Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Chrome öffnet Tabs mit Werbung!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 04.09.2014, 12:57   #16
CaptainZ
 
Chrome öffnet Tabs mit Werbung! - Standard

Chrome öffnet Tabs mit Werbung!



Fixlog
Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02
Ran by Ste at 2014-09-04 13:42:08 Run:1
Running from C:\Users\Ste\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Program Files (x86)\Steam\config\overlayhtmlcache\f_00015a
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\200062ac\report_id.zip
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b1f7\photo.zip
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b459\photo.zip
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b7e2\photo.zip
C:\Users\Ste\Downloads\Eusing Free Registry Cleaner - CHIP-Installer.exe
C:\Users\Ste\Downloads\gb3-setup.exe
C:\Users\Ste\Downloads\iDevice Manager iPhone Explorer - CHIP-Downloader.exe
C:\Users\Ste\Downloads\Visual Basic 2010 Express - CHIP-Installer.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
ProxyServer: http=;ftp=;https=;
Toolbar: HKLM-x32 - &GO Stats - {3D98AD1A-707C-4FA7-AE98-C4039B8231EB} - C:\Program Files (x86)\GoStats\GoStatsBar.dll No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FF NetworkProxy: "autoconfig_url", "hxxp://118.141.167.89/"
FF NetworkProxy: "type", 0
C:\WINDOWS\System32\Tasks\AutoKMS
C:\Windows\AutoKMS\
EmptyTemp:
         
*****************

C:\Program Files (x86)\Steam\config\overlayhtmlcache\f_00015a => Moved successfully.
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\200062ac\report_id.zip => Moved successfully.
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b1f7\photo.zip => Moved successfully.
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b459\photo.zip => Moved successfully.
C:\Users\Ste\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\ec018723a56eefe8\120712-0049\Att\2000b7e2\photo.zip => Moved successfully.
C:\Users\Ste\Downloads\Eusing Free Registry Cleaner - CHIP-Installer.exe => Moved successfully.
C:\Users\Ste\Downloads\gb3-setup.exe => Moved successfully.
C:\Users\Ste\Downloads\iDevice Manager iPhone Explorer - CHIP-Downloader.exe => Moved successfully.
C:\Users\Ste\Downloads\Visual Basic 2010 Express - CHIP-Installer.exe => Moved successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => Key deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3D98AD1A-707C-4FA7-AE98-C4039B8231EB} => value deleted successfully.
"HKCR\Wow6432Node\CLSID\{3D98AD1A-707C-4FA7-AE98-C4039B8231EB}" => Key deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
C:\WINDOWS\System32\Tasks\AutoKMS => Moved successfully.
C:\Windows\AutoKMS => Moved successfully.
EmptyTemp: => Removed 1005.1 MB temporary data.


The system needed a reboot. 

==== End of Fixlog ====
         
FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014 02
Ran by Ste (administrator) on CAPTAINPC on 04-09-2014 13:54:57
Running from C:\Users\Ste\Desktop
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Atheros Commnucations) C:\Windows\System32\AdminService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Spotify Ltd) C:\Users\Ste\AppData\Roaming\Spotify\spotify.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\puush\puush.exe
(Akamai Technologies, Inc.) C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Ste\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8294680 2014-02-28] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-07-20] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-07-31] (AVAST Software)
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1937600 2014-09-03] (Valve Corporation)
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2014-06-03] ()
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Ste\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\MountPoints2: {249684e7-0b46-11e4-beba-4c72b9ad97be} - "E:\SETUP.EXE" 
HKU\S-1-5-21-56534520-2028495375-83417344-1001\...\MountPoints2: {63d56146-fe26-11e3-bea9-4c72b9ad97be} - "E:\setup\rsrc\Autorun.exe" 
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46E8CD6D9043CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {28D12899-03A0-406E-8858-1591705DE945} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default
FF Keyword.URL: https://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\Extensions\staged [2014-09-03]
FF Extension: DownloadHelper - C:\Users\Ste\AppData\Roaming\Mozilla\Firefox\Profiles\28j7xyvr.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-19]

