21:34 - 00001143 _____ () C:\Users\Public\Desktop\Opera.lnk 2014-05-30 21:34 - 2014-05-30 21:34 - 00001143 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2014-05-30 21:34 - 2014-05-30 21:31 - 28041256 _____ (Opera Software ASA) C:\Users\Emre\Downloads\Opera_21.0.1432.67_Setup.exe 2014-05-30 21:34 - 2014-01-24 20:08 - 00000000 ____D () C:\Users\Emre\AppData\Local\Opera Software 2014-05-30 21:34 - 2014-01-24 20:07 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Opera Software 2014-05-30 17:43 - 2014-05-30 17:43 - 00003872 _____ () C:\WINDOWS\SysWOW64\GfKLSPService.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00002672 _____ () C:\WINDOWS\SysWOW64\GacelaLSPServiceOff.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00002672 _____ () C:\WINDOWS\system32\GacelaLSPServiceOff.ini 2014-05-30 17:43 - 2014-05-30 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GfK Internet-Monitor 2014-05-30 17:42 - 2014-05-30 17:42 - 04878672 _____ (GfK) C:\Users\Emre\Downloads\GfK download manager.exe 2014-05-30 12:21 - 2014-06-12 18:57 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-05-30 11:45 - 2014-06-12 18:57 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-05-30 11:28 - 2014-06-12 18:57 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-05-30 11:20 - 2014-06-12 18:57 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-12 18:57 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-05-30 11:08 - 2014-06-12 18:57 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-12 18:57 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-05-30 10:46 - 2014-06-12 18:57 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-12 18:57 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-12 18:57 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-05-30 10:38 - 2014-06-12 18:57 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-12 18:57 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-05-30 10:29 - 2014-06-12 18:57 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-05-30 10:27 - 2014-06-12 18:57 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-05-30 10:23 - 2014-06-12 18:57 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-12 18:57 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-05-30 10:04 - 2014-06-12 18:57 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-12 18:57 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-12 18:57 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-12 18:57 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-05-30 09:54 - 2014-06-12 18:57 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-05-30 09:49 - 2014-06-12 18:57 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-12 18:57 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-12 18:57 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-12 18:57 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-12 18:57 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-12 18:57 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-12 18:57 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-12 18:57 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-05-30 01:07 - 2014-06-03 15:35 - 01715176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2014-05-30 01:07 - 2014-06-03 15:35 - 01291232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2014-05-30 01:07 - 2014-04-26 16:02 - 01279480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2014-05-30 01:07 - 2014-04-26 16:02 - 01122312 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll Some content of TEMP: ==================== C:\Users\Emre\AppData\Local\Temp\BackupSetup.exe C:\Users\Emre\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Emre\AppData\Local\Temp\Mediencenter_3.9.1055.64.exe C:\Users\Emre\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\Emre\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Emre\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Emre\AppData\Local\Temp\nvStereoApiI.dll C:\Users\Emre\AppData\Local\Temp\nvStInst.exe C:\Users\Emre\AppData\Local\Temp\pyl23DD.tmp.exe C:\Users\Emre\AppData\Local\Temp\pylFF01.tmp.exe C:\Users\Emre\AppData\Local\Temp\pylFFA8.tmp.exe C:\Users\Emre\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Emre\AppData\Local\Temp\tbIEAddin.dll C:\Users\Emre\AppData\Local\Temp\vlc-2.1.4-win64.exe C:\Users\Emre\AppData\Local\Temp\_is12E2.exe C:\Users\Emre\AppData\Local\Temp\_isE4F6.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-29 15:03 ==================== End Of Log ============================ --- --- --- |
30.06.2014, 11:24 | #7 |
/// the machine /// TB-Ausbilder | Browser hängt und lädt ununterbrochenESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
30.06.2014, 19:49 | #8 |
| Browser hängt und lädt ununterbrochenCode:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7587 # api_version=3.0.2 # EOSSerial=141e7723c0b9f04bbf7e81f24c161ec4 # engine=18953 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-06-30 06:38:39 # local_time=2014-06-30 08:38:39 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='Kaspersky Anti-Virus' # compatibility_mode=1293 16777213 100 100 98599 35631541 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 948839 8537040 0 0 # scanned=358215 # found=15 # cleaned=0 # scan_time=8473 sh=99F97AD369E8621AB4D17DF53E80E60FEE99C727 ft=1 fh=42567613b862d846 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Emre\AppData\Local\Temp\OCS\ocs_v71b.exe.vir" sh=382074AAC419517C309A2B36A7227E89CD9ECEC7 ft=1 fh=f6f5126377959a90 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\mData\Kaspersky Lab\SafeBrowser\S-1-5-21-2043858600-907271468-3293908178-1002\FireFox\extensions\ffxtlbr@iminent.com\uninstall.exe.vir" sh=25B9F4013FB34153FFA27E460D4B8594C79FE337 ft=1 fh=15384691e6094ee0 vn="Variante von Win32/HiddenStart.A potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\hstart.exe" sh=C8ED85CBB679DFF0D72E7D8C79CE5E74B5EFADE0 ft=1 fh=37dd7ede875c1f3d vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Emre\AppData\Local\Microsoft\Windows\INetCache\IE\0JWFOPGJ\spstub[1].exe" sh=A84B46CCDC3F57029C711BE6275A760DD13AC913 ft=1 fh=15908f4a60c02694 vn="möglicherweise Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Emre\AppData\Local\Microsoft\Windows\INetCache\IE\KQRGP2O1\SPSetup[1].exe" sh=0CE29E4B3CE1004C7967DAF574BA8D2920782299 ft=1 fh=af37a12746f98a73 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Emre\AppData\Local\Microsoft\Windows\INetCache\IE\WPW3HVRJ\IMinentToolbar[1].exe" sh=80FB832730C40CC94C2A09476BF96CD4463992A0 ft=1 fh=bfb5ea0483aa1cb9 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Emre\Documents\Downloads\FreeStudio.exe" sh=C6ECB5C1447C57FC0BE4C69C4F300FB9FB41ADF0 ft=1 fh=c9f6b45ef331d56c vn="Variante von Win32/BitCoinMiner.BJ potenziell unsichere Anwendung" ac=I fn="C:\Users\Emre\Downloads\bitcoin-0.8.5-win32-setup.exe" sh=19876B0C21073CE7AC4725124851FC36B7EA7301 ft=1 fh=31b372839de59c7b vn="Variante von Win32/CNETInstaller.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Emre\Downloads\cbsidlm-cbsi188-Auto_Clicker_by_Shocker-ORG-75742161.exe" sh=F83855D2F4CB2063085A6A66A6A1C7CB377C28CB ft=1 fh=bcd5e45444e76df6 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Emre\Downloads\ccsetup414.exe" sh=F40DC491A3F5C095C508DCDD2CE9683CFD12D39F ft=1 fh=c0b0de8b4c10bd42 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Emre\Downloads\FreemakeVideoDownloaderSetup_3.6.4.1 (1).exe" sh=F40DC491A3F5C095C508DCDD2CE9683CFD12D39F ft=1 fh=c0b0de8b4c10bd42 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Emre\Downloads\FreemakeVideoDownloaderSetup_3.6.4.1.exe" sh=563E1B707747F87BD96829B81E92CA1EE04E83FD ft=1 fh=421b349ff9c9cc9b vn="Win32/InstallMonetizer.AF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Emre\Downloads\FreeOCR-5.02.exe" sh=CA0841CED7C7E20AEAEFD3D4658C594A2D1985B6 ft=1 fh=ddee4c3201dfba5f vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Emre\Downloads\HijackThis - CHIP-Installer.exe" sh=DF838D02195E380F72BEA5C356C575903BC8D4B3 ft=1 fh=df358b5f3cfd20dd vn="Win32/Somoto.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Emre\Downloads\streamtransport_1102setup.exe" Code:
