LittleZB | 04.08.2015 16:36 | So hier einmal die mbam.txt Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 04.08.2015
Suchlauf-Zeit: 16:58:35
Logdatei: mbam.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.08.04.04
Rootkit Datenbank: v2015.08.04.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Stephan
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 372863
Verstrichene Zeit: 5 Min, 37 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 1
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, 2180, Löschen bei Neustart, [08cc8d77d9b21d19078f2e2f7f8238c8]
Module: 2
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, Löschen bei Neustart, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, Löschen bei Neustart, [b61e62a2bad10531f8ca0c012dd6f907],
Registrierungsschlüssel: 38
PUP.Optional.XTab.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, In Quarantäne, [08cc8d77d9b21d19078f2e2f7f8238c8],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [2ba9bd4797f463d3bb4f0f7d18ea5ea2],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [2ba9bd4797f463d3bb4f0f7d18ea5ea2],
PUP.Optional.LuckyTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, In Quarantäne, [2ba9bd4797f463d3bb4f0f7d18ea5ea2],
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\HighDefAction, In Quarantäne, [2ba950b46526e452f649f0b17a8a48b8],
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\YorkNewCin, In Quarantäne, [478d5ca8107b90a6af9b01a07193c43c],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD, In Quarantäne, [e9eb798b6724ce68b9670499a262a060],
PUP.Optional.MyPCBackup.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\LaunchPreSignup, Löschen bei Neustart, [0ec62fd5abe0d26492517999e0230ef2],
PUP.Optional.BoBrowser.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\Tree\Run_Bobby_Browser, Löschen bei Neustart, [874d6b99276482b49d36bc5511f2956b],
PUP.Optional.Crossbrowse.A, HKLM\SOFTWARE\WOW6432NODE\Crossbrowse, In Quarantäne, [953f9272c6c5c96d4e28d940dc2756aa],
PUP.Optional.FFPluginHp.A, HKLM\SOFTWARE\WOW6432NODE\FFPluginHp, In Quarantäne, [0fc5f410b8d3b086cbb767af49bad729],
PUP.Optional.HighDefAction.A, HKLM\SOFTWARE\WOW6432NODE\HighDefAction, In Quarantäne, [5b79768e1f6c4aec1827a0014db7d12f],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, In Quarantäne, [0bc902025a313bfb28e1e344956e8e72],
PUP.Optional.MyStartSearch.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\mystartsearchSoftware, In Quarantäne, [c90beb1990fbda5c50b32fff5da610f0],
PUP.Optional.YorkNewCin.A, HKLM\SOFTWARE\WOW6432NODE\YorkNewCin, In Quarantäne, [795b1fe5513a80b60842b9e858acf907],
PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [7e56b84caae165d1180b1afd8a7933cd],
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD, In Quarantäne, [993b4fb59af1e4525fc1e0bd40c4e21e],
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS, In Quarantäne, [33a1c341d1ba2511c5601b7b4eb6dc24],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, In Quarantäne, [eee6966ed3b8fc3a278b66ca2ad929d7],
PUP.Optional.BrowserApps.A, HKU\S-1-5-18\SOFTWARE\BrowserV11.06-nv, In Quarantäne, [8252b54fdfac95a1a1b5fb1cc142de22],
PUP.Optional.BrowserApps.A, HKU\S-1-5-18\SOFTWARE\BrowserV11.06-nv-ie, In Quarantäne, [04d0bb490e7d0531b79fcd4ab05340c0],
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18\SOFTWARE\MediaPlayerVid2.4-nv, In Quarantäne, [4c88d3316c1f62d427a5a7740cf757a9],
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18\SOFTWARE\MediaPlayerVid2.4-nv-ie, In Quarantäne, [6f65a65eef9c0f27418be734669db24e],
PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, In Quarantäne, [647063a13a514ceaa182a4f99e66b947],
PUP.Optional.BoBrowser.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\BoBrowser, In Quarantäne, [a23229dbf596ba7ce916190c24df0cf4],
PUP.Optional.BrowserApps.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\BrowserV11.06-nv-ie, In Quarantäne, [439182829cef0036b1a5e235b84bc63a],
PUP.Optional.Crossbrowse.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\Crossbrowse, In Quarantäne, [6470719373184ee892e3a277e71c926e],
PUP.Optional.HighDefAction.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\HighDefAction, In Quarantäne, [15bf996b8b001026c17d831e53b1ae52],
PUP.Optional.MediaPlayer.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MediaPlayerVid2.4-nv-ie, In Quarantäne, [30a429db008bd85ee0ecc457e122f10f],
PUP.Optional.YorkNewCin.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\YorkNewCin, In Quarantäne, [06ce2adaaae181b5fc4d18897e869b65],
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\ARENAHD, In Quarantäne, [05cf21e3008b3402a37cacf1be4620e0],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, In Quarantäne, [e7ed7391cebd9a9cd073b46549ba30d0],
PUP.Optional.Trovi.C, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [2fa5c63efa916bcb2883d3cbd43015eb],
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, In Quarantäne, [597bad57f596b1850268c15244bf926e],
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, In Quarantäne, [5a7a93716e1d91a5600a957eef141ce4],
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{816C385E-1E9E-4D58-8AEF-0A8D6B33BFAE}, In Quarantäne, [9c3849bb8cff7fb7adbd6da6b54e639d],
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, In Quarantäne, [aa2aff0522692511ec7e769dda2901ff],
PUP.Optional.SweetSearch.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MOZILLA\EXTENDS, In Quarantäne, [01d3c53f008b5dd9e0b6d542f70cdc24],
Registrierungswerte: 19
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\ARENAHD|value, 1, In Quarantäne, [e9eb798b6724ce68b9670499a262a060]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\HIGHDEFACTION|value, 1, In Quarantäne, [369e12f23c4fc571e14a6a3351b3966a]
PUP.Optional.CinemaPlus.C, HKLM\SOFTWARE\WOW6432NODE\ARENAHD|value, 1, In Quarantäne, [993b4fb59af1e4525fc1e0bd40c4e21e]
PUP.Optional.PCTuner.C, HKLM\SOFTWARE\WOW6432NODE\HIGHDEFACTION|value, 1, In Quarantäne, [ebe9ad573358b28482a91b82808449b7]
PUP.Optional.SweetSearch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|sweetsearch@gmail.com, C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\n4b2mttd.default-1432809814654\extensions\sweetsearch@gmail.com, In Quarantäne, [4d8794700685c175f779e631a36028d8]
PUP.Optional.Tuto4Pc.A, HKLM\SOFTWARE\WOW6432NODE\TUTORIALS|HostGUID, 4F6440A2-B0A6-4F50-9D6D-ACE1A130ECE4, In Quarantäne, [33a1c341d1ba2511c5601b7b4eb6dc24]