Chrome: 
=======
CHR Profile: C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-07-20]
CHR Extension: (BetterTTV) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-07-20]
CHR Extension: (YouTube) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-20]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-20]
CHR Extension: (plugCubed) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cipflinfkekcenojmoohjoionlhiljli [2014-07-20]
CHR Extension: (Lights Off for YouTube™) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbmcolnbeaedhcaiafolaaiokicobgc [2014-07-20]
CHR Extension: (Google Search) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-20]
CHR Extension: (Tampermonkey) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-08-16]
CHR Extension: (Photo Zoom for Facebook) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi [2014-07-20]
CHR Extension: (Google Play Music) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-07-20]
CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2014-07-20]
CHR Extension: (Webcam Toy) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade [2014-07-20]
CHR Extension: (Google Wallet) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-19]
CHR Extension: (Gmail) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-20]
CHR Extension: (Lights Off for YouTube™) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pncbbbpddkdpkckkbifnfgmfbnocdmih [2014-07-20]
CHR Extension: (Lounge Companion (Dota 2 & CS:GO)) - C:\Users\Ste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pokidbfaabncipciiigfhncfmgmdjdaj [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-11]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Windows\system32\AdminService.exe [208384 2013-06-25] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-11] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-11] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2014-06-25] () [File not signed]
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-29] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2014-08-24] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S4 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-11] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-11] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-11] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-11] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-11] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-11] ()
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R2 hmip; C:\WINDOWS\system32\Drivers\hmip64.sys [38760 2013-06-19] (Hide My IP)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-07-20] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RZMAELSTROMVADService; C:\Windows\system32\drivers\RzMaelstromVAD.sys [32768 2014-05-23] (Windows (R) Win 7 DDK provider)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 wlreadun; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 13:54 - 2014-09-04 13:54 - 00021850 _____ () C:\Users\Ste\Desktop\FRST.txt
2014-09-04 02:23 - 2014-09-04 02:23 - 00000307 _____ () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Systemsteuerung.lnk
2014-09-04 00:39 - 2014-09-04 00:39 - 16787162 _____ () C:\Users\Ste\Desktop\p2000skinsnip.psd
2014-09-03 22:35 - 2014-09-03 22:35 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-03 22:34 - 2014-09-03 22:34 - 02347384 _____ (ESET) C:\Users\Ste\Downloads\esetsmartinstaller_deu.exe
2014-09-03 21:32 - 2014-09-03 22:08 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 21:32 - 2014-09-03 21:32 - 00001086 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-03 21:32 - 2014-09-03 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-03 21:31 - 2014-09-03 21:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-03 21:31 - 2014-09-03 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ste\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 21:31 - 2014-09-03 21:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 21:31 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-03 21:31 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-03 21:31 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-03 21:12 - 2014-09-03 21:22 - 00000000 ____D () C:\AdwCleaner
2014-09-03 21:12 - 2014-09-03 21:12 - 01370483 _____ () C:\Users\Ste\Downloads\adwcleaner_3.309.exe
2014-09-03 20:19 - 2014-09-03 20:19 - 00045560 _____ () C:\Users\Ste\Desktop\Addition.txt
