Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Programme werden einfach installiert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.07.2015, 18:51   #1
Lukas992
 
Programme werden einfach installiert - Standard

Programme werden einfach installiert



Sehr geehrte Damen und Herren,

Ich habe ein Problem ich habe wohl irgendwas Gedownloaded und jetzt werden einfach Programme installiert und mein Antivirus schlägt bei jedem Browser Alarm Brauche dringend hilfe.

MFG
Lukas

Alt 14.07.2015, 19:06   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Programme werden einfach installiert - Standard

Programme werden einfach installiert



Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 14.07.2015, 19:21   #3
Lukas992
 
Programme werden einfach installiert - Standard

addition.txt



[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by luk at 2015-07-14 20:18:04
Running from C:\Users\luk\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3673084780-1297754886-2385512282-500 - Administrator - Disabled)
Gast (S-1-5-21-3673084780-1297754886-2385512282-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3673084780-1297754886-2385512282-1003 - Limited - Enabled)
LogMeInRemoteUser (S-1-5-21-3673084780-1297754886-2385512282-1006 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser
luk (S-1-5-21-3673084780-1297754886-2385512282-1000 - Administrator - Enabled) => C:\Users\luk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
12noon Display Changer (HKLM-x32\...\12noon Display Changer) (Version: 4.3.2.0 - 12noon)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.1.1.110 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
AirDroid 3.1.3.0 (HKLM-x32\...\AirDroid) (Version: 3.1.3.0 - Sand Studio)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Premier (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{D1D7ED66-5C08-40A0-AEC0-B6DF977697BB}) (Version: 16.0.2.1 - Broadcom Corporation)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DesktopSearch (HKLM-x32\...\DesktopSearch) (Version: 3.0.70 - Unique Solutions)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
EpsanDrive (HKLM-x32\...\EpsanDrive) (Version:  - )
Free YouTube to MP3 Converter version 3.12.59.616 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.616 - DVDVideoSoft Ltd.)
GamesDesktop 014.009010030 (HKLM-x32\...\gmsd_de_009010030_is1) (Version:  - GAMESDESKTOP) <==== ATTENTION
globalupdate Helper (x32 Version: 1.3.25.0 - globalupdate Inc.) Hidden <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.132 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
I - Cinema (HKLM-x32\...\I - Cinema) (Version: 1.36.01.22 - iCinema)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3234 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
LogMeIn (HKLM-x32\...\{D8FDCAEB-351D-4FFF-B1FD-B8C3564C1CAD}) (Version: 4.1.5208 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.5.3000 - Maxthon International Limited)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Opera Stable 30.0.1835.88 (HKLM-x32\...\Opera 30.0.1835.88) (Version: 30.0.1835.88 - Opera Software)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.3.1.7 - PCUtilities Software Limited)
Origin (HKLM-x32\...\Origin) (Version: 9.5.20.5318 - Electronic Arts, Inc.)
oursurfing uninstall (HKLM-x32\...\oursurfing uninstall) (Version:  - oursurfing) <==== ATTENTION
Portal 2 (HKLM-x32\...\AC7F4E43-1023-443F-9746-58A93E04D896_is1) (Version: 1.0.0.0 - )
PrIceLEss (HKLM-x32\...\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}) (Version:  - ) <==== ATTENTION
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RAR Password Cracker (HKLM-x32\...\RAR Password Cracker) (Version: 4.20 - dnSoft Research Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version:  - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{A5A8F96E-B1D7-451A-8DE7-2A6A9BA26443}) (Version: 7.3.0.501 - Skype Technologies S.A.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
SmartVideo For YouTube (HKLM-x32\...\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}) (Version:  - ) <==== ATTENTION
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Support PL 1.1 (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{65e6d763}) (Version:  - riceLes) <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.37 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{D5BE2107-B901-441C-9A67-70DFC4707CCF}) (Version: 6.1.5.0 - Husdawg, LLC)
Unity Web Player (HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinRarPasswordRemoverSetup version 1.1 (HKLM-x32\...\{C8E1DB42-248B-4A4F-B32C-27BC51A481BC}_is1) (Version: 1.1 - hxxp://quickalarmclock.com/)
WordShark 1.10.0.20 (HKLM-x32\...\WordShark_1.10.0.20) (Version: 1.10.0.20 - WordShark) <==== ATTENTION
youtubeadblocker (HKLM-x32\...\{4820778D-AB0D-6D18-C316-52A6A0E1D507}) (Version:  - ) <==== ATTENTION
Zumas Revenge (HKLM-x32\...\{0B153CAB-792B-4CA2-B2A5-AB0BBAF2FFA9}) (Version: 1.0.5.600 - PopCap Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3673084780-1297754886-2385512282-1000_Classes\CLSID\{20BEBD18-11D0-4470-AAE1-F34B9E8D9761}\InprocServer32 -> C:\Users\luk\AppData\Local\SkypePlugin\7.3.0.501\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-3673084780-1297754886-2385512282-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> "C:\Windows\system32\igfxEM.exe" No File
CustomCLSID: HKU\S-1-5-21-3673084780-1297754886-2385512282-1000_Classes\CLSID\{B5322578-1624-4C26-BB8C-E366FFB9314F}\localserver32 -> C:\Users\luk\AppData\Local\SkypePlugin\7.3.0.501\GatewayVersion-x64.exe (Skype Technologies S.A.)

==================== Restore Points =========================

14-07-2015 10:08:36 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D5ECE75-8D41-493A-8E7E-C4D44623F400} - System32\Tasks\LMLBM9SPjLveZvwDjNnnQt => C:\Users\luk\AppData\Roaming\LMLBM9SPjLveZvwDjNnnQt.exe [2015-04-20] () <==== ATTENTION
Task: {232AE322-1751-4F3C-8ADD-AF86DA1D2687} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [2015-06-04] (Maxthon International ltd.)
Task: {36D5698F-5EE6-431D-8776-B5BC4FB9518A} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe [2015-07-03] () <==== ATTENTION
Task: {39B47534-145B-46C5-8015-CC0A9ED77B62} - System32\Tasks\JGUFJAARUSFVNCVF => C:\ProgramData\Service1198\Service1198.exe [2015-06-28] () <==== ATTENTION
Task: {3EB033B2-F60F-4779-A5BE-AF5CC358E8C8} - System32\Tasks\Bidaily Synchronize Task[8da6] => c:\programdata\{d06edc34-b206-1245-d06e-edc34b2070d2}\hqghumeaylnlf.exe [2014-07-14] (PC Utilities Software Limited) <==== ATTENTION
Task: {5536AB4C-5861-4CFA-BFA1-23D5799506FD} - System32\Tasks\ExtremeOrganizer => c:\programdata\{06b75e7c-ae3c-02c3-06b7-75e7cae379f2}\priceless_soft_partner.exe [2014-07-14] () <==== ATTENTION
Task: {641922DB-D8E1-4E75-A260-33412C158398} - System32\Tasks\WordShark Auto Updater 1.10.0.20 Pending Update => C:\Program Files (x86)\WordShark_1.10.0.20\Update\WordSharkAutoUpdateClient.exe [2015-07-06] (WS) <==== ATTENTION
Task: {66D61555-E5BE-4974-BFD0-C47E4008E4D2} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-13] (globalUpdate) <==== ATTENTION
Task: {6E98482D-3FB4-4370-ABEB-282C92AB47D5} - System32\Tasks\WordShark Auto Updater 1.10.0.20 Core => C:\Program Files (x86)\WordShark_1.10.0.20\Update\WordSharkAutoUpdateClient.exe [2015-07-06] (WS) <==== ATTENTION
Task: {70DBC34A-4B2A-4E10-BA3A-51DC9025FD59} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-13] (Adobe Systems Incorporated)
Task: {A7933076-DB5E-4AD3-BB4D-A432D01092C4} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2014-08-07] () <==== ATTENTION
Task: {A95AC196-8A10-42F7-929C-5DC37C691988} - System32\Tasks\CGN => C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe [2015-07-13] (ClaraLabs)
Task: {B8BD3CB0-EBD6-4F4F-832B-31CFD6BCBDF6} - System32\Tasks\DGEWRVV1 => C:\ProgramData\EpsanDrive\EpsanDrive.exe [2015-07-13] (EpsanDrive) <==== ATTENTION
Task: {BC9C35F0-5D84-4BF1-9EA5-A316CEA8CA57} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-13] (AVAST Software)
Task: {C051C251-BD42-43B1-B4AD-F853ABA6A09D} - System32\Tasks\Run_Bobby_Browser => C:\Users\luk\AppData\Local\BoBrowser\Application\bobrowser.exe <==== ATTENTION
Task: {D591176F-EC45-410D-AD20-4A135A7F6C53} - System32\Tasks\FreeDriverScout => C:\Program Files\Covus Freemium\Free Driver Scout\1Click.exe
Task: {E3DE90F5-5E29-4EC5-A66C-AF4A6220B4F4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F5AC7098-415A-46CA-8A6F-0885AA2A592C} - System32\Tasks\Opera scheduled Autoupdate 1434278682 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-19] (Opera Software)
Task: {F72BBC49-CFC6-4DF8-B152-B8646EDCBCF2} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-07-13] (globalUpdate) <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bca0778f-2663-4b49-a8bb-c8b1bb0592af-10_user.job => C:\Program Files (x86)\I - Cinema\bca0778f-2663-4b49-a8bb-c8b1bb0592af-10.exe <==== ATTENTION
Task: C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job => c:\programdata\{d06edc34-b206-1245-d06e-edc34b2070d2}\hqghumeaylnlf.exe <==== ATTENTION
Task: C:\Windows\Tasks\DGEWRVV1.job => C:\ProgramData\EpsanDrive\EpsanDrive.exe <==== ATTENTION
Task: C:\Windows\Tasks\ExtremeOrganizer.job => c:\programdata\{06b75e7c-ae3c-02c3-06b7-75e7cae379f2}\priceless_soft_partner.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\JGUFJAARUSFVNCVF.job => C:\ProgramData\Service1198\Service1198.exe <==== ATTENTION
Task: C:\Windows\Tasks\LMLBM9SPjLveZvwDjNnnQt.job => C:\Users\luk\AppData\Roaming\LMLBM9SPjLveZvwDjNnnQt.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-03 04:34 - 2015-07-03 04:34 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-13 16:33 - 2015-07-13 10:57 - 03286160 _____ () C:\Users\luk\AppData\Local\gmsd_de_009010030\upgmsd_de_009010030.exe
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2015-07-13 16:47 - 2015-07-13 16:47 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-13 16:47 - 2015-07-13 16:47 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-13 18:43 - 2015-07-13 18:43 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071301\algo.dll
2015-07-14 10:33 - 2015-07-14 10:33 - 02956288 _____ () C:\Program Files\AVAST Software\Avast\defs\15071400\algo.dll
2015-07-13 16:47 - 2015-07-13 16:47 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-06-13 10:37 - 2013-05-08 22:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-06-14 13:04 - 2015-07-03 00:03 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-06-14 13:04 - 2015-07-03 00:03 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-06-14 13:04 - 2015-07-03 00:03 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-06-14 13:04 - 2015-07-03 00:03 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-06-14 13:04 - 2015-07-03 00:03 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-06-14 13:04 - 2015-07-03 00:03 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-06-14 13:04 - 2015-07-03 00:03 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-06-14 13:04 - 2015-07-03 00:03 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-06-14 13:04 - 2015-07-03 00:03 - 00228352 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-12 17:58 - 2015-06-12 17:58 - 00310784 _____ () C:\Program Files (x86)\RAR Password Cracker\unrar.dll
2015-06-12 21:26 - 2015-06-04 08:02 - 00258944 _____ () C:\Program Files (x86)\Maxthon\bin\Maxzlib.dll
2015-06-12 21:26 - 2015-06-04 08:02 - 00247096 _____ () C:\Program Files (x86)\Maxthon\Addons\Mobile\MxMobile.dll
2015-06-12 21:26 - 2015-06-04 08:02 - 00258944 _____ () C:\Program Files (x86)\Maxthon\Bin\maxzlib.dll
2015-06-12 21:26 - 2015-06-04 08:03 - 00887064 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libglesv2.dll
2015-06-12 21:26 - 2015-06-04 08:03 - 00109336 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\libegl.dll
2015-06-12 21:26 - 2015-06-04 08:03 - 04055504 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\pdf.dll
2015-07-12 21:26 - 2015-07-12 21:26 - 17418416 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll
2015-06-12 21:26 - 2015-06-04 08:03 - 02128152 _____ () C:\Program Files (x86)\Maxthon\Core\Webkit\ffmpegsumo.dll
2015-07-14 19:43 - 2015-07-14 19:43 - 03149312 _____ () c:\Program Files (x86)\LightEngine\LightEngine.dll
2015-07-14 19:45 - 2015-07-14 19:45 - 02570896 _____ () c:\Program Files (x86)\Optimizer Pro 3.99\OptProMon.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Veubduqu => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\luk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: VMAuthdService => 2
MSCONFIG\Services: VMnetDHCP => 2
MSCONFIG\Services: VMUSBArbService => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\startupreg: 3942cb956b268e30542c8ae160134ea3 => "C:\Users\luk\svchost.exe" ..
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe"
MSCONFIG\startupreg: InstallerLauncher => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{FEA8600A-9CA6-4D72-BD19-CA91058DA0CF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{056017FA-D025-4B8A-82DD-2A200DF90114}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B3FBE6B1-096C-478A-9842-882766114631}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{30D58C01-6E7F-45E4-BA6B-58DFAAE02BA2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{105CE766-37D4-4E65-B29C-49E71BC2F7A0}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{FF45D589-F4C3-4C71-8C58-9350D72D6F1C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
FirewallRules: [{0FF26671-C4D4-43E2-8234-F234F1918325}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{448BE6A7-5CF5-4BA6-9E9D-1DF5B6C3CF6B}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe
FirewallRules: [{C9B3E145-6238-4AFD-A0AD-7C2266EE0140}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{D5E9AB6C-D097-49D0-BD92-CCF91C5B900E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C9D1523E-CE97-4531-8530-EF86EFEEC896}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{F375AEFE-616B-47D7-B6FB-204D9A89F728}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C53B2FC0-E9BD-4114-92D8-658F6437C089}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{B9D8550E-A403-44C3-9FF7-3F3625DD8E77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{26716496-AB7C-473D-B32D-95CBAAEF10B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{753EC8DD-EEE3-47AD-BE23-78B85160B5BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{A0D8F803-679D-47E8-8D56-6A3CA92BF768}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{4CFF7A55-1F2D-4D6D-9BE1-738AF7147F23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{884199F0-3798-423F-A87D-FEE0A6149EE7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{F3D3523B-DDD3-4CDA-A429-95FE640CBCB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{DD4CC614-6E1C-4263-B51A-AAC2B620E527}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8018D4B8-BE80-41FD-8430-CE90292ADB77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{37593D42-16E0-4E00-9327-453EF36CC458}] => (Allow) C:\Users\luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D18C2E3E-DC32-4E32-B5A1-6F9704F85A7E}] => (Allow) C:\Users\luk\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5AB06D32-AB6C-4A1C-8A0A-B72A99BB4294}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{89A1DAE5-0446-4F07-8FA6-483AF13DD8D2}C:\users\luk\downloads\ark survival evolved pc game beta ^^nosteam^^\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\users\luk\downloads\ark survival evolved pc game beta ^^nosteam^^\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [UDP Query User{64BEF595-5E9E-4AE4-A05A-FD7E7C017E74}C:\users\luk\downloads\ark survival evolved pc game beta ^^nosteam^^\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\users\luk\downloads\ark survival evolved pc game beta ^^nosteam^^\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [{6F5C8F0D-5197-4F73-ADEF-29B5F1281561}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{009A7266-E614-41E8-8F25-D2279CF2FDFD}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{3DCBD587-CD0E-40CC-886F-4E8C6471A860}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{14E82EE2-CC94-4385-8AD2-C14D5F8859EE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{C4F16046-6094-449C-B658-1D5708DFF960}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{12A1664D-F7D3-484B-AD7D-5C81A5CBECFC}C:\users\luk\desktop\soup_noinst\dead island\deadislandgame.exe] => (Allow) C:\users\luk\desktop\soup_noinst\dead island\deadislandgame.exe
FirewallRules: [UDP Query User{985AC02B-C59A-444E-A17D-0960729E9AB7}C:\users\luk\desktop\soup_noinst\dead island\deadislandgame.exe] => (Allow) C:\users\luk\desktop\soup_noinst\dead island\deadislandgame.exe
FirewallRules: [{767F23C3-F8C7-40CC-980A-B7D9B8A804C4}] => (Allow) C:\Program Files (x86)\Cracked Steam\steam.exe
FirewallRules: [{2338B30B-E4BC-449C-A423-FD92F5A25723}] => (Allow) C:\Program Files (x86)\Cracked Steam\steam.exe
FirewallRules: [TCP Query User{194FB56E-E5F4-4549-855D-209094ADF0C6}C:\program files (x86)\games\portal 2\portal2.exe] => (Allow) C:\program files (x86)\games\portal 2\portal2.exe
FirewallRules: [UDP Query User{884AED45-3617-4D8A-91BD-3762B423628D}C:\program files (x86)\games\portal 2\portal2.exe] => (Allow) C:\program files (x86)\games\portal 2\portal2.exe
FirewallRules: [{F5C07DA5-3B8B-40F4-A7A6-71936192BF9F}] => (Allow) C:\Program Files\Wippien\Wippien.exe
FirewallRules: [{64639404-B7BC-4D49-92DE-B2C3F089C0CE}] => (Allow) C:\Program Files\Wippien\Wippien.exe
FirewallRules: [{68A5587F-CFB0-4751-95A1-87390B141D05}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{08102B47-3696-43E5-9125-318F61117512}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{515B8BA3-EFB1-42BA-9978-D6674F9DC668}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{20A72F24-2ADB-4825-96BD-1ECC4DBFCFE8}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{66B8054D-2655-4839-BB91-D22053D5AF6C}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{4441B5B0-AB46-46DE-871E-C6C6AC5D5AAE}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{E2FA734B-D465-4DDB-BCF7-E8943F126F72}C:\users\luk\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\luk\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [UDP Query User{DD93DB1F-2E38-463E-AE86-2055E148B0E4}C:\users\luk\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe] => (Allow) C:\users\luk\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [{E1729049-E591-471C-B5DF-555C1F23C553}] => (Block) C:\users\luk\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [{6485A880-DCCD-436E-91E7-B149A2B61BB3}] => (Block) C:\users\luk\appdata\local\skypeplugin\7.3.0.501\pluginhost.exe
FirewallRules: [TCP Query User{681C1B5F-265B-4C88-8CC5-AADED2B4B5B2}C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [UDP Query User{86C4290F-7F8E-49D1-8528-054846F009B9}C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergame.exe] => (Allow) C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [{65390850-EEC9-4ACD-9999-F224780168EE}] => (Block) C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [{36248B38-E20B-4E6C-A611-4F42DF0E85D5}] => (Block) C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergame.exe
FirewallRules: [TCP Query User{DAC76A18-4EC2-45D2-A430-65FADF8E8A6F}C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [UDP Query User{C0237368-18DC-4E29-BA3C-626B881BCE51}C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe] => (Allow) C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [{02B3B71B-92F1-40EE-8FCB-91CE153A5C2F}] => (Block) C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [{5B6878B1-7A12-4368-8858-198F0D74BE1D}] => (Block) C:\users\luk\desktop\ark survival evolved\shootergame\binaries\win64\shootergameserver.exe
FirewallRules: [{16442F1D-F20D-425C-B3BE-14E84D3266BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1864A423-935F-4D00-98F9-04C07F6CF786}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{96270D6D-8581-46E6-A814-13B082D9EA8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C3C7C6C6-F14E-4261-B52D-4F4ADD51C7E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{344C017D-B024-41C4-A319-B3D4163CEDA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{1E78F438-38A6-4F2B-9250-D0BF728729B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{12BD4194-B0FF-465E-903F-1806F40FFE17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{7ADE2485-980F-4752-8FDF-B2A1E7DB3CA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{78B7FA3A-8E30-49D3-989A-5F91E94B3357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{82264C5C-B81A-44EA-90F8-459349BB12C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{1320C699-7D8A-472D-AEC1-A1B98357559D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{26EC72F3-6AE8-4652-9B22-E376DD34BC44}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{42E18208-4EBC-4F36-84C8-A9633FFBE651}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3B8B02A3-E0FC-4B70-B3B8-EA0A185E7C03}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{92496AC7-EFED-43D7-96E7-16C0D97E314F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{27240C5C-7690-4806-A802-4F8A06D04DC9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{3D5D9C53-CC65-4B6B-9E00-2ED2B73AD626}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{C2484839-82DD-403A-BA1A-435350DAB531}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{4DACE9CD-A98C-480A-A45A-9887A2E1C5B4}] => (Block) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{CE123C3A-632D-4865-8D48-42C2EB5EF488}] => (Block) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{F95F5A3A-ECDB-4885-A540-CC7B80FA59BC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F5252EA2-2F08-4563-93F2-C0A25EAE25EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F875B45E-FBB8-4976-9AD9-1116504BA337}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A69DA9BB-558F-48C6-87E3-C2C794DD2431}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{601DDCCB-096E-467D-BE30-2EBA990505D2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0466D35D-5D00-46DD-9A88-B7B4C9059F49}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{505BD90D-173A-478E-826E-B0A36B3C5609}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0044899C-8A25-4620-9D53-C83EC879827A}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9DC5E3DD-60EA-4049-BCD3-FC2BAB4FEACB}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{DE6578C4-4A51-47F4-A998-20FE76C79376}] => (Allow) C:\ProgramData\UbuGojp\wouajei.EXE
FirewallRules: [{492E719B-11E8-49FC-8D6D-794BFA085B94}] => (Allow) C:\ProgramData\UbuGojp\wouajei.EXE
FirewallRules: [{31AE9DC2-B890-4421-9951-5AB703CF75FC}] => (Allow) C:\ProgramData\UbuGojp\wouajei.EXE
FirewallRules: [{7C01BA54-9B67-4BBB-8860-10719ABD638A}] => (Allow) C:\ProgramData\UbuGojp\wouajei.EXE
FirewallRules: [{D3B81E1E-90D2-4FE8-B5BF-F2A2265A1CAB}] => (Allow) C:\Users\luk\svchost.exe
FirewallRules: [{20CDA291-D0C7-466A-83CF-FCFB3770FE0A}] => (Allow) C:\Users\luk\svchost.exe
FirewallRules: [{6EF9F88D-99B8-4A30-BA3A-350A76CAD00C}] => (Allow) C:\Users\luk\svchost.exe
FirewallRules: [{D4F6C0C5-1815-4567-869D-B604A908DAA4}] => (Allow) C:\Users\luk\svchost.exe
FirewallRules: [{E0EB1529-B0CD-470A-BF1D-0899F41B0BF3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{122CD8BB-7EC0-42EB-8E9B-90714EA82825}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F277920F-4A50-4880-864C-5B4EC6BA6DD2}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{60B2E96B-683E-4A66-9577-D6D5A08AE885}] => (Allow) C:\Program Files (x86)\Origin Games\Zuma's Revenge\ZumasRevenge.exe
FirewallRules: [{0A8C905F-C15F-46C0-A716-EA2D55BAE389}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2015 11:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1076

Error: (07/13/2015 11:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1076

Error: (07/13/2015 11:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/13/2015 11:11:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2015 11:10:51 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail (3864) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.

Error: (07/13/2015 11:10:22 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070002.

Error: (07/13/2015 10:52:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: hng.exe, Version: 0.0.0.0, Zeitstempel: 0x559faa33
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18869, Zeitstempel: 0x55636317
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00039e33
ID des fehlerhaften Prozesses: 0x2190
Startzeit der fehlerhaften Anwendung: 0xhng.exe0
Pfad der fehlerhaften Anwendung: hng.exe1
Pfad des fehlerhaften Moduls: hng.exe2
Berichtskennung: hng.exe3

Error: (07/13/2015 10:01:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Safari.exe, Version 5.34.57.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1c88

Startzeit: 01d0bda3dd5ec577

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\Safari\Safari.exe

Berichts-ID:

Error: (07/13/2015 09:53:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2137

Error: (07/13/2015 09:53:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2137


System errors:
=============
Error: (07/14/2015 04:30:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/14/2015 04:30:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/14/2015 10:03:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/14/2015 10:03:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/14/2015 09:11:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/14/2015 09:11:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/14/2015 02:46:40 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "O2",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{25479B7F-2AAE-4B73-981A-A48DCA3B71F0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (07/13/2015 11:13:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/13/2015 11:11:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (07/13/2015 11:11:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office:
=========================
Error: (07/13/2015 11:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1076

Error: (07/13/2015 11:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1076

Error: (07/13/2015 11:42:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/13/2015 11:11:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/13/2015 11:10:51 PM) (Source: ESENT) (EventID: 215) (User: )
Description: WinMail3864WindowsMail0:

Error: (07/13/2015 11:10:22 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700020x00000000

Error: (07/13/2015 10:52:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: hng.exe0.0.0.0559faa33ntdll.dll6.1.7601.1886955636317c000000500039e33219001d0bdadcf8ad9edC:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hng.exeC:\Windows\SysWOW64\ntdll.dll11fa8c9f-29a1-11e5-8036-18cf5e6c8f0a

Error: (07/13/2015 10:01:03 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Safari.exe5.34.57.21c8801d0bda3dd5ec57716C:\Program Files (x86)\Safari\Safari.exe

Error: (07/13/2015 09:53:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2137

Error: (07/13/2015 09:53:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2137


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 41%
Total physical RAM: 8072.28 MB
Available physical RAM: 4684.43 MB
Total Virtual: 16142.76 MB
Available Virtual: 12686.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:913.7 GB) (Free:753.81 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: F153F78B)

Partition: GPT Partition Type.