PUP.Optional.CinemaPlus.C, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\ARENAHD|value, 1, In Quarantäne, [05cf21e3008b3402a37cacf1be4620e0]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, In Quarantäne, [e7ed7391cebd9a9cd073b46549ba30d0]
PUP.Optional.PCTuner.C, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\HIGHDEFACTION|value, 1, In Quarantäne, [9e36e61e03885fd797920d90c143cc34]
PUP.Optional.IEAudioAds.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\INSTALLPATH\STATUS|NuvisionDataRemarketer, Y, In Quarantäne, [3d9702025d2e989e503d099b80847c84]
PUP.Optional.Trovi.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323924&octid=EB_ORIGINAL_CTID&ISID=MA183D3A5-E214-46E7-9E9C-1EB8850A579E&SearchSource=58&CUI=&UM=8&UP=SP75654795-1007-4507-930A-A3BAB302EC1A&D=061615&q={searchTerms}&SSPV=, In Quarantäne, [52829e66afdcfe384666b2e6a65e1de3]
PUP.Optional.Conduit.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}, In Quarantäne, [73612bd91f6c81b51db048d0d33027d9]
PUP.Optional.Trovi.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DisplayName, Trovi, In Quarantäne, [7163a163d1ba37ff88248e0ad3318779]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K&ts=1434042198&type=default&q={searchTerms}, In Quarantäne, [597bad57f596b1850268c15244bf926e]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K&ts=1434042198&type=default&q={searchTerms}, In Quarantäne, [5a7a93716e1d91a5600a957eef141ce4]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, hxxp://www.mystartsearch.com//favicon.ico, In Quarantäne, [9b39bc48177462d48ae02ee5c043f709]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{816C385E-1E9E-4D58-8AEF-0A8D6B33BFAE}|URL, hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K&ts=1434042198&type=default&q={searchTerms}, In Quarantäne, [9c3849bb8cff7fb7adbd6da6b54e639d]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=tugs&utm_campaign=install_ie&utm_content=ds&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K&ts=1434042198&type=default&q={searchTerms}, In Quarantäne, [aa2aff0522692511ec7e769dda2901ff]
PUP.Optional.SweetSearch.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MOZILLA\EXTENDS|appid, sweetsearch@gmail.com, In Quarantäne, [01d3c53f008b5dd9e0b6d542f70cdc24]
Registrierungsdaten: 5
PUP.Optional.HttpBreaker.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K),Ersetzt,[8e4652b23952d660aa767dbf6a9be719]
PUP.Optional.HttpBreaker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K),Ersetzt,[aa2a29db04872511fd235ddfdf26718f]
PUP.Optional.HttpBreaker.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K),Ersetzt,[20b409fb820947ef39e7ce6e46bfb44c]
PUP.Optional.MyStartSearch.ShrtCln, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.mystartsearch.com/web/?type=dspp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/web/?type=dspp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K&q={searchTerms}),Ersetzt,[e4f0e91be7a4b680404395a7c93cb64a]
PUP.Optional.HttpBreaker.A, HKU\S-1-5-21-494240725-3818009409-3357938246-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K, Gut: (www.google.com), Schlecht: (hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K),Ersetzt,[874d63a188031f17b469cd6f9b6ae41c]
Ordner: 28
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [6074c73d276448ee7348f70c38cb31cf],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [6074c73d276448ee7348f70c38cb31cf],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab, Löschen bei Neustart, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\image, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
Dateien: 79
PUP.Optional.XTab.A, C:\Program Files (x86)\MiuiTab\ProtectService.exe, Löschen bei Neustart, [08cc8d77d9b21d19078f2e2f7f8238c8],
PUP.Optional.LuckyTab.A, C:\Program Files (x86)\MiuiTab\SupTab.dll, In Quarantäne, [2ba9bd4797f463d3bb4f0f7d18ea5ea2],
PUP.Optional.CrossRider.A, C:\Users\Stephan\AppData\Roaming\YpaVACupfO1i.exe, In Quarantäne, [1eb60afa385376c019433d58f908a25e],
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll, In Quarantäne, [8a4ada2a08838da98e78a6889273f20e],
PUP.Optional.Browserwatch, C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll, In Quarantäne, [d40046bebfcc41f53cca032b8e779b65],
PUP.Optional.SearchProtect, C:\Program Files (x86)\MiuiTab\BrowserAction.dll, In Quarantäne, [23b12fd565268bab8000ace1b64b6f91],
PUP.Optional.Giner, C:\Program Files (x86)\MiuiTab\CmdShell.exe, In Quarantäne, [b71dbd479af19a9cd1cd4a3135d017e9],
PUP.Optional.Giner, C:\Program Files (x86)\MiuiTab\HPNotify.exe, In Quarantäne, [0ec62ed66b202c0a9b03314a9471c33d],
PUP.Optional.Giner, C:\Program Files (x86)\MiuiTab\IeWatchDog.dll, In Quarantäne, [676d16ee8a01ef47b6e8c2b9e520b749],
PUP.Optional.Clara.A, C:\claraInstaller.txt, In Quarantäne, [765ed232127981b56eaa8496c53e8c74],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage, Löschen bei Neustart, [22b20bf91a71f046bed4ac7a60a320e0],
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.mystartsearch.com_0.localstorage-journal, Löschen bei Neustart, [09cb92727a11290d345e0c1acf340af6],
PUP.Optional.BoBrowser.A, C:\Windows\System32\Tasks\Run_Bobby_Browser, In Quarantäne, [6d6729dbc6c540f624f92ef97d866e92],
PUP.Optional.MyPCBackup.A, C:\Windows\System32\Tasks\LaunchPreSignup, In Quarantäne, [41938183593259dd0b468c1e33d1768a],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update\conf, In Quarantäne, [6074c73d276448ee7348f70c38cb31cf],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\conf, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\install.data, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcp110.dll, Löschen bei Neustart, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\msvcr110.dll, Löschen bei Neustart, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\searchProvider.xml, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\uninstall.exe, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\about_bk.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\btn_apply.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\close.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf.xml, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\conf_back.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\input_bk.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\logo.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\main.xml, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_1.