2014-09-03 18:51 - 2014-09-03 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Ste\Downloads\TFC.exe
2014-09-03 18:23 - 2014-09-04 13:55 - 00000000 ____D () C:\FRST
2014-09-03 18:22 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Desktop\FRST64.exe
2014-09-03 18:21 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Downloads\FRST64.exe
2014-09-03 17:30 - 2014-09-03 17:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ste\Downloads\HiJackThis204.exe
2014-09-02 22:08 - 2014-09-04 01:50 - 00042632 _____ () C:\Users\Ste\Desktop\Bewerbung.odt
2014-09-02 21:18 - 2014-09-02 21:18 - 00031232 _____ () C:\Users\Ste\Downloads\privatbrief.dot
2014-09-02 15:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-02 15:15 - 2014-09-02 15:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{78DEC42A-6203-4D34-8AA4-A7842432F6C7}
2014-09-02 15:14 - 2014-09-02 15:14 - 00003120 _____ () C:\WINDOWS\System32\Tasks\{82D7DE39-8D22-49B2-A524-048BD58F38F4}
2014-09-02 15:13 - 2014-09-02 15:18 - 00000000 ____D () C:\Users\Ste\AppData\Local\21255
2014-08-29 21:48 - 2014-08-29 21:49 - 00018397 _____ () C:\WINDOWS\DirectX.log
2014-08-29 02:54 - 2014-08-29 02:54 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2014-08-28 14:52 - 2014-08-23 02:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-28 14:41 - 2014-09-04 13:54 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 14:41 - 2014-08-28 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 14:40 - 2014-09-04 13:50 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 14:40 - 2014-09-04 13:46 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 14:40 - 2014-08-28 14:40 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 14:40 - 2014-08-28 14:40 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 14:39 - 2014-08-28 14:40 - 00895120 _____ (Google Inc.) C:\Users\Ste\Downloads\ChromeSetup(1).exe
2014-08-28 14:31 - 2014-09-04 13:46 - 00007868 _____ () C:\WINDOWS\PFRO.log
2014-08-27 21:08 - 2014-08-27 21:11 - 63252202 _____ () C:\Users\Ste\Downloads\The dropper 2 By BIGRE.zip
2014-08-26 20:54 - 2014-08-29 22:41 - 00000020 _____ () C:\WINDOWS\capsys184523.log
2014-08-26 16:33 - 2014-08-26 16:35 - 00000000 ____D () C:\Users\Ste\Documents\The Crew
2014-08-26 16:33 - 2014-08-26 16:35 - 00000000 ____D () C:\Users\Ste\Documents\ProfileCache
2014-08-26 14:06 - 2014-08-26 14:08 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft Game Launcher
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-26 14:05 - 2014-08-26 14:05 - 78471096 _____ (Ubisoft) C:\Users\Ste\Downloads\UplayInstaller.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-08-24 20:45 - 2014-08-24 20:45 - 02247976 _____ () C:\Users\Ste\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-23 15:57 - 2014-08-23 15:57 - 20141552 _____ (Gameforge ) C:\Users\Ste\Downloads\NosTale_GameforgeLiveSetup.exe
2014-08-23 13:43 - 2014-09-04 13:52 - 00781215 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-22 18:47 - 2014-08-22 18:47 - 00000000 ____D () C:\Users\Ste\.appwork
2014-08-22 18:27 - 2014-08-22 18:27 - 00000000 ____D () C:\Users\Ste\Downloads\Autoruns_12.02
2014-08-22 18:26 - 2014-08-22 18:26 - 04813544 _____ (Piriform Ltd) C:\Users\Ste\Downloads\ccsetup416.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-22 14:06 - 2014-08-22 14:05 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-22 14:05 - 2014-08-22 14:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 21:57 - 2014-08-21 21:57 - 03123660 _____ () C:\Users\Ste\Downloads\Arrow Survival Mini-Game V2.0.zip
2014-08-19 20:51 - 2014-08-19 20:51 - 00949546 _____ () C:\Users\Ste\Desktop\Glass.zip
2014-08-19 19:37 - 2014-08-19 19:37 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-19 18:28 - 2014-08-19 18:28 - 03507092 _____ () C:\Users\Ste\Downloads\Wood_0.0.3 (1).zip
2014-08-17 14:14 - 2014-08-17 14:14 - 00026689 _____ () C:\Users\Ste\Downloads\bitcoin-rechnung.ods
2014-08-17 01:35 - 2014-08-17 01:35 - 04456048 _____ (HTTrack ) C:\Users\Ste\Downloads\httrack_x64-3.48.17.exe
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\Program Files\WinHTTrack
2014-08-16 19:20 - 2014-08-16 19:20 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-16 00:44 - 2014-08-16 00:44 - 00022877 _____ () C:\Users\Ste\Downloads\LoungeStats.user.js
2014-08-15 15:58 - 2014-08-15 15:58 - 00000000 ____D () C:\Users\Ste\Documents\PVZ Garden Warfare