ATTFilter Results of screen317's Security Check version 0.99.83 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Kaspersky Anti-Virus Windows Defender Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Adobe Flash Player 14.0.0.125 Adobe Reader XI Mozilla Firefox (30.0) Google Chrome 35.0.1916.153 ````````Process Check: objlist.exe by Laurent```````` Alienware Command Center ThermalController.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
01.07.2014, 13:44 | #9 |
/// the machine /// TB-Ausbilder | Browser hängt und lädt ununterbrochen Lösch einfach die angemeckerten Downloads. Frisches FRST log und Antwort auf meine Frage fehlt
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
01.07.2014, 20:41 | #10 |
| Browser hängt und lädt ununterbrochen FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-06-2014 02 Ran by Emre (administrator) on EMRE on 01-07-2014 21:30:18 Running from C:\Users\Emre\Downloads Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe () C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Windows\System32\Locator.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (Alienware) C:\Program Files\Alienware\Command Center\ThermalController.exe (NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe (NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIJJE.EXE (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Deutsche Telekom AG) C:\Users\Emre\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (CyberLink) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\DBRUpd.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe () C:\Program Files (x86)\AlienRespawn\Components\Shell\DBRCrawler.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13840 2013-10-28] (Alienware) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7200984 2013-10-05] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor) HKLM\...\Run: [] => [X] HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-30] (Intel Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe" HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [502952 2012-07-09] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863400 2012-07-09] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058912 2012-04-02] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [GfK-WatchDog] => C:\Program Files (x86)\GfKLSPService\GfK-WatchDog.exe [58856 2014-02-20] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\.DEFAULT\...\Run: [Bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" HKU\.DEFAULT\...\Run: [Bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard HKU\.DEFAULT\...\Run: [Bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe" HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard HKU\.DEFAULT\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe" HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIJJE.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-2043858600-907271468-3293908178-1002\...\Run: [DellSystemDetect] => C:\Users\Emre\AppData\Local\Apps\2.0\83WCC116.LQ2\5W77M35Z.VMA\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-06-26] (Dell) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.) Startup: C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk ShortcutTarget: Logitech . Produktregistrierung.lnk -> C:\Program Files (x86)\Common Files\logishrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech) Startup: C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mediencenter.lnk ShortcutTarget: Mediencenter.lnk -> C:\Users\Emre\AppData\Roaming\Telekom\MediencenterSync\Mediencenter.exe (Deutsche Telekom AG) ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ShellIconOverlayIdentifiers: 01Mediencenter_InSync -> {77BC4082-DB5F-439A-8DC8-F9E24A63B0DE} => No File ShellIconOverlayIdentifiers: 02Mediencenter_ToSync -> {528EE335-5034-4EFC-834E-63E5F02D2BC2} => No File ShellIconOverlayIdentifiers: 03Mediencenter_Failed -> {6066ADF0-9EB0-43E5-ADB6-990F5A3B979C} => No File ShellIconOverlayIdentifiers: DBARFileBackuped -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: DBARFileNotBackuped -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.alienwarearena.com/welcome-de HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA9B393950272CF01 SearchScopes: HKLM - DefaultScope {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKLM - {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKLM-x32 - {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB SearchScopes: HKCU - DefaultScope {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = SearchScopes: HKCU - {69E87D6C-7EA7-4346-A5AB-065867827FBA} URL = BHO: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\x64\Gacela2.dll (GfK) BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) BHO-x32: GfK Internet-Monitor - {4BEEA052-726D-4A6E-B65D-A6BD07C263F3} - C:\Program Files (x86)\GfK Internet-Monitor\Gacela2.dll (GfK) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: ͬ²½Ò»¼ü°²×°Ö§³Ö - {F72C8153-7140-4FEE-8F69-CA4579D71195} - C:\Program Files (x86)\Tongbu\Addin\tbIEAddin.dll (同步网络平台) Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION) Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION) Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\GfKLSPService.DLL [314344] (GfK) Winsock: Catalog9-x64 01 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 02 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 03 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 04 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Winsock: Catalog9-x64 15 C:\WINDOWS\system32\GfKLSPService64.DLL [381928] (GfK) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\h59tz244.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll () FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.4 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1212152.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL No File FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tongbu.com/tongbu,version=0.1 - C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll (同步网络平台) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Emre\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Adblock Plus - C:\Users\Emre\AppData\Roaming\Mozilla\Firefox\Profiles\h59tz244.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-06-30] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-01-06] FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2014-05-03] FF HKLM-x32\...\Firefox\Extensions: [VIP2X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client FF HKLM-x32\...