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\radio_2.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\rigth_arrow.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\skin\settings.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\data.html, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE.html, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\indexIE8.html, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\main.css, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\ver.txt, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\google_trends.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon128.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon16.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\icon48.png, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\loading.gif, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\img\logo32.ico, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\common.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\ga.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.autocomplete.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\jquery.xdomainrequest.min.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\js.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\library.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit-ie8.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xagainit2.0.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\js\xdomain.min.js, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\en-US\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-419\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\es-ES\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-BE\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CA\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-CH\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-FR\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\fr-LU\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-CH\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\it-IT\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pl\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\pt-BR\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\ru-MO\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\tr-TR\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\vi-VI\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-CN\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.MiuiTab.A, C:\Program Files (x86)\MiuiTab\web\_locales\zh-TW\messages.json, In Quarantäne, [b61e62a2bad10531f8ca0c012dd6f907],
PUP.Optional.HttpBreaker, C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Gut: ("session":{"restore_on_startup":4,"startup_urls":["https://www.malwarebytes.org/restorebrowser/"]}}), Schlecht: ("session":{"restore_on_startup":4,"startup_urls":["hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K"]},"software_reporter":{"prompt_reason":0,"prompt_seed":"20150601","prompt_version":"3.21.0"}}), Ersetzt,[d202956feba016207e311c670104649c]
PUP.Optional.HttpBreaker.A, C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\nj1cnp7u.default-1434469464249\prefs.js, Gut: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (browser.startup.homepage", "hxxp://www.mystartsearch.com/?type=hppp), Ersetzt,[8b4906fefb90d75fb7f1840035d0b14f]
PUP.Optional.MyStartSearch.ShrtCln, C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\nj1cnp7u.default-1434469464249\prefs.js, Gut: (browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (browser.startup.homepage", "hxxp://www.mystartsearch.com), Ersetzt,[2da7b3512566082eb00fd4b04db8df21]
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)
(end) Hier die AdwCleaner.txt Code:
# AdwCleaner v4.208 - Bericht erstellt 04/08/2015 um 17:18:14
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-09.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Stephan - STEPHAN-PC
# Gestarted von : C:\Users\Stephan\Downloads\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
Ordner Gelöscht : C:\Program Files (x86)\predm
Ordner Gelöscht : C:\Users\Stephan\AppData\Local\globalUpdate
Datei Gelöscht : C:\Windows\Reimage.ini
Datei Gelöscht : C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\nj1cnp7u.default-1434469464249\user.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Reimage
Schlüssel Gelöscht : HKCU\Software\esties
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\Clara
Schlüssel Gelöscht : HKLM\SOFTWARE\{3BDFD1D7-7A9B-4D29-80B3-D00E66E62885}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WebBar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\SecurityUtility
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Mozilla Firefox v33.1.1 (x86 de)
[nj1cnp7u.default-1434469464249\prefs.js] - Zeile Gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
-\\ Google Chrome v44.0.2403.125
[C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323924&octid=EB_ORIGINAL_CTID&ISID=MA183D3A5-E214-46E7-9E9C-1EB8850A579E&SearchSource=58&CUI=&UM=8&UP=SP75654795-1007-4507-930A-A3BAB302EC1A&D=061615&q={searchTerms}&SSPV=
[C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=dspp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K&q={searchTerms}
[C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.mystartsearch.com/?type=hppp&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [2763 Bytes] - [28/05/2015 12:39:41]
AdwCleaner[R1].txt - [4549 Bytes] - [04/08/2015 17:17:31]
AdwCleaner[S0].txt - [2729 Bytes] - [28/05/2015 12:40:26]
AdwCleaner[S1].txt - [4246 Bytes] - [04/08/2015 17:18:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4305 Bytes] ########## Die JRT.txt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Professional x64
Ran by Stephan on 04.08.2015 at 17:24:34,18
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{2DFF3579-5AA7-45B9-9328-1D38EA230861}
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{2DFF3579-5AA7-45B9-9328-1D38EA230861}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}
~~~ Files
Successfully deleted: [File] C:\Windows\SysWOW64\REN4489.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\REN7375.tmp
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\Users\Stephan\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\ProgramData\a22cb0c9e53a42a395d74872508ff900
Successfully deleted: [Folder] C:\Users\Stephan\Appdata\Local\28050
~~~ Chrome