2014-08-15 13:00 - 2014-08-02 02:17 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-08-15 13:00 - 2014-08-02 02:17 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 00:44 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 00:44 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 00:37 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 00:37 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 00:37 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 00:37 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 00:37 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 00:37 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 00:37 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 00:37 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 00:37 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 00:37 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 00:37 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 00:37 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 00:37 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 00:37 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 00:37 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 00:37 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 00:37 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 00:37 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 00:37 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 00:37 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 00:37 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 00:37 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 00:37 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 00:37 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 00:37 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 00:37 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 00:37 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 00:37 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 00:37 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 00:37 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 00:37 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 00:37 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 00:37 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 00:37 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 00:37 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 00:37 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 00:37 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 00:36 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 00:36 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 00:35 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-15 00:35 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-08-15 00:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 00:35 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 00:34 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-15 00:34 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-15 00:34 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 00:34 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 00:34 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 00:34 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 00:34 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 00:34 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 00:29 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 00:29 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 00:29 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 00:29 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 00:29 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 00:29 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 00:29 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-14 21:46 - 2014-08-14 21:46 - 00000000 ____D () C:\Users\Ste\Downloads\Icons
2014-08-14 21:45 - 2014-08-14 21:45 - 01253286 _____ () C:\Users\Ste\Downloads\Icons.zip
2014-08-14 19:05 - 2014-08-14 19:05 - 00000000 ____D () C:\Users\Ste\Downloads\CSGOCrosshair-master
2014-08-14 18:58 - 2014-08-14 18:58 - 06312982 _____ () C:\Users\Ste\Downloads\CSGOCrosshair-master.zip
2014-08-13 16:48 - 2014-03-03 17:19 - 00447752 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll
2014-08-13 00:55 - 2014-08-13 00:59 - 00000000 ____D () C:\Program Files (x86)\GoStats
2014-08-13 00:55 - 2014-08-13 00:55 - 00923237 _____ () C:\Users\Ste\Downloads\GoStatsToolbar.zip
2014-08-09 20:12 - 2014-08-09 20:12 - 08429915 _____ () C:\Users\Ste\Downloads\csgo-ranks-wallpapers.zip