\Firefox\Extensions: [gacela2@nurago.com] - C:\Program Files (x86)\GfK Internet-Monitor FF Extension: GfK Internet-Monitor - C:\Program Files (x86)\GfK Internet-Monitor [2014-05-30] FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-06-19] FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-06-19] FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-06-19] Chrome: ======= CHR Extension: (Google Docs) - C:\Users\Emre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-29] CHR Extension: (Google Drive) - C:\Users\Emre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-29] CHR Extension: (YouTube) - C:\Users\Emre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-29] CHR Extension: (Google-Suche) - C:\Users\Emre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-29] CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Emre\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-06-29] CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Emre\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-06-29] CHR Extension: (Virtual Keyboard) - C:\Users\Emre\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-06-29] CHR Extension: (Google Wallet) - C:\Users\Emre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-29] CHR Extension: (Google Mail) - C:\Users\Emre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-29] CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17] CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17] ==================== Services (Whitelisted) ================= R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.) R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO) R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation) R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-03-12] (Ellora Assets Corp.) [File not signed] R2 GfK-Reporting-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Reporting.exe [3293672 2014-02-20] () R2 GfK-Update-Service; C:\Program Files (x86)\GfK Internet-Monitor\GfK-Updater.exe [1356264 2014-02-20] () S2 GfKLSPService; C:\Program Files (x86)\GfKLSPService\GfKLSPService.exe [3300328 2014-02-20] (GfK) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation) S3 ioloEnergyBooster; C:\Program Files\Alienware\Command Center\ioloEnergyBooster.exe [6145872 2012-11-01] (iolo technologies, LLC) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-03-26] (CyberLink) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [38472 2011-02-02] (Dell Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-06-19] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29792 2014-06-19] (Kaspersky Lab) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [115296 2014-06-19] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625760 2014-06-19] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [30304 2013-10-17] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [29280 2014-06-19] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\system32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [65120 2014-06-19] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [178272 2014-06-19] (Kaspersky Lab ZAO) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-01] (Malwarebytes Corporation) R3 mio; C:\Windows\System32\drivers\mio.sys [8192 2013-06-26] (Dell Inc.) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) S3 SMARTMouseFilterx64; C:\Windows\System32\drivers\SMARTMouseFilterx64.sys [10240 2013-11-04] (SMART Technologies) [File not signed] S3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\drivers\SMARTVHidMiniVistaAmd64.sys [9216 2013-11-04] (SMART Technologies) [File not signed] S3 SMARTVTabletPCx64; C:\Windows\System32\drivers\SMARTVTabletPCx64.sys [22184 2013-11-04] (SMART Technologies ULC) [File not signed] S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) S3 NPF; system32\drivers\NPF.sys [X] S3 PCDSRVC{0FF99CEB-15C9CE9E-06020200}_0; \??\c:\program files\alienautopsy\pcdsrvc_x64.pkms [X] S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-01 20:50 - 2014-07-01 20:50 - 00002052 _____ () C:\Users\Emre\Desktop\456.txt 2014-07-01 18:53 - 2014-07-01 18:53 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-30 20:47 - 2014-06-30 20:47 - 00854367 _____ () C:\Users\Emre\Downloads\SecurityCheck.exe 2014-06-30 18:09 - 2014-06-30 18:09 - 02347384 _____ (ESET) C:\Users\Emre\Downloads\esetsmartinstaller_deu.exe 2014-06-29 17:41 - 2014-06-29 17:41 - 00000000 ____D () C:\Users\Emre\Desktop\Alev Musik 2014-06-29 17:39 - 2014-06-30 23:10 - 00000000 ____D () C:\Users\Emre\Desktop\Coupons 2014-06-29 17:35 - 2014-06-29 17:35 - 00000000 ____D () C:\Users\Emre\Desktop\ebay 2014-06-29 17:32 - 2014-06-29 17:40 - 00000000 ____D () C:\Users\Emre\Desktop\Praktikum 2014-06-29 17:22 - 2010-07-12 16:40 - 00037776 _____ (SMART Technologies ULC) C:\WINDOWS\system32\smrtlocalmon.dll 2014-06-29 17:22 - 2010-07-12 16:40 - 00022312 _____ (SMART Technologies Inc.) C:\WINDOWS\system32\smrtlocalui.dll 2014-06-29 17:22 - 2003-02-14 19:14 - 00110592 _____ (TechSmith Corporation) C:\WINDOWS\SysWOW64\tsccvid.dll 2014-06-29 17:21 - 2014-06-29 17:21 - 00000000 ____D () C:\Program Files (x86)\National Instruments 2014-06-29 16:51 - 2014-06-29 16:51 - 00284288 _____ (Mozilla) C:\Users\Emre\Downloads\Firefox Setup Stub 30.0.exe 2014-06-29 16:51 - 2014-06-29 16:51 - 00001173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-29 16:51 - 2014-06-29 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-29 16:51 - 2014-06-29 16:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-29 16:50 - 2014-06-29 16:50 - 00895120 _____ (Google Inc.) C:\Users\Emre\Downloads\ChromeSetup.exe 2014-06-29 15:19 - 2014-06-29 15:19 - 00000000 ____D () C:\Users\Emre\Downloads\FRST-OlderVersion 2014-06-29 15:10 - 2014-06-29 15:10 - 00000683 _____ () C:\Users\Emre\Desktop\JRT.txt 2014-06-29 14:57 - 2014-06-29 14:57 - 01016261 _____ (Thisisu) C:\Users\Emre\Downloads\JRT.exe 2014-06-29 14:55 - 2014-06-29 14:55 - 00002520 _____ () C:\Users\Emre\Desktop\AdwCleaner[S1].txt 2014-06-29 14:47 - 2014-06-29 14:47 - 01342659 _____ () C:\Users\Emre\Downloads\adwcleaner_3.213.exe 2014-06-29 14:30 - 2014-06-29 14:30 - 00001806 _____ () C:\Users\Emre\Desktop\ Malwarebytes Anti-Malware .txt 2014-06-29 14:12 - 2014-06-29 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\77883FEE.sys 2014-06-29 14:12 - 2014-06-29 14:12 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-29 14:12 - 2014-06-29 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-29 14:12 - 2014-06-29 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-29 14:12 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-06-29 14:12 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-06-29 14:12 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-06-29 14:11 - 2014-06-29 14:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Emre\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Users\Emre\AppData\Local\Adobe 2014-06-28 23:09 - 2014-06-28 23:09 - 04990544 _____ (Adobe Systems Inc.) C:\Users\Emre\Downloads\Shockwave_Installer_Slim (1).exe 2014-06-28 23:08 - 2014-07-01 20:59 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-06-28 23:08 - 2014-06-28 23:08 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-06-28 15:06 - 2014-06-28 23:06 - 00000000 ____D () C:\Program Files (x86)\AutoClickerbyShocker 2014-06-28 15:04 - 2014-06-28 15:04 - 00929416 _____ (CNET Download.com) C:\Users\Emre\Downloads\cbsidlm-cbsi188-Auto_Clicker_by_Shocker-ORG-75742161.exe 2014-06-28 14:05 - 2014-06-28 14:05 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (2).exe 2014-06-28 13:56 - 2014-06-28 13:56 - 00086041 _____ () C:\Users\Emre\Desktop\FRST.txt 2014-06-28 13:56 - 2014-06-28 13:56 - 00057626 _____ () C:\Users\Emre\Desktop\Addition.txt 2014-06-28 13:55 - 2014-06-28 13:56 - 00057626 _____ () C:\Users\Emre\Downloads\Addition.txt 2014-06-28 13:54 - 2014-07-01 21:30 - 00033206 _____ () C:\Users\Emre\Downloads\FRST.txt 2014-06-28 13:54 - 2014-07-01 21:30 - 00000000 ____D () C:\FRST 2014-06-26 22:00 - 2014-06-26 22:00 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (1).exe 2014-06-26 21:59 - 2014-06-26 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-26 21:59 - 2014-06-26 21:58 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-06-26 21:59 - 2014-06-26 21:58 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-06-26 21:59 - 2014-06-26 21:58 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-06-26 21:59 - 2014-06-26 21:58 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2014-06-26 21:57 - 2014-06-26 21:57 - 30984104 _____ (Oracle Corporation) C:\Users\Emre\Downloads\jre-7u60-windows-x64.exe 2014-06-26 21:42 - 2014-06-26 21:42 - 00001188 _____ () C:\Users\Emre\Desktop\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00001174 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Users\Emre\AppData\Local\Telekom 2014-06-26 21:41 - 2014-06-26 21:41 - 02573688 _____ () C:\Users\Emre\Downloads\nw_33761_mediencenterpcsyncex.exe 2014-06-26 21:05 - 2014-06-29 15:19 - 02083328 _____ (Farbar) C:\Users\Emre\Downloads\FRST64.exe 2014-06-26 21:01 - 2014-06-26 21:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\Emre\Downloads\hijackthis_5833.exe 2014-06-23 20:40 - 2014-06-23 20:40 - 00000132 _____ () C:\Users\Emre\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2014-06-23 20:22 - 2014-06-23 20:43 - 00000000 ____D () C:\Users\Emre\AppData\Local\paint.net 2014-06-23 20:22 - 2014-06-23 20:22 - 00001274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00000000 ____D () C:\Program Files\paint.net 2014-06-23 20:21 - 2014-06-23 20:21 - 00000000 ____D () C:\Users\Emre\Downloads\paintnetinstall_30431 2014-06-23 20:20 - 2014-06-23 20:20 - 06215962 _____ () C:\Users\Emre\Downloads\paintnetinstall_30431.zip 2014-06-21 14:27 - 2014-06-21 14:27 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer (1).exe 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url 2014-06-21 14:15 - 2014-06-21 16:47 - 00000000 ____D () C:\Users\Emre\AppData\Local\Ubisoft Game Launcher 2014-06-21 14:15 - 2014-06-21 14:15 - 63548256 _____ (Ubisoft) C:\Users\Emre\Downloads\UplayInstaller.exe 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-06-21 14:10 - 2014-06-21 14:10 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer.exe 2014-06-21 14:10 - 2014-06-21 14:10 - 00000000 ____D () C:\Users\Emre\AppData\Local\Unity 2014-06-21 00:15 - 2013-12-20 22:45 - 00000095 ____H () C:\DBAR_Ver.txt 2014-06-20 23:40 - 2014-06-20 23:40 - 01095388 _____ (pendrivelinux.com) C:\Users\Emre\Downloads\Universal-USB-Installer-1.9.5.3.exe 2014-06-20 23:36 - 2014-06-20 23:44 - 1010827264 _____ () C:\Users\Emre\Downloads\ubuntu-14.04-desktop-amd64.iso 2014-06-20 23:09 - 2014-06-20 23:09 - 00759808 _____ () C:\Users\Emre\Downloads\EOScard.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00522107 _____ (Igor Pavlov) C:\Users\Emre\Downloads\CardTricks-144-SFX.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00000000 ____D () C:\Users\Emre\Downloads\CardTricks-144-SFX 2014-06-20 22:51 - 2014-06-20 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA 2014-06-20 22:36 - 2014-06-20 22:36 - 00758176 _____ () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA.zip 2014-06-20 22:34 - 2014-06-20 22:35 - 00000000 ____D () C:\Users\Emre\Downloads\CameraVersion13 2014-06-20 22:34 - 2014-06-20 22:34 - 03784846 _____ () C:\Users\Emre\Downloads\CameraVersion13-sfx.exe 2014-06-20 22:30 - 2014-06-20 22:30 - 01785901 _____ () C:\Users\Emre\Downloads\IMG20140620222403.zip 2014-06-20 21:52 - 2014-06-20 21:52 - 04748896 _____ (Piriform Ltd) C:\Users\Emre\Downloads\ccsetup414.exe 2014-06-19 21:14 - 2014-06-19 21:14 - 00001308 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus.lnk 2014-06-19 21:14 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2014-06-19 21:13 - 2014-06-19 21:19 - 00625760 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys 2014-06-19 21:13 - 2014-06-19 21:19 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-06-19 21:13 - 2014-06-19 21:13 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-06-19 20:57 - 2014-06-19 21:02 - 243681088 _____ () C:\Users\Emre\Downloads\kav14.0.0.4651abDE_5154.exe 2014-06-17 22:40 - 2014-06-17 22:40 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-17 22:39 - 2014-06-17 22:39 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-17 22:35 - 2014-06-17 22:38 - 163606685 _____ () C:\Users\Emre\Downloads\nw_27417_apacheopenofficewinx.exe 2014-06-15 15:09 - 2014-06-15 15:12 - 22011970 _____ () C:\Users\Emre\Downloads\Tongbu_2.17.exe 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\java 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\.minecraft 2014-06-14 17:52 - 2014-06-14 17:52 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\LolClient 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\Riot Games 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2014-06-14 17:26 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll 2014-06-14 17:26 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll 2014-06-14 17:26 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll 2014-06-14 17:25 - 2014-06-15 22:44 - 00000000 ____D () C:\Users\Emre\AppData\Local\PMB Files 2014-06-14 17:25 - 2014-06-15 22:44 - 00000000 ____D () C:\ProgramData\PMB Files 2014-06-14 17:25 - 2014-06-14 17:25 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-06-14 17:24 - 2014-06-14 17:25 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Riot Games 2014-06-14 17:23 - 2014-06-14 17:23 - 34888568 _____ (Riot Games) C:\Users\Emre\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2014-06-12 19:10 - 2014-06-19 19:56 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Adobe 2014-06-12 19:10 - 2014-06-19 19:56 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-12 18:59 - 2014-05-15 00:47 - 04720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-06-12 18:59 - 2014-05-13 05:41 - 01118720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-06-12 18:59 - 2014-05-03 09:41 - 04190208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-06-12 18:59 - 2014-05-03 05:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-06-12 18:59 - 2014-04-30 06:21 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-06-12 18:59 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-06-12 18:59 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-06-12 18:59 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2014-06-12 18:59 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2014-06-12 18:58 - 2014-06-12 18:58 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-06-12 18:58 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-06-12 18:58 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2014-06-12 