[C:\Users\Stephan\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Stephan\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Stephan\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Stephan\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.08.2015 at 17:27:44,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Und zum Schluss die frische FRST.txt Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von Stephan (Administrator) auf STEPHAN-PC (04-08-2015 17:29:39)
Gestartet von C:\Users\Stephan\Downloads
Geladene Profile: Stephan (Verfügbare Profile: Stephan)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [391784 2015-04-21] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286192 2013-01-31] (Intel Corporation)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [P17RunE] => RunDll32 P17RunE.dll,RunDLLEntry
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-06-18] (Razer Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Razer Mamba Driver] => C:\Program Files (x86)\Razer\Mamba\RazerTray.exe [3278728 2009-12-15] (Razer USA Ltd)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-07-14] (LogMeIn Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [904824 2015-06-29] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation)
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [410216 2014-11-03] (CyberGhost S.R.L.)
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Stephan\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [1904520 2015-04-20] (TomTom)
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\...\Run: [EvolveClient] => D:\Programme\Evolve\EvolveClient.exe [3334016 2015-07-23] (Echobit LLC)
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53760128 2015-07-18] (Skype Technologies S.A.)
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\...\Run: [MyComGames] => C:\Users\Stephan\AppData\Local\MyComGames\MyComGames.exe [4071368 2015-07-29] ()
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
Startup: C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-04-02] ()
GroupPolicyScripts: Gruppenrichtline erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-494240725-3818009409-3357938246-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.msn.com/1me10IE11DEDE/MSE_WCP
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-18] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-18] (Google Inc.)
Tcpip\..\Interfaces\{ABA41165-DFAF-40D5-BD55-E4E215FFF581}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\nj1cnp7u.default-1434469464249
FF Homepage: https://www.malwarebytes.org/restorebrowser/&ts=1434042191&z=44a07dee74ca4f37df8a6d6gbz5ccz0ebzeobgatdz&from=tugs&uid=SamsungXSSDX840XPROXSeries_S1ANNEAD606717K
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-03-20] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-494240725-3818009409-3357938246-1000: @my.com/Games -> C:\Users\Stephan\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-14] (My.com, Inc)
FF Plugin HKU\S-1-5-21-494240725-3818009409-3357938246-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Stephan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)
FF Extension: WEB.DE MailCheck - C:\Users\Stephan\AppData\Roaming\Mozilla\Firefox\Profiles\nj1cnp7u.default-1434469464249\Extensions\mailcheck@web.de [2015-06-17]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: PDF Architect 3 Creator - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-04-14]
StartMenuInternet: FIREFOX.EXE - D:\Programme\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Profile: C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-17]
CHR Extension: (Google Docs) - C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-17]
CHR Extension: (Google Drive) - C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-17]
CHR Extension: (YouTube) - C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-17]
CHR Extension: (Google Search) - C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-17]
CHR Extension: (Google Sheets) - C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-17]
CHR Extension: (Gmail) - C:\Users\Stephan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-10] ()
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-12-12] (BitRaider, LLC)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-06-29] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-06-29] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-29] (BlueStack Systems, Inc.)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-11-16] (Creative Labs) [Datei ist nicht signiert]
S2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2008-11-18] (Creative Technology Ltd) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-05-02] (EasyAntiCheat Ltd)
S3 EvoSvc; D:\Programme\Evolve\EvoSvc.exe [1583488 2015-06-29] (Echobit LLC)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342240 2015-06-03] (Futuremark)
S3 GalaxyClientService; D:\Spiele\GalaxyClient\GalaxyClientService.exe [1718840 2015-07-21] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6871608 2015-07-21] (GOG.com)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-01-31] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-04-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-07-14] (LogMeIn, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3299328 2014-11-26] (INCA Internet Co., Ltd.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; D:\Programme\Origin\OriginClientService.exe [2007048 2015-07-27] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-19] (Overwolf LTD)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2243288 2015-03-20] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-03-20] (pdfforge GmbH)
S2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-03-20] (pdfforge GmbH)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-11-30] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-11-30] ()
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21584 2013-02-19] ()
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-12-12] (BitRaider)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-29] (BlueStack Systems)
S3 EuMusDesignVirtualAudioCableWdm; C:\Windows\System32\DRIVERS\vrtaucbl.sys [67584 2014-12-10] (Eugene V. Muzychenko) [Datei ist nicht signiert]
R3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2015-06-29] (Echobit, LLC)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-01-31] (Intel Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-10-23] (Razer, Inc.)
S1 UsbCharger; C:\Windows\System32\DRIVERS\UsbCharger.sys [21072 2013-03-27] ()
S3 cpuz134; \??\C:\Users\Stephan\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 MSICDSetup; \??\E:\CDriver64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-04 17:29 - 2015-08-04 17:29 - 00021903 _____ C:\Users\Stephan\Downloads\FRST.txt
2015-08-04 17:29 - 2015-08-04 17:29 - 00000000 ____D C:\Users\Stephan\Downloads\FRST-OlderVersion
2015-08-04 17:27 - 2015-08-04 17:27 - 00002358 _____ C:\Users\Stephan\Desktop\JRT.txt
2015-08-04 17:23 - 2015-08-04 17:23 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Stephan\Downloads\JRT.exe
2015-08-04 17:22 - 2015-08-04 17:22 - 00004417 _____ C:\Users\Stephan\Desktop\AdwCleaner[S1].txt
2015-08-04 17:16 - 2015-08-04 17:16 - 02248704 _____ C:\Users\Stephan\Downloads\AdwCleaner_4.208.exe
2015-08-04 17:14 - 2015-08-04 17:14 - 00029273 _____ C:\mbam.txt
2015-08-04 16:56 - 2015-08-04 16:56 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Stephan\Downloads\mbam-setup-2.1.6.1022.exe
2015-08-04 16:56 - 2015-08-04 16:56 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-08-04 16:56 - 2015-08-04 16:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-04 16:56 - 2015-08-04 16:56 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-04 16:56 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-04 16:56 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-04 13:21 - 2015-08-04 13:21 - 00001162 _____ C:\Users\Stephan\Desktop\ComboFix - Verknüpfung.lnk
2015-08-04 10:14 - 2015-08-04 10:14 - 00037801 _____ C:\ComboFix.txt
2015-08-04 10:08 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-04 10:08 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-04 10:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-04 10:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-04 10:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-04 10:08 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-04 10:08 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-04 10:08 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-04 10:05 - 2015-08-04 10:14 - 00000000 ____D C:\Qoobox
2015-08-04 10:05 - 2015-08-04 10:13 - 00000000 ____D C:\Windows\erdnt
2015-08-04 10:05 - 2015-08-04 10:05 - 05634591 ____R (Swearware) C:\Users\Stephan\Downloads\ComboFix.exe
2015-08-03 15:55 - 2015-08-03 15:55 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Stephan\Desktop\tdsskiller.exe
2015-08-03 15:47 - 2015-08-04 17:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-03 15:47 - 2015-08-04 16:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-03 15:47 - 2015-08-03 15:54 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-03 15:45 - 2015-08-03 15:54 - 00000000 ____D C:\Users\Stephan\Desktop\mbar
2015-08-03 15:45 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-03 15:39 - 2015-08-03 15:39 - 00000742 _____ C:\Users\Stephan\Desktop\Revo Uninstaller.lnk
2015-08-02 15:09 - 2015-08-02 15:09 - 00000000 ____D C:\Users\Stephan\Desktop\Anti-Maleware Forum Datein
2015-08-02 13:44 - 2015-08-02 13:44 - 00380416 _____ C:\Users\Stephan\Downloads\Gmer-19357.exe
2015-08-02 13:43 - 2015-08-04 17:29 - 00000000 ____D C:\FRST
2015-08-02 13:42 - 2015-08-04 17:29 - 02169856 _____ (Farbar) C:\Users\Stephan\Downloads\FRST64.exe
2015-08-02 13:41 - 2015-08-02 13:41 - 00000000 _____ C:\Users\Stephan\defogger_reenable
2015-08-02 13:40 - 2015-08-02 13:40 - 00050477 _____ C:\Users\Stephan\Desktop\Defogger.exe
2015-08-02 13:24 - 2015-08-02 13:24 - 00000725 _____ C:\Users\Public\Desktop\Spellforce Platinum.lnk
2015-08-02 13:24 - 2015-08-02 13:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nordic Games
2015-08-02 08:30 - 2015-08-02 13:05 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArtMoney
2015-08-02 00:29 - 2015-08-04 11:16 - 00000000 ____D C:\Users\Stephan\Documents\SpellForce
2015-08-01 21:02 - 2015-08-01 21:02 - 00000000 ____D C:\Users\Stephan\AppData\Local\Chromium
2015-08-01 19:19 - 2015-08-01 19:19 - 00000685 _____ C:\Users\Stephan\Desktop\CABAL2 (US).lnk
2015-08-01 19:19 - 2015-08-01 19:19 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CABAL2 (US)
2015-07-30 13:13 - 2015-07-23 06:06 - 42730128 _____ C:\Windows\system32\nvcompiler.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 30487880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 22950544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 16151688 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 14503880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 13268712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 11836680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 11055248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-30 13:13 - 2015-07-23 06:06 - 02933576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 02600592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 01101856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 01061008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 01053000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 00983368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 00976528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 00940104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 00503592 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-30 13:13 - 2015-07-23 06:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-30 13:13 - 2015-07-23 02:46 - 00572232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-30 13:05 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-30 13:05 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-29 21:29 - 2015-07-29 21:31 - 00000000 ____D C:\Users\Stephan\AppData\Local\ftblauncher
2015-07-29 21:29 - 2015-07-29 21:30 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\ftblauncher
2015-07-29 21:27 - 2015-07-29 21:27 - 06628862 _____ () C:\Users\Stephan\Downloads\FTB_Launcher.exe
2015-07-28 15:01 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 15:01 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 15:01 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 15:01 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 15:01 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 15:01 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 15:01 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 15:01 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 22:49 - 2015-07-27 22:49 - 00000000 ____D C:\ProgramData\PopCap Games
2015-07-27 22:36 - 2015-07-27 22:36 - 00000000 ____D C:\Users\Stephan\AppData\Local\ESN
2015-07-27 22:33 - 2015-07-27 22:33 - 01640768 _____ C:\Users\Stephan\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-07-26 16:02 - 2015-07-26 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-07-24 21:47 - 2015-07-24 21:47 - 00000000 ____D C:\Users\Stephan\Tracing
2015-07-24 21:46 - 2015-08-04 17:19 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Skype
2015-07-24 21:46 - 2015-07-24 21:46 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-24 21:46 - 2015-07-24 21:46 - 00000000 ____D C:\Users\Stephan\AppData\Local\Skype
2015-07-24 21:46 - 2015-07-24 21:46 - 00000000 ____D C:\ProgramData\Skype
2015-07-24 21:46 - 2015-07-24 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-07-22 21:44 - 2015-07-22 21:44 - 00001701 _____ C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\BlueStacks.lnk
2015-07-22 21:44 - 2015-07-22 21:44 - 00000000 ____D C:\ProgramData\BlueStacksGameManager
2015-07-22 21:43 - 2015-07-22 21:43 - 00000000 ____D C:\ProgramData\BlueStacks
2015-07-22 21:43 - 2015-07-22 21:43 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-07-22 21:39 - 2015-07-22 21:48 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-22 21:39 - 2015-07-22 21:39 - 00000000 ____D C:\Users\Stephan\AppData\Local\Bluestacks
2015-07-22 14:28 - 2015-07-22 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-07-22 14:28 - 2015-07-22 14:28 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-07-21 18:32 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 18:32 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 18:32 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 18:32 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 18:32 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 18:32 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 18:32 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 18:32 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 18:32 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 18:32 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-19 16:59 - 2015-07-19 17:12 - 00000022 _____ C:\Windows\GPU-Z.INI
2015-07-19 16:59 - 2015-07-19 16:59 - 00000000 ____D C:\Users\Stephan\Documents\3DMark
2015-07-19 16:59 - 2015-07-19 16:59 - 00000000 ____D C:\Users\Stephan\AppData\Local\Futuremark
2015-07-19 16:58 - 2015-07-19 16:58 - 00000000 ____D C:\Program Files (x86)\Futuremark
2015-07-19 16:55 - 2015-07-19 16:55 - 05380796 _____ C:\Users\Stephan\Downloads\p95v286.win64.zip
2015-07-19 16:55 - 2015-07-19 16:55 - 05380796 _____ C:\Users\Stephan\Downloads\p95v286.win64 (1).zip
2015-07-17 19:16 - 2015-07-17 19:16 - 00000137 _____ C:\Users\Stephan\Desktop\Skyforge My.com.url
2015-07-17 19:16 - 2015-07-17 19:16 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com
2015-07-15 21:49 - 2015-07-15 21:49 - 00000000 ____D C:\Users\Stephan\AppData\Local\The Lord of the Rings Online
2015-07-15 14:59 - 2015-07-15 22:13 - 00000000 ____D C:\Users\Stephan\Documents\The Lord of the Rings Online
2015-07-15 14:59 - 2015-07-15 16:40 - 00000000 ____D C:\Users\Stephan\AppData\Local\Turbine
2015-07-15 10:54 - 2015-07-15 10:54 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Trove
2015-07-15 09:09 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 09:09 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 09:09 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 09:09 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 09:09 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 09:09 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 09:09 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 09:09 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 09:09 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 09:09 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 09:09 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 09:09 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 09:08 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 09:08 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 09:08 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 09:08 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 09:08 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 09:08 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 09:08 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 09:08 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 09:08 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 09:08 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 09:08 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 09:08 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 09:08 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 09:08 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 09:08 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 09:08 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 09:08 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 09:08 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 09:08 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 09:08 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 09:08 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 09:08 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 09:08 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 09:08 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 09:08 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 09:08 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 09:08 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 09:08 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 09:08 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 09:08 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 09:08 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 09:08 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 09:08 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 09:08 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 09:08 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 09:08 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 09:08 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 09:08 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 09:08 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 09:08 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 09:08 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 09:08 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 09:08 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 09:08 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 09:08 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 09:08 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 09:08 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 09:08 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 09:08 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 09:08 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 09:08 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 09:08 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 09:08 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 09:08 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 09:08 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 09:08 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 09:08 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 09:08 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 09:08 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 09:08 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 09:08 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 09:08 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 09:08 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 09:08 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 09:08 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 09:08 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 09:08 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 09:08 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 09:08 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 09:08 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 09:08 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 09:08 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 09:08 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 09:08 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 09:08 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 09:08 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 09:08 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 09:08 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 09:08 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 09:08 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 09:08 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 09:08 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 09:08 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 09:08 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 09:08 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 09:08 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 09:08 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 09:08 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 09:08 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 09:08 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 09:08 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 09:08 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 09:08 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 09:08 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 09:08 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 09:08 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 09:08 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 09:08 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 09:08 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 09:08 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 09:08 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 09:08 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 09:08 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 09:08 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 09:08 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 09:08 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 09:08 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 09:08 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 09:08 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 09:08 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 09:08 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 09:08 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 09:08 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 09:08 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 09:08 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 09:08 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 09:08 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 09:08 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 09:08 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 09:08 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 09:08 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 09:08 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 09:08 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 09:08 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 09:08 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 09:08 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 09:08 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 09:08 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 09:08 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-10 19:29 - 2015-07-28 16:08 - 00000000 ____D C:\$Windows.~BT
2015-07-07 21:14 - 2015-07-07 21:14 - 12455424 _____ (Frontier Developments ) C:\Users\Stephan\Downloads\EliteDangerous-Client-Installer.exe
2015-07-07 16:01 - 2015-07-07 16:01 - 00003082 _____ C:\Windows\System32\Tasks\{1F65621A-B30B-46B1-B1BC-E7D43EB06BC1}
2015-07-05 21:41 - 2015-07-05 21:41 - 00000721 _____ C:\Users\Public\Desktop\World of Warships.lnk
2015-07-05 21:41 - 2015-07-05 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warships
2015-07-05 12:30 - 2015-07-05 12:30 - 00001096 _____ C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall NeoEE Patch.lnk
2015-07-05 12:30 - 2015-07-05 12:30 - 00000698 _____ C:\Users\Stephan\Desktop\NeoEE AOC.lnk
2015-07-05 12:30 - 2015-07-05 12:30 - 00000698 _____ C:\Users\Stephan\Desktop\Neo Empire Earth.lnk
2015-07-05 12:30 - 2015-07-05 12:30 - 00000000 __HDC C:\Users\Stephan\AppData\Local\{36EEC81A-9FA8-4011-A6A0-BA286CC96810}
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-04 17:24 - 2009-07-14 06:45 - 00035088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 17:24 - 2009-07-14 06:45 - 00035088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-04 17:22 - 2014-11-16 22:32 - 01313449 _____ C:\Windows\WindowsUpdate.log
2015-08-04 17:21 - 2015-05-03 14:32 - 00006467 _____ C:\Windows\SysWOW64\Gms.log
2015-08-04 17:19 - 2015-06-17 13:36 - 00035408 _____ C:\Windows\PFRO.log
2015-08-04 17:19 - 2015-06-17 13:36 - 00011724 _____ C:\Windows\setupact.log
2015-08-04 17:19 - 2015-05-27 11:45 - 00000000 ____D C:\Users\Stephan\AppData\Local\MyComGames
2015-08-04 17:19 - 2015-04-02 15:25 - 00000000 ____D C:\Users\Stephan\AppData\Local\Deployment
2015-08-04 17:19 - 2015-01-29 21:21 - 00000000 ____D C:\Users\Stephan\AppData\Local\LogMeIn Hamachi
2015-08-04 17:19 - 2014-11-16 23:24 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-04 17:19 - 2014-11-16 22:36 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-04 17:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 17:18 - 2015-05-28 12:39 - 00000000 ____D C:\AdwCleaner
2015-08-04 17:17 - 2014-11-17 07:27 - 00700454 _____ C:\Windows\system32\perfh007.dat
2015-08-04 17:17 - 2014-11-17 07:27 - 00150092 _____ C:\Windows\system32\perfc007.dat
2015-08-04 17:17 - 2009-07-14 07:13 - 01624034 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 17:11 - 2015-04-02 15:25 - 00000000 ____D C:\Users\Stephan\AppData\Local\Apps\2.0
2015-08-04 17:11 - 2014-12-28 14:57 - 00000000 ____D C:\Windows\C5C1C0F0D62F4DBF81D4D7EF397C228B.TMP
2015-08-04 17:09 - 2015-06-11 19:09 - 00000653 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-04 17:09 - 2014-11-16 22:36 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-04 17:05 - 2014-11-16 22:36 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-04 16:47 - 2014-11-18 16:42 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-04 10:14 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-04 10:13 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-04 10:12 - 2009-07-14 04:34 - 71303168 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-08-04 10:12 - 2009-07-14 04:34 - 44302336 _____ C:\Windows\system32\config\COMPONENTS.bak
2015-08-04 10:12 - 2009-07-14 04:34 - 21495808 _____ C:\Windows\system32\config\SYSTEM.bak
2015-08-04 10:12 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-08-04 10:12 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-08-04 10:12 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-08-03 19:14 - 2015-01-24 22:47 - 00000000 ____D C:\Users\Stephan\Documents\Assassin's Creed Unity
2015-08-02 18:57 - 2014-12-06 22:43 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\SpaceEngineers
2015-08-02 13:41 - 2014-11-16 22:32 - 00000000 ____D C:\Users\Stephan
2015-08-02 13:05 - 2015-02-08 15:30 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-01 23:05 - 2015-01-15 18:44 - 00000000 ____D C:\Users\Stephan\AppData\Local\Glyph
2015-08-01 22:57 - 2015-05-03 14:59 - 00000913 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-08-01 22:57 - 2014-11-26 20:31 - 00000000 ____D C:\Users\Stephan\AppData\Local\Battle.net
2015-08-01 19:20 - 2015-05-05 08:52 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-07-30 13:14 - 2014-11-17 00:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-30 13:14 - 2014-11-16 23:24 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-29 21:25 - 2015-03-29 19:04 - 00000000 ____D C:\Users\Stephan\Desktop\Minecraft FTB
2015-07-28 22:59 - 2014-11-17 00:14 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 16:11 - 2014-11-17 07:28 - 00000000 ____D C:\Windows\Panther
2015-07-28 10:28 - 2014-11-30 13:49 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-27 23:18 - 2014-11-27 15:30 - 00000000 ____D C:\ProgramData\Origin
2015-07-27 23:12 - 2015-06-29 16:46 - 00038250 _____ C:\Windows\DirectX.log
2015-07-27 23:11 - 2014-11-16 22:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-27 23:11 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-27 22:39 - 2014-11-30 13:49 - 00214392 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-27 22:05 - 2014-11-17 01:21 - 00000000 ___RD C:\Users\Stephan\Desktop\Programme (monatlich Updaten)
2015-07-25 19:02 - 2014-11-19 18:31 - 00000000 ____D C:\Users\Stephan\Documents\My Games
2015-07-25 10:04 - 2015-04-04 11:28 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-24 06:21 - 2014-11-17 00:30 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2014-11-17 00:30 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-24 06:21 - 2014-11-17 00:30 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-24 06:21 - 2014-11-17 00:30 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-23 20:18 - 2015-04-25 14:18 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-07-23 06:06 - 2015-06-24 20:24 - 15129192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-23 06:06 - 2015-04-14 15:31 - 03008880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-23 06:06 - 2014-11-17 00:34 - 17615408 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-23 06:06 - 2014-11-17 00:34 - 15892200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-23 06:06 - 2014-11-17 00:27 - 12876336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-23 06:06 - 2014-11-17 00:27 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-23 06:06 - 2014-11-17 00:27 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-23 06:06 - 2014-08-19 23:14 - 03407144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-23 06:06 - 2014-08-19 23:14 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-07-23 03:31 - 2014-11-16 23:24 - 06873744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-23 03:31 - 2014-11-16 23:24 - 03493008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-07-23 03:31 - 2014-11-16 23:24 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-23 03:31 - 2014-11-16 23:24 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-23 03:31 - 2014-11-16 23:24 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-23 03:31 - 2014-11-16 23:24 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-22 21:43 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-22 14:57 - 2015-05-22 14:06 - 00000000 ____D C:\Users\Stephan\Documents\The Witcher 3
2015-07-22 14:28 - 2009-07-14 06:45 - 00304024 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 22:01 - 2015-05-22 14:06 - 00000000 ____D C:\Users\Stephan\AppData\Local\GalaxyCommunicationService
2015-07-21 21:59 - 2015-05-22 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2015-07-20 16:16 - 2014-11-16 23:24 - 05121613 _____ C:\Windows\system32\nvcoproc.bin
2015-07-19 16:59 - 2015-05-03 12:38 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-17 23:29 - 2015-04-04 11:28 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 16:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 21:05 - 2014-11-16 22:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-15 23:45 - 2014-12-10 16:29 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 23:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 23:42 - 2014-11-16 23:07 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 23:00 - 2014-11-16 22:36 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 23:00 - 2014-11-16 22:36 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 16:47 - 2014-11-18 16:42 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 16:47 - 2014-11-18 16:42 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 16:47 - 2014-11-17 17:02 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 12:09 - 2015-05-08 21:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-07-15 11:37 - 2015-05-08 21:02 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 11:44 - 2015-04-15 15:19 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-07-08 20:38 - 2014-11-16 22:43 - 00065248 _____ C:\Users\Stephan\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-08 20:10 - 2014-11-27 15:31 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\Origin
2015-07-08 20:08 - 2014-11-22 16:21 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\vlc
2015-07-08 20:01 - 2014-11-22 16:22 - 00000000 ____D C:\Users\Stephan\AppData\Roaming\dvdcss
2015-07-07 21:14 - 2014-12-31 23:40 - 00000664 _____ C:\Users\Public\Desktop\Elite Dangerous Launcher.lnk
2015-07-06 23:03 - 2014-11-16 22:36 - 00000000 ____D C:\Users\Stephan\AppData\Local\Google
2015-07-05 12:09 - 2015-07-02 20:16 - 00000435 _____ C:\Windows\SIERRA.INI
2015-07-05 12:09 - 2015-07-02 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-05 09:49 - 2015-07-03 08:08 - 00021840 ____T C:\Windows\SysWOW64\SIntfNT.dll
2015-07-05 09:49 - 2015-07-03 08:08 - 00017212 ____T C:\Windows\SysWOW64\SIntf32.dll
2015-07-05 09:49 - 2015-07-03 08:08 - 00012067 ____T C:\Windows\SysWOW64\SIntf16.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-13 18:51 - 2014-12-13 19:17 - 0000098 _____ () C:\Users\Stephan\AppData\Roaming\LauncherSettings_live.cfg
2014-12-13 17:43 - 2014-12-13 18:07 - 0000040 _____ () C:\Users\Stephan\AppData\Roaming\TheHunterSettings_steam_live.cfg
Einige Dateien in TEMP:
====================
C:\Users\Stephan\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-02 18:22
==================== Ende von log ============================ |