2014-08-09 15:18 - 2014-08-09 15:18 - 00562437 _____ () C:\Users\Ste\Downloads\csgobuyscriptmaker_v11e.zip
2014-08-07 02:05 - 2014-09-04 02:06 - 00000000 ____D () C:\Users\Ste\Desktop\Alles Stuff
2014-08-06 23:58 - 2014-08-06 23:58 - 00021269 _____ () C:\Users\Ste\Downloads\f (1).txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-04 13:55 - 2014-09-04 13:54 - 00021850 _____ () C:\Users\Ste\Desktop\FRST.txt
2014-09-04 13:55 - 2014-09-03 18:23 - 00000000 ____D () C:\FRST
2014-09-04 13:55 - 2014-08-23 13:43 - 00781215 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-04 13:54 - 2014-08-28 14:41 - 00002155 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-04 13:54 - 2014-03-19 19:32 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\TS3Client
2014-09-04 13:53 - 2014-03-20 19:47 - 00000000 ___DO () C:\Users\Ste\SkyDrive
2014-09-04 13:50 - 2014-08-28 14:40 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-04 13:48 - 2014-03-19 20:32 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Spotify
2014-09-04 13:48 - 2014-03-19 19:36 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-04 13:46 - 2014-08-28 14:40 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-04 13:46 - 2014-08-28 14:31 - 00007868 _____ () C:\WINDOWS\PFRO.log
2014-09-04 13:46 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-04 13:45 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-04 13:45 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-04 13:37 - 2014-03-19 18:31 - 00003592 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-56534520-2028495375-83417344-1001
2014-09-04 13:31 - 2014-03-24 19:41 - 00003926 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BB2AFE3E-8364-41A2-BA5C-F8E0CE4FD5D0}
2014-09-04 13:26 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-04 02:23 - 2014-09-04 02:23 - 00000307 _____ () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Systemsteuerung.lnk
2014-09-04 02:18 - 2014-03-19 20:01 - 00000000 ____D () C:\Users\Ste\AppData\Local\Adobe
2014-09-04 02:07 - 2014-06-21 16:11 - 00000000 ____D () C:\Users\Ste\AppData\Local\Game Dev Tycoon
2014-09-04 02:06 - 2014-08-07 02:05 - 00000000 ____D () C:\Users\Ste\Desktop\Alles Stuff
2014-09-04 02:06 - 2014-03-22 16:06 - 00001456 _____ () C:\Users\Ste\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-09-04 01:50 - 2014-09-02 22:08 - 00042632 _____ () C:\Users\Ste\Desktop\Bewerbung.odt
2014-09-04 01:41 - 2014-03-22 22:01 - 00000600 _____ () C:\Users\Ste\AppData\Roaming\winscp.rnd
2014-09-04 00:39 - 2014-09-04 00:39 - 16787162 _____ () C:\Users\Ste\Desktop\p2000skinsnip.psd
2014-09-03 22:35 - 2014-09-03 22:35 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-09-03 22:34 - 2014-09-03 22:34 - 02347384 _____ (ESET) C:\Users\Ste\Downloads\esetsmartinstaller_deu.exe
2014-09-03 22:08 - 2014-09-03 21:32 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-03 22:03 - 2014-07-20 01:40 - 00000000 ____D () C:\Program Files (x86)\FreeHideIP
2014-09-03 21:32 - 2014-09-03 21:32 - 00001086 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-09-03 21:32 - 2014-09-03 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-09-03 21:32 - 2014-09-03 21:31 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-09-03 21:31 - 2014-09-03 21:31 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Ste\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-03 21:31 - 2014-09-03 21:31 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-03 21:24 - 2013-08-22 16:44 - 05224144 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-03 21:22 - 2014-09-03 21:12 - 00000000 ____D () C:\AdwCleaner
2014-09-03 21:12 - 2014-09-03 21:12 - 01370483 _____ () C:\Users\Ste\Downloads\adwcleaner_3.309.exe
2014-09-03 20:19 - 2014-09-03 20:19 - 00045560 _____ () C:\Users\Ste\Desktop\Addition.txt
2014-09-03 20:18 - 2014-03-19 20:27 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-03 20:07 - 2014-03-22 15:20 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-09-03 20:05 - 2014-06-08 20:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 12.0
2014-09-03 20:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-09-03 19:58 - 2014-06-07 19:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft SDKs
2014-09-03 19:51 - 2014-07-14 13:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-03 19:49 - 2014-07-14 13:26 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-09-03 19:48 - 2014-07-30 15:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-03 19:48 - 2013-11-14 09:13 - 00000000 ____D () C:\WINDOWS\ShellNew