18:58 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-06-12 18:58 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-06-12 18:58 - 2014-05-13 06:27 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-06-12 18:58 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-06-12 18:58 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-06-12 18:58 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-06-12 18:58 - 2014-05-05 08:11 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2014-06-12 18:58 - 2014-05-05 08:11 - 00418136 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-06-12 18:58 - 2014-05-05 08:11 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2014-06-12 18:58 - 2014-05-05 08:11 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2014-06-12 18:58 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-06-12 18:58 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-06-12 18:58 - 2014-05-03 09:40 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2014-06-12 18:58 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-06-12 18:58 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll 2014-06-12 18:58 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll 2014-06-12 18:58 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll 2014-06-12 18:58 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-06-12 18:58 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll 2014-06-12 18:58 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll 2014-06-12 18:58 - 2014-05-03 05:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-06-12 18:58 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat 2014-06-12 18:58 - 2014-05-01 15:19 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-06-12 18:58 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-06-12 18:58 - 2014-05-01 07:34 - 03464192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-06-12 18:58 - 2014-04-30 09:11 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-06-12 18:58 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2014-06-12 18:58 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-06-12 18:58 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2014-06-12 18:58 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2014-06-12 18:58 - 2014-04-30 08:10 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll 2014-06-12 18:58 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2014-06-12 18:58 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2014-06-12 18:58 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2014-06-12 18:58 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2014-06-12 18:58 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2014-06-12 18:58 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2014-06-12 18:58 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-06-12 18:58 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-06-12 18:58 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-06-12 18:58 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-06-12 18:58 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-06-12 18:58 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-06-12 18:58 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2014-06-12 18:58 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2014-06-12 18:58 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2014-06-12 18:58 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-06-12 18:58 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2014-06-12 18:58 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2014-06-12 18:57 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-06-12 18:57 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-06-12 18:57 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-06-12 18:57 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-06-12 18:57 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-06-12 18:57 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-06-12 18:57 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-06-12 18:57 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-06-12 18:57 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-06-12 18:57 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-06-12 18:57 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-06-12 18:57 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-06-12 18:57 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-06-12 18:57 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-06-12 18:57 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-06-12 18:57 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-06-12 18:57 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-06-12 18:57 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-06-12 18:57 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-06-12 18:57 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-06-12 18:57 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-06-12 18:57 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-06-12 18:57 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-06-12 18:57 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-06-12 18:57 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-06-12 18:57 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-06-12 18:57 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-06-12 18:57 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-06-12 18:57 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-06-12 18:57 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe 2014-06-12 18:57 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe 2014-06-12 18:57 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe 2014-06-12 18:57 - 2014-05-10 05:46 - 02151424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2014-06-12 18:57 - 2014-05-10 05:22 - 01312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2014-06-12 18:57 - 2014-05-09 01:06 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2014-06-12 18:57 - 2014-05-05 06:02 - 03360256 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-06-12 18:57 - 2014-05-03 09:14 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe 2014-06-12 18:57 - 2014-05-03 06:21 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-12 18:57 - 2014-05-03 06:07 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-06-12 18:57 - 2014-05-03 05:41 - 00921088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-06-12 18:57 - 2014-05-03 05:38 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-06-12 18:57 - 2014-05-01 15:31 - 03048904 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2014-06-12 18:57 - 2014-05-01 15:31 - 00055328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys 2014-06-12 18:57 - 2014-05-01 09:14 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2014-06-12 18:57 - 2014-05-01 09:05 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll 2014-06-12 18:57 - 2014-05-01 08:51 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2014-06-12 18:57 - 2014-05-01 07:24 - 02834944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2014-06-12 18:57 - 2014-04-30 13:16 - 01336648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-06-12 18:57 - 2014-04-30 06:43 - 01975296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll 2014-06-12 18:57 - 