==================== End of log ============================
         
--- --- ---
__________________

Alt 14.07.2015, 19:22   #4
Lukas992
 
Programme werden einfach installiert - Standard

FRST.txt



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by luk (administrator) on LUK-PC on 14-07-2015 20:15:04
Running from C:\Users\luk\Desktop
Loaded Profiles: luk (Available Profiles: luk & LogMeInRemoteUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ClaraLabs) C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe
(EpsanDrive) C:\ProgramData\EpsanDrive\EpsanDrive.exe
(XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(SearchProtect) C:\Program Files (x86)\MiuiTab\CmdShell.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(WS) C:\Program Files (x86)\WordShark_1.10.0.20\Service\wssvc.exe
(EpsanDrive) C:\ProgramData\EpsanDrive\EpsanDrive.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Users\luk\AppData\Local\gmsd_de_009010030\upgmsd_de_009010030.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(XTab system) C:\Program Files (x86)\MiuiTab\HPNotify.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(dnSoft Research Group) C:\Program Files (x86)\RAR Password Cracker\rpc.exe
(dnSoft Research Group) C:\Program Files (x86)\RAR Password Cracker\rpc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Unique Solutions) C:\ProgramData\jDlVYqrov\KuudZn.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-13] (AVAST Software)
HKLM-x32\...\RunOnce: [upgmsd_de_009010030.exe] => C:\Users\luk\AppData\Local\gmsd_de_009010030\upgmsd_de_009010030.exe [3286160 2015-07-13] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications)
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\...\Run: [DesktopSearch] => C:\ProgramData\DesktopSearch\DesktopSearch.exe [153056 2015-07-14] ()
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\...\Run: [3942cb956b268e30542c8ae160134ea3] => "C:\Users\luk\svchost.exe" ..
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe [148112 2015-07-03] ()
HKU\S-1-5-18\...\Run: [Bitdefender-Geldb�rse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender-Geldb�rse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender-Geldb�rse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
AppInit_DLLs-x32: c:\programdata\epsandrive\epsandrive32.dll => c:\programdata\epsandrive\epsandrive32.dll [804352 2015-07-13] (EpsanDrive)
IFEO\utilman: [Debugger] cmd.exe
IFEO\utilman.exe: [Debugger] c:\windows\system32\cmd.exe
Startup: C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.vbs [2015-06-27] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-13] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.oursurfing.com/?type=hppp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.oursurfing.com/?type=hppp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1436784134&z=dfacfeb136ab4c40c37b6a3g8z4c2qcm7bdz3gfcfc&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1436784134&z=dfacfeb136ab4c40c37b6a3g8z4c2qcm7bdz3gfcfc&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hppp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hppp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1436784134&z=dfacfeb136ab4c40c37b6a3g8z4c2qcm7bdz3gfcfc&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1436784134&z=dfacfeb136ab4c40c37b6a3g8z4c2qcm7bdz3gfcfc&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=dspp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.oursurfing.com/?type=hppp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.oursurfing.com/?type=hppp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=dspp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1436784134&z=dfacfeb136ab4c40c37b6a3g8z4c2qcm7bdz3gfcfc&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1436784134&z=dfacfeb136ab4c40c37b6a3g8z4c2qcm7bdz3gfcfc&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1436784134&z=dfacfeb136ab4c40c37b6a3g8z4c2qcm7bdz3gfcfc&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1436784134&z=dfacfeb136ab4c40c37b6a3g8z4c2qcm7bdz3gfcfc&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3673084780-1297754886-2385512282-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=dspp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3673084780-1297754886-2385512282-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&ts=1436784165&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3673084780-1297754886-2385512282-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&ts=1436784165&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3673084780-1297754886-2385512282-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?type=dspp&ts=1434213218&z=c7034cf421794a42ecfe3e2gdz2c6z9o5g6c5o1gcz&from=amt&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3673084780-1297754886-2385512282-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=2sq&utm_campaign=install_ie&utm_content=ds&from=2sq&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&ts=1436784165&type=default&q={searchTerms}
BHO: youtubeadblocker -> {0FE3BC55-F716-42F4-8FCD-379A5A4CD196} -> C:\Program Files (x86)\youtubeadblocker\IxBjb8aV7EmdkH.x64.dll [2015-07-14] ()
BHO: PrIceLEss -> {1B55C80C-4B7B-4784-B016-01B64656ECDE} -> C:\Program Files (x86)\PrIceLEss\fMrEDgyMnhH5MZ.x64.dll [2015-07-14] ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-13] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-22] (Oracle Corporation)
BHO-x32: youtubeadblocker -> {0FE3BC55-F716-42F4-8FCD-379A5A4CD196} -> C:\Program Files (x86)\youtubeadblocker\IxBjb8aV7EmdkH.dll [2015-07-14] ()
BHO-x32: PrIceLEss -> {1B55C80C-4B7B-4784-B016-01B64656ECDE} -> C:\Program Files (x86)\PrIceLEss\fMrEDgyMnhH5MZ.dll [2015-07-14] ()
BHO-x32: LuckyTab Class -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> C:\Program Files (x86)\MiuiTab\SupTab.dll [2015-06-24] (Thinknice Co. Limited)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-13] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{25479B7F-2AAE-4B73-981A-A48DCA3B71F0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6D85D2EB-B80D-4C39-95D3-AE9F51E35B0A}: [DhcpNameServer] 172.20.10.1
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1436783848&z=a59305aa6e787a323ff18aeg7z1c9qamcb6c5bcc6c&from=pcs&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81

FireFox:
========
FF ProfilePath: C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-22] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-13] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [2015-07-13] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-3673084780-1297754886-2385512282-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\luk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3673084780-1297754886-2385512282-1000: SkypePlugin -> C:\Users\luk\AppData\Local\SkypePlugin\7.3.0.501\npGatewayNpapi.dll [2015-06-05] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3673084780-1297754886-2385512282-1000: SkypePlugin64 -> C:\Users\luk\AppData\Local\SkypePlugin\7.3.0.501\npGatewayNpapi-x64.dll [2015-06-05] (Skype Technologies S.A.)
FF Extension: QuickSearch - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\Extensions\searchffv2@gmail.com [2015-07-13]
FF Extension: Search Enginer - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\Extensions\sweetsearch@gmail.com [2015-07-13]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-10]
FF HKLM-x32\...\Firefox\Extensions: [searchffv2@gmail.com] - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-13]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-13]
CHR Extension: (Google Docs) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-13]
CHR Extension: (Google Drive) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-13]
CHR Extension: (YouTube) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-13]
CHR Extension: (Google Search) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-13]
CHR Extension: (Google Sheets) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-13]
CHR Extension: (Avast Online Security) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-10]
CHR Extension: (Skype Click to Call) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-22]
CHR Extension: (SmartVideo For YouTube) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnkdbjbjpnpjeciipoaflmpcddinpjjp [2015-07-14]
CHR Extension: (Google Wallet) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-10]
CHR Extension: (Gmail) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

Opera: 
=======
OPR Extension: (I - Cinema) - C:\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk [2015-07-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 65e6d763; c:\Program Files (x86)\LightEngine\LightEngine.dll [3149312 2015-07-14] () [File not signed]
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-13] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-07-13] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-13] (Avast Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1137152 2015-06-22] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 c31ed948; c:\Program Files (x86)\Optimizer Pro 3.99\OptProMon.dll [2570896 2015-07-14] () <==== ATTENTION
R2 ClaraUpdater; C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe [931952 2015-07-13] (ClaraLabs)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-06-21] (EasyAntiCheat Ltd)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-13] (globalUpdate) [File not signed] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [68608 2015-07-13] (globalUpdate) [File not signed] <==== ATTENTION
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-06-24] (XTab system)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 KuudZn; C:\ProgramData\jDlVYqrov\KuudZn.exe [2731488 2015-07-14] (Unique Solutions)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [234856 2015-06-24] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-05-27] (LogMeIn, Inc.)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872152 2015-05-11] (Maxthon)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-07-03] ()
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-06-14] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wssvc_1.10.0.20; C:\Program Files (x86)\WordShark_1.10.0.20\Service\wssvc.exe [300120 2015-07-06] (WS)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 sppsvc; %SystemRoot%\system32\sppsvc.exe [X]
S4 sppuinotify; %SystemRoot%\system32\sppuinotify.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-13] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-07-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-13] (AVAST Software)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2015-05-27] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-13] (AVAST Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-13] (Avast Software)
R3 wod0205; C:\Windows\System32\DRIVERS\wod0205.sys [33160 2011-04-23] (WeOnlyDo Software)
R1 wsfd_vt_1_10_0_20; C:\Windows\System32\drivers\wsfd_vt_1_10_0_20.sys [61312 2015-07-06] (WS)
R1 {e789ddb0-d21e-4917-9218-742217563d5b}Gw64; C:\Windows\System32\drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys [48784 2015-07-13] (StdLib)
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-14 20:15 - 2015-07-14 20:15 - 00028444 _____ C:\Users\luk\Desktop\FRST.txt
2015-07-14 20:14 - 2015-07-14 20:15 - 00000000 ____D C:\FRST
2015-07-14 20:14 - 2015-07-14 20:14 - 02133504 _____ (Farbar) C:\Users\luk\Desktop\FRST64.exe
2015-07-14 19:50 - 2015-07-14 19:50 - 00003242 _____ C:\Windows\System32\Tasks\Optimizer Pro Schedule
2015-07-14 19:50 - 2015-07-14 19:50 - 00000000 ____D C:\Users\luk\AppData\Roaming\Optimizer Pro
2015-07-14 19:45 - 2015-07-14 19:45 - 00003244 _____ C:\Windows\System32\Tasks\Bidaily Synchronize Task[8da6]
2015-07-14 19:45 - 2015-07-14 19:45 - 00001103 _____ C:\Users\luk\Desktop\Optimizer Pro.lnk
2015-07-14 19:45 - 2015-07-14 19:45 - 00000336 _____ C:\Windows\Tasks\Bidaily Synchronize Task[8da6].job
2015-07-14 19:45 - 2015-07-14 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2015-07-14 19:45 - 2015-07-14 19:45 - 00000000 ____D C:\ProgramData\{d06edc34-b206-1245-d06e-edc34b2070d2}
2015-07-14 19:45 - 2015-07-14 19:45 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro 3.99
2015-07-14 19:43 - 2015-07-14 19:43 - 00000000 ____D C:\Program Files (x86)\LightEngine
2015-07-14 19:42 - 2015-07-14 19:42 - 00000000 ____D C:\Program Files (x86)\SmartVideo For YouTube
2015-07-14 19:41 - 2015-07-14 19:42 - 00000000 ____D C:\ProgramData\13401842200255233837
2015-07-14 19:41 - 2015-07-14 19:41 - 00000000 ____D C:\Program Files (x86)\youtubeadblocker
2015-07-14 19:41 - 2015-07-14 19:41 - 00000000 ____D C:\Program Files (x86)\PrIceLEss
2015-07-14 19:40 - 2015-07-14 19:40 - 00003262 _____ C:\Windows\System32\Tasks\ExtremeOrganizer
2015-07-14 19:40 - 2015-07-14 19:40 - 00001895 _____ C:\Users\luk\Desktop\Desktop Search.lnk
2015-07-14 19:40 - 2015-07-14 19:40 - 00000354 _____ C:\Windows\Tasks\ExtremeOrganizer.job
2015-07-14 19:40 - 2015-07-14 19:40 - 00000000 ____D C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Desktop Search
2015-07-14 19:40 - 2015-07-14 19:40 - 00000000 ____D C:\ProgramData\jDlVYqrov
2015-07-14 19:40 - 2015-07-14 19:40 - 00000000 ____D C:\ProgramData\DesktopSearch
2015-07-14 19:40 - 2015-07-14 19:40 - 00000000 ____D C:\ProgramData\ajnkbhibgiibihebaahijdcfckdkmmfb
2015-07-14 19:40 - 2015-07-14 19:40 - 00000000 ____D C:\ProgramData\{06b75e7c-ae3c-02c3-06b7-75e7cae379f2}
2015-07-14 15:26 - 2015-07-14 15:26 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Display Changer (64-bit) 1024x768.lnk
2015-07-14 15:26 - 2015-07-14 15:26 - 00001119 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Display Changer (64-bit) Current Settings.lnk
2015-07-14 15:26 - 2015-07-14 15:26 - 00000000 ____D C:\Program Files (x86)\12noon Display Changer
2015-07-14 14:38 - 2015-07-14 15:51 - 00000000 ____D C:\Users\luk\Desktop\Games
2015-07-14 09:38 - 2015-07-14 20:16 - 00000737 _____ C:\Users\luk\Desktop\lol
2015-07-14 09:28 - 2015-07-14 09:28 - 00000000 ____D C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RAR Password Cracker
2015-07-14 09:28 - 2015-07-14 09:28 - 00000000 ____D C:\Program Files (x86)\RAR Password Cracker
2015-07-14 09:22 - 2015-07-14 09:23 - 00000000 ____D C:\Program Files (x86)\WinRarPasswordRemoverSetup
2015-07-14 01:54 - 2015-07-14 01:54 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files\iTunes
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files\iPod
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-14 01:51 - 2015-07-14 01:51 - 00089048 ____H C:\Windows\system32\mlfcache.dat
2015-07-13 23:27 - 2015-07-13 23:27 - 00001232 _____ C:\Users\Public\Desktop\Zumas Revenge.lnk
2015-07-13 23:27 - 2015-07-13 23:27 - 00000000 ____D C:\ProgramData\PopCap Games
2015-07-13 23:27 - 2015-07-13 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zumas Revenge
2015-07-13 19:27 - 2015-07-13 19:27 - 00089048 ____H C:\Windows\SysWOW64\mlfcache.dat
2015-07-13 19:20 - 2015-07-13 19:20 - 00002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-07-13 19:20 - 2015-07-13 19:20 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2015-07-13 19:20 - 2015-07-13 19:20 - 00000000 ____D C:\Program Files (x86)\Safari
2015-07-13 18:39 - 2015-07-13 18:39 - 00000000 ____D C:\ProgramData\a723a310000052d6
2015-07-13 18:17 - 2015-07-13 18:17 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-07-13 18:17 - 2015-07-13 18:17 - 00000000 ____D C:\Windows\system32\vbox
2015-07-13 18:16 - 2015-07-13 04:06 - 00048784 _____ (StdLib) C:\Windows\system32\Drivers\{e789ddb0-d21e-4917-9218-742217563d5b}Gw64.sys
2015-07-13 16:49 - 2015-07-13 16:49 - 00000000 ____D C:\Users\luk\Documents\Optimizer Pro
2015-07-13 16:48 - 2015-07-14 19:19 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-13 16:48 - 2015-07-13 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-13 16:47 - 2015-07-13 16:47 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-13 16:47 - 2015-07-13 16:47 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00150160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-13 16:47 - 2015-07-13 16:47 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-07-13 16:45 - 2015-07-13 23:19 - 00003106 _____ C:\Windows\System32\Tasks\CGN
2015-07-13 16:45 - 2015-07-13 16:45 - 00000000 ____D C:\ProgramData\Msixakneo
2015-07-13 16:41 - 2015-07-13 16:42 - 00000000 ____D C:\Program Files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01
2015-07-13 16:41 - 2015-07-13 16:41 - 05657224 _____ (AVAST Software) C:\Users\luk\Downloads\avast_premier_antivirus_setup_online.exe
2015-07-13 16:40 - 2015-07-13 18:13 - 00002086 _____ C:\Windows\Tasks\bca0778f-2663-4b49-a8bb-c8b1bb0592af-10_user.job
2015-07-13 16:40 - 2015-07-13 17:50 - 00000000 ____D C:\Program Files (x86)\I - Cinema
2015-07-13 16:40 - 2015-07-13 16:40 - 00000000 ____D C:\Users\Gast\AppData\Local\Crossbrowse
2015-07-13 16:39 - 2015-07-14 19:40 - 00004174 _____ C:\Windows\System32\Tasks\WordShark Auto Updater 1.10.0.20 Pending Update
2015-07-13 16:39 - 2015-07-14 19:40 - 00004164 _____ C:\Windows\System32\Tasks\WordShark Auto Updater 1.10.0.20 Core
2015-07-13 16:39 - 2015-07-13 16:39 - 00003140 _____ C:\Windows\System32\Tasks\Run_Bobby_Browser
2015-07-13 16:38 - 2015-07-14 19:40 - 00000000 ____D C:\Program Files (x86)\WordShark_1.10.0.20
2015-07-13 16:33 - 2015-07-14 19:40 - 00000000 ____D C:\Users\luk\AppData\Local\gmsd_de_009010030
2015-07-13 16:33 - 2015-07-13 17:49 - 00000000 ____D C:\Program Files (x86)\gmsd_de_009010030
2015-07-13 13:26 - 2015-07-13 13:26 - 19183792 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-13 12:42 - 2015-07-13 12:42 - 00000000 ____D C:\Users\luk\AppData\Roaming\oursurfing
2015-07-13 12:38 - 2015-07-14 18:43 - 00000338 ____H C:\Windows\Tasks\JGUFJAARUSFVNCVF.job
2015-07-13 12:38 - 2015-07-13 13:33 - 00004800 _____ C:\Windows\SysWOW64\Veubduqu.ini
2015-07-13 12:38 - 2015-07-13 13:33 - 00002520 _____ C:\Windows\SysWOW64\VeubduquOff.ini
2015-07-13 12:38 - 2015-07-13 13:33 - 00002520 _____ C:\Windows\system32\VeubduquOff.ini
2015-07-13 12:38 - 2015-07-13 12:38 - 00003368 _____ C:\Windows\System32\Tasks\JGUFJAARUSFVNCVF
2015-07-13 12:38 - 2015-07-13 12:38 - 00002854 _____ C:\Windows\System32\Tasks\DGEWRVV1
2015-07-13 12:38 - 2015-07-13 10:07 - 00359424 _____ C:\Windows\system32\Veubduqu64.dll
2015-07-13 12:38 - 2015-07-13 10:07 - 00286720 _____ C:\Windows\SysWOW64\Veubduqu.dll
2015-07-13 12:37 - 2015-07-13 23:10 - 00000332 _____ C:\Windows\Tasks\DGEWRVV1.job
2015-07-13 12:37 - 2015-07-13 18:29 - 00000000 ____D C:\ProgramData\EpsanDrive
2015-07-13 12:37 - 2015-07-13 12:37 - 00000000 ____D C:\ProgramData\Service1198
2015-07-13 12:37 - 2015-07-13 12:37 - 00000000 _____ C:\Windows\prleth.sys
2015-07-13 12:37 - 2015-07-13 12:37 - 00000000 _____ C:\Windows\hgfs.sys
2015-07-13 12:35 - 2015-07-13 13:47 - 00000000 ____D C:\Users\luk\AppData\Local\Chromium
2015-07-13 12:34 - 2015-07-13 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-13 12:33 - 2015-07-14 12:33 - 00001008 _____ C:\Windows\Tasks\LMLBM9SPjLveZvwDjNnnQt.job
2015-07-13 12:33 - 2015-07-13 12:33 - 00004026 _____ C:\Windows\System32\Tasks\LMLBM9SPjLveZvwDjNnnQt
2015-07-13 12:32 - 2015-07-14 16:45 - 00000910 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-07-13 12:32 - 2015-07-14 16:45 - 00000906 _____ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-07-13 12:32 - 2015-07-13 16:40 - 00003908 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-07-13 12:32 - 2015-07-13 16:40 - 00003654 _____ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-07-13 12:32 - 2015-07-13 16:40 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-13 12:32 - 2015-07-13 12:32 - 00000000 ____D C:\Users\luk\AppData\Local\globalUpdate
2015-07-13 12:32 - 2015-07-13 12:32 - 00000000 ____D C:\Program Files (x86)\globalUpdate
2015-07-13 12:31 - 2015-07-13 12:31 - 00000000 ____D C:\Program Files (x86)\Windows 7 Activator
2015-07-13 12:30 - 2015-07-13 12:30 - 01330697 _____ C:\Users\luk\Downloads\Windows 7 Activator.zip
2015-07-12 22:52 - 2015-07-12 22:52 - 00431093 _____ C:\Users\luk\Downloads\crark34-mac-opencl.rar
2015-07-12 22:49 - 2015-07-12 22:49 - 00388107 _____ C:\Users\luk\Downloads\crark50-ocl.rar
2015-07-12 22:23 - 2015-07-12 22:24 - 05745152 _____ C:\Users\luk\Downloads\archpr_5455setup_en.msi
2015-07-12 22:20 - 2015-07-12 22:20 - 02169813 _____ C:\Users\luk\Downloads\BruteForce_0.9.1.zip
2015-07-12 21:55 - 2015-07-12 21:56 - 00000000 ____D C:\Users\luk\Downloads\RAR-Password-Recovery
2015-07-12 21:51 - 2015-07-12 21:51 - 01047704 _____ C:\Users\luk\Downloads\RAR-Password-Recovery-lnstall.exe
2015-07-12 21:40 - 2015-07-12 21:41 - 01757096 _____ C:\Users\luk\Downloads\[Next_leveL]W7Loader222.zip
2015-07-11 17:41 - 2015-07-13 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2015-07-11 17:41 - 2015-07-11 17:41 - 00000000 ____D C:\ProgramData\Elcomsoft Password Recovery
2015-07-11 17:41 - 2015-07-11 17:41 - 00000000 ____D C:\Program Files (x86)\Elcomsoft Password Recovery
2015-07-11 17:41 - 2015-07-11 17:41 - 00000000 ____D C:\Program Files (x86)\Elcomsoft
2015-07-11 16:04 - 2015-07-11 16:05 - 07777101 _____ C:\Users\luk\Desktop\(1) Anna Saalfeld_15.mp4
2015-07-10 23:05 - 2015-07-10 23:05 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
2015-07-10 17:12 - 2015-07-10 17:11 - 319640018 ____N C:\Users\luk\Desktop\Barfuss bis zum Hals.mp4
2015-07-10 14:26 - 2015-07-10 15:19 - 534710685 _____ C:\Users\luk\Desktop\v.flv
2015-07-10 10:18 - 2015-07-12 21:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-09 13:21 - 2015-07-09 13:21 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Opera Software
2015-07-09 13:21 - 2015-07-09 13:21 - 00000000 ____D C:\Users\Gast\AppData\Local\Opera Software
2015-07-09 13:19 - 2015-07-11 10:47 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Origin
2015-07-09 13:18 - 2015-07-09 13:20 - 00000000 ____D C:\Users\Gast\AppData\Local\Origin
2015-07-09 13:17 - 2015-07-09 13:17 - 00000000 ____D C:\ProgramData\ATI
2015-07-09 13:09 - 2015-07-09 13:09 - 00000222 _____ C:\Users\Gast\Desktop\Call of Duty Black Ops II - Zombies.url
2015-07-09 13:09 - 2015-07-09 13:09 - 00000219 _____ C:\Users\Gast\Desktop\Counter-Strike Source.url
2015-07-09 13:08 - 2015-07-09 13:08 - 00000000 ____D C:\Users\Gast\AppData\Local\Steam
2015-07-09 13:06 - 2015-07-12 20:19 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Raptr
2015-07-09 13:06 - 2015-07-12 20:08 - 00000000 ____D C:\Users\Gast\AppData\Local\LogMeIn Hamachi
2015-07-09 13:06 - 2015-07-09 13:06 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2015-07-09 13:06 - 2015-07-09 13:06 - 00000000 ____D C:\Users\Gast\AppData\Local\LogMeIn
2015-07-09 13:05 - 2015-07-09 13:05 - 604755625 _____ C:\Windows\MEMORY.DMP
2015-07-09 13:05 - 2015-07-09 13:05 - 00281008 _____ C:\Windows\Minidump\070915-36675-01.dmp
2015-07-09 13:05 - 2015-07-09 13:05 - 00000000 ____D C:\Windows\Minidump
2015-07-09 12:47 - 2015-07-09 12:58 - 181474309 _____ C:\Users\luk\Desktop\Private.rar
2015-07-06 21:11 - 2015-07-06 21:11 - 00061312 _____ (WS) C:\Windows\system32\Drivers\wsfd_vt_1_10_0_20.sys
2015-07-06 21:11 - 2015-07-06 21:11 - 00057728 _____ (WS) C:\Windows\system32\Drivers\wsfd_vw_1_10_0_20.sys
2015-07-06 17:37 - 2015-07-06 17:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-07-06 17:35 - 2015-07-13 20:06 - 00000000 ____D C:\Users\luk\AppData\Roaming\Apple Computer
2015-07-06 17:35 - 2015-07-13 19:37 - 00000000 ____D C:\Users\luk\AppData\Local\Apple Computer
2015-07-06 17:34 - 2015-07-06 17:34 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Program Files\Bonjour
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-07-06 17:32 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-06 17:30 - 2015-07-06 17:31 - 155834672 _____ (Apple Inc.) C:\Users\luk\Downloads\itunes6464setup.exe
2015-07-06 00:27 - 2015-07-06 17:33 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-07-06 00:27 - 2015-07-06 17:33 - 00000000 ____D C:\ProgramData\Apple
2015-07-06 00:27 - 2015-07-06 00:27 - 00000000 ____D C:\Users\luk\AppData\Local\Apple
2015-07-06 00:14 - 2015-07-12 20:08 - 00000000 ____D C:\Users\luk\AppData\Roaming\vlc
2015-07-06 00:06 - 2015-07-06 17:34 - 00000000 ____D C:\Users\luk\AppData\Local\MotionDSP
2015-07-06 00:03 - 2015-07-06 17:34 - 00000000 ____D C:\Users\luk\AppData\Roaming\MotionDSP
2015-07-06 00:01 - 2015-07-06 00:02 - 92017704 _____ C:\Users\luk\Downloads\vReveal_3.2.0.13029.exe
2015-07-06 00:00 - 2015-07-12 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-07-06 00:00 - 2015-07-06 00:00 - 00000000 ____D C:\Program Files\VideoLAN
2015-07-05 23:58 - 2015-07-05 23:58 - 01198368 _____ C:\Users\luk\Downloads\VLC media player 64 Bit - CHIP-Installer.exe
2015-07-05 23:51 - 2015-07-13 16:42 - 00000000 ____D C:\Program Files (x86)\AirDroid
2015-07-05 23:51 - 2015-07-12 23:18 - 00000000 ____D C:\Users\luk\Documents\AirDroid
2015-07-05 23:51 - 2015-07-12 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid
2015-07-05 23:50 - 2015-07-05 23:50 - 12128091 _____ C:\Users\luk\Downloads\AirDroid_Desktop_Client_3.1.3.exe
2015-07-04 16:38 - 2015-07-13 23:10 - 00005108 _____ C:\Windows\setupact.log
2015-07-04 16:38 - 2015-07-04 16:38 - 00000000 _____ C:\Windows\setuperr.log
2015-07-04 14:06 - 2015-07-04 14:06 - 00000000 ____D C:\Users\luk\AppData\Local\Macromedia
2015-07-04 13:58 - 2015-07-04 14:29 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-07-04 13:58 - 2015-07-04 13:58 - 00000000 ____D C:\Users\luk\Documents\Battlefield 3
2015-07-04 13:58 - 2015-07-04 13:58 - 00000000 ____D C:\Users\luk\AppData\Local\PunkBuster
2015-07-04 13:58 - 2015-07-04 13:58 - 00000000 ____D C:\Users\luk\AppData\Local\ESN
2015-07-04 13:56 - 2015-07-04 13:56 - 01640768 _____ C:\Users\luk\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-07-04 13:50 - 2015-07-06 17:23 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-04 13:49 - 2015-07-04 13:49 - 00000000 ____D C:\ProgramData\EA Core
2015-07-04 01:23 - 2015-07-12 23:17 - 00000000 ____D C:\Users\luk\AppData\Roaming\Raptr
2015-07-04 01:23 - 2015-07-04 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2015-07-03 04:34 - 2015-07-04 14:29 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-03 04:34 - 2015-07-04 13:58 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-03 04:34 - 2015-07-03 04:34 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-03 04:34 - 2015-07-03 04:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-07-01 15:11 - 2015-07-01 15:11 - 00000000 ____D C:\Users\luk\AppData\Local\Intel_Corporation
2015-07-01 00:20 - 2015-07-01 00:20 - 00000933 _____ C:\Users\LogMeInRemoteUser\Desktop\Plus500.lnk
2015-07-01 00:20 - 2015-07-01 00:20 - 00000000 ____D C:\Users\luk\AppData\Local\Plus500
2015-06-30 18:34 - 2015-06-30 20:14 - 00000000 ____D C:\Users\luk\Downloads\ARK Survival Evolved PC game Beta ^^nosTEAM^^
2015-06-30 18:00 - 2015-06-30 18:00 - 00000000 ____D C:\Users\luk\AppData\Roaming\Unity
2015-06-30 17:57 - 2015-06-30 17:57 - 00000000 ____D C:\Users\luk\AppData\Local\Unity
2015-06-29 14:12 - 2015-07-03 12:05 - 00000000 ____D C:\Users\luk\Documents\Diablo III
2015-06-29 00:55 - 2015-06-29 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-06-29 00:24 - 2015-06-29 14:11 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-06-29 00:03 - 2015-06-29 22:06 - 00000000 ____D C:\Users\luk\AppData\Local\Battle.net
2015-06-29 00:03 - 2015-06-29 00:04 - 00000000 ____D C:\Users\luk\AppData\Roaming\Battle.net
2015-06-29 00:03 - 2015-06-29 00:03 - 00000000 ____D C:\Users\luk\AppData\Local\Blizzard Entertainment
2015-06-29 00:02 - 2015-06-29 22:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-29 00:02 - 2015-06-29 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-06-29 00:02 - 2015-06-29 00:02 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-06-29 00:00 - 2015-06-29 00:00 - 00000000 ____D C:\ProgramData\Battle.net
2015-06-27 20:07 - 2015-06-27 20:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-06-26 14:16 - 2015-06-30 18:07 - 00000000 ____D C:\Users\luk\AppData\Local\SkypePlugin
2015-06-26 00:08 - 2015-07-06 17:34 - 00000000 ____D C:\Users\luk\A
2015-06-26 00:08 - 2015-06-26 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-06-26 00:08 - 2015-06-26 00:08 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-06-26 00:07 - 2015-06-26 00:08 - 00000000 ____D C:\Users\luk\AppData\Roaming\DVDVideoSoft
2015-06-26 00:07 - 2015-06-26 00:08 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-06-25 23:01 - 2015-06-25 23:12 - 00000000 _____ C:\Windows\SysWOW64\Access.dat
2015-06-25 22:59 - 2015-06-25 23:31 - 00000000 ____D C:\Users\luk\AppData\Roaming\Tunngle
2015-06-25 22:59 - 2015-06-25 22:59 - 00000000 ____D C:\Users\luk\Documents\Tunngle
2015-06-25 22:59 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2015-06-25 22:39 - 2015-06-25 22:46 - 00000000 ____D C:\Users\luk\AppData\Roaming\Wippien
2015-06-25 22:39 - 2011-04-23 20:30 - 00033160 _____ (WeOnlyDo Software) C:\Windows\system32\Drivers\wod0205.sys
2015-06-25 22:32 - 2015-06-25 22:32 - 36468360 _____ (DVDVideoSoft Ltd. ) C:\Users\luk\Downloads\FreeYouTubeToMP3Converter_3.12.59.616.exe
2015-06-25 00:06 - 2015-06-25 00:06 - 00000000 ___SH C:\Users\luk\AppData\Local\LumaEmu
2015-06-25 00:02 - 2015-06-25 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal 2
2015-06-24 23:38 - 2015-06-24 23:38 - 00000000 ____D C:\Program Files (x86)\Games
2015-06-24 22:29 - 2015-06-24 23:37 - 00000000 ____D C:\Users\luk\Downloads\Portal.2.incl.upd30-NSIS
2015-06-24 22:25 - 2015-06-24 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-24 22:07 - 2015-06-24 22:08 - 00000000 ____D C:\Program Files (x86)\Cracked Steam
2015-06-24 22:04 - 2015-06-24 20:18 - 00061440 _____ C:\Users\luk\AppData\Roaming\chrtmp
2015-06-24 21:58 - 2015-07-13 23:09 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-24 20:40 - 2015-06-24 20:40 - 00000560 _____ C:\Windows\wmsetup.log
2015-06-24 12:20 - 2015-06-24 12:20 - 00000000 ____D C:\Users\luk\AppData\Local\SKIDROW
2015-06-23 23:06 - 2015-06-24 12:49 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-06-23 20:25 - 2015-06-23 20:25 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-06-23 12:10 - 2015-06-23 12:10 - 00000000 ____D C:\Users\luk\Documents\FLiNGTrainer
2015-06-22 23:26 - 2015-06-22 23:26 - 00000000 ____D C:\Users\luk\Documents\EA Games
2015-06-22 23:26 - 2015-06-22 23:26 - 00000000 ____D C:\Users\luk\AppData\Local\EA Games
2015-06-22 23:22 - 2015-06-22 23:22 - 00000000 ____D C:\Users\luk\AppData\Local\Dead Space 3
2015-06-22 23:21 - 2015-06-22 23:21 - 00000000 ____D C:\Program Files (x86)\EA
2015-06-22 20:49 - 2015-06-24 22:24 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2015-06-22 20:49 - 2015-06-22 20:49 - 00000000 ___HD C:\Windows\msdownld.tmp
2015-06-22 20:49 - 2015-06-22 20:49 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-22 18:03 - 2015-06-22 18:03 - 00000020 ___SH C:\Users\LogMeInRemoteUser\ntuser.ini
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Vorlagen
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Startmenü
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Netzwerkumgebung
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Lokale Einstellungen
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Eigene Dateien
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Druckumgebung
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Documents\Eigene Musik
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Documents\Eigene Bilder
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\AppData\Local\Verlauf
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\AppData\Local\Anwendungsdaten
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Anwendungsdaten
2015-06-22 18:03 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-22 18:03 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-22 17:53 - 2015-06-25 01:42 - 00000000 ____D C:\Users\luk\AppData\Local\LogMeInIgnition
2015-06-22 17:52 - 2015-07-13 23:11 - 00001004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-06-22 17:52 - 2015-07-13 23:11 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-06-22 17:52 - 2015-06-24 18:57 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2015-06-22 17:52 - 2015-06-24 18:55 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-06-22 17:52 - 2015-06-24 18:55 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-06-22 17:52 - 2015-06-24 18:55 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-06-22 17:52 - 2015-06-22 17:52 - 00001024 _____ C:\.rnd
2015-06-22 17:52 - 2015-05-27 17:17 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll.000.bak
2015-06-22 17:52 - 2015-05-27 17:09 - 00072216 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys
2015-06-22 17:40 - 2015-07-14 19:45 - 00000000 ____D C:\Users\luk\AppData\Local\LogMeIn Hamachi
2015-06-22 17:40 - 2015-07-14 01:50 - 00000000 ____D C:\ProgramData\LogMeIn
2015-06-22 17:40 - 2015-06-22 17:40 - 00000000 ____D C:\Users\luk\AppData\Local\LogMeIn
2015-06-22 17:38 - 2015-06-22 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-06-22 17:38 - 2015-06-22 17:38 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-06-22 17:32 - 2015-06-22 17:32 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\ProgramData\Sun
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\ProgramData\Oracle
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\Program Files\Java
2015-06-22 16:59 - 2015-06-22 16:59 - 00000000 ____D C:\Users\luk\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-06-22 14:53 - 2015-06-22 16:01 - 00000000 ____D C:\Users\luk\Documents\ArmA 2
2015-06-22 14:53 - 2015-06-22 14:53 - 00000000 ____D C:\Users\luk\AppData\Local\ArmA 2 OA
2015-06-22 14:53 - 2015-06-22 14:53 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2015-06-22 14:50 - 2015-06-22 14:50 - 00000000 ____D C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-06-22 13:19 - 2015-06-24 12:49 - 00000000 ____D C:\Users\luk\Documents\My Games
2015-06-22 13:15 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-06-22 13:15 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-06-22 13:15 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-06-22 13:15 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-06-22 13:15 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-06-22 13:15 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-06-22 13:15 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-06-22 13:15 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-06-22 13:15 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-06-22 13:15 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-06-22 13:15 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-06-22 13:15 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-06-22 13:15 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-06-22 13:15 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-06-22 13:15 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-06-22 13:15 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-06-22 13:15 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-06-22 13:15 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-06-22 13:15 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-06-22 13:15 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-06-22 13:15 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-06-22 13:15 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-06-22 13:15 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-06-22 13:15 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-06-22 13:15 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-06-22 13:15 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-06-22 13:15 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-06-22 13:15 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-06-22 13:15 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-06-22 13:15 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-06-22 13:15 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-06-22 13:15 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-06-22 13:15 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-06-22 13:15 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-06-22 13:15 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-06-22 13:15 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-06-22 13:15 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-06-22 13:15 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-06-22 13:15 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-06-22 13:15 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-06-22 13:15 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-06-22 13:15 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-06-22 13:15 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-06-22 13:15 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-06-22 13:15 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-06-22 13:15 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-06-22 13:15 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-06-22 13:15 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-06-22 13:15 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-06-22 13:15 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-06-22 13:15 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-06-22 13:15 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-06-22 13:15 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-06-22 13:15 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-06-22 13:15 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-06-22 13:15 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-06-22 13:15 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-06-22 13:15 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-06-22 13:15 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-06-22 13:15 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-06-22 13:15 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-06-22 13:15 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-06-22 13:15 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-06-22 13:15 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-06-22 13:15 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-06-22 13:15 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-06-22 13:15 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-06-22 13:15 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-06-22 13:15 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-06-22 13:15 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-06-22 13:15 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-06-22 13:15 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-06-22 13:15 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-06-22 12:47 - 2015-06-22 12:47 - 00000000 ____D C:\Users\luk\AppData\Roaming\java
2015-06-22 12:47 - 2015-06-22 12:47 - 00000000 ____D C:\Users\luk\AppData\Roaming\.minecraft
2015-06-22 12:46 - 2015-06-22 12:47 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-06-22 12:46 - 2015-06-22 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-06-22 12:09 - 2015-06-22 12:09 - 00000000 ____D C:\Users\luk\Tracing
2015-06-22 12:09 - 2015-06-22 12:09 - 00000000 ____D C:\Users\luk\AppData\Local\Skype
2015-06-22 12:08 - 2015-07-13 19:48 - 00000000 ____D C:\Users\luk\AppData\Roaming\Skype
2015-06-22 12:08 - 2015-07-13 19:30 - 00000000 ____D C:\ProgramData\Skype
2015-06-22 12:08 - 2015-06-22 12:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-22 12:08 - 2015-06-22 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-22 11:01 - 2015-06-22 11:01 - 00000000 ____D C:\Users\luk\AppData\Roaming\SmartSteamEmu
2015-06-22 10:55 - 2015-06-22 10:55 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-06-22 10:55 - 2015-06-22 10:55 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-06-22 10:53 - 2015-07-06 00:08 - 00000000 ____D C:\ProgramData\TEMP
2015-06-21 21:19 - 2015-07-13 22:54 - 00000000 ____D C:\Users\luk\AppData\Local\CrashDumps
2015-06-21 20:52 - 2015-06-21 20:50 - 00238376 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2015-06-21 20:37 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-06-21 20:37 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-06-21 20:37 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-21 20:37 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-06-21 20:37 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-06-21 20:21 - 2015-07-09 13:00 - 00000000 ____D C:\2-click run
2015-06-21 19:49 - 2015-06-21 19:49 - 00000047 _____ C:\Users\luk\Documents\mt-x_hook.txt
2015-06-21 19:49 - 2015-06-21 19:49 - 00000007 _____ C:\Users\luk\Documents\mt-e_hook.txt
2015-06-20 16:11 - 2015-06-20 18:57 - 00000000 ____D C:\Users\luk\Documents\Virtual Machines
2015-06-20 16:08 - 2015-06-30 20:55 - 00000000 ____D C:\Users\luk\AppData\Roaming\VMware
2015-06-20 16:08 - 2015-06-29 22:13 - 00000000 ____D C:\Users\luk\AppData\Local\VMware
2015-06-20 15:47 - 2015-06-30 20:56 - 00000000 ____D C:\ProgramData\VMware
2015-06-20 15:39 - 2015-06-30 19:44 - 00000000 ____D C:\Users\luk\AppData\Roaming\uTorrent
2015-06-20 15:27 - 2015-07-09 13:08 - 00058016 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\Documents\Bluetooth Folder
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Synaptics
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ATI
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Atheros
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\BMExplorer
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\ATI
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\Adobe
2015-06-20 15:26 - 2015-07-12 20:14 - 00000000 ____D C:\Users\Gast
2015-06-20 15:26 - 2015-07-12 20:08 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-20 15:26 - 2015-07-12 20:08 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-20 15:26 - 2015-07-09 13:06 - 00002247 _____ C:\Users\Gast\Desktop\Google Chrome.lnk
2015-06-20 15:26 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2015-06-20 15:26 - 2015-06-20 15:26 - 00001421 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-20 15:26 - 2015-06-20 15:26 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
2015-06-20 15:25 - 2015-07-13 13:51 - 00000821 _____ C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-06-19 21:24 - 2015-06-19 21:24 - 00249150 _____ C:\ProgramData\1434741464.bdinstall.bin
2015-06-14 22:43 - 2015-06-14 22:43 - 00000000 ____D C:\Users\luk\AppData\Roaming\AMD
2015-06-14 22:42 - 2015-06-14 22:43 - 00000000 ____D C:\Users\luk\Documents\Adobe
2015-06-14 22:42 - 2015-06-14 22:42 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-06-14 19:53 - 2015-06-28 00:56 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-14 19:53 - 2015-06-14 19:53 - 00000000 ___RD C:\Users\luk\Creative Cloud Files
2015-06-14 19:53 - 2015-06-14 19:53 - 00000000 ____D C:\ProgramData\Adobe
2015-06-14 19:43 - 2015-06-14 19:43 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-06-14 19:40 - 2015-06-25 23:01 - 00000000 ____D C:\Users\luk\AppData\Local\Adobe
2015-06-14 14:26 - 2015-06-14 14:26 - 00000385 _____ C:\Users\luk\AppData\Roaminguser_gensett.xml
2015-06-14 13:37 - 2015-06-14 13:37 - 00074512 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin32.dll
2015-06-14 13:05 - 2015-07-13 23:26 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-06-14 13:04 - 2015-07-03 00:05 - 00000000 ____D C:\Users\luk\AppData\Roaming\Origin
2015-06-14 13:04 - 2015-06-14 13:05 - 00000000 ____D C:\Users\luk\AppData\Local\Origin
2015-06-14 13:03 - 2015-07-13 23:27 - 00000000 ____D C:\ProgramData\Origin
2015-06-14 13:03 - 2015-07-04 13:49 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-06-14 13:03 - 2015-07-03 00:04 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-14 13:03 - 2015-06-14 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-06-14 12:44 - 2015-07-13 13:51 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-14 12:44 - 2015-07-13 13:51 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-06-14 12:44 - 2015-07-12 20:06 - 00000000 ____D C:\Program Files (x86)\Opera
2015-06-14 12:44 - 2015-06-25 12:45 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434278682
2015-06-14 12:44 - 2015-06-14 12:44 - 00000000 ____D C:\Users\luk\AppData\Roaming\Opera Software
2015-06-14 12:44 - 2015-06-14 12:44 - 00000000 ____D C:\Users\luk\AppData\Roaming\Mozilla
2015-06-14 12:44 - 2015-06-14 12:44 - 00000000 ____D C:\Users\luk\AppData\Local\Opera Software
2015-06-14 12:44 - 2015-06-14 12:44 - 00000000 ____D C:\Users\luk\AppData\Local\Mozilla
2015-06-14 12:44 - 2015-06-14 12:44 - 00000000 ____D C:\ProgramData\Mozilla
2015-06-14 12:44 - 2015-06-14 12:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-14 12:21 - 2015-06-19 20:49 - 00000412 _____ C:\Windows\system32\checkdnsid.xml
2015-06-14 12:11 - 2015-06-14 12:11 - 00504019 _____ C:\ProgramData\1434276194.bdinstall.bin
2015-06-14 12:07 - 2015-06-14 12:07 - 00000385 _____ C:\Windows\system32\user_gensett.xml
2015-06-14 12:06 - 2015-06-14 12:06 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2015-06-14 12:06 - 2015-06-14 12:06 - 00000000 ____D C:\ProgramData\BDLogging
2015-06-14 12:06 - 2013-11-04 16:47 - 00074512 _____ (BitDefender SRL) C:\Windows\SysWOW64\bdsandboxuiskin32.dll
2015-06-14 12:06 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2015-06-14 12:03 - 2015-06-21 19:21 - 00000000 ____D C:\Program Files\Bitdefender
2015-06-14 12:03 - 2015-06-19 21:20 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-06-14 12:03 - 2015-06-14 13:37 - 00034384 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuh.dll
2015-06-14 12:03 - 2015-06-14 13:36 - 00084848 _____ (BitDefender SRL) C:\Windows\system32\bdsandboxuiskin.dll
2015-06-14 12:02 - 2015-06-14 12:02 - 00000000 ____D C:\Users\luk\AppData\Roaming\QuickScan
2015-06-14 11:54 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll.backup
2015-06-14 11:54 - 2009-07-14 03:41 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll.backup
2015-06-14 11:54 - 2009-07-14 03:41 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll.backup
2015-06-14 11:50 - 2015-06-14 11:50 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2015-06-14 11:50 - 2015-06-14 11:50 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-06-14 11:50 - 2015-06-14 11:50 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-14 11:49 - 2015-06-14 11:49 - 00000000 ____D C:\Users\luk\Documents\Visual Studio 2010
2015-06-14 11:49 - 2015-06-14 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2010 Express
2015-06-14 11:49 - 2015-06-14 11:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2015-06-14 11:49 - 2015-06-14 11:49 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-06-14 11:48 - 2015-06-14 11:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 10.0
2015-06-14 11:47 - 2015-06-14 11:47 - 00000000 ____D C:\Windows\symbols
2015-06-14 11:47 - 2015-06-14 11:47 - 00000000 ____D C:\Windows\PCHEALTH
2015-06-14 11:47 - 2015-06-14 11:47 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 10.0
2015-06-14 11:47 - 2015-06-14 11:47 - 00000000 ____D C:\Program Files\Microsoft Help Viewer
2015-06-14 11:47 - 2015-06-14 11:47 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-06-14 10:30 - 2015-06-14 10:30 - 00000000 ____D C:\Windows\pss
2015-06-14 10:25 - 2015-07-12 20:08 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-14 10:25 - 2015-06-14 10:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-14 09:50 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-06-14 09:50 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-14 20:11 - 2015-06-10 22:38 - 01702295 _____ C:\Windows\WindowsUpdate.log
2015-07-14 19:26 - 2015-06-10 23:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-14 16:29 - 2015-06-12 10:43 - 00004196 _____ C:\Windows\System32\Tasks\Software Updater
2015-07-14 09:39 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-13 23:27 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-13 23:10 - 2015-06-10 22:52 - 00001425 _____ C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-13 23:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-13 23:09 - 2010-11-21 05:47 - 00154546 _____ C:\Windows\PFRO.log
2015-07-13 18:16 - 2009-07-14 04:34 - 00000505 _____ C:\Windows\win.ini
2015-07-13 18:15 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-13 16:51 - 2015-06-10 22:51 - 00000000 ____D C:\Users\luk
2015-07-13 16:39 - 2015-06-13 18:34 - 00014968 _____ C:\claraInstaller.txt
2015-07-13 13:30 - 2009-07-14 06:45 - 00027424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-13 13:30 - 2009-07-14 06:45 - 00027424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-13 13:26 - 2015-06-10 23:36 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 13:26 - 2015-06-10 23:36 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-13 13:26 - 2015-06-10 23:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-13 12:42 - 2015-06-13 18:33 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-07-13 12:37 - 2015-06-13 18:33 - 00000000 ____D C:\ProgramData\WindowsMangerProtect
2015-07-13 12:34 - 2015-06-13 18:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-12 21:33 - 2015-06-13 13:53 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-12 20:08 - 2015-06-13 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-12 20:08 - 2015-06-13 13:50 - 00000000 ____D C:\Program Files\AMD
2015-07-12 20:08 - 2015-06-12 10:42 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-12 20:08 - 2015-06-10 23:36 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-12 20:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-07-09 13:11 - 2015-06-10 07:31 - 00000000 ____D C:\AMD
2015-07-05 19:16 - 2015-06-12 21:26 - 00000000 ____D C:\Users\luk\AppData\Roaming\Maxthon3
2015-07-03 12:04 - 2015-06-12 21:51 - 00097802 _____ C:\Windows\DirectX.log
2015-06-30 20:56 - 2011-04-12 09:43 - 00698926 _____ C:\Windows\system32\perfh007.dat
2015-06-30 20:56 - 2011-04-12 09:43 - 00149034 _____ C:\Windows\system32\perfc007.dat
2015-06-27 20:09 - 2009-07-14 07:13 - 01626438 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-25 23:38 - 2015-06-12 10:43 - 00058016 _____ C:\Users\luk\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-25 23:35 - 2009-07-14 06:45 - 04933736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-25 22:40 - 2015-06-10 22:52 - 00000000 ____D C:\Users\luk\AppData\Local\VirtualStore
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-23 07:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-22 16:11 - 2015-06-12 21:50 - 00000000 ____D C:\Users\luk\AppData\Local\Warframe
2015-06-21 21:45 - 2015-06-10 23:37 - 00000000 ____D C:\Users\luk\AppData\Roaming\Adobe
2015-06-20 15:48 - 2015-06-12 11:52 - 01646762 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-20 15:28 - 2015-06-10 23:23 - 00000000 ____D C:\Users\luk\Documents\Bluetooth Folder
2015-06-20 15:27 - 2015-06-13 10:50 - 00000000 ____D C:\ProgramData\Atheros
2015-06-14 11:54 - 2010-11-21 05:23 - 02851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-06-14 11:54 - 2009-07-14 01:55 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2015-06-14 11:54 - 2009-07-14 01:54 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\themeservice.dll
2015-06-14 11:47 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-14 11:43 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-14 10:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-14 09:53 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-06-14 00:13 - 2015-06-13 10:32 - 00000000 ____D C:\Program Files\ATI

==================== Files in the root of some directories =======

2015-06-24 22:04 - 2015-06-24 20:18 - 0061440 _____ () C:\Users\luk\AppData\Roaming\chrtmp
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\luk\AppData\Roaming\LMLBM9SPjLveZvwDjNnnQt
2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\luk\AppData\Roaming\LMLBM9SPjLveZvwDjNnnQt.exe
2015-06-25 00:06 - 2015-06-25 00:06 - 0000000 ___SH () C:\Users\luk\AppData\Local\LumaEmu
2015-06-14 12:11 - 2015-06-14 12:11 - 0504019 _____ () C:\ProgramData\1434276194.bdinstall.bin
2015-06-19 21:24 - 2015-06-19 21:24 - 0249150 _____ () C:\ProgramData\1434741464.bdinstall.bin

Some files in TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\tmpC34E.exe
C:\Users\luk\AppData\Local\Temp\7122.exe
C:\Users\luk\AppData\Local\Temp\avgBA2.exe
C:\Users\luk\AppData\Local\Temp\battlelog-web-plugins_2.7.1_162.exe
C:\Users\luk\AppData\Local\Temp\genteert.dll
C:\Users\luk\AppData\Local\Temp\InstallPlus500.exe
C:\Users\luk\AppData\Local\Temp\Intel Driver Update Utility Installer.exe
C:\Users\luk\AppData\Local\Temp\oo2.exe
C:\Users\luk\AppData\Local\Temp\optprosetup.exe
C:\Users\luk\AppData\Local\Temp\raptr_installer.exe
C:\Users\luk\AppData\Local\Temp\rpc420_setup.exe
C:\Users\luk\AppData\Local\Temp\sdan.exe
C:\Users\luk\AppData\Local\Temp\sdapk.exe
C:\Users\luk\AppData\Local\Temp\sdaspwn.exe
C:\Users\luk\AppData\Local\Temp\SkypeSetup.exe
C:\Users\luk\AppData\Local\Temp\SpOrder.dll
C:\Users\luk\AppData\Local\Temp\tmp757C.tmp.exe
C:\Users\luk\AppData\Local\Temp\tmp8258.exe
C:\Users\luk\AppData\Local\Temp\vcredist_x86_80.exe
C:\Users\luk\AppData\Local\Temp\vcredist_x86_90.exe
C:\Users\luk\AppData\Local\Temp\Windows 7 Activator__12215_il261955.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 16:33

==================== End of log ============================
         

Alt 15.07.2015, 09:52   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Programme werden einfach installiert - Standard

Programme werden einfach installiert



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    GamesDesktop 014.009010030

    globalupdate Helper

    oursurfing uninstall

    PrIceLEss

    SmartVideo For YouTube

    Support PL 1.1

    WordShark 1.10.0.20

    youtubeadblocker


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2015, 12:00   #6
Lukas992
 
Programme werden einfach installiert - Standard

Programme werden einfach installiert



Code:
ATTFilter
ComboFix 15-07-12.01 - luk 15.07.2015  11:28:27.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8072.5976 [GMT 2:00]
ausgeführt von:: c:\users\luk\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01\3bf545f9-3df6-401b-ab3d-b9345918491c.dll
c:\program files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01\9bbc55e5-5f39-4585-b2c1-df059c84b63e.dll
c:\program files (x86)\Skype\Phone\Skype.exe
c:\programdata\13401842200255233837
c:\programdata\13401842200255233837\6f7948b0eab6e59c46a980ce6615b767.ini
c:\programdata\13401842200255233837\933890129ec2a98f46a980ce6615b767.ini
c:\programdata\13401842200255233837\ff61ee1de858a83f46a980ce6615b767.ini
c:\programdata\1434276194.bdinstall.bin
c:\programdata\1434741464.bdinstall.bin
c:\programdata\Service1198
c:\programdata\Service1198\Service1198.dll
c:\programdata\Service1198\Service1198.exe
c:\users\luk\AppData\Roaming\chrtmp
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\B@VFl.edu
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\B@VFl.edu\bootstrap.js
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\B@VFl.edu\chrome.manifest
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\B@VFl.edu\content\bg.js
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\B@VFl.edu\install.rdf
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\t8@Yo8l8.com
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\t8@Yo8l8.com\bootstrap.js
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\t8@Yo8l8.com\chrome.manifest
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\t8@Yo8l8.com\content\bg.js
c:\users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\staged\t8@Yo8l8.com\install.rdf
c:\windows\msdownld.tmp
c:\windows\SysWow64\SETBAC5.tmp
c:\windows\SysWow64\SETC082.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-15 bis 2015-07-15  ))))))))))))))))))))))))))))))
.
.
2015-07-15 09:38 . 2015-07-15 09:38	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-15 09:16 . 2015-07-15 09:16	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-07-15 09:13 . 2015-07-15 09:13	--------	d-----w-	c:\program files (x86)\c032bc47-3571-4608-a942-3975d71fdffb
2015-07-15 09:13 . 2015-07-15 09:13	--------	d-----w-	c:\program files (x86)\CinemaPlus-3.2cV14.07
2015-07-15 09:12 . 2015-07-15 09:12	--------	d-----w-	c:\programdata\IHProtectUpDate
2015-07-15 09:12 . 2015-07-15 09:12	--------	d-----w-	c:\program files (x86)\MiuiTab
2015-07-15 09:12 . 2015-07-15 09:12	--------	d-----w-	c:\programdata\WindowsMangerProtect
2015-07-14 22:51 . 2015-07-14 09:44	33856	---ha-w-	c:\windows\system32\hamachi.sys
2015-07-14 22:51 . 2015-07-14 22:51	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2015-07-14 22:47 . 2015-07-14 22:49	--------	d-----w-	C:\AdwCleaner
2015-07-14 18:14 . 2015-07-14 18:18	--------	d-----w-	C:\FRST
2015-07-14 17:43 . 2015-07-14 18:24	--------	d-----w-	c:\program files (x86)\LightEngine
2015-07-14 17:42 . 2015-07-14 17:42	--------	d-----w-	c:\program files (x86)\SmartVideo For YouTube
2015-07-14 15:38 . 2015-07-14 15:38	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-07-13 23:54 . 2015-07-13 23:54	--------	d-----w-	c:\program files\iPod
2015-07-13 23:54 . 2015-07-13 23:54	--------	d-----w-	c:\program files (x86)\iTunes
2015-07-13 23:54 . 2015-07-13 23:54	--------	d-----w-	c:\program files\iTunes
2015-07-13 21:27 . 2015-07-13 21:27	--------	d-----w-	c:\programdata\PopCap Games
2015-07-13 17:20 . 2015-07-13 17:20	--------	d-----w-	c:\program files (x86)\Safari
2015-07-13 16:17 . 2015-07-13 16:17	--------	d-----w-	c:\windows\SysWow64\vbox
2015-07-13 16:17 . 2015-07-13 16:17	--------	d-----w-	c:\windows\system32\vbox
2015-07-13 14:45 . 2015-07-13 14:45	--------	d-----w-	c:\programdata\Msixakneo
2015-07-13 14:41 . 2015-07-15 09:34	--------	d-----w-	c:\program files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01
2015-07-13 14:40 . 2015-07-14 22:44	--------	d-----w-	c:\program files (x86)\I - Cinema
2015-07-13 11:26 . 2015-07-13 11:26	19183792	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-07-13 10:38 . 2015-07-13 08:07	359424	----a-w-	c:\windows\system32\Veubduqu64.dll
2015-07-13 10:38 . 2015-07-13 08:07	286720	----a-w-	c:\windows\SysWow64\Veubduqu.dll
2015-07-13 10:37 . 2015-07-13 10:37	0	----a-w-	c:\windows\prleth.sys
2015-07-13 10:37 . 2015-07-13 10:37	0	----a-w-	c:\windows\hgfs.sys
2015-07-13 10:31 . 2015-07-13 10:31	--------	d-----w-	c:\program files (x86)\Windows 7 Activator
2015-07-12 18:12 . 2015-06-12 07:50	12221144	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{06375153-361C-4E6E-8CC9-D70552500E84}\mpengine.dll
2015-07-11 15:41 . 2015-07-11 15:41	--------	d-----w-	c:\program files (x86)\Elcomsoft
2015-07-11 15:41 . 2015-07-11 15:41	--------	d-----w-	c:\program files (x86)\Elcomsoft Password Recovery
2015-07-11 15:41 . 2015-07-11 15:41	--------	d-----w-	c:\programdata\Elcomsoft Password Recovery
2015-07-09 11:17 . 2015-07-09 11:17	--------	d-----w-	c:\programdata\ATI
2015-07-06 19:11 . 2015-07-06 19:11	57728	----a-w-	c:\windows\system32\drivers\wsfd_vw_1_10_0_20.sys
2015-07-06 19:11 . 2015-07-06 19:11	61312	----a-w-	c:\windows\system32\drivers\wsfd_vt_1_10_0_20.sys
2015-07-06 15:34 . 2015-07-06 15:34	--------	d-----w-	c:\programdata\Apple Computer
2015-07-06 15:33 . 2015-07-06 15:33	--------	d-----w-	c:\program files (x86)\Apple Software Update
2015-07-06 15:33 . 2015-07-06 15:33	--------	d-----w-	c:\program files\Bonjour
2015-07-06 15:33 . 2015-07-06 15:33	--------	d-----w-	c:\program files (x86)\Bonjour
2015-07-06 15:32 . 2015-07-13 23:54	--------	d-----w-	c:\program files\Common Files\Apple
2015-07-06 15:32 . 2015-07-06 15:33	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2015-07-05 22:27 . 2015-07-06 15:33	--------	d-----w-	c:\programdata\Apple
2015-07-05 22:00 . 2015-07-05 22:00	--------	d-----w-	c:\program files\VideoLAN
2015-07-04 11:58 . 2015-07-04 12:29	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2015-07-04 11:50 . 2015-07-06 15:23	--------	d-----w-	c:\program files (x86)\Battlelog Web Plugins
2015-07-04 11:49 . 2015-07-04 11:49	--------	d-----w-	c:\programdata\EA Core
2015-07-04 11:47 . 2015-07-09 11:18	--------	d-----w-	c:\programdata\EA Logs
2015-07-03 02:34 . 2015-07-13 21:27	--------	d--h--w-	c:\program files (x86)\Common Files\EAInstaller
2015-07-03 02:34 . 2015-07-04 12:29	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-07-03 02:34 . 2015-07-04 11:58	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2015-07-03 02:34 . 2015-07-03 02:34	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2015-06-28 22:24 . 2015-06-29 12:11	--------	d-----w-	c:\program files (x86)\Diablo III
2015-06-28 22:02 . 2015-06-29 20:07	--------	d-----w-	c:\program files (x86)\Battle.net
2015-06-28 22:02 . 2015-06-28 22:02	--------	d-----w-	c:\programdata\Blizzard Entertainment
2015-06-28 22:00 . 2015-06-28 22:00	--------	d-----w-	c:\programdata\Battle.net
2015-06-25 22:08 . 2015-07-06 15:34	--------	d-----w-	c:\users\luk\A
2015-06-25 22:08 . 2015-06-25 22:08	--------	d-----w-	c:\program files (x86)\FreeCodecPack
2015-06-25 22:07 . 2015-06-25 22:08	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2015-06-25 22:07 . 2015-06-25 22:08	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2015-06-25 20:59 . 2009-09-16 05:02	31232	----a-w-	c:\windows\system32\drivers\tap0901t.sys
2015-06-25 20:39 . 2011-04-23 18:30	33160	----a-w-	c:\windows\system32\drivers\wod0205.sys
2015-06-24 21:38 . 2015-06-24 21:38	--------	d-----w-	c:\program files (x86)\Games
2015-06-24 20:07 . 2015-06-24 20:08	--------	d-----w-	c:\program files (x86)\Cracked Steam
2015-06-24 19:58 . 2015-07-13 21:09	--------	d-----w-	c:\program files (x86)\Steam
2015-06-23 21:06 . 2015-06-24 10:49	--------	d-----w-	c:\program files (x86)\R.G. Mechanics
2015-06-23 18:25 . 2015-06-23 18:25	--------	d-----w-	c:\program files (x86)\SystemRequirementsLab
2015-06-22 21:21 . 2015-06-22 21:21	--------	d-----w-	c:\program files (x86)\EA
2015-06-22 18:49 . 2015-06-24 20:24	--------	d-----w-	c:\program files (x86)\Mr DJ
2015-06-22 16:03 . 2015-07-12 18:08	--------	d-----w-	c:\users\LogMeInRemoteUser
2015-06-22 15:52 . 2015-06-24 16:55	60776	----a-w-	c:\windows\system32\Spool\prtprocs\x64\LMIproc.dll
2015-06-22 15:52 . 2015-06-24 16:55	35688	----a-w-	c:\windows\system32\LMIport.dll
2015-06-22 15:52 . 2015-06-24 16:55	107392	----a-w-	c:\windows\system32\LMIRfsClientNP.dll
2015-06-22 15:52 . 2015-05-27 15:09	72216	----a-w-	c:\windows\system32\drivers\LMIRfsDriver.sys
2015-06-22 15:52 . 2015-06-24 16:55	92520	----a-w-	c:\windows\system32\LMIinit.dll
2015-06-22 15:52 . 2015-06-24 16:57	--------	d-----w-	c:\program files (x86)\LogMeIn
2015-06-22 15:40 . 2015-07-14 22:48	--------	d-----w-	c:\programdata\LogMeIn
2015-06-22 15:32 . 2015-06-22 15:32	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-06-22 15:32 . 2015-06-22 15:32	110688	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2015-06-22 15:32 . 2015-06-22 15:32	--------	d-----w-	c:\programdata\Oracle
2015-06-22 15:32 . 2015-06-22 15:32	--------	d-----w-	c:\program files\Java
2015-06-22 12:53 . 2015-06-22 12:53	--------	d-----w-	c:\programdata\Bohemia Interactive Studio
2015-06-22 12:50 . 2015-06-24 12:55	--------	d-----w-	c:\program files (x86)\Common Files\BattlEye
2015-06-22 10:46 . 2015-06-22 10:47	--------	d-----w-	c:\program files (x86)\Minecraft
2015-06-22 10:09 . 2015-06-22 10:09	--------	d-----w-	c:\users\luk\Tracing
2015-06-22 10:08 . 2015-06-22 10:08	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2015-06-22 10:08 . 2015-06-22 10:14	--------	d-----r-	c:\program files (x86)\Skype
2015-06-22 10:08 . 2015-07-13 17:30	--------	d-----w-	c:\programdata\Skype
2015-06-22 08:55 . 2015-06-22 08:55	22360	----a-w-	c:\windows\SysWow64\X3DAudio1_7.dll
2015-06-22 08:55 . 2015-06-22 08:55	24920	----a-w-	c:\windows\system32\X3DAudio1_7.dll
2015-06-22 08:53 . 2015-06-22 08:53	--------	d-----w-	c:\programdata\Logs
2015-06-21 18:52 . 2015-06-21 18:50	238376	----a-w-	c:\windows\SysWow64\EasyAntiCheat.exe
2015-06-21 18:37 . 2015-04-27 19:23	229376	----a-w-	c:\windows\system32\wintrust.dll
2015-06-21 18:37 . 2015-04-27 19:23	188416	----a-w-	c:\windows\system32\cryptsvc.dll
2015-06-21 18:37 . 2015-04-27 19:23	1480192	----a-w-	c:\windows\system32\crypt32.dll
2015-06-21 18:37 . 2015-04-27 19:23	140288	----a-w-	c:\windows\system32\cryptnet.dll
2015-06-21 18:37 . 2015-04-27 19:05	179200	----a-w-	c:\windows\SysWow64\wintrust.dll
2015-06-21 18:37 . 2015-04-27 19:04	143872	----a-w-	c:\windows\SysWow64\cryptsvc.dll
2015-06-21 18:37 . 2015-04-27 19:04	1174528	----a-w-	c:\windows\SysWow64\crypt32.dll
2015-06-21 18:37 . 2015-04-27 19:04	103936	----a-w-	c:\windows\SysWow64\cryptnet.dll
2015-06-21 18:37 . 2015-05-09 18:26	493504	----a-w-	c:\windows\system32\mcupdate_GenuineIntel.dll
2015-06-21 18:21 . 2015-07-14 22:36	--------	d-----w-	C:\2-click run
2015-06-20 13:47 . 2015-06-30 18:56	--------	d-----w-	c:\programdata\VMware
2015-06-20 13:26 . 2015-07-12 18:14	--------	d-----w-	c:\users\Gast
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-13 11:26 . 2015-06-10 21:36	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-13 11:26 . 2015-06-10 21:36	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-06-23 11:30 . 2010-11-21 03:27	300704	----a-w-	c:\windows\system32\MpSigStub.exe
2015-06-14 11:37 . 2015-06-14 11:37	74512	----a-w-	c:\windows\system32\bdsandboxuiskin32.dll
2015-06-14 11:37 . 2015-06-14 10:03	34384	----a-w-	c:\windows\system32\bdsandboxuh.dll
2015-06-14 11:36 . 2015-06-14 10:03	84848	----a-w-	c:\windows\system32\bdsandboxuiskin.dll
2015-06-14 09:54 . 2009-07-13 23:55	332288	----a-w-	c:\windows\system32\uxtheme.dll
2015-06-14 09:54 . 2010-11-21 03:23	2851840	----a-w-	c:\windows\system32\themeui.dll
2015-06-14 09:54 . 2009-07-13 23:54	44544	----a-w-	c:\windows\system32\themeservice.dll
2015-06-14 09:51 . 2015-06-14 09:49	207008	----a-w-	c:\programdata\Microsoft\VBExpress\10.0\1031\ResourceCache.dll
2015-06-12 19:29 . 2015-06-12 19:29	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2015-06-12 19:29 . 2015-06-12 19:29	942592	----a-w-	c:\windows\system32\jsIntl.dll
2015-06-12 19:29 . 2015-06-12 19:29	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2015-06-12 19:29 . 2015-06-12 19:29	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2015-06-12 19:29 . 2015-06-12 19:29	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2015-06-12 19:29 . 2015-06-12 19:29	81408	----a-w-	c:\windows\system32\icardie.dll
2015-06-12 19:29 . 2015-06-12 19:29	77312	----a-w-	c:\windows\system32\tdc.ocx
2015-06-12 19:29 . 2015-06-12 19:29	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2015-06-12 19:29 . 2015-06-12 19:29	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2015-06-12 19:29 . 2015-06-12 19:29	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2015-06-12 19:29 . 2015-06-12 19:29	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2015-06-12 19:29 . 2015-06-12 19:29	62464	----a-w-	c:\windows\system32\pngfilt.dll
2015-06-12 19:29 . 2015-06-12 19:29	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2015-06-12 19:29 . 2015-06-12 19:29	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2015-06-12 19:29 . 2015-06-12 19:29	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2015-06-12 19:29 . 2015-06-12 19:29	48640	----a-w-	c:\windows\system32\mshtmler.dll
2015-06-12 19:29 . 2015-06-12 19:29	48128	----a-w-	c:\windows\system32\imgutil.dll
2015-06-12 19:29 . 2015-06-12 19:29	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2015-06-12 19:29 . 2015-06-12 19:29	30208	----a-w-	c:\windows\system32\licmgr10.dll
2015-06-12 19:29 . 2015-06-12 19:29	247808	----a-w-	c:\windows\system32\msls31.dll
2015-06-12 19:29 . 2015-06-12 19:29	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2015-06-12 19:29 . 2015-06-12 19:29	243200	----a-w-	c:\windows\system32\webcheck.dll
2015-06-12 19:29 . 2015-06-12 19:29	235520	----a-w-	c:\windows\system32\url.dll
2015-06-12 19:29 . 2015-06-12 19:29	235008	----a-w-	c:\windows\system32\elshyph.dll
2015-06-12 19:29 . 2015-06-12 19:29	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2015-06-12 19:29 . 2015-06-12 19:29	167424	----a-w-	c:\windows\system32\iexpress.exe
2015-06-12 19:29 . 2015-06-12 19:29	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2015-06-12 19:29 . 2015-06-12 19:29	147968	----a-w-	c:\windows\system32\occache.dll
2015-06-12 19:29 . 2015-06-12 19:29	143872	----a-w-	c:\windows\system32\wextract.exe
2015-06-12 19:29 . 2015-06-12 19:29	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2015-06-12 19:29 . 2015-06-12 19:29	13824	----a-w-	c:\windows\system32\mshta.exe
2015-06-12 19:29 . 2015-06-12 19:29	135680	----a-w-	c:\windows\system32\iepeers.dll
2015-06-12 19:29 . 2015-06-12 19:29	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2015-06-12 19:29 . 2015-06-12 19:29	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2015-06-12 19:29 . 2015-06-12 19:29	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2015-06-12 19:29 . 2015-06-12 19:29	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2015-06-12 19:29 . 2015-06-12 19:29	105984	----a-w-	c:\windows\system32\iesysprep.dll
2015-06-12 19:29 . 2015-06-12 19:29	101376	----a-w-	c:\windows\system32\inseng.dll
2015-06-10 21:08 . 2015-06-10 21:08	6112072	----a-w-	c:\windows\system32\usbaaplrc.dll
2015-06-10 21:08 . 2015-06-10 21:08	54784	----a-w-	c:\windows\system32\drivers\usbaapl64.sys
2015-06-01 19:16 . 2015-06-12 19:57	389840	----a-w-	c:\windows\system32\iedkcs32.dll
2015-05-29 13:49 . 2015-06-12 10:30	183296	----a-w-	c:\windows\system32\igfxCoIn_v4222.dll
2015-05-29 13:49 . 2015-06-12 10:30	6160424	----a-w-	c:\windows\system32\SETB80D.tmp
2015-05-29 13:49 . 2015-03-19 19:02	392296	----a-w-	c:\windows\system32\igfxTray.exe
2015-05-29 13:49 . 2015-03-19 19:02	344168	----a-w-	c:\windows\system32\igfxCUIService.exe
2015-05-29 13:49 . 2015-06-12 10:30	1540904	----a-w-	c:\windows\system32\igdmd64.dll
2015-05-29 13:49 . 2015-06-12 10:30	1196336	----a-w-	c:\windows\SysWow64\igdmd32.dll
2015-05-29 13:49 . 2015-06-12 10:30	6725162	----a-w-	c:\windows\system32\igdclbif.bin
2015-05-29 13:49 . 2015-06-12 10:30	17804608	----a-w-	c:\windows\system32\igd11dxva64.dll
2015-05-29 13:49 . 2015-06-12 10:30	17329224	----a-w-	c:\windows\SysWow64\igd11dxva32.dll
2015-05-29 13:49 . 2015-06-12 10:30	9422928	----a-w-	c:\windows\system32\SETB453.tmp
2015-05-29 13:49 . 2015-06-12 10:30	282696	----a-w-	c:\windows\system32\igd10idpp64.dll
2015-05-29 13:49 . 2015-06-12 10:30	263120	----a-w-	c:\windows\SysWow64\igd10idpp32.dll
2015-05-29 13:49 . 2015-06-12 10:30	460048	----a-w-	c:\windows\system32\drivers\IntcDAud.sys
2015-05-27 15:09 . 2015-05-27 15:09	35616	----a-w-	c:\windows\system32\lmimirr.dll
2015-05-27 15:09 . 2015-05-27 15:09	14624	----a-w-	c:\windows\system32\lmimirr2.dll
2015-05-27 15:09 . 2015-05-27 15:09	11552	----a-w-	c:\windows\system32\drivers\lmimirr.sys
2015-05-27 14:35 . 2015-06-12 19:57	24917504	----a-w-	c:\windows\system32\mshtml.dll
2015-05-26 22:04 . 2015-06-12 19:11	140135120	----a-w-	c:\windows\system32\MRT.exe
2015-05-25 18:24 . 2015-06-12 09:26	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:23 . 2015-06-12 09:26	155584	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2015-05-25 18:23 . 2015-06-12 09:26	95680	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2015-05-25 18:21 . 2015-06-12 09:26	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-12 09:26	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-12 09:26	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-12 09:26	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-12 09:26	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-12 09:26	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-12 09:26	210944	----a-w-	c:\windows\system32\wdigest.dll
2015-05-25 18:19 . 2015-06-12 09:26	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-12 09:26	86528	----a-w-	c:\windows\system32\TSpkg.dll
2015-05-25 18:19 . 2015-06-12 09:26	29184	----a-w-	c:\windows\system32\sspisrv.dll
2015-05-25 18:19 . 2015-06-12 09:26	136192	----a-w-	c:\windows\system32\sspicli.dll
2015-05-25 18:19 . 2015-06-12 09:26	503808	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-12 09:26	50176	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-12 09:26	28160	----a-w-	c:\windows\system32\secur32.dll
2015-05-25 18:19 . 2015-06-12 09:26	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-12 09:26	342016	----a-w-	c:\windows\system32\schannel.dll
2015-05-25 18:19 . 2015-06-12 09:26	314880	----a-w-	c:\windows\system32\msv1_0.dll
2015-05-25 18:19 . 2015-06-12 09:26	309760	----a-w-	c:\windows\system32\ncrypt.dll
2015-05-25 18:19 . 2015-06-12 09:26	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-12 09:26	1461760	----a-w-	c:\windows\system32\lsasrv.dll
2015-05-25 18:19 . 2015-06-12 09:26	728576	----a-w-	c:\windows\system32\kerberos.dll
2015-05-25 18:19 . 2015-06-12 09:26	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-12 09:26	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-12 09:26	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-12 09:26	22016	----a-w-	c:\windows\system32\credssp.dll
2015-05-25 18:18 . 2015-06-12 09:26	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-12 09:26	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-12 09:26	404992	----a-w-	c:\windows\system32\tracerpt.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}]
2015-06-24 02:08	544952	----a-w-	c:\program files (x86)\MiuiTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-07-13 6109776]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-07-14 5579624]
.
c:\users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
.vbs [2015-5-26 579292]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 wssvc_1.10.0.20;WS 1.10.0.20 Client Service;c:\program files (x86)\WordShark_1.10.0.20\Service\wssvc.exe;c:\program files (x86)\WordShark_1.10.0.20\Service\wssvc.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R4 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R4 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 ngvss;ngvss; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 wsfd_vt_1_10_0_20;wsfd_vt_1_10_0_20;c:\windows\system32\drivers\wsfd_vt_1_10_0_20.sys;c:\windows\SYSNATIVE\drivers\wsfd_vt_1_10_0_20.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [x]
S2 avast! Firewall;Avast Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IHProtect Service;IHProtect Service;c:\program files (x86)\MiuiTab\ProtectService.exe;c:\program files (x86)\MiuiTab\ProtectService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [x]
S2 MaxthonUpdateSvc;Maxthon Core Update Service;c:\program files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe;c:\program files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S2 WindowsMangerProtect;WindowsMangerProtect Service;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 wod0205;WeOnlyDo Network Adapter 2.5;c:\windows\system32\DRIVERS\wod0205.sys;c:\windows\SYSNATIVE\DRIVERS\wod0205.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-10 11:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-07-13 14:47	777544	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-07-24 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-07-24 444400]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-07-11 170280]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
uDefault_Search_URL = hxxp://www.oursurfing.com/web/?type=dspp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
mStart Page = hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1436951527&z=9c85476b42a94ffe303f061g7z4caqct4w0g8w2o7w&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
mSearch Bar = https://www.google.com/?trackid=sp-006
mDefault_Page_URL = hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
mDefault_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1436951527&z=9c85476b42a94ffe303f061g7z4caqct4w0g8w2o7w&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-3942cb956b268e30542c8ae160134ea3 - c:\users\luk\svchost.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse-Agent - c:\program files\Bitdefender\Bitdefender\pmbxag.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse - c:\program files\Bitdefender\Bitdefender\pwdmanui.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse-Anwendungs-Agent - c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
BHO-{0FE3BC55-F716-42F4-8FCD-379A5A4CD196} - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-I - Cinema - c:\program files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe
AddRemove-Mozilla Firefox 38.0.5 (x86 de) - c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (S-1-5-21-3673084780-1297754886-2385512282-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (S-1-5-21-3673084780-1297754886-2385512282-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-3673084780-1297754886-2385512282-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (S-1-5-21-3673084780-1297754886-2385512282-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (S-1-5-21-3673084780-1297754886-2385512282-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-3673084780-1297754886-2385512282-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-3673084780-1297754886-2385512282-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (S-1-5-21-3673084780-1297754886-2385512282-1000)
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_203_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_203_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_203_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_203_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_203.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\MiuiTab\cmdshell.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Maxthon\Bin\Maxthon.exe
c:\program files (x86)\Maxthon\Bin\Maxthon.exe
c:\program files (x86)\Maxthon\Bin\Maxthon.exe
c:\program files (x86)\Maxthon\Bin\Maxthon.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-15  12:16:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-15 10:15
.
Vor Suchlauf: 12 Verzeichnis(se), 811.728.990.208 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 812.756.418.560 Bytes frei
.
- - End Of File - - 604AC0BFAC70A161885ACD5C15454B13
5FB38429D5D77768867C76DCBDB35194
         

Alt 16.07.2015, 07:36   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Programme werden einfach installiert - Standard

Programme werden einfach installiert



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.07.2015, 14:56   #8
Lukas992
 
Programme werden einfach installiert - Standard

Programme werden einfach installiert



kurze frage muss ich mein avast premier deinstallieren ?

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by luk (administrator) on LUK-PC on 16-07-2015 15:54:04
Running from C:\Users\luk\Desktop
Loaded Profiles: luk (Available Profiles: luk & LogMeInRemoteUser & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NirSoft) C:\ComboFix\NIRKMD.3XE
() C:\ComboFix\PEV.exe
(NirSoft) C:\ComboFix\NIRKMD.3XE
() C:\ComboFix\PEV.exe
(NirSoft) C:\ComboFix\NIRKMD.3XE
() C:\ComboFix\PEV.exe
(NirSoft) C:\ComboFix\NIRKMD.3XE
() C:\ComboFix\PEV.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2015-05-27] (LogMeIn, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-13] (AVAST Software)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-04-14] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.vbs [2015-06-27] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-13] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3673084780-1297754886-2385512282-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO: No Name -> {0FE3BC55-F716-42F4-8FCD-379A5A4CD196} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-22] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-13] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-22] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-13] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25479B7F-2AAE-4B73-981A-A48DCA3B71F0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6D85D2EB-B80D-4C39-95D3-AE9F51E35B0A}: [DhcpNameServer] 172.20.10.1

FireFox:
========
FF ProfilePath: C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-22] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-06-12] (Google Inc.)
FF Plugin HKU\S-1-5-21-3673084780-1297754886-2385512282-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\luk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3673084780-1297754886-2385512282-1000: SkypePlugin -> C:\Users\luk\AppData\Local\SkypePlugin\7.3.0.501\npGatewayNpapi.dll [2015-06-05] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3673084780-1297754886-2385512282-1000: SkypePlugin64 -> C:\Users\luk\AppData\Local\SkypePlugin\7.3.0.501\npGatewayNpapi-x64.dll [2015-06-05] (Skype Technologies S.A.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-06-13]
FF Extension: No Name - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com [not found]
FF Extension: No Name - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com [not found]
FF Extension: No Name - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com [not found]
FF Extension: No Name - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com [not found]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-13]
CHR Extension: (Google Docs) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-13]
CHR Extension: (Google Drive) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-13]
CHR Extension: (YouTube) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-13]
CHR Extension: (Google Search) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-13]
CHR Extension: (Google Sheets) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-13]
CHR Extension: (Avast Online Security) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-13]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-10]
CHR Extension: (Skype Click to Call) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-22]
CHR Extension: (Google Wallet) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-10]
CHR Extension: (Gmail) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-13]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-13] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-07-13] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-13] (Avast Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1137152 2015-06-22] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-06-21] (EasyAntiCheat Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [234856 2015-07-15] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-05-27] (LogMeIn, Inc.)
S2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872152 2015-05-11] (Maxthon)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-03] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-07-03] ()
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-06-14] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 sppsvc; %SystemRoot%\system32\sppsvc.exe [X]
S4 sppuinotify; %SystemRoot%\system32\sppuinotify.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-13] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-13] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-07-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-13] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-13] (AVAST Software)
U0 bohhr; C:\Windows\System32\drivers\xvnvnq.sys [79064 2015-07-16] (Malwarebytes Corporation)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2015-05-27] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-07-16] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-13] (AVAST Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-13] (Avast Software)
R3 wod0205; C:\Windows\System32\DRIVERS\wod0205.sys [33160 2011-04-23] (WeOnlyDo Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-16 15:54 - 2015-07-16 15:54 - 00018817 _____ C:\Users\luk\Desktop\FRST.txt
2015-07-16 15:53 - 2015-07-16 15:53 - 02133504 _____ (Farbar) C:\Users\luk\Desktop\FRST64.exe
2015-07-16 15:51 - 2015-07-16 15:51 - 00002316 _____ C:\Users\luk\Desktop\JRT.txt
2015-07-16 15:46 - 2015-07-16 15:46 - 01797576 _____ (Malwarebytes Corporation) C:\Users\luk\Desktop\JRT.exe
2015-07-16 15:44 - 2015-07-16 15:44 - 00064689 _____ C:\Users\luk\Desktop\MBAM.txt
2015-07-16 15:20 - 2015-07-16 15:20 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\xvnvnq.sys
2015-07-16 14:52 - 2015-07-16 14:53 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-16 14:51 - 2015-07-16 14:51 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\luk\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-16 14:51 - 2015-07-16 14:51 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-16 14:51 - 2015-07-16 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-16 14:51 - 2015-07-16 14:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-16 14:51 - 2015-07-16 14:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-16 14:51 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-16 14:51 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-16 14:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-16 00:30 - 2015-06-21 20:13 - 00000000 ____D C:\Users\luk\Desktop\com.gameloft.android.ANMP.GloftA8HM
2015-07-15 18:33 - 2015-07-16 15:47 - 00000000 ____D C:\51070ecab41e87acb627
2015-07-15 12:16 - 2015-07-15 12:16 - 00041135 _____ C:\ComboFix.txt
2015-07-15 11:27 - 2015-07-15 12:18 - 00000000 ____D C:\ComboFix
2015-07-15 11:27 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-15 11:27 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-15 11:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-15 11:26 - 2015-07-15 12:18 - 00000000 ____D C:\Qoobox
2015-07-15 11:26 - 2015-07-15 11:54 - 00000000 ____D C:\Windows\erdnt
2015-07-15 11:25 - 2015-07-15 11:25 - 05632449 ____R (Swearware) C:\Users\luk\Desktop\ComboFix.exe
2015-07-15 11:16 - 2015-07-15 11:16 - 00001268 _____ C:\Users\luk\Desktop\Revo Uninstaller.lnk
2015-07-15 11:16 - 2015-07-15 11:16 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-15 11:13 - 2015-07-15 11:13 - 00000000 ____D C:\Program Files (x86)\c032bc47-3571-4608-a942-3975d71fdffb
2015-07-15 00:51 - 2015-07-15 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-07-15 00:51 - 2015-07-15 00:51 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-15 00:51 - 2015-07-14 11:44 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-15 00:47 - 2015-07-15 00:49 - 00000000 ____D C:\AdwCleaner
2015-07-14 20:14 - 2015-07-16 15:54 - 00000000 ____D C:\FRST
2015-07-14 19:43 - 2015-07-14 20:24 - 00000000 ____D C:\Program Files (x86)\LightEngine
2015-07-14 19:42 - 2015-07-16 15:20 - 00000000 ____D C:\Program Files (x86)\SmartVideo For YouTube
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files\iTunes
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files\iPod
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-14 01:51 - 2015-07-14 01:51 - 00089048 ____H C:\Windows\system32\mlfcache.dat
2015-07-13 23:27 - 2015-07-13 23:27 - 00001232 _____ C:\Users\Public\Desktop\Zumas Revenge.lnk
2015-07-13 23:27 - 2015-07-13 23:27 - 00000000 ____D C:\ProgramData\PopCap Games
2015-07-13 23:27 - 2015-07-13 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zumas Revenge
2015-07-13 19:27 - 2015-07-13 19:27 - 00089048 ____H C:\Windows\SysWOW64\mlfcache.dat
2015-07-13 19:20 - 2015-07-13 19:20 - 00002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-07-13 19:20 - 2015-07-13 19:20 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2015-07-13 19:20 - 2015-07-13 19:20 - 00000000 ____D C:\Program Files (x86)\Safari
2015-07-13 18:17 - 2015-07-13 18:17 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-07-13 18:17 - 2015-07-13 18:17 - 00000000 ____D C:\Windows\system32\vbox
2015-07-13 16:48 - 2015-07-15 11:11 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-13 16:48 - 2015-07-13 16:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-13 16:47 - 2015-07-13 16:47 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-13 16:47 - 2015-07-13 16:47 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00150160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-13 16:47 - 2015-07-13 16:47 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-13 16:47 - 2015-07-13 16:47 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-07-13 16:45 - 2015-07-13 23:19 - 00003106 _____ C:\Windows\System32\Tasks\CGN
2015-07-13 16:41 - 2015-07-15 11:34 - 00000000 ____D C:\Program Files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01
2015-07-13 16:41 - 2015-07-13 16:41 - 05657224 _____ (AVAST Software) C:\Users\luk\Downloads\avast_premier_antivirus_setup_online.exe
2015-07-13 12:38 - 2015-07-13 13:33 - 00004800 _____ C:\Windows\SysWOW64\Veubduqu.ini
2015-07-13 12:38 - 2015-07-13 13:33 - 00002520 _____ C:\Windows\SysWOW64\VeubduquOff.ini
2015-07-13 12:38 - 2015-07-13 13:33 - 00002520 _____ C:\Windows\system32\VeubduquOff.ini
2015-07-13 12:37 - 2015-07-13 12:37 - 00000000 _____ C:\Windows\prleth.sys
2015-07-13 12:37 - 2015-07-13 12:37 - 00000000 _____ C:\Windows\hgfs.sys
2015-07-13 12:35 - 2015-07-13 13:47 - 00000000 ____D C:\Users\luk\AppData\Local\Chromium
2015-07-13 12:34 - 2015-07-13 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-13 12:32 - 2015-07-13 16:40 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-13 12:31 - 2015-07-16 15:20 - 00000000 ____D C:\Program Files (x86)\Windows 7 Activator
2015-07-12 22:52 - 2015-07-12 22:52 - 00431093 _____ C:\Users\luk\Downloads\crark34-mac-opencl.rar
2015-07-12 22:49 - 2015-07-12 22:49 - 00388107 _____ C:\Users\luk\Downloads\crark50-ocl.rar
2015-07-12 22:23 - 2015-07-12 22:24 - 05745152 _____ C:\Users\luk\Downloads\archpr_5455setup_en.msi
2015-07-12 22:20 - 2015-07-12 22:20 - 02169813 _____ C:\Users\luk\Downloads\BruteForce_0.9.1.zip
2015-07-12 21:55 - 2015-07-12 21:56 - 00000000 ____D C:\Users\luk\Downloads\RAR-Password-Recovery
2015-07-12 21:40 - 2015-07-12 21:41 - 01757096 _____ C:\Users\luk\Downloads\[Next_leveL]W7Loader222.zip
2015-07-11 17:41 - 2015-07-13 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2015-07-11 17:41 - 2015-07-11 17:41 - 00000000 ____D C:\ProgramData\Elcomsoft Password Recovery
2015-07-11 17:41 - 2015-07-11 17:41 - 00000000 ____D C:\Program Files (x86)\Elcomsoft Password Recovery
2015-07-11 17:41 - 2015-07-11 17:41 - 00000000 ____D C:\Program Files (x86)\Elcomsoft
2015-07-11 16:04 - 2015-07-11 16:05 - 07777101 _____ C:\Users\luk\Desktop\(1) Anna Saalfeld_15.mp4
2015-07-10 23:05 - 2015-07-10 23:05 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
2015-07-10 10:18 - 2015-07-12 21:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-09 13:21 - 2015-07-09 13:21 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Opera Software
2015-07-09 13:21 - 2015-07-09 13:21 - 00000000 ____D C:\Users\Gast\AppData\Local\Opera Software
2015-07-09 13:19 - 2015-07-11 10:47 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Origin
2015-07-09 13:18 - 2015-07-09 13:20 - 00000000 ____D C:\Users\Gast\AppData\Local\Origin
2015-07-09 13:17 - 2015-07-09 13:17 - 00000000 ____D C:\ProgramData\ATI
2015-07-09 13:09 - 2015-07-09 13:09 - 00000222 _____ C:\Users\Gast\Desktop\Call of Duty Black Ops II - Zombies.url
2015-07-09 13:09 - 2015-07-09 13:09 - 00000219 _____ C:\Users\Gast\Desktop\Counter-Strike Source.url
2015-07-09 13:08 - 2015-07-09 13:08 - 00000000 ____D C:\Users\Gast\AppData\Local\Steam
2015-07-09 13:06 - 2015-07-12 20:19 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Raptr
2015-07-09 13:06 - 2015-07-12 20:08 - 00000000 ____D C:\Users\Gast\AppData\Local\LogMeIn Hamachi
2015-07-09 13:06 - 2015-07-09 13:06 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2015-07-09 13:06 - 2015-07-09 13:06 - 00000000 ____D C:\Users\Gast\AppData\Local\LogMeIn
2015-07-09 13:05 - 2015-07-09 13:05 - 604755625 _____ C:\Windows\MEMORY.DMP
2015-07-09 13:05 - 2015-07-09 13:05 - 00281008 _____ C:\Windows\Minidump\070915-36675-01.dmp
2015-07-09 13:05 - 2015-07-09 13:05 - 00000000 ____D C:\Windows\Minidump
2015-07-06 17:37 - 2015-07-06 17:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-07-06 17:35 - 2015-07-13 20:06 - 00000000 ____D C:\Users\luk\AppData\Roaming\Apple Computer
2015-07-06 17:35 - 2015-07-13 19:37 - 00000000 ____D C:\Users\luk\AppData\Local\Apple Computer
2015-07-06 17:34 - 2015-07-06 17:34 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Program Files\Bonjour
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-07-06 17:32 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-06 17:30 - 2015-07-06 17:31 - 155834672 _____ (Apple Inc.) C:\Users\luk\Downloads\itunes6464setup.exe
2015-07-06 00:27 - 2015-07-06 17:33 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-07-06 00:27 - 2015-07-06 17:33 - 00000000 ____D C:\ProgramData\Apple
2015-07-06 00:27 - 2015-07-06 00:27 - 00000000 ____D C:\Users\luk\AppData\Local\Apple
2015-07-06 00:14 - 2015-07-12 20:08 - 00000000 ____D C:\Users\luk\AppData\Roaming\vlc
2015-07-06 00:06 - 2015-07-06 17:34 - 00000000 ____D C:\Users\luk\AppData\Local\MotionDSP
2015-07-06 00:03 - 2015-07-06 17:34 - 00000000 ____D C:\Users\luk\AppData\Roaming\MotionDSP
2015-07-06 00:01 - 2015-07-06 00:02 - 92017704 _____ C:\Users\luk\Downloads\vReveal_3.2.0.13029.exe
2015-07-06 00:00 - 2015-07-12 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-07-06 00:00 - 2015-07-06 00:00 - 00000000 ____D C:\Program Files\VideoLAN
2015-07-05 23:58 - 2015-07-05 23:58 - 01198368 _____ C:\Users\luk\Downloads\VLC media player 64 Bit - CHIP-Installer.exe
2015-07-05 23:51 - 2015-07-12 23:18 - 00000000 ____D C:\Users\luk\Documents\AirDroid
2015-07-05 23:50 - 2015-07-05 23:50 - 12128091 _____ C:\Users\luk\Downloads\AirDroid_Desktop_Client_3.1.3.exe
2015-07-04 16:38 - 2015-07-16 14:54 - 00005276 _____ C:\Windows\setupact.log
2015-07-04 16:38 - 2015-07-04 16:38 - 00000000 _____ C:\Windows\setuperr.log
2015-07-04 14:06 - 2015-07-04 14:06 - 00000000 ____D C:\Users\luk\AppData\Local\Macromedia
2015-07-04 13:58 - 2015-07-04 14:29 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-07-04 13:58 - 2015-07-04 13:58 - 00000000 ____D C:\Users\luk\Documents\Battlefield 3
2015-07-04 13:58 - 2015-07-04 13:58 - 00000000 ____D C:\Users\luk\AppData\Local\PunkBuster
2015-07-04 13:58 - 2015-07-04 13:58 - 00000000 ____D C:\Users\luk\AppData\Local\ESN
2015-07-04 13:56 - 2015-07-04 13:56 - 01640768 _____ C:\Users\luk\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-07-04 13:50 - 2015-07-06 17:23 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-04 13:49 - 2015-07-04 13:49 - 00000000 ____D C:\ProgramData\EA Core
2015-07-04 01:23 - 2015-07-12 23:17 - 00000000 ____D C:\Users\luk\AppData\Roaming\Raptr
2015-07-04 01:23 - 2015-07-04 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2015-07-03 04:34 - 2015-07-04 14:29 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-03 04:34 - 2015-07-04 13:58 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-03 04:34 - 2015-07-03 04:34 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-03 04:34 - 2015-07-03 04:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-07-01 15:11 - 2015-07-01 15:11 - 00000000 ____D C:\Users\luk\AppData\Local\Intel_Corporation
2015-07-01 00:20 - 2015-07-01 00:20 - 00000933 _____ C:\Users\LogMeInRemoteUser\Desktop\Plus500.lnk
2015-06-30 18:34 - 2015-06-30 20:14 - 00000000 ____D C:\Users\luk\Downloads\ARK Survival Evolved PC game Beta ^^nosTEAM^^
2015-06-30 18:00 - 2015-06-30 18:00 - 00000000 ____D C:\Users\luk\AppData\Roaming\Unity
2015-06-30 17:57 - 2015-06-30 17:57 - 00000000 ____D C:\Users\luk\AppData\Local\Unity
2015-06-29 14:12 - 2015-07-03 12:05 - 00000000 ____D C:\Users\luk\Documents\Diablo III
2015-06-29 00:55 - 2015-06-29 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-06-29 00:24 - 2015-06-29 14:11 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-06-29 00:03 - 2015-06-29 22:06 - 00000000 ____D C:\Users\luk\AppData\Local\Battle.net
2015-06-29 00:03 - 2015-06-29 00:04 - 00000000 ____D C:\Users\luk\AppData\Roaming\Battle.net
2015-06-29 00:03 - 2015-06-29 00:03 - 00000000 ____D C:\Users\luk\AppData\Local\Blizzard Entertainment
2015-06-29 00:02 - 2015-06-29 22:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-29 00:02 - 2015-06-29 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-06-29 00:02 - 2015-06-29 00:02 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-06-29 00:00 - 2015-06-29 00:00 - 00000000 ____D C:\ProgramData\Battle.net
2015-06-27 20:07 - 2015-06-27 20:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-06-26 14:16 - 2015-06-30 18:07 - 00000000 ____D C:\Users\luk\AppData\Local\SkypePlugin
2015-06-26 00:08 - 2015-07-06 17:34 - 00000000 ____D C:\Users\luk\A
2015-06-26 00:08 - 2015-06-26 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-06-26 00:08 - 2015-06-26 00:08 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-06-26 00:07 - 2015-06-26 00:08 - 00000000 ____D C:\Users\luk\AppData\Roaming\DVDVideoSoft
2015-06-26 00:07 - 2015-06-26 00:08 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-06-25 23:01 - 2015-06-25 23:12 - 00000000 _____ C:\Windows\SysWOW64\Access.dat
2015-06-25 22:59 - 2015-06-25 23:31 - 00000000 ____D C:\Users\luk\AppData\Roaming\Tunngle
2015-06-25 22:59 - 2015-06-25 22:59 - 00000000 ____D C:\Users\luk\Documents\Tunngle
2015-06-25 22:59 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2015-06-25 22:39 - 2015-06-25 22:46 - 00000000 ____D C:\Users\luk\AppData\Roaming\Wippien
2015-06-25 22:39 - 2011-04-23 20:30 - 00033160 _____ (WeOnlyDo Software) C:\Windows\system32\Drivers\wod0205.sys
2015-06-25 22:32 - 2015-06-25 22:32 - 36468360 _____ (DVDVideoSoft Ltd. ) C:\Users\luk\Downloads\FreeYouTubeToMP3Converter_3.12.59.616.exe
2015-06-25 00:06 - 2015-06-25 00:06 - 00000000 ___SH C:\Users\luk\AppData\Local\LumaEmu
2015-06-25 00:02 - 2015-06-25 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal 2
2015-06-24 23:38 - 2015-06-24 23:38 - 00000000 ____D C:\Program Files (x86)\Games
2015-06-24 22:29 - 2015-06-24 23:37 - 00000000 ____D C:\Users\luk\Downloads\Portal.2.incl.upd30-NSIS
2015-06-24 22:25 - 2015-06-24 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-24 22:07 - 2015-06-24 22:08 - 00000000 ____D C:\Program Files (x86)\Cracked Steam
2015-06-24 21:58 - 2015-07-16 15:19 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-24 20:40 - 2015-06-24 20:40 - 00000560 _____ C:\Windows\wmsetup.log
2015-06-24 12:20 - 2015-06-24 12:20 - 00000000 ____D C:\Users\luk\AppData\Local\SKIDROW
2015-06-23 23:06 - 2015-06-24 12:49 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-06-23 20:25 - 2015-06-23 20:25 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-06-23 12:10 - 2015-06-23 12:10 - 00000000 ____D C:\Users\luk\Documents\FLiNGTrainer
2015-06-22 23:26 - 2015-06-22 23:26 - 00000000 ____D C:\Users\luk\Documents\EA Games
2015-06-22 23:26 - 2015-06-22 23:26 - 00000000 ____D C:\Users\luk\AppData\Local\EA Games
2015-06-22 23:22 - 2015-06-22 23:22 - 00000000 ____D C:\Users\luk\AppData\Local\Dead Space 3
2015-06-22 23:21 - 2015-06-22 23:21 - 00000000 ____D C:\Program Files (x86)\EA
2015-06-22 20:49 - 2015-06-24 22:24 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2015-06-22 20:49 - 2015-06-22 20:49 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-22 18:03 - 2015-06-22 18:03 - 00000020 ___SH C:\Users\LogMeInRemoteUser\ntuser.ini
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Vorlagen
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Startmenü
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Netzwerkumgebung
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Lokale Einstellungen
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Eigene Dateien
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Druckumgebung
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Documents\Eigene Musik
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Documents\Eigene Bilder
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\AppData\Local\Verlauf
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\AppData\Local\Anwendungsdaten
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Anwendungsdaten
2015-06-22 18:03 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-22 18:03 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-22 17:53 - 2015-06-25 01:42 - 00000000 ____D C:\Users\luk\AppData\Local\LogMeInIgnition
2015-06-22 17:52 - 2015-07-15 22:51 - 00001004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-06-22 17:52 - 2015-07-15 22:51 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-06-22 17:52 - 2015-07-15 22:51 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2015-06-22 17:52 - 2015-07-15 22:50 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-06-22 17:52 - 2015-07-15 22:50 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-06-22 17:52 - 2015-07-15 22:50 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-06-22 17:52 - 2015-06-24 18:55 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll.000.bak
2015-06-22 17:52 - 2015-06-22 17:52 - 00001024 _____ C:\.rnd
2015-06-22 17:52 - 2015-05-27 17:09 - 00072216 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys
2015-06-22 17:40 - 2015-07-16 14:45 - 00000000 ____D C:\Users\luk\AppData\Local\LogMeIn Hamachi
2015-06-22 17:40 - 2015-07-16 14:45 - 00000000 ____D C:\ProgramData\LogMeIn
2015-06-22 17:40 - 2015-06-22 17:40 - 00000000 ____D C:\Users\luk\AppData\Local\LogMeIn
2015-06-22 17:32 - 2015-06-22 17:32 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\ProgramData\Sun
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\ProgramData\Oracle
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\Program Files\Java
2015-06-22 16:59 - 2015-06-22 16:59 - 00000000 ____D C:\Users\luk\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-06-22 14:53 - 2015-06-22 16:01 - 00000000 ____D C:\Users\luk\Documents\ArmA 2
2015-06-22 14:53 - 2015-06-22 14:53 - 00000000 ____D C:\Users\luk\AppData\Local\ArmA 2 OA
2015-06-22 14:53 - 2015-06-22 14:53 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2015-06-22 14:50 - 2015-06-22 14:50 - 00000000 ____D C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-06-22 13:19 - 2015-06-24 12:49 - 00000000 ____D C:\Users\luk\Documents\My Games
2015-06-22 13:15 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-06-22 13:15 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-06-22 13:15 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-06-22 13:15 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-06-22 13:15 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-06-22 13:15 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-06-22 13:15 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-06-22 13:15 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-06-22 13:15 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-06-22 13:15 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-06-22 13:15 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-06-22 13:15 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-06-22 13:15 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-06-22 13:15 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-06-22 13:15 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-06-22 13:15 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-06-22 13:15 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-06-22 13:15 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-06-22 13:15 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-06-22 13:15 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-06-22 13:15 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-06-22 13:15 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-06-22 13:15 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-06-22 13:15 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-06-22 13:15 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-06-22 13:15 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-06-22 13:15 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-06-22 13:15 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-06-22 13:15 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-06-22 13:15 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-06-22 13:15 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-06-22 13:15 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-06-22 13:15 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-06-22 13:15 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-06-22 13:15 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-06-22 13:15 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-06-22 13:15 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-06-22 13:15 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-06-22 13:15 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-06-22 13:15 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-06-22 13:15 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-06-22 13:15 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-06-22 13:15 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-06-22 13:15 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-06-22 13:15 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-06-22 13:15 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-06-22 13:15 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-06-22 13:15 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-06-22 13:15 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-06-22 13:15 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-06-22 13:15 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-06-22 13:15 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-06-22 13:15 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-06-22 13:15 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-06-22 13:15 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-06-22 13:15 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-06-22 13:15 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-06-22 13:15 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-06-22 13:15 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-06-22 13:15 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-06-22 13:15 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-06-22 13:15 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-06-22 13:15 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-06-22 13:15 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-06-22 13:15 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-06-22 13:15 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-06-22 13:15 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-06-22 13:15 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-06-22 13:15 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-06-22 13:15 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-06-22 13:15 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-06-22 13:15 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-06-22 13:15 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-06-22 12:47 - 2015-06-22 12:47 - 00000000 ____D C:\Users\luk\AppData\Roaming\java
2015-06-22 12:47 - 2015-06-22 12:47 - 00000000 ____D C:\Users\luk\AppData\Roaming\.minecraft
2015-06-22 12:46 - 2015-06-22 12:47 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-06-22 12:46 - 2015-06-22 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-06-22 12:09 - 2015-06-22 12:09 - 00000000 ____D C:\Users\luk\Tracing
2015-06-22 12:09 - 2015-06-22 12:09 - 00000000 ____D C:\Users\luk\AppData\Local\Skype
2015-06-22 12:08 - 2015-07-13 19:48 - 00000000 ____D C:\Users\luk\AppData\Roaming\Skype
2015-06-22 12:08 - 2015-07-13 19:30 - 00000000 ____D C:\ProgramData\Skype
2015-06-22 12:08 - 2015-06-22 12:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-22 12:08 - 2015-06-22 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-22 11:01 - 2015-06-22 11:01 - 00000000 ____D C:\Users\luk\AppData\Roaming\SmartSteamEmu
2015-06-22 10:55 - 2015-06-22 10:55 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-06-22 10:55 - 2015-06-22 10:55 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-06-22 10:53 - 2015-07-15 11:31 - 00000000 ____D C:\ProgramData\TEMP
2015-06-21 21:19 - 2015-07-15 23:35 - 00000000 ____D C:\Users\luk\AppData\Local\CrashDumps
2015-06-21 20:52 - 2015-06-21 20:50 - 00238376 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2015-06-21 20:37 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-06-21 20:37 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-06-21 20:37 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-21 20:37 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-06-21 20:37 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-06-21 19:49 - 2015-06-21 19:49 - 00000047 _____ C:\Users\luk\Documents\mt-x_hook.txt
2015-06-21 19:49 - 2015-06-21 19:49 - 00000007 _____ C:\Users\luk\Documents\mt-e_hook.txt
2015-06-20 16:11 - 2015-06-20 18:57 - 00000000 ____D C:\Users\luk\Documents\Virtual Machines
2015-06-20 16:08 - 2015-06-30 20:55 - 00000000 ____D C:\Users\luk\AppData\Roaming\VMware
2015-06-20 16:08 - 2015-06-29 22:13 - 00000000 ____D C:\Users\luk\AppData\Local\VMware
2015-06-20 15:47 - 2015-06-30 20:56 - 00000000 ____D C:\ProgramData\VMware
2015-06-20 15:39 - 2015-06-30 19:44 - 00000000 ____D C:\Users\luk\AppData\Roaming\uTorrent
2015-06-20 15:27 - 2015-07-09 13:08 - 00058016 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\Documents\Bluetooth Folder
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Synaptics
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ATI
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Atheros
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\BMExplorer
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\ATI
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\Adobe
2015-06-20 15:26 - 2015-07-12 20:14 - 00000000 ____D C:\Users\Gast
2015-06-20 15:26 - 2015-07-12 20:08 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-20 15:26 - 2015-07-12 20:08 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-20 15:26 - 2015-07-09 13:06 - 00002247 _____ C:\Users\Gast\Desktop\Google Chrome.lnk
2015-06-20 15:26 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2015-06-20 15:26 - 2015-06-20 15:26 - 00001421 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-20 15:26 - 2015-06-20 15:26 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
2015-06-20 15:25 - 2015-07-15 13:07 - 00000821 _____ C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-16 15:50 - 2015-06-10 22:38 - 02010631 _____ C:\Windows\WindowsUpdate.log
2015-07-16 15:26 - 2015-06-10 23:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-16 15:20 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-07-15 23:26 - 2015-06-10 23:36 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 23:26 - 2015-06-10 23:36 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 23:26 - 2015-06-10 23:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 23:23 - 2015-06-14 13:03 - 00000000 ____D C:\ProgramData\Origin
2015-07-15 18:33 - 2015-06-12 21:11 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 13:07 - 2015-06-14 12:44 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-15 13:07 - 2015-06-14 12:44 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-15 13:07 - 2015-06-10 22:52 - 00001425 _____ C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-15 12:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-15 12:17 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-15 11:42 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-15 11:40 - 2010-11-21 05:47 - 00160240 _____ C:\Windows\PFRO.log
2015-07-15 11:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-15 11:12 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-15 00:56 - 2015-06-14 12:44 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434278682
2015-07-15 00:56 - 2015-06-14 12:44 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-14 09:39 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-13 23:27 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-13 23:26 - 2015-06-14 13:05 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-07-13 18:16 - 2009-07-14 04:34 - 00000505 _____ C:\Windows\win.ini
2015-07-13 16:51 - 2015-06-10 22:51 - 00000000 ____D C:\Users\luk
2015-07-13 13:30 - 2009-07-14 06:45 - 00027424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-13 13:30 - 2009-07-14 06:45 - 00027424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-13 12:34 - 2015-06-13 18:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-12 21:33 - 2015-06-13 13:53 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-12 20:08 - 2015-06-14 10:25 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-12 20:08 - 2015-06-13 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-12 20:08 - 2015-06-13 13:50 - 00000000 ____D C:\Program Files\AMD
2015-07-12 20:08 - 2015-06-12 10:42 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-12 20:08 - 2015-06-10 23:36 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-12 20:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-07-09 13:11 - 2015-06-10 07:31 - 00000000 ____D C:\AMD
2015-07-05 19:16 - 2015-06-12 21:26 - 00000000 ____D C:\Users\luk\AppData\Roaming\Maxthon3
2015-07-04 13:49 - 2015-06-14 13:03 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-07-03 12:04 - 2015-06-12 21:51 - 00097802 _____ C:\Windows\DirectX.log
2015-07-03 08:43 - 2015-06-12 21:11 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-03 00:05 - 2015-06-14 13:04 - 00000000 ____D C:\Users\luk\AppData\Roaming\Origin
2015-07-03 00:04 - 2015-06-14 13:03 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-30 20:56 - 2011-04-12 09:43 - 00698926 _____ C:\Windows\system32\perfh007.dat
2015-06-30 20:56 - 2011-04-12 09:43 - 00149034 _____ C:\Windows\system32\perfc007.dat
2015-06-28 00:56 - 2015-06-14 19:53 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-27 20:09 - 2009-07-14 07:13 - 01626438 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-25 23:38 - 2015-06-12 10:43 - 00058016 _____ C:\Users\luk\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-25 23:35 - 2009-07-14 06:45 - 04933736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-25 23:01 - 2015-06-14 19:40 - 00000000 ____D C:\Users\luk\AppData\Local\Adobe
2015-06-25 22:40 - 2015-06-10 22:52 - 00000000 ____D C:\Users\luk\AppData\Local\VirtualStore
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-23 07:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-22 16:11 - 2015-06-12 21:50 - 00000000 ____D C:\Users\luk\AppData\Local\Warframe
2015-06-21 21:45 - 2015-06-10 23:37 - 00000000 ____D C:\Users\luk\AppData\Roaming\Adobe
2015-06-21 19:21 - 2015-06-14 12:03 - 00000000 ____D C:\Program Files\Bitdefender
2015-06-20 15:48 - 2015-06-12 11:52 - 01646762 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-20 15:28 - 2015-06-10 23:23 - 00000000 ____D C:\Users\luk\Documents\Bluetooth Folder
2015-06-20 15:27 - 2015-06-13 10:50 - 00000000 ____D C:\ProgramData\Atheros
2015-06-19 21:20 - 2015-06-14 12:03 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-06-19 20:49 - 2015-06-14 12:21 - 00000412 _____ C:\Windows\system32\checkdnsid.xml

==================== Files in the root of some directories =======

2015-06-25 00:06 - 2015-06-25 00:06 - 0000000 ___SH () C:\Users\luk\AppData\Local\LumaEmu

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 16:33

==================== End of log ============================
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.0 (07.15.2015:1)
OS: Windows 7 Home Premium x64
Ran by luk on 16.07.2015 at 15:46:15,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\APN PIP
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\miuitab
Successfully deleted: [Folder] C:\ProgramData\windowsmangerprotect
Successfully deleted: [Folder] C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066



~~~ FireFox

Successfully deleted: [Folder] C:\Users\luk\AppData\Roaming\mozilla\firefox\profiles\85c1d7qa.default\extensions\staged
Successfully deleted the following from C:\Users\luk\AppData\Roaming\mozilla\firefox\profiles\85c1d7qa.default\prefs.js

user_pref(browser.search.searchengine.alias, oursurfing);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://www.oursurfing.com/web/favicon.ico);
user_pref(browser.search.searchengine.name, oursurfing);
user_pref(browser.search.searchengine.ptid, buzz);
user_pref(browser.search.searchengine.uid, WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81);
user_pref(browser.search.searchengine.url, hxxp://www.oursurfing.com/web/?type=dspp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22



~~~ Chrome


[C:\Users\luk\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\luk\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\luk\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\luk\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.07.2015 at 15:51:10,00
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 16.07.2015, 14:57   #9
Lukas992
 
Programme werden einfach installiert - Standard

Programme werden einfach installiert



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 16.07.2015
Suchlauf-Zeit: 14:53:45
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.07.16.03
Rootkit Datenbank: v2015.07.15.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: luk

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 448960
Verstrichene Zeit: 25 Min, 49 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 3
PUP.Optional.WProtectManager.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1676, Löschen bei Neustart, [bfb45092becc43f3c03675f00ff65fa1]
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, 2068, Löschen bei Neustart, [d69d37ab73170c2a6437fe5dfe037d83]
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\CmdShell.exe, 3456, Löschen bei Neustart, [442f786ab2d80135c32553ae18eb2dd3]

Module: 4
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, Löschen bei Neustart, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, Löschen bei Neustart, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, Löschen bei Neustart, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, Löschen bei Neustart, [442f786ab2d80135c32553ae18eb2dd3], 

Registrierungsschlüssel: 69
PUP.Optional.WProtectManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, In Quarantäne, [bfb45092becc43f3c03675f00ff65fa1], 
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [d69d37ab73170c2a6437fe5dfe037d83], 
PUP.Optional.WordShark.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wsfd_vt_1_10_0_20, In Quarantäne, [393a81613555979fdbed7838907106fa], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [afc45e84e9a12115c6af1b656c96d729], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [afc45e84e9a12115c6af1b656c96d729], 
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [afc45e84e9a12115c6af1b656c96d729], 
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\HighDefAction, In Quarantäne, [79faa43eb4d614228c4c9bf5df252bd5], 
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\YorkNewCin, In Quarantäne, [6a097d656129300631b2454b33d1ca36], 
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD, In Quarantäne, [6e05915192f8ef47cfead5b728dc02fe], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [155e5a88ccbe37ffd341ec5716ed3dc3], 
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [85ee9d451a70db5b5a942468dc28629e], 
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [a0d3c919cdbd61d559a67b1664a00ff1], 
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\WOW6432NODE\AskPartnerNetwork, In Quarantäne, [f281ce149bef68cefddca163a45fe31d], 
PUP.Optional.CinemaPlus.A, HKLM\SOFTWARE\WOW6432NODE\CinemaPlus-3.2cV14.07, In Quarantäne, [8fe4dc06cbbf58de900c9389f70c46ba], 
PUP.Optional.FFPluginHp.A, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp, In Quarantäne, [b6bdbf232a60c571ca22be4731d2768a], 
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, In Quarantäne, [87ec09d99af0fb3b28b0fb95a95bba46], 
PUP.Optional.ICinema.A, HKLM\SOFTWARE\WOW6432NODE\I - Cinema, In Quarantäne, [ed86df03a6e457df021c959625dee11f], 
PUP.Optional.ICinema.A, HKLM\SOFTWARE\WOW6432NODE\I - Cinema-nv, In Quarantäne, [cda6b42eb5d545f125f989a236cd9a66], 
PUP.Optional.ICinema.A, HKLM\SOFTWARE\WOW6432NODE\I - Cinema-nv-ie, In Quarantäne, [e39037ab4c3e67cff22c87a440c343bd], 
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [046f8260a8e2ce68de9c9581788b659b], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [670c8c56abdfe55150af0349b251d828], 
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\oursurfingSoftware, In Quarantäne, [1a59cb17355544f215d8d62f709351af], 
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, In Quarantäne, [d79c82607119ce688cc5d3a801039c64], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WajIntEnhance, In Quarantäne, [dd960ed46129b28457df51c2a95a2bd5], 
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, In Quarantäne, [dc97449e246646f0687b117f8a7a7b85], 
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [5d1609d9c6c48da9b8d60afc42c1ba46], 
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, In Quarantäne, [244f954dfc8e94a2b5043c5041c322de], 
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, In Quarantäne, [4f24657dfc8e2d09a1800e82976dfa06], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [4f24e4fee1a9ef47957f86bdc53eb54b], 
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [df947b6706841b1bdf0f07850ff542be], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantäne, [eb88cf131b6f7bbbb0adb15f8a790ef2], 
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantäne, [79fabb27f29854e2e47809076d96fc04], 
PUP.Optional.Vosteran, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantäne, [155e7a681575e15522be69b4798a0ff1], 
PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantäne, [81f25b872565ab8b3526c749c043a060], 
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{c31ed948}, In Quarantäne, [1a59687a67238bab5df8147cb450966a], 
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [096a17cb5d2d0b2b48b70b86a95b1ae6], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, In Quarantäne, [77fc6082dbaf2a0c54fe5fcab74cd12f], 
PUP.Optional.WordShark.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wssvc_1.10.0.20, In Quarantäne, [1261ad35028860d63830caca768edb25], 
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [e093e6fc19711d1985a21e02996ae020], 
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, In Quarantäne, [561df4ee91f954e2698baee5679df709], 
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, In Quarantäne, [ff74ba282862c2749f1da0ec1be9dd23], 
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\AskPartnerNetwork, In Quarantäne, [4033f3ef97f3ce68c3158183e71c1ce4], 
PUP.Optional.CinemaPlus.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\Cinema_Plus-6.1cV13.07-nv-ie, In Quarantäne, [5221677b17730e28d463ca66cb383bc5], 
PUP.Optional.HighDefAction.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\HighDefAction, In Quarantäne, [80f3b32fb2d837ff8c4b8a06778d728e], 
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\HomeTab, In Quarantäne, [492a865c2b5f6bcbc97f68d00af95ea2], 
PUP.Optional.ICinema.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\I - Cinema, In Quarantäne, [363dd1110c7e4aec65b8d259847f19e7], 
PUP.Optional.ICinema.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\I - Cinema-nv, In Quarantäne, [dd960cd61a705dd920fde5469d6647b9], 
PUP.Optional.ICinema.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\I - Cinema-nv-ie, In Quarantäne, [f97a62806228c47256c72a01fa090000], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\SearchProtectWS, In Quarantäne, [a2d1a33fe3a794a284dbd53bc43ffe02], 
PUP.Optional.TNT.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\TNT2, In Quarantäne, [b1c28b57b9d14beb0603d53df90a0af6], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\WajIEnhance, In Quarantäne, [235001e1464468cecc4038e024df817f], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\WajIntEnhance, In Quarantäne, [6d068e540b7fe056d6613ad9ad5660a0], 
PUP.Optional.YorkNewCin.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\YorkNewCin, In Quarantäne, [6a09b62c7a1088ae35ad018f699b1fe1], 
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\ARENAHD, In Quarantäne, [d3a0954d46448da95a5efe8ea3619868], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\30935, In Quarantäne, [ea890dd548427cbaeb4e43e38b78c53b], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Cinema PlusV14.07, In Quarantäne, [2f4413cf1872261025f9a07c1ee5ca36], 
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [99dabe244d3d9c9a816cd1bbc143817f], 
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, In Quarantäne, [00732fb3fa903cfa8568d1bb8f757f81], 
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [c9aa30b26f1bcc6a0edf92fa6d97fc04], 
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, In Quarantäne, [e58ecb171f6b12242cc1a4e85da7b54b], 
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}, In Quarantäne, [b0c38062ccbe0d291fce3656867e59a7], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, In Quarantäne, [9cd7756d6f1b0a2c0af941cc5da63fc1], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IminentToolbar, In Quarantäne, [a2d103df4b3fc076b2526da01ae9cd33], 
PUP.Optional.Linkey.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, In Quarantäne, [343fe3ff503a63d3c63fb25b907346ba], 
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SearchProtect, In Quarantäne, [c3b09949147622149cb28a027c883cc4], 
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Vosteran.com, In Quarantäne, [4d26cd15206aae884cbaaa63b1527d83], 
PUP.Optional.Wajam.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WajIntEnhance, In Quarantäne, [4e25eef43e4cf83ee91e54b9ab58956b], 
PUP.Optional.FastSearch.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [9ad9e3ffafdbd561155a986d3cc78a76], 
PUP.Optional.HomeTab.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\SIMPLYTECH\HomeTab, In Quarantäne, [ef843fa3e0aa76c0ec6d7ccd6a99f010], 

Registrierungswerte: 27
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD|value, 1, In Quarantäne, [6e05915192f8ef47cfead5b728dc02fe]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, In Quarantäne, [462dca18f5953ef8408464289d6720e0]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, In Quarantäne, [85ee9d451a70db5b5a942468dc28629e]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.oursurfing.com/web/?type=dspp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}, In Quarantäne, [a4cf736f5a30ea4cb737bbd192727888]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [a0d3c919cdbd61d559a67b1664a00ff1]
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, In Quarantäne, [244f954dfc8e94a2b5043c5041c322de]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, In Quarantäne, [0a69479b256586b0809cd533cc37ec14]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, In Quarantäne, [a8cb489a404a3ff7f9cbeaa2659fc937]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, In Quarantäne, [df947b6706841b1bdf0f07850ff542be]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.oursurfing.com/web/?type=ds&ts=1436951527&z=9c85476b42a94ffe303f061g7z4caqct4w0g8w2o7w&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}, In Quarantäne, [9ad9b9297713b08644aa4c40040020e0]
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|searchffv2@gmail.com, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com, In Quarantäne, [60136c766525ec4aa4f36d22f70deb15]
PUP.Optional.SweetSearch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|sweetsearch@gmail.com, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com, In Quarantäne, [1f549052aedc49eda438c73f996a3cc4]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, In Quarantäne, [096a17cb5d2d0b2b48b70b86a95b1ae6]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, buzz, In Quarantäne, [77fc6082dbaf2a0c54fe5fcab74cd12f]
PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wsfd_vt_1_10_0_20|ImagePath, system32\drivers\wsfd_vt_1_10_0_20.sys, In Quarantäne, [7003964ca0ea2f07cfa72a6e0ff5cb35]
PUP.Optional.Vitruvian.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\wssvc_1.10.0.20|ImagePath, "C:\Program Files (x86)\WordShark_1.10.0.20\Service\wssvc.exe", In Quarantäne, [beb56e74dab049edee823e50887c4ab6]
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\ARENAHD|value, 1, In Quarantäne, [d3a0954d46448da95a5efe8ea3619868]
PUP.Optional.PCTuner.C, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\HIGHDEFACTION|value, 1, In Quarantäne, [fc77d30f99f1e1559c26bad206feab55]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=buzz&utm_campaign=install_ie&utm_content=ds&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&ts=1436951546&type=default&q={searchTerms}, In Quarantäne, [99dabe244d3d9c9a816cd1bbc143817f]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=buzz&utm_campaign=install_ie&utm_content=ds&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&ts=1436951546&type=default&q={searchTerms}, In Quarantäne, [00732fb3fa903cfa8568d1bb8f757f81]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, hxxp://www.oursurfing.com//favicon.ico, In Quarantäne, [0b681ec42466a195628b078543c13bc5]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, In Quarantäne, [c9aa30b26f1bcc6a0edf92fa6d97fc04]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.oursurfing.com/web/?type=dspp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}, In Quarantäne, [85eed01251394beb6b8292fa8c7815eb]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURL, hxxp://www.oursurfing.com/web/?type=ds&ts=1436951527&z=9c85476b42a94ffe303f061g7z4caqct4w0g8w2o7w&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}, In Quarantäne, [7ff4da08cdbd71c516d77715e91b52ae]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=buzz&utm_campaign=install_ie&utm_content=ds&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&ts=1436951546&type=default&q={searchTerms}, In Quarantäne, [e58ecb171f6b12242cc1a4e85da7b54b]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}|URL, hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=buzz&utm_campaign=install_ie&utm_content=ds&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&ts=1436951546&type=default&q={searchTerms}, In Quarantäne, [b0c38062ccbe0d291fce3656867e59a7]
PUP.Optional.FastSearch.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MOZILLA\EXTENDS|appid, searchffv2@gmail.com, In Quarantäne, [9ad9e3ffafdbd561155a986d3cc78a76]

Registrierungsdaten: 9
PUP.Optional.HttpBreaker.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81),Ersetzt,[52213ca6dbafb482d6f4929321e46799]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[81f215cd45450432199649e8b5500df3]
PUP.Optional.HttpBreaker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81),Ersetzt,[4330cf131575cf674b7f9d8845c0ee12]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.oursurfing.com/web/?type=ds&ts=1436951527&z=9c85476b42a94ffe303f061g7z4caqct4w0g8w2o7w&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/web/?type=ds&ts=1436951527&z=9c85476b42a94ffe303f061g7z4caqct4w0g8w2o7w&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}),Ersetzt,[ec8733af3b4f072f6ff1102327de5ba5]
PUP.Optional.HttpBreaker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81),Ersetzt,[d2a1d60c0486da5cbb0fce571fe61fe1]
PUP.Optional.OurSurfing.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.oursurfing.com/web/?type=ds&ts=1436951527&z=9c85476b42a94ffe303f061g7z4caqct4w0g8w2o7w&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/web/?type=ds&ts=1436951527&z=9c85476b42a94ffe303f061g7z4caqct4w0g8w2o7w&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}),Ersetzt,[e48f11d1523884b2560a979c14f154ac]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[096a8a58aedc4ee8614e56db46bf16ea]
PUP.Optional.HttpBreaker.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81),Ersetzt,[680b3aa8197102348245d4518d789e62]
PUP.Optional.OurSurfing.A, HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.oursurfing.com/web/?type=dspp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.oursurfing.com/web/?type=dspp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}),Ersetzt,[cda6885ad5b58fa70059e74cfc09b848]

Ordner: 80
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV14.07, In Quarantäne, [2f442eb4c4c60a2c94fb26df768d55ab], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\I - Cinema, In Quarantäne, [7003944e1f6b4bebff905baa9b685fa1], 
PUP.Optional.MultiPlug.Gen, C:\Users\luk\AppData\Roaming\B835A680-1434213268-E311-B039-F8A963069189, In Quarantäne, [d49f0dd569210e28a0ed9ced9371827e], 
PUP.Optional.OptimizerPro.A, C:\Users\luk\Documents\Optimizer Pro, In Quarantäne, [aac9ba28404a6fc7f3afc0d16b9934cc], 
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Msixakneo\1.0.4.1, In Quarantäne, [a3d02cb64d3d1e18617a187e857faa56], 
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Msixakneo, In Quarantäne, [a3d02cb64d3d1e18617a187e857faa56], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Löschen bei Neustart, [294a17cb0783de5807d46a79c73b5ea2], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [294a17cb0783de5807d46a79c73b5ea2], 
PUP.Optional.CrossRider.A, C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dimfohdigjaffdaanhmbocfkpolglnjk, In Quarantäne, [0172835fddadd85e122c5d992cd66a96], 
PUP.Optional.CrossRider.A, C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dimfohdigjaffdaanhmbocfkpolglnjk_0, In Quarantäne, [50239949becc10260f305f97fb07cb35], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [6e05c31f018938fedf02aa4dab5719e7], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [6e05c31f018938fedf02aa4dab5719e7], 
PUP.Optional.SweetSearch.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com, In Quarantäne, [beb5885a76142a0c88b3936caa587d83], 
PUP.Optional.SweetSearch.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com\chrome, In Quarantäne, [beb5885a76142a0c88b3936caa587d83], 
PUP.Optional.SweetSearch.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com\chrome\content, In Quarantäne, [beb5885a76142a0c88b3936caa587d83], 
PUP.Optional.SweetSearch.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com\chrome\skin, In Quarantäne, [beb5885a76142a0c88b3936caa587d83], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\include, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\include\tools, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\lib, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\module, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\pack, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\en, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\en-US, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\es, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\es-419, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr-BE, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CA, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CH, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr-LU, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\it, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\it-CH, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\pl, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\pt-BR, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\ru, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\ru-MO, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\tr, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\vi, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\zh-CN, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\zh-TW, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\defaults, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\defaults\preferences, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2, In Quarantäne, [8be83fa3b7d3f640273c89785da6c739], 
PUP.Optional.OptimizerPro.A, C:\Users\luk\AppData\Roaming\Optimizer Pro, In Quarantäne, [8ae9a73b2268ed4962138f72a36014ec], 
PUP.Optional.OptimizerPro.A, C:\Users\luk\AppData\Roaming\Optimizer Pro\Backup, In Quarantäne, [8ae9a73b2268ed4962138f72a36014ec], 
PUP.Optional.OptimizerPro.A, C:\Users\luk\AppData\Roaming\Optimizer Pro\Log, In Quarantäne, [8ae9a73b2268ed4962138f72a36014ec], 
PUP.Optional.OptimizerPro.A, C:\Users\luk\AppData\Roaming\Optimizer Pro\Undo, In Quarantäne, [8ae9a73b2268ed4962138f72a36014ec], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab, Löschen bei Neustart, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\image, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 

Dateien: 169
PUP.Optional.WProtectManager.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Löschen bei Neustart, [bfb45092becc43f3c03675f00ff65fa1], 
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, Löschen bei Neustart, [d69d37ab73170c2a6437fe5dfe037d83], 
PUP.Optional.WordShark.A, C:\Windows\System32\drivers\wsfd_vt_1_10_0_20.sys, In Quarantäne, [393a81613555979fdbed7838907106fa], 
PUP.Optional.LuckyTab.A, C:\Program Files (x86)\MiuiTab\SupTab.dll, In Quarantäne, [afc45e84e9a12115c6af1b656c96d729], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV14.07\utils.exe, In Quarantäne, [640f0bd74d3dc47261dcea74d0354bb5], 
PUP.Optional.Multiplug.A, C:\Program Files (x86)\SmartVideo For YouTube\SmartVideo For YouTube.exe, In Quarantäne, [1360c022f496c86e78c07325a55cf709], 
PUP.Optional.Amonetize, C:\Program Files (x86)\Windows 7 Activator\Windows 7 Activator__12215_il261955.exe, In Quarantäne, [eb8872702b5f3afcddbbb3065aa7b34d], 
PUP.Optional.Unizeto, C:\Program Files (x86)\Windows 7 Activator\Windows 7 Loader.exe, In Quarantäne, [5f14aa3889012016c5a06006af564bb5], 
Trojan.Agent, C:\Program Files (x86)\Windows 7 Activator\Windows7Loader.exe, In Quarantäne, [2251bd25008a46f0777d7a9e9570ae52], 
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll, In Quarantäne, [ea89c41ee4a63ef890376ab09f669868], 
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll, In Quarantäne, [f08341a1701a44f256712bef40c52fd1], 
PUP.Optional.SearchProtect, C:\Program Files (x86)\MiuiTab\BrowserAction.dll, In Quarantäne, [116216cc2763e94dc2c67714f11060a0], 
PUP.Optional.iCinema.A, C:\Program Files (x86)\I - Cinema\bca0778f-2663-4b49-a8bb-c8b1bb0592af-64.exe, In Quarantäne, [fc77f1f10d7da88e11d0b2d100012dd3], 
PUP.Optional.Nova.A, C:\Program Files (x86)\I - Cinema\0192576e-0873-4478-9063-229fd71b8d75.dll, In Quarantäne, [93e0469c107a66d07906adac15ec41bf], 
PUP.Optional.Crossrider, C:\Program Files (x86)\I - Cinema\d1b67c0c-7f49-43ab-8c87-19cdc2d6d723.dll, In Quarantäne, [5e1550924e3cd85e76837339d62b1be5], 
PUP.Optional.Winsock.HijackBoot, C:\Windows\System32\Veubduqu64.dll, In Quarantäne, [4231d012810969cdbb6e783d36cb7888], 
PUP.Optional.Winsock.HijackBoot, C:\Windows\SysWOW64\Veubduqu.dll, In Quarantäne, [561d865c3258201638f0466f1ae72ad6], 
PUP.Optional.WordShark.A, C:\Windows\System32\drivers\wsfd_vw_1_10_0_20.sys, In Quarantäne, [c0b3489a8cfec076d5f3664a16ebfc04], 
PUP.Optional.Giga, C:\Users\luk\Downloads\RAR-Password-Recovery-lnstall.exe, In Quarantäne, [9bd8ce149feb1f171a2f010aa461f50b], 
PUP.Optional.OutBrowse, C:\Users\luk\Downloads\Windows 7 Activator.zip, In Quarantäne, [e68dab37cac036000748b8ffc23fec14], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV14.07\bgNova.html, In Quarantäne, [2f442eb4c4c60a2c94fb26df768d55ab], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\CinemaPlus-3.2cV14.07\1293297481.mxaddon, In Quarantäne, [2f442eb4c4c60a2c94fb26df768d55ab], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\I - Cinema\bgNova.html, In Quarantäne, [7003944e1f6b4bebff905baa9b685fa1], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\I - Cinema\0192576e-0873-4478-9063-229fd71b8d75.crx, In Quarantäne, [7003944e1f6b4bebff905baa9b685fa1], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\I - Cinema\1293297481.mxaddon, In Quarantäne, [7003944e1f6b4bebff905baa9b685fa1], 
PUP.Optional.CrossRider.A, C:\Program Files (x86)\I - Cinema\bca0778f-2663-4b49-a8bb-c8b1bb0592af.crx, In Quarantäne, [7003944e1f6b4bebff905baa9b685fa1], 
PUP.Optional.MultiPlug.Gen, C:\Users\luk\AppData\Roaming\B835A680-1434213268-E311-B039-F8A963069189\vnsnDD5C.tmp, In Quarantäne, [d49f0dd569210e28a0ed9ced9371827e], 
PUP.Optional.OptimizerPro.A, C:\Users\luk\Documents\Optimizer Pro\CookiesException.txt, In Quarantäne, [aac9ba28404a6fc7f3afc0d16b9934cc], 
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Msixakneo\1.0.4.1\ufumosra.exe.config, In Quarantäne, [a3d02cb64d3d1e18617a187e857faa56], 
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Msixakneo\1.0.4.1\sqlite3.dll, In Quarantäne, [a3d02cb64d3d1e18617a187e857faa56], 
PUP.Optional.PullUpdate.Gen, C:\ProgramData\Msixakneo\dat.dat, In Quarantäne, [a3d02cb64d3d1e18617a187e857faa56], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, In Quarantäne, [294a17cb0783de5807d46a79c73b5ea2], 
PUP.Optional.SweetSearch.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com\chrome.manifest, In Quarantäne, [beb5885a76142a0c88b3936caa587d83], 
PUP.Optional.SweetSearch.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com\install.rdf, In Quarantäne, [beb5885a76142a0c88b3936caa587d83], 
PUP.Optional.SweetSearch.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com\chrome\content\toolbar.js, In Quarantäne, [beb5885a76142a0c88b3936caa587d83], 
PUP.Optional.SweetSearch.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com\chrome\content\toolbar.xul, In Quarantäne, [beb5885a76142a0c88b3936caa587d83], 
PUP.Optional.SweetSearch.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com\chrome\skin\icon.png, In Quarantäne, [beb5885a76142a0c88b3936caa587d83], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome.manifest, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\install.rdf, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\index.html, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\quick_start.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\js.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\lib\doT.min.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\lib\jquery-2.1.0.min.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\lib\jquery.autocomplete.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\module\hotSearch.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\module\mostgrid.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\module\search.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\module\stat.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\pack\common.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\pack\ga.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\content\js\pack\xagainit.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin\icon.png, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin\loading.gif, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin\logo.png, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin\newtab.ico, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin\simple.css, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\chrome\skin\style.css, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\defaults\preferences\preferences.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\addonmanager.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\aes.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\config.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\dialogs.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\last_tab.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\misc.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\properties.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\remoterequest.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\restoreprefs.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.FastStart.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com\modules\settings.js, In Quarantäne, [93e0bd25a6e45adc5686d62af90a17e9], 
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Hilfe.lnk, In Quarantäne, [8be83fa3b7d3f640273c89785da6c739], 
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro entfernen.lnk, In Quarantäne, [8be83fa3b7d3f640273c89785da6c739], 
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro im Internet.lnk, In Quarantäne, [8be83fa3b7d3f640273c89785da6c739], 
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro.lnk, In Quarantäne, [8be83fa3b7d3f640273c89785da6c739], 
PUP.Optional.OptimizerPro.A, C:\Users\luk\AppData\Roaming\Optimizer Pro\callbanner.png, In Quarantäne, [8ae9a73b2268ed4962138f72a36014ec], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\CmdShell.exe, Löschen bei Neustart, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\conf, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\HPNotify.exe, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\install.data, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, Löschen bei Neustart, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, Löschen bei Neustart, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\searchProvider.xml, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\uninstall.exe, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about_bk.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn_apply.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\close.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf.xml, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf_back.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\input_bk.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\logo.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\main.xml, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_1.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_2.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\rigth_arrow.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\settings.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\data.html, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE.html, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE8.html, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\main.css, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\ver.txt, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\google_trends.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon128.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon16.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon48.png, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\loading.gif, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\logo32.ico, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\common.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\ga.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.autocomplete.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.xdomainrequest.min.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\js.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\library.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit-ie8.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit2.0.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xdomain.min.js, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW\messages.json, In Quarantäne, [442f786ab2d80135c32553ae18eb2dd3], 
PUP.Optional.HttpBreaker.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81");), Ersetzt,[b5be05ddf793cf675f1bd3967d88f10f]
PUP.Optional.OurSurfing.A, C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.oursurfing.com/newtab/?type=nt&ts=1436951527&z=9c85476b42a94ffe303f061g7z4caqct4w0g8w2o7w&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81");), Ersetzt,[6c0726bcdbafe155128476f660a55ea2]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         

Alt 17.07.2015, 07:34   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Programme werden einfach installiert - Standard

Programme werden einfach installiert



nein, nur deaktivieren. Lof von AdwCleaner?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.07.2015, 10:41   #11
Lukas992
 
Programme werden einfach installiert - Standard

Programme werden einfach installiert



Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 17/07/2015 um 11:25:05
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : luk - LUK-PC
# Gestarted von : C:\Users\luk\Desktop\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKCU\Software\Kromtech
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBit
Schlüssel Gelöscht : HKLM\SOFTWARE\AIM Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\searchult
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17840


-\\ Mozilla Firefox v38.0.5 (x86 de)


-\\ Google Chrome v43.0.2357.132

[C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.oursurfing.com/web/?type=dspp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81&q={searchTerms}
[C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81
[C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Startup_URLs] : D52085497B8EE2DFC8E7148C01F2A2E075D2989F45D925DFB8075676F6DA164B"},"software_reporter":{"prompt_reason":"79032E88D3161A4749B68E625D725E75DF936E838D596C018239B125017FC190","prompt_seed":"A222DDCC3F3B68685B9659B4E553D7EC6DD7BA6D9F8ED03CFB627FB6ADE6EDDE","prompt_version":"8DCA8049AAC3351CB1DDE317E2B75182B3F099BE65D869E734AD8C7C79771D8C"},"sync":{"remaining_rollback_tries":"26F14B8F828EF4C9058F2F7E713A5197A98EAE960D0BB2A65C95667D30BEDDDC"}},"super_mac":"AF784F9B875164AE0D9C9ED604E5B54374BA290374F2B342297686F2334734AD"},"session":{"restore_on_startup":4,"startup_urls":["hxxp://www.oursurfing.com/?type=hppp&ts=1436951533&z=0c19609ac31862d0ca9d3bcgczcc6q7t0wagfw6cag&from=buzz&uid=WDCXWD10JPVX-22JC3T0_WD-WXD1EB3LMD81LMD81

-\\ Chromium v


-\\ Opera v30.0.1835.125


*************************

AdwCleaner[R0].txt - [25166 Bytes] - [15/07/2015 00:47:41]
AdwCleaner[R1].txt - [3607 Bytes] - [17/07/2015 11:23:39]
AdwCleaner[S0].txt - [22054 Bytes] - [15/07/2015 00:48:46]
AdwCleaner[S1].txt - [3297 Bytes] - [17/07/2015 11:25:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3356  Bytes] ##########
         

Alt 18.07.2015, 07:45   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Programme werden einfach installiert - Standard

Programme werden einfach installiert




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.07.2015, 01:33   #13
Lukas992
 
Programme werden einfach installiert - Standard

Programme werden einfach installiert



checkup

Code:
ATTFilter
 Results of screen317's Security Check version 1.004  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
ESET Smart Security 8.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 18.0.0.209  
 Mozilla Firefox (38.0.5) 
 Google Chrome (43.0.2357.134) 
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Results of screen317's Security Check version 1.004
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
ESET Smart Security 8.0
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Flash Player 18.0.0.209
Mozilla Firefox (38.0.5)
Google Chrome (43.0.2357.134)
````````Process Check: objlist.exe by Laurent````````
ESET NOD32 Antivirus egui.exe
ESET NOD32 Antivirus ekrn.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamscheduler.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

Code:
ATTFilter
 Results of screen317's Security Check version 1.004  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
ESET Smart Security 8.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 18.0.0.209  
 Mozilla Firefox (38.0.5) 
 Google Chrome (43.0.2357.134) 
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Alt 19.07.2015, 14:52   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Programme werden einfach installiert - Standard

Programme werden einfach installiert



das ist 3mal das Log von SecurityCheck
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 19.07.2015, 20:01   #15
Lukas992
 
Programme werden einfach installiert - Standard

Programme werden einfach installiert



ohh entschuldigung

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fd9239731ddb4748b91be90b3b7dd359
# end=init
# utc_time=2015-07-18 11:54:39
# local_time=2015-07-18 01:54:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# nod_component=V3 Build:0x30000000
Update Init
Update Download
Update Finalize
Updated modules version: 24863
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fd9239731ddb4748b91be90b3b7dd359
# end=updated
# utc_time=2015-07-18 11:58:13
# local_time=2015-07-18 01:58:13 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# nod_component=V3 Build:0x30000000
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fd9239731ddb4748b91be90b3b7dd359
# end=restart
# utc_time=2015-07-18 12:23:41
# local_time=2015-07-18 02:23:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 487862 188852071 0 0
# compatibility_mode_1='ESET Smart Security 8.0'
# compatibility_mode=8228 16777213 100 100 1847 14778927 0 0
# scanned=49858
# found=43
# cleaned=0
# scan_time=1528
# nod_component=V3 Build:0x30000000
sh=C510220F0094FC465AED6583AEB5951DD41495F5 ft=1 fh=72a57569cda4dfcd vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptimizerPro.exe.vir"
sh=416726A17ECB27E98E09C915DAD0BC16EC501600 ft=1 fh=3dc10ccd3e6c916e vn="Variante von Win32/Adware.SpeedingUpMyPC.AD Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProGuard.exe.vir"
sh=5D01C8785EBEEE4CBEECCA5CA54E9A6AA16EF5D4 ft=1 fh=d622c00b87743adf vn="Variante von Win32/OptimizerPro.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProHelper.dll.vir"
sh=E0D75F1E2227B2D35077DBEE207B84BFDC39BF14 ft=1 fh=1750a4e2f0ca851e vn="Variante von Win32/Adware.SpeedingUpMyPC.AC Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe.vir"
sh=1459E43C5081701A1D7302E4CBC8286A185CE007 ft=1 fh=9198f15aa412707c vn="Variante von Win32/SProtector.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProMon.dll.vir"
sh=C0F6EDD251F79900A93DFE0EA70E9F11CA832707 ft=1 fh=ac8ab10d7e7cf9b5 vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProReminder.exe.vir"
sh=2B26C8DDDC77F69347229AE123363B4BAB4E6FC1 ft=1 fh=dbf14d4065223a53 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProSchedule.exe.vir"
sh=A027DA9D05AE9ABFDE6E187EE65C7AC65381717D ft=1 fh=2c13d0fe994a97ee vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProSmartScan.exe.vir"
sh=47DB0904B36B5DC21370AFCE5CEA1DF23CBAA10F ft=1 fh=59e80dbbef31f8f9 vn="Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProStart.exe.vir"
sh=948CF3173B09D64B6972A28248E346B726EB1063 ft=1 fh=a8c889ac83d055e9 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProUninstaller.exe.vir"
sh=12659E2B20885A24AA6BA04B39031380EF106F22 ft=1 fh=c71c00118c75e2b3 vn="Variante von Win32/Adware.MultiPlug.ND Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PrIceLEss\fMrEDgyMnhH5MZ.dll.vir"
sh=41B372EDB547C06970B200941DF00E0DB355063C ft=1 fh=c71c001130dbf880 vn="Variante von Win32/Adware.MultiPlug.JY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PrIceLEss\fMrEDgyMnhH5MZ.exe.vir"
sh=A366977733AA54CC31CBA7BD052B110427C9951F ft=1 fh=7dcf0515e303112d vn="Variante von Win64/Adware.MultiPlug.J Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PrIceLEss\fMrEDgyMnhH5MZ.x64.dll.vir"
sh=C71B258AA43CE3F1F888D03C1BA3D7CD7AE31796 ft=1 fh=efab3f085da88f52 vn="Variante von Win32/Adware.Vitruvian.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WordShark_1.10.0.20\Service\wssvc.exe.vir"
sh=AA30281FF8B478DAC7AE0A8B1698FC1278626179 ft=1 fh=c71c0011e44a2f78 vn="Variante von Win32/Adware.MultiPlug.JY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\youtubeadblocker\IxBjb8aV7EmdkH.exe.vir"
sh=6AA384FF1BB47164779CD08C2E38655C6B384F96 ft=1 fh=7dcf0515ded6a58a vn="Variante von Win64/Adware.MultiPlug.J Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\youtubeadblocker\IxBjb8aV7EmdkH.x64.dll.vir"
sh=383F7B0F14ABA78B188E0E313F2936A4F7D7930B ft=1 fh=d841ec8e80dcb271 vn="Variante von Win32/ELEX.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=1AC76087B6F2F851B5390E786E90C5E48F8B41DD ft=1 fh=1f354f0fe36442ca vn="Variante von Win32/Adware.MultiPlug.NG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\{06b75e7c-ae3c-02c3-06b7-75e7cae379f2}\priceless_soft_partner.exe.vir"
sh=EDBD9E8047C82CB928DD08DF6A5EDBFF0441EEA2 ft=1 fh=e7484315f33a5787 vn="Variante von Win32/Adware.SpeedingUpMyPC.Y Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\{d06edc34-b206-1245-d06e-edc34b2070d2}\hqghumeaylnlf.exe.vir"
sh=202D1A20DB2C25A49EAD85C7AFC344928F3B4851 ft=1 fh=38001a70354fac56 vn="Variante von Win32/Adware.EoRezo.AJ Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Local\gmsd_de_009010030\upgmsd_de_009010030.exe.vir"
sh=3F13EBAB396E0863E26C8ADB5A20C2499B910ECD ft=1 fh=29f97cd592820635 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Local\gmsd_de_009010030\Download\myoffergroup_de.exe.vir"
sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="Variante von Win32/Toolbar.CrossRider.CB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\LMLBM9SPjLveZvwDjNnnQt.exe.vir"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\LMLBM9SPjLveZvwDjNnnQt.vir"
sh=858524ED0C62DA7FEE38A551865CCDE45A41C289 ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\Extensions\sweetsearch@gmail.com\chrome\content\toolbar.js.vir"
sh=32FE8D811A0CD3B7424FD03880F6FE6C32781264 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\extensionData\plugins\19.js.vir"
sh=908310927982C1DFD45B8CBBF669A940C0CE7CC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\1583329dca046c0cdab9d99277667ef8.js.vir"
sh=F4FE303A5886572113DF4DA3579956CEBB907F56 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\api\093575b413377b2186e850259995676b.js.vir"
sh=AF15C2CD390979ACF65E9210C6DB0E85252F6052 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\api\4564bf8cd738398086f3a8bd08f63721.js.vir"
sh=832ADA6E9B2673CA1DE314A566FF76316F0A2997 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\api\842673ed9f5e102d76556a66a3b3d457.js.vir"
sh=D88F73897D0415B880A52D98AACBCBA8372956B2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\02a20fcd48fbc9520a26cc5d16885f90.js.vir"
sh=B3ABD3CAA6ADACF7A87576C3F949A2C023F51456 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\0a4c09819cecb894a1d27cf1efbdfed2.js.vir"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\708d42d0b5191c934c2597fe70985dcb.js.vir"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\9d3ff3e7b5edd4bb73fd9a6b47317d69.js.vir"
sh=3E6E49061DC4C0339624D1BD4C5972D2D6988DA4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\c2c5e4dce7b23f97da080e2f28a24738.js.vir"
sh=F7B2040B9EB935D0FFB1571CC0184FED6B7D7583 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\c5fed8c00806432fb17cb2439ae5ad80.js.vir"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\d7196e43460c3c9f3248ce6213e3516c.js.vir"
sh=5AF9199FEFE09AB3FFD9EF0E6EFA17FE573DB9D4 ft=1 fh=c71c00114e72755f vn="Variante von Win32/Adware.MultiPlug.NA Anwendung" ac=I fn="C:\Program Files (x86)\LightEngine\trzDAFA.tmp"
sh=6582E1FB87348F9D22449CE0A769850BA5E2BCB5 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Adload.NPA Trojaner" ac=I fn="C:\Program Files (x86)\Windows 7 Activator\install.bat"
sh=45741A2950AD8A6FE22A30C113F63290E7033F4B ft=1 fh=c71c00113b98456b vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01\3bf545f9-3df6-401b-ab3d-b9345918491c.dll.vir"
sh=C21495B40708FE7A18D68EB6C6E786746801C1A6 ft=1 fh=bef9b3c82dc8e278 vn="Variante von Win64/Toolbar.Crossrider.P evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01\9bbc55e5-5f39-4585-b2c1-df059c84b63e.dll.vir"
sh=9816D89CA027F6A33F32E3F8E26B76DE946964CA ft=0 fh=0000000000000000 vn="Variante von MSIL/Riskware.HackTool.Ditlep.A Anwendung" ac=I fn="C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00027f"
sh=9DE0A867941E25EEF955892E87DE8586FB422C53 ft=1 fh=c4a9a035d96eda0c vn="Variante von Win32/ELEX.EH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\luk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOX047QD\buzz_oursurfing[1].exe"
sh=CF3849918EA426E1EFF3B02019025C6C6F218631 ft=1 fh=90dc7d33a508a566 vn="Variante von Win32/Packed.ScrambleWrapper.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\luk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9XGZ6VB\setup[1].exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fd9239731ddb4748b91be90b3b7dd359
# end=init
# utc_time=2015-07-19 12:35:57
# local_time=2015-07-19 02:35:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# nod_component=V3 Build:0x30000000
Update Init
Update Download
Update Finalize
Updated modules version: 24869
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=fd9239731ddb4748b91be90b3b7dd359
# end=updated
# utc_time=2015-07-19 12:36:36
# local_time=2015-07-19 02:36:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# nod_component=V3 Build:0x30000000
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=fd9239731ddb4748b91be90b3b7dd359
# engine=24869
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-19 01:46:01
# local_time=2015-07-19 03:46:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 536002 188900211 0 0
# compatibility_mode_1='ESET Smart Security 8.0'
# compatibility_mode=8228 16777213 100 100 49987 14827067 0 0
# scanned=170811
# found=44
# cleaned=0
# scan_time=4164
# nod_component=V3 Build:0x30000000
sh=C510220F0094FC465AED6583AEB5951DD41495F5 ft=1 fh=72a57569cda4dfcd vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptimizerPro.exe.vir"
sh=416726A17ECB27E98E09C915DAD0BC16EC501600 ft=1 fh=3dc10ccd3e6c916e vn="Variante von Win32/Adware.SpeedingUpMyPC.AD Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProGuard.exe.vir"
sh=5D01C8785EBEEE4CBEECCA5CA54E9A6AA16EF5D4 ft=1 fh=d622c00b87743adf vn="Variante von Win32/OptimizerPro.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProHelper.dll.vir"
sh=E0D75F1E2227B2D35077DBEE207B84BFDC39BF14 ft=1 fh=1750a4e2f0ca851e vn="Variante von Win32/Adware.SpeedingUpMyPC.AC Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProLauncher.exe.vir"
sh=1459E43C5081701A1D7302E4CBC8286A185CE007 ft=1 fh=9198f15aa412707c vn="Variante von Win32/SProtector.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProMon.dll.vir"
sh=C0F6EDD251F79900A93DFE0EA70E9F11CA832707 ft=1 fh=ac8ab10d7e7cf9b5 vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProReminder.exe.vir"
sh=2B26C8DDDC77F69347229AE123363B4BAB4E6FC1 ft=1 fh=dbf14d4065223a53 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProSchedule.exe.vir"
sh=A027DA9D05AE9ABFDE6E187EE65C7AC65381717D ft=1 fh=2c13d0fe994a97ee vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProSmartScan.exe.vir"
sh=47DB0904B36B5DC21370AFCE5CEA1DF23CBAA10F ft=1 fh=59e80dbbef31f8f9 vn="Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProStart.exe.vir"
sh=948CF3173B09D64B6972A28248E346B726EB1063 ft=1 fh=a8c889ac83d055e9 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro 3.99\OptProUninstaller.exe.vir"
sh=12659E2B20885A24AA6BA04B39031380EF106F22 ft=1 fh=c71c00118c75e2b3 vn="Variante von Win32/Adware.MultiPlug.ND Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PrIceLEss\fMrEDgyMnhH5MZ.dll.vir"
sh=41B372EDB547C06970B200941DF00E0DB355063C ft=1 fh=c71c001130dbf880 vn="Variante von Win32/Adware.MultiPlug.JY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PrIceLEss\fMrEDgyMnhH5MZ.exe.vir"
sh=A366977733AA54CC31CBA7BD052B110427C9951F ft=1 fh=7dcf0515e303112d vn="Variante von Win64/Adware.MultiPlug.J Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PrIceLEss\fMrEDgyMnhH5MZ.x64.dll.vir"
sh=C71B258AA43CE3F1F888D03C1BA3D7CD7AE31796 ft=1 fh=efab3f085da88f52 vn="Variante von Win32/Adware.Vitruvian.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WordShark_1.10.0.20\Service\wssvc.exe.vir"
sh=AA30281FF8B478DAC7AE0A8B1698FC1278626179 ft=1 fh=c71c0011e44a2f78 vn="Variante von Win32/Adware.MultiPlug.JY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\youtubeadblocker\IxBjb8aV7EmdkH.exe.vir"
sh=6AA384FF1BB47164779CD08C2E38655C6B384F96 ft=1 fh=7dcf0515ded6a58a vn="Variante von Win64/Adware.MultiPlug.J Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\youtubeadblocker\IxBjb8aV7EmdkH.x64.dll.vir"
sh=383F7B0F14ABA78B188E0E313F2936A4F7D7930B ft=1 fh=d841ec8e80dcb271 vn="Variante von Win32/ELEX.BH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir"
sh=1AC76087B6F2F851B5390E786E90C5E48F8B41DD ft=1 fh=1f354f0fe36442ca vn="Variante von Win32/Adware.MultiPlug.NG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\{06b75e7c-ae3c-02c3-06b7-75e7cae379f2}\priceless_soft_partner.exe.vir"
sh=3F13EBAB396E0863E26C8ADB5A20C2499B910ECD ft=1 fh=29f97cd592820635 vn="Mehrere Bedrohungen" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Local\gmsd_de_009010030\Download\myoffergroup_de.exe.vir"
sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="Variante von Win32/Toolbar.CrossRider.CB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\LMLBM9SPjLveZvwDjNnnQt.exe.vir"
sh=C28052B54F49AACF8660C7759B076341257F2241 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\LMLBM9SPjLveZvwDjNnnQt.vir"
sh=858524ED0C62DA7FEE38A551865CCDE45A41C289 ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\Extensions\sweetsearch@gmail.com\chrome\content\toolbar.js.vir"
sh=32FE8D811A0CD3B7424FD03880F6FE6C32781264 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\extensionData\plugins\19.js.vir"
sh=908310927982C1DFD45B8CBBF669A940C0CE7CC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\1583329dca046c0cdab9d99277667ef8.js.vir"
sh=F4FE303A5886572113DF4DA3579956CEBB907F56 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\api\093575b413377b2186e850259995676b.js.vir"
sh=AF15C2CD390979ACF65E9210C6DB0E85252F6052 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\api\4564bf8cd738398086f3a8bd08f63721.js.vir"
sh=832ADA6E9B2673CA1DE314A566FF76316F0A2997 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\api\842673ed9f5e102d76556a66a3b3d457.js.vir"
sh=D88F73897D0415B880A52D98AACBCBA8372956B2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\02a20fcd48fbc9520a26cc5d16885f90.js.vir"
sh=B3ABD3CAA6ADACF7A87576C3F949A2C023F51456 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\0a4c09819cecb894a1d27cf1efbdfed2.js.vir"
sh=902E327ADBC89F0A47999D10E7F6F6554CFCC0F4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\708d42d0b5191c934c2597fe70985dcb.js.vir"
sh=EDB82EF0A2AC160256F1A5C49F0778E3A42AC559 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\9d3ff3e7b5edd4bb73fd9a6b47317d69.js.vir"
sh=3E6E49061DC4C0339624D1BD4C5972D2D6988DA4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\c2c5e4dce7b23f97da080e2f28a24738.js.vir"
sh=F7B2040B9EB935D0FFB1571CC0184FED6B7D7583 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\c5fed8c00806432fb17cb2439ae5ad80.js.vir"
sh=6B8D57805A81A0C2A68E87C410FF89D15BB71CC9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\luk\AppData\Roaming\Opera Software\Opera Stable\Extensions\dimfohdigjaffdaanhmbocfkpolglnjk\1.26.164_0\js\lib\d7196e43460c3c9f3248ce6213e3516c.js.vir"
sh=5AF9199FEFE09AB3FFD9EF0E6EFA17FE573DB9D4 ft=1 fh=c71c00114e72755f vn="Variante von Win32/Adware.MultiPlug.NA Anwendung" ac=I fn="C:\Program Files (x86)\LightEngine\trzDAFA.tmp"
sh=6582E1FB87348F9D22449CE0A769850BA5E2BCB5 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Adload.NPA Trojaner" ac=I fn="C:\Program Files (x86)\Windows 7 Activator\install.bat"
sh=45741A2950AD8A6FE22A30C113F63290E7033F4B ft=1 fh=c71c00113b98456b vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01\3bf545f9-3df6-401b-ab3d-b9345918491c.dll.vir"
sh=C21495B40708FE7A18D68EB6C6E786746801C1A6 ft=1 fh=bef9b3c82dc8e278 vn="Variante von Win64/Toolbar.Crossrider.P evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01\9bbc55e5-5f39-4585-b2c1-df059c84b63e.dll.vir"
sh=9816D89CA027F6A33F32E3F8E26B76DE946964CA ft=0 fh=0000000000000000 vn="Variante von MSIL/Riskware.HackTool.Ditlep.A Anwendung" ac=I fn="C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00027f"
sh=9DE0A867941E25EEF955892E87DE8586FB422C53 ft=1 fh=c4a9a035d96eda0c vn="Variante von Win32/ELEX.EH evtl. unerwünschte Anwendung" ac=I fn="C:\Users\luk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TOX047QD\buzz_oursurfing[1].exe"
sh=CF3849918EA426E1EFF3B02019025C6C6F218631 ft=1 fh=90dc7d33a508a566 vn="Variante von Win32/Packed.ScrambleWrapper.O evtl. unerwünschte Anwendung" ac=I fn="C:\Users\luk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X9XGZ6VB\setup[1].exe"
sh=D7A674071E852E22BDA8079033C03BA8E83C947F ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.EA evtl. unerwünschte Anwendung" ac=I fn="C:\Users\luk\AppData\Local\Temp\Maxthon3Cache\Temp\Webkit\Cache\f_00b5b6"
sh=9816D89CA027F6A33F32E3F8E26B76DE946964CA ft=0 fh=0000000000000000 vn="Variante von MSIL/Riskware.HackTool.Ditlep.A Anwendung" ac=I fn="C:\Users\luk\Downloads\DC.rar"
sh=106C7DB4D35FA6D1E4A318518DF4E107056BA6A8 ft=1 fh=d2fb8bbaef9aad0c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\luk\Downloads\VLC media player 64 Bit - CHIP-Installer.exe"
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-07-2015 01
Ran by luk (administrator) on LUK-PC on 19-07-2015 02:31:07
Running from C:\Users\luk\Desktop
Loaded Profiles: luk (Available Profiles: luk & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Maxthon International ltd.) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM\...\Run: [LogMeIn GUI] => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\.vbs [2015-06-27] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3673084780-1297754886-2385512282-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {0FE3BC55-F716-42F4-8FCD-379A5A4CD196} ->  No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-06-22] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-22] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{25479B7F-2AAE-4B73-981A-A48DCA3B71F0}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6D85D2EB-B80D-4C39-95D3-AE9F51E35B0A}: [DhcpNameServer] 172.20.10.1

FireFox:
========
FF ProfilePath: C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default
FF NetworkProxy: "type", 5
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-22] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-3673084780-1297754886-2385512282-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\luk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-30] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3673084780-1297754886-2385512282-1000: SkypePlugin -> C:\Users\luk\AppData\Local\SkypePlugin\7.3.0.501\npGatewayNpapi.dll [2015-06-05] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-3673084780-1297754886-2385512282-1000: SkypePlugin64 -> C:\Users\luk\AppData\Local\SkypePlugin\7.3.0.501\npGatewayNpapi-x64.dll [2015-06-05] (Skype Technologies S.A.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-10]
FF Extension: No Name - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com [not found]
FF Extension: No Name - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com [not found]
FF Extension: No Name - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\searchffv2@gmail.com [not found]
FF Extension: No Name - C:\Users\luk\AppData\Roaming\Mozilla\Firefox\Profiles\85c1d7qa.default\extensions\sweetsearch@gmail.com [not found]

Chrome: 
=======
CHR Profile: C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-17]
CHR Extension: (Skype Click to Call) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-06-22]
CHR Extension: (Google Wallet) - C:\Users\luk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-17]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1137152 2015-06-22] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-06-21] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1872152 2015-05-11] (Maxthon)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-07-03] ()
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2015-06-14] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 sppsvc; %SystemRoot%\system32\sppsvc.exe [X]
S4 sppuinotify; %SystemRoot%\system32\sppuinotify.dll [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 wod0205; C:\Windows\System32\DRIVERS\wod0205.sys [33160 2011-04-23] (WeOnlyDo Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-19 02:31 - 2015-07-19 02:31 - 00015459 _____ C:\Users\luk\Desktop\FRST.txt
2015-07-19 02:31 - 2015-07-19 02:31 - 00000000 ____D C:\Users\luk\Desktop\FRST-OlderVersion
2015-07-18 13:54 - 2015-07-18 13:54 - 00000000 ____D C:\Users\luk\AppData\Roaming\ESET
2015-07-18 13:54 - 2015-07-18 13:54 - 00000000 ____D C:\Users\luk\AppData\Local\ESET
2015-07-18 13:54 - 2015-07-18 13:54 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ESET
2015-07-18 13:54 - 2015-07-18 13:54 - 00000000 ____D C:\Users\Gast\AppData\Local\ESET
2015-07-18 13:52 - 2015-07-18 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-07-18 13:52 - 2015-07-18 13:52 - 00000000 ____D C:\ProgramData\ESET
2015-07-18 13:52 - 2015-07-18 13:52 - 00000000 ____D C:\Program Files\ESET
2015-07-18 13:47 - 2015-07-18 13:47 - 01660616 _____ (ESET) C:\Users\luk\Desktop\eset_smart_security_live_installer_.exe
2015-07-18 10:11 - 2015-07-18 10:11 - 00852662 _____ C:\Users\luk\Desktop\SecurityCheck.exe
2015-07-18 10:07 - 2015-07-18 10:07 - 02870984 _____ (ESET) C:\Users\luk\Desktop\esetsmartinstaller_deu.exe
2015-07-18 10:07 - 2015-07-18 10:07 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-17 22:54 - 2015-07-17 22:54 - 00000000 ____D C:\Users\Gast\AppData\Roaming\AVAST Software
2015-07-17 14:37 - 2015-07-17 14:37 - 00941533 _____ C:\Users\luk\Desktop\DC-1.0.0.61.rar
2015-07-17 14:35 - 2015-02-09 16:22 - 00955904 _____ C:\Users\luk\Desktop\AutoFindSessionId.exe
2015-07-17 14:34 - 2015-07-17 14:34 - 00956771 _____ C:\Users\luk\Downloads\DC.rar
2015-07-17 14:34 - 2015-02-10 17:41 - 01334272 _____ (Dit Lep Xep) C:\Users\luk\Desktop\DC.exe
2015-07-17 14:13 - 2015-07-19 02:18 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-17 14:13 - 2015-07-18 16:40 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-17 14:13 - 2015-07-17 14:13 - 00004100 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-17 14:13 - 2015-07-17 14:13 - 00003848 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-17 14:13 - 2015-07-17 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-17 11:22 - 2015-07-17 11:22 - 02248704 _____ C:\Users\luk\Desktop\AdwCleaner_4.208.exe
2015-07-16 15:53 - 2015-07-19 02:31 - 02134528 _____ (Farbar) C:\Users\luk\Desktop\FRST64.exe
2015-07-16 15:46 - 2015-07-16 15:46 - 01797576 _____ (Malwarebytes Corporation) C:\Users\luk\Desktop\JRT.exe
2015-07-16 14:52 - 2015-07-19 00:00 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-16 14:51 - 2015-07-16 14:51 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\luk\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-16 14:51 - 2015-07-16 14:51 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-16 14:51 - 2015-07-16 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-16 14:51 - 2015-07-16 14:51 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-16 14:51 - 2015-07-16 14:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-16 14:51 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-16 14:51 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-16 14:51 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-15 18:33 - 2015-07-16 15:47 - 00000000 ____D C:\51070ecab41e87acb627
2015-07-15 12:16 - 2015-07-15 12:16 - 00041135 _____ C:\ComboFix.txt
2015-07-15 11:27 - 2015-07-15 12:18 - 00000000 ____D C:\ComboFix
2015-07-15 11:27 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-15 11:27 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-15 11:27 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-15 11:27 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-15 11:26 - 2015-07-15 12:18 - 00000000 ____D C:\Qoobox
2015-07-15 11:26 - 2015-07-15 11:54 - 00000000 ____D C:\Windows\erdnt
2015-07-15 11:25 - 2015-07-15 11:25 - 05632449 ____R (Swearware) C:\Users\luk\Desktop\ComboFix.exe
2015-07-15 11:16 - 2015-07-15 11:16 - 00001268 _____ C:\Users\luk\Desktop\Revo Uninstaller.lnk
2015-07-15 11:16 - 2015-07-15 11:16 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-15 11:13 - 2015-07-15 11:13 - 00000000 ____D C:\Program Files (x86)\c032bc47-3571-4608-a942-3975d71fdffb
2015-07-15 00:51 - 2015-07-15 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-07-15 00:51 - 2015-07-15 00:51 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-15 00:51 - 2015-07-14 11:44 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-15 00:47 - 2015-07-17 11:25 - 00000000 ____D C:\AdwCleaner
2015-07-14 20:14 - 2015-07-19 02:31 - 00000000 ____D C:\FRST
2015-07-14 19:43 - 2015-07-14 20:24 - 00000000 ____D C:\Program Files (x86)\LightEngine
2015-07-14 19:42 - 2015-07-16 15:20 - 00000000 ____D C:\Program Files (x86)\SmartVideo For YouTube
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files\iTunes
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files\iPod
2015-07-14 01:54 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-14 01:51 - 2015-07-14 01:51 - 00089048 ____H C:\Windows\system32\mlfcache.dat
2015-07-13 23:27 - 2015-07-13 23:27 - 00001232 _____ C:\Users\Public\Desktop\Zumas Revenge.lnk
2015-07-13 23:27 - 2015-07-13 23:27 - 00000000 ____D C:\ProgramData\PopCap Games
2015-07-13 23:27 - 2015-07-13 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zumas Revenge
2015-07-13 19:27 - 2015-07-13 19:27 - 00089048 ____H C:\Windows\SysWOW64\mlfcache.dat
2015-07-13 19:20 - 2015-07-13 19:20 - 00002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-07-13 19:20 - 2015-07-13 19:20 - 00002491 _____ C:\Users\Public\Desktop\Safari.lnk
2015-07-13 19:20 - 2015-07-13 19:20 - 00000000 ____D C:\Program Files (x86)\Safari
2015-07-13 18:17 - 2015-07-13 18:17 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-07-13 18:17 - 2015-07-13 18:17 - 00000000 ____D C:\Windows\system32\vbox
2015-07-13 16:45 - 2015-07-13 23:19 - 00003106 _____ C:\Windows\System32\Tasks\CGN
2015-07-13 16:41 - 2015-07-15 11:34 - 00000000 ____D C:\Program Files (x86)\7fc1645c-25ce-4fe4-bd0b-a0a8948cbd01
2015-07-13 16:41 - 2015-07-13 16:41 - 05657224 _____ (AVAST Software) C:\Users\luk\Downloads\avast_premier_antivirus_setup_online.exe
2015-07-13 12:38 - 2015-07-13 13:33 - 00004800 _____ C:\Windows\SysWOW64\Veubduqu.ini
2015-07-13 12:38 - 2015-07-13 13:33 - 00002520 _____ C:\Windows\SysWOW64\VeubduquOff.ini
2015-07-13 12:38 - 2015-07-13 13:33 - 00002520 _____ C:\Windows\system32\VeubduquOff.ini
2015-07-13 12:37 - 2015-07-13 12:37 - 00000000 _____ C:\Windows\prleth.sys
2015-07-13 12:37 - 2015-07-13 12:37 - 00000000 _____ C:\Windows\hgfs.sys
2015-07-13 12:35 - 2015-07-13 13:47 - 00000000 ____D C:\Users\luk\AppData\Local\Chromium
2015-07-13 12:34 - 2015-07-13 12:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-13 12:32 - 2015-07-13 16:40 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-07-13 12:31 - 2015-07-16 15:20 - 00000000 ____D C:\Program Files (x86)\Windows 7 Activator
2015-07-12 22:52 - 2015-07-12 22:52 - 00431093 _____ C:\Users\luk\Downloads\crark34-mac-opencl.rar
2015-07-12 22:49 - 2015-07-12 22:49 - 00388107 _____ C:\Users\luk\Downloads\crark50-ocl.rar
2015-07-12 22:23 - 2015-07-12 22:24 - 05745152 _____ C:\Users\luk\Downloads\archpr_5455setup_en.msi
2015-07-12 22:20 - 2015-07-12 22:20 - 02169813 _____ C:\Users\luk\Downloads\BruteForce_0.9.1.zip
2015-07-12 21:55 - 2015-07-12 21:56 - 00000000 ____D C:\Users\luk\Downloads\RAR-Password-Recovery
2015-07-12 21:40 - 2015-07-12 21:41 - 01757096 _____ C:\Users\luk\Downloads\[Next_leveL]W7Loader222.zip
2015-07-11 17:41 - 2015-07-13 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elcomsoft Password Recovery
2015-07-11 17:41 - 2015-07-11 17:41 - 00000000 ____D C:\ProgramData\Elcomsoft Password Recovery
2015-07-11 17:41 - 2015-07-11 17:41 - 00000000 ____D C:\Program Files (x86)\Elcomsoft Password Recovery
2015-07-11 17:41 - 2015-07-11 17:41 - 00000000 ____D C:\Program Files (x86)\Elcomsoft
2015-07-11 16:04 - 2015-07-11 16:05 - 07777101 _____ C:\Users\luk\Desktop\(1) Anna Saalfeld_15.mp4
2015-07-10 23:05 - 2015-07-10 23:05 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Macromedia
2015-07-10 10:18 - 2015-07-12 21:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-09 13:21 - 2015-07-09 13:21 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Opera Software
2015-07-09 13:21 - 2015-07-09 13:21 - 00000000 ____D C:\Users\Gast\AppData\Local\Opera Software
2015-07-09 13:19 - 2015-07-11 10:47 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Origin
2015-07-09 13:18 - 2015-07-09 13:20 - 00000000 ____D C:\Users\Gast\AppData\Local\Origin
2015-07-09 13:17 - 2015-07-09 13:17 - 00000000 ____D C:\ProgramData\ATI
2015-07-09 13:09 - 2015-07-09 13:09 - 00000222 _____ C:\Users\Gast\Desktop\Call of Duty Black Ops II - Zombies.url
2015-07-09 13:09 - 2015-07-09 13:09 - 00000219 _____ C:\Users\Gast\Desktop\Counter-Strike Source.url
2015-07-09 13:08 - 2015-07-09 13:08 - 00000000 ____D C:\Users\Gast\AppData\Local\Steam
2015-07-09 13:06 - 2015-07-18 14:01 - 00000000 ____D C:\Users\Gast\AppData\Local\LogMeIn Hamachi
2015-07-09 13:06 - 2015-07-12 20:19 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Raptr
2015-07-09 13:06 - 2015-07-09 13:06 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2015-07-09 13:06 - 2015-07-09 13:06 - 00000000 ____D C:\Users\Gast\AppData\Local\LogMeIn
2015-07-09 13:05 - 2015-07-09 13:05 - 604755625 _____ C:\Windows\MEMORY.DMP
2015-07-09 13:05 - 2015-07-09 13:05 - 00281008 _____ C:\Windows\Minidump\070915-36675-01.dmp
2015-07-09 13:05 - 2015-07-09 13:05 - 00000000 ____D C:\Windows\Minidump
2015-07-06 17:37 - 2015-07-06 17:37 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2015-07-06 17:35 - 2015-07-13 20:06 - 00000000 ____D C:\Users\luk\AppData\Roaming\Apple Computer
2015-07-06 17:35 - 2015-07-13 19:37 - 00000000 ____D C:\Users\luk\AppData\Local\Apple Computer
2015-07-06 17:34 - 2015-07-06 17:34 - 00000000 ____D C:\ProgramData\Apple Computer
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Program Files\Bonjour
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-07-06 17:33 - 2015-07-06 17:33 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-07-06 17:32 - 2015-07-14 01:54 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-06 17:30 - 2015-07-06 17:31 - 155834672 _____ (Apple Inc.) C:\Users\luk\Downloads\itunes6464setup.exe
2015-07-06 00:27 - 2015-07-06 17:33 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-07-06 00:27 - 2015-07-06 17:33 - 00000000 ____D C:\ProgramData\Apple
2015-07-06 00:27 - 2015-07-06 00:27 - 00000000 ____D C:\Users\luk\AppData\Local\Apple
2015-07-06 00:14 - 2015-07-12 20:08 - 00000000 ____D C:\Users\luk\AppData\Roaming\vlc
2015-07-06 00:06 - 2015-07-06 17:34 - 00000000 ____D C:\Users\luk\AppData\Local\MotionDSP
2015-07-06 00:03 - 2015-07-06 17:34 - 00000000 ____D C:\Users\luk\AppData\Roaming\MotionDSP
2015-07-06 00:01 - 2015-07-06 00:02 - 92017704 _____ C:\Users\luk\Downloads\vReveal_3.2.0.13029.exe
2015-07-06 00:00 - 2015-07-12 20:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-07-06 00:00 - 2015-07-06 00:00 - 00000000 ____D C:\Program Files\VideoLAN
2015-07-05 23:58 - 2015-07-05 23:58 - 01198368 _____ C:\Users\luk\Downloads\VLC media player 64 Bit - CHIP-Installer.exe
2015-07-05 23:51 - 2015-07-12 23:18 - 00000000 ____D C:\Users\luk\Documents\AirDroid
2015-07-05 23:50 - 2015-07-05 23:50 - 12128091 _____ C:\Users\luk\Downloads\AirDroid_Desktop_Client_3.1.3.exe
2015-07-04 16:38 - 2015-07-18 14:35 - 00007538 _____ C:\Windows\setupact.log
2015-07-04 16:38 - 2015-07-04 16:38 - 00000000 _____ C:\Windows\setuperr.log
2015-07-04 14:06 - 2015-07-04 14:06 - 00000000 ____D C:\Users\luk\AppData\Local\Macromedia
2015-07-04 13:58 - 2015-07-04 14:29 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-07-04 13:58 - 2015-07-04 13:58 - 00000000 ____D C:\Users\luk\Documents\Battlefield 3
2015-07-04 13:58 - 2015-07-04 13:58 - 00000000 ____D C:\Users\luk\AppData\Local\PunkBuster
2015-07-04 13:58 - 2015-07-04 13:58 - 00000000 ____D C:\Users\luk\AppData\Local\ESN
2015-07-04 13:56 - 2015-07-04 13:56 - 01640768 _____ C:\Users\luk\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-07-04 13:50 - 2015-07-06 17:23 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-04 13:49 - 2015-07-04 13:49 - 00000000 ____D C:\ProgramData\EA Core
2015-07-04 01:23 - 2015-07-12 23:17 - 00000000 ____D C:\Users\luk\AppData\Roaming\Raptr
2015-07-04 01:23 - 2015-07-04 01:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2015-07-03 04:34 - 2015-07-04 14:29 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-03 04:34 - 2015-07-04 13:58 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-03 04:34 - 2015-07-03 04:34 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-03 04:34 - 2015-07-03 04:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-07-01 15:11 - 2015-07-01 15:11 - 00000000 ____D C:\Users\luk\AppData\Local\Intel_Corporation
2015-07-01 00:20 - 2015-07-01 00:20 - 00000933 _____ C:\Users\LogMeInRemoteUser\Desktop\Plus500.lnk
2015-06-30 18:34 - 2015-06-30 20:14 - 00000000 ____D C:\Users\luk\Downloads\ARK Survival Evolved PC game Beta ^^nosTEAM^^
2015-06-30 18:00 - 2015-06-30 18:00 - 00000000 ____D C:\Users\luk\AppData\Roaming\Unity
2015-06-30 17:57 - 2015-06-30 17:57 - 00000000 ____D C:\Users\luk\AppData\Local\Unity
2015-06-29 14:12 - 2015-07-03 12:05 - 00000000 ____D C:\Users\luk\Documents\Diablo III
2015-06-29 00:55 - 2015-06-29 00:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-06-29 00:24 - 2015-06-29 14:11 - 00000000 ____D C:\Program Files (x86)\Diablo III
2015-06-29 00:03 - 2015-06-29 22:06 - 00000000 ____D C:\Users\luk\AppData\Local\Battle.net
2015-06-29 00:03 - 2015-06-29 00:04 - 00000000 ____D C:\Users\luk\AppData\Roaming\Battle.net
2015-06-29 00:03 - 2015-06-29 00:03 - 00000000 ____D C:\Users\luk\AppData\Local\Blizzard Entertainment
2015-06-29 00:02 - 2015-06-29 22:07 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-29 00:02 - 2015-06-29 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-06-29 00:02 - 2015-06-29 00:02 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-06-29 00:00 - 2015-06-29 00:00 - 00000000 ____D C:\ProgramData\Battle.net
2015-06-27 20:07 - 2015-06-27 20:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-06-26 14:16 - 2015-06-30 18:07 - 00000000 ____D C:\Users\luk\AppData\Local\SkypePlugin
2015-06-26 00:08 - 2015-07-06 17:34 - 00000000 ____D C:\Users\luk\A
2015-06-26 00:08 - 2015-06-26 00:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-06-26 00:08 - 2015-06-26 00:08 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2015-06-26 00:07 - 2015-06-26 00:08 - 00000000 ____D C:\Users\luk\AppData\Roaming\DVDVideoSoft
2015-06-26 00:07 - 2015-06-26 00:08 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-06-25 23:01 - 2015-06-25 23:12 - 00000000 _____ C:\Windows\SysWOW64\Access.dat
2015-06-25 22:59 - 2015-06-25 23:31 - 00000000 ____D C:\Users\luk\AppData\Roaming\Tunngle
2015-06-25 22:59 - 2015-06-25 22:59 - 00000000 ____D C:\Users\luk\Documents\Tunngle
2015-06-25 22:59 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2015-06-25 22:39 - 2015-06-25 22:46 - 00000000 ____D C:\Users\luk\AppData\Roaming\Wippien
2015-06-25 22:39 - 2011-04-23 20:30 - 00033160 _____ (WeOnlyDo Software) C:\Windows\system32\Drivers\wod0205.sys
2015-06-25 22:32 - 2015-06-25 22:32 - 36468360 _____ (DVDVideoSoft Ltd. ) C:\Users\luk\Downloads\FreeYouTubeToMP3Converter_3.12.59.616.exe
2015-06-25 00:06 - 2015-06-25 00:06 - 00000000 ___SH C:\Users\luk\AppData\Local\LumaEmu
2015-06-25 00:02 - 2015-06-25 00:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portal 2
2015-06-24 23:38 - 2015-06-24 23:38 - 00000000 ____D C:\Program Files (x86)\Games
2015-06-24 22:29 - 2015-06-24 23:37 - 00000000 ____D C:\Users\luk\Downloads\Portal.2.incl.upd30-NSIS
2015-06-24 22:25 - 2015-06-24 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-24 22:07 - 2015-06-24 22:08 - 00000000 ____D C:\Program Files (x86)\Cracked Steam
2015-06-24 21:58 - 2015-07-17 13:23 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-24 20:40 - 2015-06-24 20:40 - 00000560 _____ C:\Windows\wmsetup.log
2015-06-24 12:20 - 2015-06-24 12:20 - 00000000 ____D C:\Users\luk\AppData\Local\SKIDROW
2015-06-23 23:06 - 2015-06-24 12:49 - 00000000 ____D C:\Program Files (x86)\R.G. Mechanics
2015-06-23 20:25 - 2015-06-23 20:25 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-06-23 12:10 - 2015-06-23 12:10 - 00000000 ____D C:\Users\luk\Documents\FLiNGTrainer
2015-06-22 23:26 - 2015-06-22 23:26 - 00000000 ____D C:\Users\luk\Documents\EA Games
2015-06-22 23:26 - 2015-06-22 23:26 - 00000000 ____D C:\Users\luk\AppData\Local\EA Games
2015-06-22 23:22 - 2015-06-22 23:22 - 00000000 ____D C:\Users\luk\AppData\Local\Dead Space 3
2015-06-22 23:21 - 2015-06-22 23:21 - 00000000 ____D C:\Program Files (x86)\EA
2015-06-22 20:49 - 2015-06-24 22:24 - 00000000 ____D C:\Program Files (x86)\Mr DJ
2015-06-22 20:49 - 2015-06-22 20:49 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-06-22 18:03 - 2015-06-22 18:03 - 00000020 ___SH C:\Users\LogMeInRemoteUser\ntuser.ini
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Vorlagen
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Startmenü
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Netzwerkumgebung
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Lokale Einstellungen
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Eigene Dateien
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Druckumgebung
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Documents\Eigene Musik
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Documents\Eigene Bilder
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\AppData\Local\Verlauf
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\AppData\Local\Anwendungsdaten
2015-06-22 18:03 - 2015-06-22 18:03 - 00000000 _SHDL C:\Users\LogMeInRemoteUser\Anwendungsdaten
2015-06-22 18:03 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-22 18:03 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-22 17:53 - 2015-06-25 01:42 - 00000000 ____D C:\Users\luk\AppData\Local\LogMeInIgnition
2015-06-22 17:52 - 2015-07-17 11:47 - 00000000 ____D C:\Program Files (x86)\LogMeIn
2015-06-22 17:52 - 2015-07-17 11:36 - 00001004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-06-22 17:52 - 2015-07-17 11:36 - 00000988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-06-22 17:52 - 2015-07-15 22:50 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll
2015-06-22 17:52 - 2015-07-15 22:50 - 00092520 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIinit.dll
2015-06-22 17:52 - 2015-07-15 22:50 - 00035688 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIport.dll
2015-06-22 17:52 - 2015-06-24 18:55 - 00107392 _____ (LogMeIn, Inc.) C:\Windows\system32\LMIRfsClientNP.dll.000.bak
2015-06-22 17:52 - 2015-06-22 17:52 - 00001024 _____ C:\.rnd
2015-06-22 17:52 - 2015-05-27 17:09 - 00072216 _____ (LogMeIn, Inc.) C:\Windows\system32\Drivers\LMIRfsDriver.sys
2015-06-22 17:40 - 2015-07-18 18:31 - 00000000 ____D C:\Users\luk\AppData\Local\LogMeIn Hamachi
2015-06-22 17:40 - 2015-07-17 22:54 - 00000000 ____D C:\ProgramData\LogMeIn
2015-06-22 17:40 - 2015-06-22 17:40 - 00000000 ____D C:\Users\luk\AppData\Local\LogMeIn
2015-06-22 17:32 - 2015-06-22 17:32 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\ProgramData\Sun
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\ProgramData\Oracle
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-22 17:32 - 2015-06-22 17:32 - 00000000 ____D C:\Program Files\Java
2015-06-22 16:59 - 2015-06-22 16:59 - 00000000 ____D C:\Users\luk\AppData\Roaming\Warner Bros. Interactive Entertainment
2015-06-22 14:53 - 2015-06-22 16:01 - 00000000 ____D C:\Users\luk\Documents\ArmA 2
2015-06-22 14:53 - 2015-06-22 14:53 - 00000000 ____D C:\Users\luk\AppData\Local\ArmA 2 OA
2015-06-22 14:53 - 2015-06-22 14:53 - 00000000 ____D C:\ProgramData\Bohemia Interactive Studio
2015-06-22 14:50 - 2015-06-22 14:50 - 00000000 ____D C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-06-22 13:19 - 2015-06-24 12:49 - 00000000 ____D C:\Users\luk\Documents\My Games
2015-06-22 13:15 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-06-22 13:15 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-06-22 13:15 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-06-22 13:15 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-06-22 13:15 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-06-22 13:15 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-06-22 13:15 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-06-22 13:15 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-06-22 13:15 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-06-22 13:15 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-06-22 13:15 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-06-22 13:15 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-06-22 13:15 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-06-22 13:15 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-06-22 13:15 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-06-22 13:15 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-06-22 13:15 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-06-22 13:15 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-06-22 13:15 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-06-22 13:15 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-06-22 13:15 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-06-22 13:15 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-06-22 13:15 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-06-22 13:15 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-06-22 13:15 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-06-22 13:15 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-06-22 13:15 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-06-22 13:15 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-06-22 13:15 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-06-22 13:15 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-06-22 13:15 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-06-22 13:15 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-06-22 13:15 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-06-22 13:15 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-06-22 13:15 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-06-22 13:15 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-06-22 13:15 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-06-22 13:15 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-06-22 13:15 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-06-22 13:15 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-06-22 13:15 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-06-22 13:15 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-06-22 13:15 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-06-22 13:15 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-06-22 13:15 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-06-22 13:15 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-06-22 13:15 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-06-22 13:15 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-06-22 13:15 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-06-22 13:15 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-06-22 13:15 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-06-22 13:15 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-06-22 13:15 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-06-22 13:15 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-06-22 13:15 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-06-22 13:15 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-06-22 13:15 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-06-22 13:15 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-06-22 13:15 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-06-22 13:15 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-06-22 13:15 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-06-22 13:15 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-06-22 13:15 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-06-22 13:15 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-06-22 13:15 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-06-22 13:15 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-06-22 13:15 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-06-22 13:15 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-06-22 13:15 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-06-22 13:15 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-06-22 13:15 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-06-22 13:15 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-06-22 13:15 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-06-22 13:15 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-06-22 13:15 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-06-22 13:15 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-06-22 13:15 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-06-22 13:15 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-06-22 13:15 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-06-22 13:15 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-06-22 13:15 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-06-22 13:15 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-06-22 13:15 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-06-22 13:15 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-06-22 13:15 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-06-22 13:15 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-06-22 13:15 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-06-22 13:15 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-06-22 13:15 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-06-22 13:15 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-06-22 12:47 - 2015-06-22 12:47 - 00000000 ____D C:\Users\luk\AppData\Roaming\java
2015-06-22 12:47 - 2015-06-22 12:47 - 00000000 ____D C:\Users\luk\AppData\Roaming\.minecraft
2015-06-22 12:46 - 2015-06-22 12:47 - 00000000 ____D C:\Program Files (x86)\Minecraft
2015-06-22 12:46 - 2015-06-22 12:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2015-06-22 12:09 - 2015-06-22 12:09 - 00000000 ____D C:\Users\luk\Tracing
2015-06-22 12:09 - 2015-06-22 12:09 - 00000000 ____D C:\Users\luk\AppData\Local\Skype
2015-06-22 12:08 - 2015-07-13 19:48 - 00000000 ____D C:\Users\luk\AppData\Roaming\Skype
2015-06-22 12:08 - 2015-07-13 19:30 - 00000000 ____D C:\ProgramData\Skype
2015-06-22 12:08 - 2015-06-22 12:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-06-22 12:08 - 2015-06-22 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-06-22 11:01 - 2015-06-22 11:01 - 00000000 ____D C:\Users\luk\AppData\Roaming\SmartSteamEmu
2015-06-22 10:55 - 2015-06-22 10:55 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-06-22 10:55 - 2015-06-22 10:55 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-06-22 10:53 - 2015-07-15 11:31 - 00000000 ____D C:\ProgramData\TEMP
2015-06-21 21:19 - 2015-07-15 23:35 - 00000000 ____D C:\Users\luk\AppData\Local\CrashDumps
2015-06-21 20:52 - 2015-06-21 20:50 - 00238376 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2015-06-21 20:37 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-06-21 20:37 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-06-21 20:37 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-06-21 20:37 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-06-21 20:37 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-06-21 20:37 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-06-21 19:49 - 2015-06-21 19:49 - 00000047 _____ C:\Users\luk\Documents\mt-x_hook.txt
2015-06-21 19:49 - 2015-06-21 19:49 - 00000007 _____ C:\Users\luk\Documents\mt-e_hook.txt
2015-06-20 16:11 - 2015-06-20 18:57 - 00000000 ____D C:\Users\luk\Documents\Virtual Machines
2015-06-20 16:08 - 2015-06-30 20:55 - 00000000 ____D C:\Users\luk\AppData\Roaming\VMware
2015-06-20 16:08 - 2015-06-29 22:13 - 00000000 ____D C:\Users\luk\AppData\Local\VMware
2015-06-20 15:47 - 2015-06-30 20:56 - 00000000 ____D C:\ProgramData\VMware
2015-06-20 15:39 - 2015-06-30 19:44 - 00000000 ____D C:\Users\luk\AppData\Roaming\uTorrent
2015-06-20 15:27 - 2015-07-09 13:08 - 00058016 _____ C:\Users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\Documents\Bluetooth Folder
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Synaptics
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\ATI
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Atheros
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\BMExplorer
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\ATI
2015-06-20 15:27 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Local\Adobe
2015-06-20 15:26 - 2015-07-17 22:54 - 00002247 _____ C:\Users\Gast\Desktop\Google Chrome.lnk
2015-06-20 15:26 - 2015-07-17 22:54 - 00001421 _____ C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-20 15:26 - 2015-07-12 20:14 - 00000000 ____D C:\Users\Gast
2015-06-20 15:26 - 2015-07-12 20:08 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-20 15:26 - 2015-07-12 20:08 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-20 15:26 - 2015-06-20 15:27 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Adobe
2015-06-20 15:26 - 2015-06-20 15:26 - 00000020 ___SH C:\Users\Gast\ntuser.ini
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Vorlagen
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Startmenü
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Netzwerkumgebung
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Lokale Einstellungen
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Eigene Dateien
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Druckumgebung
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Musik
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Documents\Eigene Bilder
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Verlauf
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\AppData\Local\Anwendungsdaten
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 _SHDL C:\Users\Gast\Anwendungsdaten
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 ____D C:\Users\Gast\AppData\Local\VirtualStore
2015-06-20 15:26 - 2015-06-20 15:26 - 00000000 ____D C:\Users\Gast\AppData\Local\Google
2015-06-20 15:25 - 2015-07-15 13:07 - 00000821 _____ C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-19 02:26 - 2015-06-10 23:36 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-18 15:48 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-18 15:05 - 2015-06-10 22:38 - 01553457 _____ C:\Windows\WindowsUpdate.log
2015-07-18 14:35 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-18 14:31 - 2009-07-14 06:45 - 04933736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-18 14:24 - 2015-06-13 18:42 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-18 14:24 - 2010-11-21 05:47 - 00783676 _____ C:\Windows\PFRO.log
2015-07-17 14:13 - 2015-06-10 23:51 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-17 13:31 - 2011-04-12 09:43 - 00698926 _____ C:\Windows\system32\perfh007.dat
2015-07-17 13:31 - 2011-04-12 09:43 - 00149034 _____ C:\Windows\system32\perfc007.dat
2015-07-17 13:31 - 2009-07-14 07:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-16 16:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-07-15 23:26 - 2015-06-10 23:36 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 23:26 - 2015-06-10 23:36 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 23:26 - 2015-06-10 23:36 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 23:23 - 2015-06-14 13:03 - 00000000 ____D C:\ProgramData\Origin
2015-07-15 18:33 - 2015-06-12 21:11 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 13:07 - 2015-06-14 12:44 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-15 13:07 - 2015-06-14 12:44 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-15 13:07 - 2015-06-10 22:52 - 00001425 _____ C:\Users\luk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-15 12:27 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-15 12:17 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-15 11:42 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-15 11:12 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-07-15 00:56 - 2015-06-14 12:44 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1434278682
2015-07-15 00:56 - 2015-06-14 12:44 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-14 09:39 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-13 23:27 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-13 23:26 - 2015-06-14 13:05 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-07-13 18:16 - 2009-07-14 04:34 - 00000505 _____ C:\Windows\win.ini
2015-07-13 16:51 - 2015-06-10 22:51 - 00000000 ____D C:\Users\luk
2015-07-13 13:30 - 2009-07-14 06:45 - 00027424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-13 13:30 - 2009-07-14 06:45 - 00027424 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-13 12:34 - 2015-06-13 18:37 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-12 21:33 - 2015-06-13 13:53 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-12 20:08 - 2015-06-14 10:25 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-12 20:08 - 2015-06-13 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-12 20:08 - 2015-06-13 13:50 - 00000000 ____D C:\Program Files\AMD
2015-07-12 20:08 - 2015-06-12 10:42 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-12 20:08 - 2015-06-10 23:36 - 00000000 ____D C:\Windows\system32\Macromed
2015-07-12 20:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-07-09 13:11 - 2015-06-10 07:31 - 00000000 ____D C:\AMD
2015-07-05 19:16 - 2015-06-12 21:26 - 00000000 ____D C:\Users\luk\AppData\Roaming\Maxthon3
2015-07-04 13:49 - 2015-06-14 13:03 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-07-03 12:04 - 2015-06-12 21:51 - 00097802 _____ C:\Windows\DirectX.log
2015-07-03 08:43 - 2015-06-12 21:11 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-03 00:05 - 2015-06-14 13:04 - 00000000 ____D C:\Users\luk\AppData\Roaming\Origin
2015-07-03 00:04 - 2015-06-14 13:03 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-28 00:56 - 2015-06-14 19:53 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-25 23:38 - 2015-06-12 10:43 - 00058016 _____ C:\Users\luk\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-25 23:01 - 2015-06-14 19:40 - 00000000 ____D C:\Users\luk\AppData\Local\Adobe
2015-06-25 22:40 - 2015-06-10 22:52 - 00000000 ____D C:\Users\luk\AppData\Local\VirtualStore
2015-06-23 13:30 - 2010-11-21 05:27 - 00300704 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-22 16:11 - 2015-06-12 21:50 - 00000000 ____D C:\Users\luk\AppData\Local\Warframe
2015-06-21 21:45 - 2015-06-10 23:37 - 00000000 ____D C:\Users\luk\AppData\Roaming\Adobe
2015-06-21 19:21 - 2015-06-14 12:03 - 00000000 ____D C:\Program Files\Bitdefender
2015-06-20 15:48 - 2015-06-12 11:52 - 01646762 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-20 15:28 - 2015-06-10 23:23 - 00000000 ____D C:\Users\luk\Documents\Bluetooth Folder
2015-06-20 15:27 - 2015-06-13 10:50 - 00000000 ____D C:\ProgramData\Atheros
2015-06-19 21:20 - 2015-06-14 12:03 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2015-06-19 20:49 - 2015-06-14 12:21 - 00000412 _____ C:\Windows\system32\checkdnsid.xml

==================== Files in the root of some directories =======

2015-06-25 00:06 - 2015-06-25 00:06 - 0000000 ___SH () C:\Users\luk\AppData\Local\LumaEmu

Some files in TEMP:
====================
C:\Users\luk\AppData\Local\Temp\ChromeSetup.exe
C:\Users\luk\AppData\Local\Temp\InstHelper.exe
C:\Users\luk\AppData\Local\Temp\Quarantine.exe
C:\Users\luk\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 16:33

==================== End of log ============================
         

Antwort

Themen zu Programme werden einfach installiert
alarm, antivirus, brauche, browser, dringend, einfach, installier, installiert, problem, programme, schlägt



Ähnliche Themen: Programme werden einfach installiert


  1. Windows 7: Trojaner downloaded und installiert Programme
    Log-Analyse und Auswertung - 23.08.2015 (17)
  2. PowerIso runtergeladen, unbefugte Programme wurden im Hintergrund installiert
    Plagegeister aller Art und deren Bekämpfung - 06.08.2015 (14)
  3. Irgendwas Installiert immer programme und öffnet denn Internet Explorer
    Plagegeister aller Art und deren Bekämpfung - 02.05.2015 (64)
  4. Probleme mit Browser-Redirecting und merkwürdige Programme installiert
    Log-Analyse und Auswertung - 28.12.2014 (7)
  5. Neue programme wurden installiert?
    Überwachung, Datenschutz und Spam - 22.06.2014 (4)
  6. wssetup.exe will installiert werden
    Plagegeister aller Art und deren Bekämpfung - 22.06.2013 (7)
  7. Mein Pc Installiert nicht Programme!
    Alles rund um Windows - 15.02.2011 (1)
  8. Es können kein Programme mehr installiert werden...
    Plagegeister aller Art und deren Bekämpfung - 30.12.2010 (3)
  9. 0xc0000005 Programme können nicht ausgeführt und installiert werden.
    Log-Analyse und Auswertung - 19.08.2010 (5)
  10. Avira wird nicht ausgefuehrt andere Programme koennen nicht installiert werden
    Plagegeister aller Art und deren Bekämpfung - 02.02.2010 (2)
  11. Viele Programme starten einfach nicht mehr
    Log-Analyse und Auswertung - 30.12.2009 (9)
  12. Windows XP neu installiert "Anwendungen werden installiert"?
    Alles rund um Windows - 26.05.2009 (2)
  13. IE & Opera stürzen automatisch - Programme werden nicht installiert
    Log-Analyse und Auswertung - 24.05.2009 (8)
  14. windows öffnet einfach programme usw
    Alles rund um Windows - 01.03.2009 (1)
  15. Programme werden einfach geschlossen
    Alles rund um Windows - 15.09.2008 (1)
  16. Programme werden einfach geschlossen!
    Log-Analyse und Auswertung - 07.02.2007 (1)
  17. antivir,firewall, werden brechen ab bzw können nicht installiert werden!!
    Antiviren-, Firewall- und andere Schutzprogramme - 01.06.2005 (13)

Zum Thema Programme werden einfach installiert - Sehr geehrte Damen und Herren, Ich habe ein Problem ich habe wohl irgendwas Gedownloaded und jetzt werden einfach Programme installiert und mein Antivirus schlägt bei jedem Browser Alarm Brauche dringend - Programme werden einfach installiert...
Archiv
Du betrachtest: Programme werden einfach installiert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.