2014-09-03 19:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-03 19:45 - 2013-08-22 15:25 - 00000111 _____ () C:\WINDOWS\win.ini
2014-09-03 19:20 - 2014-03-19 19:54 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-09-03 18:52 - 2014-09-03 18:51 - 00448512 _____ (OldTimer Tools) C:\Users\Ste\Downloads\TFC.exe
2014-09-03 18:22 - 2014-09-03 18:22 - 02104832 _____ (Farbar) C:\Users\Ste\Desktop\FRST64.exe
2014-09-03 18:22 - 2014-09-03 18:21 - 02104832 _____ (Farbar) C:\Users\Ste\Downloads\FRST64.exe
2014-09-03 17:30 - 2014-09-03 17:30 - 00388608 _____ (Trend Micro Inc.) C:\Users\Ste\Downloads\HiJackThis204.exe
2014-09-03 17:30 - 2014-03-19 18:23 - 00000000 ____D () C:\Users\Ste\AppData\Local\VirtualStore
2014-09-03 00:01 - 2014-05-01 00:03 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\.minecraft
2014-09-02 21:19 - 2014-03-19 18:22 - 00000000 ____D () C:\Users\Ste\AppData\Local\Packages
2014-09-02 21:18 - 2014-09-02 21:18 - 00031232 _____ () C:\Users\Ste\Downloads\privatbrief.dot
2014-09-02 15:20 - 2014-03-22 16:18 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-02 15:18 - 2014-09-02 15:13 - 00000000 ____D () C:\Users\Ste\AppData\Local\21255
2014-09-02 15:18 - 2014-06-11 23:53 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-02 15:15 - 2014-09-02 15:15 - 00003140 _____ () C:\WINDOWS\System32\Tasks\{78DEC42A-6203-4D34-8AA4-A7842432F6C7}
2014-09-02 15:14 - 2014-09-02 15:14 - 00003120 _____ () C:\WINDOWS\System32\Tasks\{82D7DE39-8D22-49B2-A524-048BD58F38F4}
2014-09-02 15:11 - 2014-03-21 23:01 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Skype
2014-08-30 14:52 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-29 22:41 - 2014-08-26 20:54 - 00000020 _____ () C:\WINDOWS\capsys184523.log
2014-08-29 22:36 - 2014-03-22 16:16 - 00000000 ____D () C:\ProgramData\Origin
2014-08-29 22:35 - 2014-03-22 16:16 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-29 21:49 - 2014-08-29 21:48 - 00018397 _____ () C:\WINDOWS\DirectX.log
2014-08-29 16:43 - 2014-03-22 16:31 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe PNG-Format CC - Voreinstellungen
2014-08-29 03:13 - 2014-03-20 19:27 - 00000000 ____D () C:\Users\Ste
2014-08-29 02:54 - 2014-08-29 02:54 - 00000000 ____D () C:\Program Files (x86)\Drakensang Online
2014-08-28 14:45 - 2014-03-19 19:32 - 00000000 ____D () C:\Users\Ste\AppData\Local\Google
2014-08-28 14:41 - 2014-08-28 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 14:40 - 2014-08-28 14:40 - 00004096 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-28 14:40 - 2014-08-28 14:40 - 00003860 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-28 14:40 - 2014-08-28 14:39 - 00895120 _____ (Google Inc.) C:\Users\Ste\Downloads\ChromeSetup(1).exe
2014-08-28 14:40 - 2014-03-19 19:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-27 21:11 - 2014-08-27 21:08 - 63252202 _____ () C:\Users\Ste\Downloads\The dropper 2 By BIGRE.zip
2014-08-26 16:35 - 2014-08-26 16:33 - 00000000 ____D () C:\Users\Ste\Documents\The Crew
2014-08-26 16:35 - 2014-08-26 16:33 - 00000000 ____D () C:\Users\Ste\Documents\ProfileCache
2014-08-26 16:17 - 2014-06-07 15:56 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft
2014-08-26 14:08 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Local\Ubisoft Game Launcher
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-26 14:06 - 2014-08-26 14:06 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-26 14:05 - 2014-08-26 14:05 - 78471096 _____ (Ubisoft) C:\Users\Ste\Downloads\UplayInstaller.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe
2014-08-25 18:40 - 2014-08-25 18:40 - 00290184 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2014-08-25 18:40 - 2014-04-06 00:54 - 00297088 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.xtr
2014-08-25 14:26 - 2014-03-19 20:33 - 00000000 ____D () C:\Users\Ste\AppData\Local\Spotify
2014-08-24 20:47 - 2014-05-31 13:43 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-08-24 20:45 - 2014-08-24 20:45 - 02247976 _____ () C:\Users\Ste\Downloads\battlelog-web-plugins_2.4.0_145.exe
2014-08-24 20:45 - 2014-04-06 00:51 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-24 00:07 - 2014-04-01 20:23 - 00000000 ____D () C:\Users\Ste\Documents\My Games
2014-08-23 15:57 - 2014-08-23 15:57 - 20141552 _____ (Gameforge ) C:\Users\Ste\Downloads\NosTale_GameforgeLiveSetup.exe
2014-08-23 02:42 - 2014-08-28 14:52 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-22 18:47 - 2014-08-22 18:47 - 00000000 ____D () C:\Users\Ste\.appwork
2014-08-22 18:47 - 2014-05-01 01:03 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-08-22 18:42 - 2014-04-08 16:18 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-22 18:31 - 2014-06-07 17:11 - 00003648 _____ () C:\WINDOWS\System32\Tasks\Red Giant Link
2014-08-22 18:27 - 2014-08-22 18:27 - 00000000 ____D () C:\Users\Ste\Downloads\Autoruns_12.02
2014-08-22 18:26 - 2014-08-22 18:26 - 04813544 _____ (Piriform Ltd) C:\Users\Ste\Downloads\ccsetup416.exe
2014-08-22 14:06 - 2014-03-24 19:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-22 14:05 - 2014-08-22 14:06 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-22 14:05 - 2014-08-22 14:06 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-22 14:05 - 2014-08-22 14:05 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 21:57 - 2014-08-21 21:57 - 03123660 _____ () C:\Users\Ste\Downloads\Arrow Survival Mini-Game V2.0.zip
2014-08-19 20:51 - 2014-08-19 20:51 - 00949546 _____ () C:\Users\Ste\Desktop\Glass.zip
2014-08-19 20:48 - 2014-07-26 23:52 - 00000000 ____D () C:\Users\Ste\AppData\Local\ftblauncher
2014-08-19 19:57 - 2014-03-19 23:11 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-08-19 19:52 - 2014-03-19 23:11 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-08-19 19:37 - 2014-08-19 19:37 - 00000132 _____ () C:\Users\Ste\AppData\Roaming\Adobe GIF-Format CC - Voreinstellungen
2014-08-19 18:28 - 2014-08-19 18:28 - 03507092 _____ () C:\Users\Ste\Downloads\Wood_0.0.3 (1).zip
2014-08-18 00:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-17 14:14 - 2014-08-17 14:14 - 00026689 _____ () C:\Users\Ste\Downloads\bitcoin-rechnung.ods
2014-08-17 01:35 - 2014-08-17 01:35 - 04456048 _____ (HTTrack ) C:\Users\Ste\Downloads\httrack_x64-3.48.17.exe
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2014-08-17 01:35 - 2014-08-17 01:35 - 00000000 ____D () C:\Program Files\WinHTTrack
2014-08-16 19:22 - 2014-04-04 21:47 - 00000000 ____D () C:\Users\Ste\AppData\Roaming\HpUpdate
2014-08-16 19:22 - 2014-04-04 21:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-16 19:22 - 2014-04-04 21:44 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-16 19:20 - 2014-08-16 19:20 - 00000000 ____D () C:\WINDOWS\Hewlett-Packard
2014-08-16 15:51 - 2014-07-20 11:09 - 00000000 ____D () C:\ProgramData\ProductData
2014-08-16 01:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-16 01:04 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-16 00:44 - 2014-08-16 00:44 - 00022877 _____ () C:\Users\Ste\Downloads\LoungeStats.user.js
2014-08-15 22:51 - 2014-04-03 13:38 - 00000000 ____D () C:\Users\Ste\AppData\Local\DayZ
2014-08-15 15:58 - 2014-08-15 15:58 - 00000000 ____D () C:\Users\Ste\Documents\PVZ Garden Warfare
2014-08-15 14:23 - 2014-03-19 19:31 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-08-15 13:00 - 2014-07-10 23:42 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-08-15 00:28 - 2014-08-15 00:28 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-08-15 00:28 - 2014-08-15 00:28 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-08-15 00:28 - 2014-08-15 00:28 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-08-14 21:46 - 2014-08-14 21:46 - 00000000 ____D () C:\Users\Ste\Downloads\Icons
2014-08-14 21:45 - 2014-08-14 21:45 - 01253286 _____ () C:\Users\Ste\Downloads\Icons.zip
2014-08-14 19:05 - 2014-08-14 19:05 - 00000000 ____D () C:\Users\Ste\Downloads\CSGOCrosshair-master
2014-08-14 18:58 - 2014-08-14 18:58 - 06312982 _____ () C:\Users\Ste\Downloads\CSGOCrosshair-master.zip
2014-08-13 00:59 - 2014-08-13 00:55 - 00000000 ____D () C:\Program Files (x86)\GoStats
2014-08-13 00:55 - 2014-08-13 00:55 - 00923237 _____ () C:\Users\Ste\Downloads\GoStatsToolbar.zip
2014-08-09 20:12 - 2014-08-09 20:12 - 08429915 _____ () C:\Users\Ste\Downloads\csgo-ranks-wallpapers.zip
2014-08-09 15:18 - 2014-08-09 15:18 - 00562437 _____ () C:\Users\Ste\Downloads\csgobuyscriptmaker_v11e.zip
2014-08-07 04:12 - 2014-08-15 00:34 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-07 00:38 - 2014-08-15 00:35 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-08-06 23:58 - 2014-08-06 23:58 - 00021269 _____ () C:\Users\Ste\Downloads\f (1).txt
2014-08-06 00:04 - 2014-04-12 23:58 - 00000000 ____D () C:\Program Files\OBS

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-03 19:54

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Alles läuft jetzt wieder normal. Vielen Vielen Vielen Dank.

Alt 04.09.2014, 17:59   #17
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Chrome öffnet Tabs mit Werbung! - Standard

Chrome öffnet Tabs mit Werbung!



Hi,

Java 7 Update 55 bitte deinstallieren.

Flash-Link mit dem Firefox aufrufen. Flash aktualisieren. Optionale Angebote ablehnen.


Cleanup:



Alle Logs gepostet? Ja! Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.




>>clean<<
Wir haben es geschafft!
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Wie kann ich mich in Zukunft besser schützen?

Tipps, Dos & Don'ts

Updates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.



Firewall, Antivirus & Co.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. (Updatefunktion aktivieren!)
    Meine Empfehlungen:
    Kaspersky Antivirus
    Emsisoft Anti-Malware
    avast Free Antivirus
  • Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

    Optional:
  • NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.


Cracks, Downloads & Co.


Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.
Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
  • Auch virustotal.com ist Dein Freund! Lade dubiose oder unbekannte Dateien hoch, bevor Du diese startest oder installierst.

Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe daher mit Vorsicht und klicke mit Verstand.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von Dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo Deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst Du von einem Deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und Du solltest nicht denselben Fehler machen.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
  • Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________

__________________

Antwort

Themen zu Chrome öffnet Tabs mit Werbung!
html/scrinject.b.gen, pup.hacktool.loic, pup.optional.amonetize, pup.optional.faststart.a, pup.optional.offerswizard.a, pup.optional.opencandy, pup.optional.plushd.a, pup.optional.simplytech.a, pup.optional.sweetpacks, pup.optional.tenkitechnology, tabs mit werbung, win32/downloadsponsor.a, win32/injector.bkxx, win32/toolbar.widgi, win32/trojandownloader.zurgop.bk



Ähnliche Themen: Chrome öffnet Tabs mit Werbung!


  1. Windows 7: Chrome öffnet automatisch Tabs mit Werbung
    Log-Analyse und Auswertung - 13.07.2015 (16)
  2. Chrome öffnet ungewollt Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 20.05.2015 (17)
  3. Chrome öffnet automatisch neue Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 13.05.2015 (29)
  4. Chrome öffnet regelmäßig immer zwei Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 21.03.2015 (9)
  5. Chrome (Win 8.1) öffnet selbständig Tabs mit Werbung (Verdacht auf Superfish)
    Log-Analyse und Auswertung - 21.03.2015 (27)
  6. Windows 8.1 - youradexchange öffnet selbständig Tabs mit Werbung in Chrome
    Log-Analyse und Auswertung - 06.03.2015 (5)
  7. Google Chrome (auf Mac!) öffnet permanent automatisch Werbung in neuen Tabs
    Alles rund um Mac OSX & Linux - 03.03.2015 (3)
  8. Chrome öffnet Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (11)
  9. Google Chrome öffnet neue tabs mit werbung
    Log-Analyse und Auswertung - 08.01.2015 (16)
  10. Chrome öffnet selbstständig neue Tabs mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 02.01.2015 (13)
  11. Windows 7, Google Chrome, neue Tabs (Werbung) öffnet sich dauernd beim Surfen
    Log-Analyse und Auswertung - 11.12.2014 (1)
  12. Windows 7: Chrome öffnet Fenster, Tabs und PopUps mit Werbung und Wörter doppelt blau unterstrichen
    Log-Analyse und Auswertung - 10.09.2014 (9)
  13. Windows 7, Google Chrome, neue Tabs (Werbung) öffnet sich dauernd beim Surfen
    Log-Analyse und Auswertung - 04.07.2014 (7)
  14. win7: google chrome öffnet automatisch tabs mit werbung
    Log-Analyse und Auswertung - 04.06.2014 (19)
  15. win7: google chrome öffnet automatisch tabs mit werbung, danke an M-K- D-B!
    Lob, Kritik und Wünsche - 04.06.2014 (0)
  16. Windows 7 Ultimate: Google Chrome öffnet von alleine neue Fenster mit Werbung oder neue Tabs
    Plagegeister aller Art und deren Bekämpfung - 28.04.2014 (19)
  17. Chrome öffnet Tabs und manchmal neue Fenster mit Werbung
    Log-Analyse und Auswertung - 17.11.2013 (10)

Zum Thema Chrome öffnet Tabs mit Werbung! - Fixlog Code: Alles auswählen Aufklappen ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-09-2014 02 Ran by Ste at 2014-09-04 13:42:08 Run:1 Running from C:\Users\Ste\Desktop - Chrome öffnet Tabs mit Werbung!...
Archiv
Du betrachtest: Chrome öffnet Tabs mit Werbung! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.