2014-04-30 06:26 - 01345536 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll 2014-06-12 18:57 - 2014-04-30 05:51 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-06-12 18:57 - 2014-04-30 05:47 - 01509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll 2014-06-12 18:57 - 2014-04-03 09:59 - 02518872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-06-12 18:57 - 2014-04-03 09:59 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-06-12 18:57 - 2014-02-06 13:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-06-12 18:57 - 2014-02-06 13:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-06-12 18:57 - 2014-02-06 13:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-06-12 18:57 - 2014-02-06 12:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-06-12 18:57 - 2014-02-06 12:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-06-12 18:57 - 2014-02-06 12:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-06-12 18:57 - 2014-02-06 12:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-06-12 18:57 - 2014-02-06 12:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-06-12 18:57 - 2014-02-06 11:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-06-12 18:57 - 2014-02-06 11:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-06-12 18:57 - 2014-02-06 11:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-06-12 18:57 - 2014-02-06 11:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-06-10 17:15 - 2014-06-29 16:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-08 23:41 - 2014-06-08 23:41 - 11934428 _____ () C:\Users\Emre\Desktop\Produce.m2ts 2014-06-08 23:05 - 2014-06-08 23:05 - 04575407 _____ () C:\Users\Emre\Desktop\Video 13.03.14 01 49 34.mov 2014-06-04 15:06 - 2014-06-18 17:36 - 00003842 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1401478478 2014-06-03 15:35 - 2014-05-30 01:07 - 01715176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2014-06-03 15:35 - 2014-05-30 01:07 - 01291232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2014-06-02 20:53 - 2014-06-02 20:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-02 20:49 - 2014-06-02 20:50 - 38494576 _____ (Apple Inc.) C:\Users\Emre\Downloads\SafariSetup.exe 2014-06-02 20:49 - 2014-06-02 20:50 - 112616784 _____ (Apple Inc.) C:\Users\Emre\Downloads\iTunes64Setup.exe 2014-06-01 22:51 - 2014-06-01 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk 2014-06-01 22:47 - 2014-06-01 22:51 - 58443485 _____ () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk.zip ==================== One Month Modified Files and Folders ======= 2014-07-01 21:30 - 2014-06-28 13:54 - 00033206 _____ () C:\Users\Emre\Downloads\FRST.txt 2014-07-01 21:30 - 2014-06-28 13:54 - 00000000 ____D () C:\FRST 2014-07-01 21:29 - 2014-02-09 19:48 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87C12940-479F-4E1A-A4EA-5BE588A2BAFD} 2014-07-01 21:15 - 2014-01-21 18:12 - 02009024 _____ () C:\WINDOWS\WindowsUpdate.log 2014-07-01 21:09 - 2013-12-27 21:58 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn 2014-07-01 21:07 - 2014-01-06 15:52 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2043858600-907271468-3293908178-1002 2014-07-01 21:02 - 2014-01-21 18:38 - 00000000 ___DO () C:\Users\Emre\SkyDrive 2014-07-01 21:02 - 2014-01-06 16:15 - 00001112 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-07-01 21:01 - 2014-05-30 17:43 - 00000000 ____D () C:\Program Files (x86)\GfKLSPService 2014-07-01 21:01 - 2014-05-30 17:43 - 00000000 ____D () C:\Program Files (x86)\GfK Internet-Monitor 2014-07-01 21:01 - 2014-03-06 01:39 - 00000000 ____D () C:\ProgramData\Kaspersky Lab 2014-07-01 21:01 - 2014-01-27 18:17 - 00000000 ___RD () C:\Users\Emre\Mediencenter 2014-07-01 21:00 - 2014-01-21 18:12 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-01 21:00 - 2013-11-14 00:18 - 01443332 _____ () C:\WINDOWS\PFRO.log 2014-07-01 21:00 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-07-01 21:00 - 2013-08-22 16:44 - 00525696 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-07-01 21:00 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI 2014-07-01 20:59 - 2014-06-28 23:08 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-07-01 20:59 - 2014-04-12 18:57 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-07-01 20:50 - 2014-07-01 20:50 - 00002052 _____ () C:\Users\Emre\Desktop\456.txt 2014-07-01 20:46 - 2014-01-06 16:15 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-07-01 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-07-01 18:53 - 2014-07-01 18:53 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-01 17:25 - 2014-01-21 18:12 - 00099428 _____ () C:\WINDOWS\system32\lvcoinst.log 2014-06-30 23:10 - 2014-06-29 17:39 - 00000000 ____D () C:\Users\Emre\Desktop\Coupons 2014-06-30 22:32 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp 2014-06-30 20:47 - 2014-06-30 20:47 - 00854367 _____ () C:\Users\Emre\Downloads\SecurityCheck.exe 2014-06-30 18:12 - 2013-11-14 09:27 - 01780340 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-06-30 18:12 - 2013-11-14 09:11 - 00765378 _____ () C:\WINDOWS\system32\perfh007.dat 2014-06-30 18:12 - 2013-11-14 09:11 - 00159696 _____ () C:\WINDOWS\system32\perfc007.dat 2014-06-30 18:09 - 2014-06-30 18:09 - 02347384 _____ (ESET) C:\Users\Emre\Downloads\esetsmartinstaller_deu.exe 2014-06-30 18:09 - 2013-08-22 16:46 - 00314754 _____ () C:\WINDOWS\setupact.log 2014-06-29 17:41 - 2014-06-29 17:41 - 00000000 ____D () C:\Users\Emre\Desktop\Alev Musik 2014-06-29 17:40 - 2014-06-29 17:32 - 00000000 ____D () C:\Users\Emre\Desktop\Praktikum 2014-06-29 17:39 - 2014-03-09 01:12 - 00000000 ____D () C:\Users\Emre\Desktop\PHILIPS 2014-06-29 17:35 - 2014-06-29 17:35 - 00000000 ____D () C:\Users\Emre\Desktop\ebay 2014-06-29 17:34 - 2014-03-09 01:15 - 00000000 ____D () C:\Users\Emre\Desktop\Turkey Series 2014-06-29 17:26 - 2014-02-17 17:00 - 00000000 ____D () C:\Users\Emre\Documents\SMART Notebook 2014-06-29 17:22 - 2014-02-17 16:46 - 00000000 ____D () C:\ProgramData\SMART Technologies 2014-06-29 17:22 - 2014-02-17 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART Technologies 2014-06-29 17:22 - 2013-12-27 21:44 - 00105356 _____ () C:\WINDOWS\DPINST.LOG 2014-06-29 17:21 - 2014-06-29 17:21 - 00000000 ____D () C:\Program Files (x86)\National Instruments 2014-06-29 17:14 - 2014-05-17 18:35 - 00000000 ____D () C:\Users\Emre\Documents\Audible 2014-06-29 16:51 - 2014-06-29 16:51 - 00284288 _____ (Mozilla) C:\Users\Emre\Downloads\Firefox Setup Stub 30.0.exe 2014-06-29 16:51 - 2014-06-29 16:51 - 00001173 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-06-29 16:51 - 2014-06-29 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-29 16:51 - 2014-06-29 16:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-29 16:51 - 2014-06-10 17:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-29 16:51 - 2014-01-16 17:31 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Mozilla 2014-06-29 16:51 - 2014-01-06 16:15 - 00000000 ____D () C:\Users\Emre\AppData\Local\Google 2014-06-29 16:50 - 2014-06-29 16:50 - 00895120 _____ (Google Inc.) C:\Users\Emre\Downloads\ChromeSetup.exe 2014-06-29 16:50 - 2014-01-06 16:15 - 00000000 ____D () C:\Program Files (x86)\Google 2014-06-29 16:49 - 2014-05-31 00:29 - 00000000 ____D () C:\Users\Emre\AppData\Local\Comodo 2014-06-29 16:49 - 2014-01-11 11:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo 2014-06-29 15:19 - 2014-06-29 15:19 - 00000000 ____D () C:\Users\Emre\Downloads\FRST-OlderVersion 2014-06-29 15:19 - 2014-06-26 21:05 - 02083328 _____ (Farbar) C:\Users\Emre\Downloads\FRST64.exe 2014-06-29 15:10 - 2014-06-29 15:10 - 00000683 _____ () C:\Users\Emre\Desktop\JRT.txt 2014-06-29 14:57 - 2014-06-29 14:57 - 01016261 _____ (Thisisu) C:\Users\Emre\Downloads\JRT.exe 2014-06-29 14:55 - 2014-06-29 14:55 - 00002520 _____ () C:\Users\Emre\Desktop\AdwCleaner[S1].txt 2014-06-29 14:55 - 2014-04-12 21:50 - 00000000 ____D () C:\AdwCleaner 2014-06-29 14:47 - 2014-06-29 14:47 - 01342659 _____ () C:\Users\Emre\Downloads\adwcleaner_3.213.exe 2014-06-29 14:32 - 2013-11-14 09:13 - 00000000 ____D () C:\WINDOWS\ShellNew 2014-06-29 14:30 - 2014-06-29 14:30 - 00001806 _____ () C:\Users\Emre\Desktop\ Malwarebytes Anti-Malware .txt 2014-06-29 14:12 - 2014-06-29 14:12 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\77883FEE.sys 2014-06-29 14:12 - 2014-06-29 14:12 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-29 14:12 - 2014-06-29 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-29 14:12 - 2014-06-29 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-29 14:11 - 2014-06-29 14:11 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Emre\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-28 23:48 - 2014-06-28 23:48 - 00000000 ____D () C:\Users\Emre\AppData\Local\Adobe 2014-06-28 23:09 - 2014-06-28 23:09 - 04990544 _____ (Adobe Systems Inc.) C:\Users\Emre\Downloads\Shockwave_Installer_Slim (1).exe 2014-06-28 23:08 - 2014-06-28 23:08 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2014-06-28 23:06 - 2014-06-28 15:06 - 00000000 ____D () C:\Program Files (x86)\AutoClickerbyShocker 2014-06-28 20:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-06-28 16:03 - 2014-01-27 18:15 - 00000000 ____D () C:\Users\Emre\Documents\Outlook-Dateien 2014-06-28 15:04 - 2014-06-28 15:04 - 00929416 _____ (CNET Download.com) C:\Users\Emre\Downloads\cbsidlm-cbsi188-Auto_Clicker_by_Shocker-ORG-75742161.exe 2014-06-28 14:20 - 2013-12-27 21:52 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-28 14:05 - 2014-06-28 14:05 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (2).exe 2014-06-28 14:05 - 2014-01-21 18:36 - 00000000 ____D () C:\Users\Emre\AppData\Local\Deployment 2014-06-28 13:56 - 2014-06-28 13:56 - 00086041 _____ () C:\Users\Emre\Desktop\FRST.txt 2014-06-28 13:56 - 2014-06-28 13:56 - 00057626 _____ () C:\Users\Emre\Desktop\Addition.txt 2014-06-28 13:56 - 2014-06-28 13:55 - 00057626 _____ () C:\Users\Emre\Downloads\Addition.txt 2014-06-26 22:00 - 2014-06-26 22:00 - 00417824 _____ () C:\Users\Emre\Downloads\DellSystemDetect (1).exe 2014-06-26 21:59 - 2014-06-26 21:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-26 21:58 - 2014-06-26 21:59 - 00313256 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-06-26 21:58 - 2014-06-26 21:59 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-06-26 21:58 - 2014-06-26 21:59 - 00189352 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-06-26 21:58 - 2014-06-26 21:59 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll 2014-06-26 21:58 - 2014-03-31 14:38 - 00000000 ____D () C:\Program Files\Java 2014-06-26 21:57 - 2014-06-26 21:57 - 30984104 _____ (Oracle Corporation) C:\Users\Emre\Downloads\jre-7u60-windows-x64.exe 2014-06-26 21:42 - 2014-06-26 21:42 - 00001188 _____ () C:\Users\Emre\Desktop\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00001174 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mediencenter.lnk 2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Users\Emre\AppData\Local\Telekom 2014-06-26 21:41 - 2014-06-26 21:41 - 02573688 _____ () C:\Users\Emre\Downloads\nw_33761_mediencenterpcsyncex.exe 2014-06-26 21:18 - 2013-12-27 21:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware 2014-06-26 21:01 - 2014-06-26 21:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\Emre\Downloads\hijackthis_5833.exe 2014-06-26 21:01 - 2014-02-28 18:09 - 00018010 _____ () C:\Users\Emre\Downloads\hijackthis.log 2014-06-24 20:50 - 2014-01-06 15:45 - 00000000 ____D () C:\Users\Emre\AppData\Local\Packages 2014-06-23 20:43 - 2014-06-23 20:22 - 00000000 ____D () C:\Users\Emre\AppData\Local\paint.net 2014-06-23 20:40 - 2014-06-23 20:40 - 00000132 _____ () C:\Users\Emre\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen 2014-06-23 20:22 - 2014-06-23 20:22 - 00001274 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2014-06-23 20:22 - 2014-06-23 20:22 - 00000000 ____D () C:\Program Files\paint.net 2014-06-23 20:21 - 2014-06-23 20:21 - 00000000 ____D () C:\Users\Emre\Downloads\paintnetinstall_30431 2014-06-23 20:20 - 2014-06-23 20:20 - 06215962 _____ () C:\Users\Emre\Downloads\paintnetinstall_30431.zip 2014-06-22 00:41 - 2014-01-06 16:15 - 00004088 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2014-06-22 00:41 - 2014-01-06 16:15 - 00003852 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2014-06-21 16:47 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\Emre\AppData\Local\Ubisoft Game Launcher 2014-06-21 16:35 - 2014-01-07 19:37 - 00000000 ____D () C:\Users\Emre\Documents\My Games 2014-06-21 16:33 - 2014-01-06 20:04 - 00152954 _____ () C:\WINDOWS\DirectX.log 2014-06-21 14:27 - 2014-06-21 14:27 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer (1).exe 2014-06-21 14:19 - 2014-06-21 14:19 - 00000231 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Watch_Dogs.url 2014-06-21 14:15 - 2014-06-21 14:15 - 63548256 _____ (Ubisoft) C:\Users\Emre\Downloads\UplayInstaller.exe 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2014-06-21 14:15 - 2014-06-21 14:15 - 00000000 ____D () C:\Program Files (x86)\Ubisoft 2014-06-21 14:10 - 2014-06-21 14:10 - 01080528 _____ (Unity Technologies ApS) C:\Users\Emre\Downloads\UnityWebPlayer.exe 2014-06-21 14:10 - 2014-06-21 14:10 - 00000000 ____D () C:\Users\Emre\AppData\Local\Unity 2014-06-20 23:44 - 2014-06-20 23:36 - 1010827264 _____ () C:\Users\Emre\Downloads\ubuntu-14.04-desktop-amd64.iso 2014-06-20 23:40 - 2014-06-20 23:40 - 01095388 _____ (pendrivelinux.com) C:\Users\Emre\Downloads\Universal-USB-Installer-1.9.5.3.exe 2014-06-20 23:09 - 2014-06-20 23:09 - 00759808 _____ () C:\Users\Emre\Downloads\EOScard.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00522107 _____ (Igor Pavlov) C:\Users\Emre\Downloads\CardTricks-144-SFX.exe 2014-06-20 23:07 - 2014-06-20 23:07 - 00000000 ____D () C:\Users\Emre\Downloads\CardTricks-144-SFX 2014-06-20 22:51 - 2014-06-20 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA 2014-06-20 22:36 - 2014-06-20 22:36 - 00758176 _____ () C:\Users\Emre\Downloads\a3200-100d-1.2.0-3456-full_ALPHA.zip 2014-06-20 22:35 - 2014-06-20 22:34 - 00000000 ____D () C:\Users\Emre\Downloads\CameraVersion13 2014-06-20 22:34 - 2014-06-20 22:34 - 03784846 _____ () C:\Users\Emre\Downloads\CameraVersion13-sfx.exe 2014-06-20 22:30 - 2014-06-20 22:30 - 01785901 _____ () C:\Users\Emre\Downloads\IMG20140620222403.zip 2014-06-20 21:52 - 2014-06-20 21:52 - 04748896 _____ (Piriform Ltd) C:\Users\Emre\Downloads\ccsetup414.exe 2014-06-20 21:52 - 2014-02-21 15:36 - 00000000 ____D () C:\Program Files\CCleaner 2014-06-20 21:50 - 2014-04-22 16:26 - 00000000 ____D () C:\Program Files\Recuva 2014-06-20 21:50 - 2014-02-21 15:37 - 00000000 ____D () C:\Users\Emre\Documents\CCleaner Registry 2014-06-20 17:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM 2014-06-19 21:19 - 2014-06-19 21:13 - 00625760 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klif.sys 2014-06-19 21:19 - 2014-06-19 21:13 - 00115296 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klflt.sys 2014-06-19 21:19 - 2013-10-17 15:47 - 00458336 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kl1.sys 2014-06-19 21:19 - 2013-10-17 15:47 - 00029280 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klkbdflt.sys 2014-06-19 21:19 - 2013-06-06 17:38 - 00178272 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\kneps.sys 2014-06-19 21:19 - 2013-05-07 17:56 - 00065120 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys 2014-06-19 21:19 - 2012-07-27 18:38 - 00029792 _____ (Kaspersky Lab) C:\WINDOWS\system32\Drivers\klelam.sys 2014-06-19 21:14 - 2014-06-19 21:14 - 00001308 _____ () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus.lnk 2014-06-19 21:13 - 2014-06-19 21:13 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab 2014-06-19 21:13 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\ELAMBKUP 2014-06-19 21:07 - 2014-05-01 14:00 - 00000000 ____D () C:\ProgramData\AVAST Software 2014-06-19 21:02 - 2014-06-19 20:57 - 243681088 _____ () C:\Users\Emre\Downloads\kav14.0.0.4651abDE_5154.exe 2014-06-19 20:58 - 2014-04-28 19:43 - 00000000 ____D () C:\Users\Emre\Downloads\Service Mode Tools Version 1.050 2014-06-19 19:56 - 2014-06-12 19:10 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Adobe 2014-06-19 19:56 - 2014-06-12 19:10 - 00000000 ____D () C:\ProgramData\Adobe 2014-06-18 18:17 - 2014-02-09 00:15 - 00000000 ____D () C:\Users\Emre\Documents\Tongbu 2014-06-18 17:36 - 2014-06-04 15:06 - 00003842 _____ () C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1401478478 2014-06-18 17:36 - 2014-03-27 19:43 - 00000000 ____D () C:\Program Files (x86)\Opera 2014-06-17 22:40 - 2014-06-17 22:40 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-17 22:39 - 2014-06-17 22:39 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-06-17 22:38 - 2014-06-17 22:35 - 163606685 _____ () C:\Users\Emre\Downloads\nw_27417_apacheopenofficewinx.exe 2014-06-15 22:44 - 2014-06-14 17:25 - 00000000 ____D () C:\Users\Emre\AppData\Local\PMB Files 2014-06-15 22:44 - 2014-06-14 17:25 - 00000000 ____D () C:\ProgramData\PMB Files 2014-06-15 15:12 - 2014-06-15 15:09 - 22011970 _____ () C:\Users\Emre\Downloads\Tongbu_2.17.exe 2014-06-15 15:06 - 2014-02-09 13:25 - 00000000 ____D () C:\Program Files (x86)\Tongbu 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\java 2014-06-14 19:49 - 2014-06-14 19:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\.minecraft 2014-06-14 17:52 - 2014-06-14 17:52 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\LolClient 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\Riot Games 2014-06-14 17:26 - 2014-06-14 17:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends 2014-06-14 17:25 - 2014-06-14 17:25 - 00000000 ____D () C:\Program Files (x86)\Pando Networks 2014-06-14 17:25 - 2014-06-14 17:24 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Riot Games 2014-06-14 17:23 - 2014-06-14 17:23 - 34888568 _____ (Riot Games) C:\Users\Emre\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe 2014-06-12 22:08 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-06-12 20:59 - 2014-01-18 13:49 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2014-06-12 20:46 - 2014-01-06 21:31 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\vlc 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-06-12 19:21 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-06-12 19:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-06-12 19:02 - 2014-01-06 17:22 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-06-12 19:02 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-06-12 19:01 - 2014-01-06 16:46 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-06-12 18:59 - 2014-01-06 16:46 - 95414520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-06-12 18:58 - 2014-06-12 18:58 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-06-11 16:15 - 2014-05-23 18:33 - 00000000 ____D () C:\Program Files (x86)\Symantec 2014-06-08 23:41 - 2014-06-08 23:41 - 11934428 _____ () C:\Users\Emre\Desktop\Produce.m2ts 2014-06-08 23:05 - 2014-06-08 23:05 - 04575407 _____ () C:\Users\Emre\Desktop\Video 13.03.14 01 49 34.mov 2014-06-03 15:35 - 2014-01-21 18:12 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-06-02 20:53 - 2014-06-02 20:53 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-06-02 20:53 - 2014-05-30 23:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-06-02 20:51 - 2014-01-06 19:54 - 00000000 ____D () C:\Users\Emre\AppData\Roaming\Apple Computer 2014-06-02 20:51 - 2014-01-06 19:54 - 00000000 ____D () C:\Users\Emre\AppData\Local\Apple Computer 2014-06-02 20:50 - 2014-06-02 20:49 - 38494576 _____ (Apple Inc.) C:\Users\Emre\Downloads\SafariSetup.exe 2014-06-02 20:50 - 2014-06-02 20:49 - 112616784 _____ (Apple Inc.) C:\Users\Emre\Downloads\iTunes64Setup.exe 2014-06-01 22:51 - 2014-06-01 22:51 - 00000000 ____D () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk 2014-06-01 22:51 - 2014-06-01 22:47 - 58443485 _____ () C:\Users\Emre\Downloads\fortschritt-54ktfyrx6phk.zip Some content of TEMP: ==================== C:\Users\Emre\AppData\Local\Temp\AudibleDM_iTunesSetup.exe C:\Users\Emre\AppData\Local\Temp\BackupSetup.exe C:\Users\Emre\AppData\Local\Temp\drm_dyndata_7380014.dll C:\Users\Emre\AppData\Local\Temp\Mediencenter_3.9.1055.64.exe C:\Users\Emre\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\Emre\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Emre\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Emre\AppData\Local\Temp\nvStereoApiI.dll C:\Users\Emre\AppData\Local\Temp\nvStInst.exe C:\Users\Emre\AppData\Local\Temp\pyl23DD.tmp.exe C:\Users\Emre\AppData\Local\Temp\pylFF01.tmp.exe C:\Users\Emre\AppData\Local\Temp\pylFFA8.tmp.exe C:\Users\Emre\AppData\Local\Temp\SMARTProductUpdate.exe C:\Users\Emre\AppData\Local\Temp\swt-win32-3349.dll C:\Users\Emre\AppData\Local\Temp\tbIEAddin.dll C:\Users\Emre\AppData\Local\Temp\vlc-2.1.4-win64.exe C:\Users\Emre\AppData\Local\Temp\_is12E2.exe C:\Users\Emre\AppData\Local\Temp\_isE4F6.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-29 20:16 ==================== End Of Log ============================ --- --- --- Ich kann mich hier wieder normal anmelden und auch Beiträge verfassen. Die Meldung "keine Daten empfangen" erscheint auch nicht mehr. Jedoch ist es des Öfteren der Fall, dass Webseiten sehr lange laden. Wenn ich den AdBlocker benutzen verkürzen sich die Ladezeiten ein wenig. |
02.07.2014, 12:50 | #11 |
/// the machine /// TB-Ausbilder | Browser hängt und lädt ununterbrochen Hast Du diesen Internet-Überwachungs-Mitguck-Käse mit Absicht installiert?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
06.07.2014, 14:19 | #12 |
| Browser hängt und lädt ununterbrochen Guten Tag, ich entschuldige mich für die verspätete Antwort. Wenn du den GFK-Internetmonitor meinst, dann ja, das habe ich. |
06.07.2014, 17:53 | #13 |
/// the machine /// TB-Ausbilder | Browser hängt und lädt ununterbrochen Hast Du die langen Ladezeiten in allen Browsern?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |