| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: doppelt blaue Unterstreichungen im Browser / Adware entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.06.2014, 16:34
| #1 |
| |  doppelt blaue Unterstreichungen im Browser / Adware entfernen Hey , In letzer Zeit habe ich bemerkt das ich im Browser ( egal welchem ) doppelt unterstrichene Wörter habe. Natürlich habe ich mich sofort erkundigt was das ist und wie man es beheben kann.Dadurch habe ich erfahren das es Adware ist. Nun habe ich versucht mittels " adwcleaner_3-211 das problem zu beheben. Ich habe das Programm ausgeführt und es hat alles gelöscht und es ist ein Textdokument geöffnet worden dessen inhalt ich als Anhang geben werde. Trotzalldem habe ich diese Doppelunterstreichungen immernoch und würde gerne wissen wie ich das nun alle male beheben kann  Ich danke euch schonmal vorab für die Hilfe <3 |
|
05.06.2014, 16:44
| #2 |
| /// TB-Ausbilder   | doppelt blaue Unterstreichungen im Browser / Adware entfernen Hi,
__________________mach bitte einen FRST-Scan: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
05.06.2014, 17:00
| #3 |
| | doppelt blaue Unterstreichungen im Browser / Adware entfernen Hier sind die Dateien :
__________________ Aber seltsamer weise scannt er immer weiter und weiter , hat mir aber schon 3 mal gesagt wo die Dateien gespreichert sind  Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-06-2014
Ran by ShaRax at 2014-06-05 18:04:00
Running from C:\Users\ShaRax\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.2.1 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Aura Kingdom (HKLM-x32\...\Aura Kingdom) (Version: - )
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{0BED0B96-70B8-4893-884B-DC485DC8C1B7}) (Version: 0.8.10.3096 - BlueStack Systems, Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 3.13.294.84.14 - Infernum Productions AG)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.3.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG7100 series Benutzerregistrierung (HKLM-x32\...\Canon MG7100 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG7100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG7100_series) (Version: 1.00 - Canon Inc.)
Canon MP270 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
Elsword_DE (HKLM-x32\...\Elsword_DE_is1) (Version: - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Logitech GamePanel Software 3.05.151 (HKLM\...\{BF9FD124-1112-4C8D-8F79-779A11C6287D}) (Version: 3.05.151 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.41.216.2011 - Realtek)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 2.0.0.0 - Electronic Arts)
Sizer 3.34 (HKLM-x32\...\{DE43AA92-E8C0-4620-AFE2-FBD623C71643}) (Version: 3.3.4.0 - Brian Apps)
Skype™ 6.9 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.9.106 - Skype Technologies S.A.)
Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Update kb70007 (x32 Version: 1.0.0 - MSR) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare MobileGo for Android ( Version 4.2.0 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1) (Version: 4.2.0 - Wondershare)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Restore Points =========================
29-05-2014 11:40:51 Windows Update
29-05-2014 16:09:41 Uniblue SpeedUpMyPC installation
29-05-2014 16:51:17 Uniblue SpeedUpMyPC installation
02-06-2014 14:17:48 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {057E10C5-747B-48A1-8F68-E3C6792E1E20} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {67154BC3-DF9F-47DD-80C2-B96EB9BD8AF4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {6FC0B7D2-3ACF-4FBE-AEC2-035A573083BF} - System32\Tasks\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6} => C:\Program Files\V-bates\PrefHelper.exe
Task: {73B12DCC-207A-4EAF-A37B-8157599A431E} - System32\Tasks\AdobeAAMUpdater-1.0-ShaRax-PC-ShaRax => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {90232E99-9FDF-42CC-A276-19125190FEB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-18] (Google Inc.)
Task: {988ACF9F-548B-456A-823E-9637EC20F915} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3474377499-699924289-263119520-1000
Task: {A79B5C8E-8800-4BD1-9A3D-E9FD1C718D83} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-10-28 20:35 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-13 13:20 - 2013-12-13 13:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-05-29 18:09 - 2014-05-08 11:45 - 00018944 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
2014-05-10 16:38 - 2014-05-10 16:37 - 00014848 _____ () C:\Users\ShaRax\AppData\Local\Apps\2.0\55C84DKX.3L4\BDHX11GG.95V\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll
2014-05-10 16:38 - 2014-05-10 16:37 - 00035840 _____ () C:\Users\ShaRax\AppData\Local\Apps\2.0\55C84DKX.3L4\BDHX11GG.95V\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll
2014-05-10 16:38 - 2014-05-10 16:38 - 00099840 _____ () C:\Users\ShaRax\AppData\Local\Apps\2.0\55C84DKX.3L4\BDHX11GG.95V\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll
2013-12-13 13:20 - 2013-12-13 13:20 - 04696432 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-05-29 18:09 - 2014-05-08 11:45 - 00061952 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\InstallerLibrary.dll
2014-05-29 18:09 - 2014-05-08 11:45 - 00016896 _____ () C:\Windows\Microsoft\SystemUpdatekb70007\Installer.dll
2014-05-22 08:11 - 2014-04-30 02:08 - 01135104 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-24 16:24 - 2014-04-30 02:08 - 00471552 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-22 08:11 - 2014-04-30 02:08 - 00404992 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-10 14:22 - 2014-04-30 02:08 - 00340992 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-08-21 15:18 - 2014-05-17 03:36 - 00756224 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 08:11 - 2014-05-29 19:37 - 02139840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-05-22 08:11 - 2014-04-29 02:37 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2013-10-08 19:19 - 2014-05-29 19:36 - 01116864 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-09-10 15:20 - 2014-05-02 01:35 - 20628160 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 16:49 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 16:49 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 16:49 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-06-05 17:16 - 2014-06-05 17:16 - 00086528 _____ () C:\Program Files (x86)\MSR\Privoxy\mgwz.dll
2013-12-11 22:45 - 2013-07-24 10:24 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2014-03-13 16:56 - 2014-03-13 16:56 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-03-13 16:56 - 2014-03-13 16:56 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-13 16:56 - 2014-03-13 16:56 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2013-10-23 14:15 - 2014-03-13 16:56 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2013-10-23 14:15 - 2014-03-13 16:56 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-03-13 16:56 - 2014-03-13 16:56 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-13 16:56 - 2014-03-13 16:56 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2013-10-23 14:15 - 2014-03-13 16:56 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-10-23 14:15 - 2014-03-13 16:56 - 00483784 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-13 16:56 - 2014-03-13 16:56 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2013-12-19 11:49 - 2013-12-19 11:49 - 32733080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-05-30 13:56 - 2014-05-07 04:27 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-13 21:36 - 2014-05-13 21:36 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-05-02 17:59 - 2014-05-02 17:59 - 26118656 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4511\libcef.dll
2014-05-02 17:59 - 2014-05-02 17:59 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4511\libglesv2.dll
2014-05-02 17:59 - 2014-05-02 17:59 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.4511\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/05/2014 03:21:51 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/04/2014 00:39:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 7.0.450.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2b64
Startzeit: 01cf7f7c6e3347d9
Endzeit: 39
Anwendungspfad: C:\Program Files\Java\jre7\bin\javaw.exe
Berichts-ID: e2961e19-eb6f-11e3-8d74-5404a6a7621f
Error: (06/03/2014 05:08:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HD-Frontend.exe, Version: 0.8.10.3096, Zeitstempel: 0x537cc72e
Name des fehlerhaften Moduls: OPENGL32.DLL, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdadb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000416c
ID des fehlerhaften Prozesses: 0x9bc
Startzeit der fehlerhaften Anwendung: 0xHD-Frontend.exe0
Pfad der fehlerhaften Anwendung: HD-Frontend.exe1
Pfad des fehlerhaften Moduls: HD-Frontend.exe2
Berichtskennung: HD-Frontend.exe3
Error: (06/03/2014 04:36:12 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/03/2014 04:52:53 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (06/03/2014 03:07:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HD-Frontend.exe, Version: 0.8.10.3096, Zeitstempel: 0x537cc72e
Name des fehlerhaften Moduls: OPENGL32.DLL, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdadb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000416c
ID des fehlerhaften Prozesses: 0x5bc
Startzeit der fehlerhaften Anwendung: 0xHD-Frontend.exe0
Pfad der fehlerhaften Anwendung: HD-Frontend.exe1
Pfad des fehlerhaften Moduls: HD-Frontend.exe2
Berichtskennung: HD-Frontend.exe3
Error: (06/03/2014 02:48:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HD-Frontend.exe, Version: 0.8.10.3096, Zeitstempel: 0x537cc72e
Name des fehlerhaften Moduls: OPENGL32.DLL, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdadb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000416c
ID des fehlerhaften Prozesses: 0x1ed4
Startzeit der fehlerhaften Anwendung: 0xHD-Frontend.exe0
Pfad der fehlerhaften Anwendung: HD-Frontend.exe1
Pfad des fehlerhaften Moduls: HD-Frontend.exe2
Berichtskennung: HD-Frontend.exe3
Error: (06/03/2014 02:42:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HD-Frontend.exe, Version: 0.8.10.3096, Zeitstempel: 0x537cc72e
Name des fehlerhaften Moduls: OPENGL32.DLL, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bdadb
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000416c
ID des fehlerhaften Prozesses: 0x19d4
Startzeit der fehlerhaften Anwendung: 0xHD-Frontend.exe0
Pfad der fehlerhaften Anwendung: HD-Frontend.exe1
Pfad des fehlerhaften Moduls: HD-Frontend.exe2
Berichtskennung: HD-Frontend.exe3
Error: (06/02/2014 09:06:45 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/02/2014 08:40:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
System errors:
=============
Error: (06/05/2014 05:22:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (06/05/2014 05:17:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/05/2014 05:17:21 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.
Error: (06/05/2014 05:16:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "fpvoixdaog64" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/05/2014 05:10:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (06/05/2014 05:05:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/05/2014 05:05:13 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LogMeIn Hamachi Tunneling Engine erreicht.
Error: (06/05/2014 05:04:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "fpvoixdaog64" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/05/2014 02:48:57 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (06/05/2014 02:44:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (06/05/2014 03:21:51 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/04/2014 00:39:21 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe7.0.450.182b6401cf7f7c6e3347d939C:\Program Files\Java\jre7\bin\javaw.exee2961e19-eb6f-11e3-8d74-5404a6a7621f
Error: (06/03/2014 05:08:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: HD-Frontend.exe0.8.10.3096537cc72eOPENGL32.DLL6.1.7600.163854a5bdadbc00000050000416c9bc01cf7f3cd2eb73cfC:\Program Files (x86)\BlueStacks\HD-Frontend.exeC:\Windows\system32\OPENGL32.DLLe6c034c9-eb30-11e3-8d74-5404a6a7621f
Error: (06/03/2014 04:36:12 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/03/2014 04:52:53 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
Error: (06/03/2014 03:07:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HD-Frontend.exe0.8.10.3096537cc72eOPENGL32.DLL6.1.7600.163854a5bdadbc00000050000416c5bc01cf7ec65f80cae9C:\Program Files (x86)\BlueStacks\HD-Frontend.exeC:\Windows\system32\OPENGL32.DLL5f068dfd-eabb-11e3-ab11-5404a6a7621f
Error: (06/03/2014 02:48:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HD-Frontend.exe0.8.10.3096537cc72eOPENGL32.DLL6.1.7600.163854a5bdadbc00000050000416c1ed401cf7ec4c1102db8C:\Program Files (x86)\BlueStacks\HD-Frontend.exeC:\Windows\system32\OPENGL32.DLLd0c321f5-eab8-11e3-ab11-5404a6a7621f
Error: (06/03/2014 02:42:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: HD-Frontend.exe0.8.10.3096537cc72eOPENGL32.DLL6.1.7600.163854a5bdadbc00000050000416c19d401cf7ec39f0960d1C:\Program Files (x86)\BlueStacks\HD-Frontend.exeC:\Windows\system32\OPENGL32.DLLfc7d0903-eab7-11e3-ab11-5404a6a7621f
Error: (06/02/2014 09:06:45 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005
Error: (06/02/2014 08:40:44 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
==================== Memory info ===========================
Percentage of memory in use: 42%
Total physical RAM: 8175.11 MB
Available physical RAM: 4671.64 MB
Total Pagefile: 16348.41 MB
Available Pagefile: 11662.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:596.07 GB) (Free:206.91 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (D3_2.0.0) (CDROM) (Total:7.69 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 4475F062)
Partition 1: (Active) - (Size=596 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014
Ran by ShaRax (administrator) on SHARAX-PC on 05-06-2014 18:03:17
Running from C:\Users\ShaRax\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(The Privoxy team - www.privoxy.org) C:\Program Files (x86)\MSR\Privoxy\privoxy.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Wondershare) C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
(Curse) C:\Users\ShaRax\AppData\Local\Apps\2.0\55C84DKX.3L4\BDHX11GG.95V\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(CANON INC.) C:\Program Files (x86)\Canon\My Image Garden\cnmigmain.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4511\Battle.net.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-06-11] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2413128 2010-06-11] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-06-11] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [Driver Genius] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [fst_de_18] => [X]
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-31] (Microsoft Corporation)
HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20473504 2013-10-02] (Skype Technologies S.A.)
HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Wondershare Helper Compact] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)
HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [TeamSpeak 3 Client] => C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe [9266120 2014-03-13] (TeamSpeak Systems GmbH)
HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\ShaRax\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [GoogleChromeAutoLaunch_A33A7CD9AFDF27921783C41AE11FDF24] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-02] (Google Inc.)
HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\MountPoints2: {ca34c627-3ffb-11e3-8308-806e6f6e6963} - "D:\Diablo III Setup.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk
ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe (Wondershare)
Startup: C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFE82CDD20AD4CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\ShaRax\AppData\Roaming\Mozilla\Firefox\Profiles\fte27z7g.default
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 1
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
CHR HomePage:
CHR Extension: (Google Docs) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-18]
CHR Extension: (Google Drive) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-18]
CHR Extension: (YouTube) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-18]
CHR Extension: (Google-Suche) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-18]
CHR Extension: (No Name) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe [2014-05-29]
CHR Extension: (Google Wallet) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18]
CHR Extension: (Google Mail) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation)
R2 SystemUpdatekb70007; C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe [18944 2014-05-08] ()
S2 fpvoixdaog64; C:\Program Files\002\fpvoixdaog64.exe run options=01110010020000000000000000000000 sourceguid=106056F7-36E2-4861-97FC-AD47C9832713 [X]
==================== Drivers (Whitelisted) ====================
S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40808 2013-12-11] (Google Inc)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems)
S3 hxsyol; C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [86352 2013-11-27] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-05 17:55 - 2014-06-05 17:55 - 00000000 ____D () C:\Users\ShaRax\Desktop\Adware
2014-06-05 17:52 - 2014-06-05 18:03 - 00027877 _____ () C:\Users\ShaRax\Desktop\Addition.txt
2014-06-05 17:51 - 2014-06-05 18:03 - 00000000 ____D () C:\FRST
2014-06-05 17:50 - 2014-06-05 17:50 - 02068992 _____ (Farbar) C:\Users\ShaRax\Desktop\FRST64.exe
2014-06-05 17:22 - 2014-06-05 18:03 - 00016935 _____ () C:\Users\ShaRax\Desktop\FRST.txt
2014-06-05 17:16 - 2014-06-05 17:16 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-06-05 17:06 - 2014-06-05 17:06 - 00006886 _____ () C:\Users\ShaRax\Desktop\Adw cleaner dokument.txt
2014-06-05 17:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-05 16:59 - 2014-06-05 17:15 - 00000000 ____D () C:\AdwCleaner
2014-06-05 16:58 - 2014-06-05 16:58 - 01327971 _____ () C:\Users\ShaRax\Desktop\adwcleaner_3.211.exe
2014-06-03 03:03 - 2014-06-03 03:03 - 00007598 _____ () C:\Users\ShaRax\AppData\Local\Resmon.ResmonCfg
2014-06-03 02:28 - 2014-06-03 02:28 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-03 02:26 - 2014-06-03 02:34 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-03 02:26 - 2014-06-03 02:26 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Bluestacks
2014-05-30 23:00 - 2014-05-31 03:39 - 00000101 _____ () C:\Users\ShaRax\Desktop\Neues Textdokument (2).txt
2014-05-30 13:57 - 2014-05-30 13:57 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-30 13:57 - 2014-05-30 13:57 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-30 13:57 - 2014-05-30 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-30 13:50 - 2014-05-30 13:50 - 00283144 _____ (Mozilla) C:\Users\ShaRax\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-29 18:59 - 2014-05-29 19:01 - 00000000 ____D () C:\temp
2014-05-29 18:53 - 2014-05-29 18:53 - 00332800 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750370560_il4115363.exe
2014-05-29 18:52 - 2014-05-29 18:52 - 03500516 _____ () C:\Users\ShaRax\Downloads\Setup.rar
2014-05-29 18:50 - 2014-05-29 18:59 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Genesis_05291650
2014-05-29 18:48 - 2014-05-29 18:48 - 00332800 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750346404_il4115363.exe
2014-05-29 18:34 - 2014-05-29 18:36 - 17819328 _____ (Tracker Software Products Ltd ) C:\Users\ShaRax\Downloads\PDFX308Vwer.exe
2014-05-29 18:30 - 2014-05-29 18:30 - 05138022 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack.rar
2014-05-28 17:00 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-28 16:55 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-28 16:55 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-28 16:55 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-28 16:39 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-05-28 16:39 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-05-28 15:37 - 2014-05-28 15:37 - 11522868 _____ () C:\Users\ShaRax\Downloads\JustProBros Faithful [1.6.2] V1.4.zip
2014-05-28 13:32 - 2013-08-26 23:08 - 00000184 ____R () C:\Users\ShaRax\Desktop\DxtoryLicenceFile.dxtorylic
2014-05-28 13:31 - 2014-05-30 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-05-28 13:31 - 2013-03-24 17:43 - 00569344 _____ (Dxtory Software) C:\Users\ShaRax\Desktop\Dxtory.exe
2014-05-28 13:31 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll
2014-05-28 13:31 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec.dll
2014-05-28 13:29 - 2014-05-28 13:29 - 00715038 _____ () C:\Windows\unins000.exe
2014-05-28 13:28 - 2014-05-28 13:28 - 00443445 _____ ( ) C:\Users\ShaRax\Downloads\LagarithSetup_1327.exe
2014-05-28 13:27 - 2014-05-28 13:27 - 04062691 _____ () C:\Users\ShaRax\Downloads\Dxtory 2.0.122 + Neue License File.rar
2014-05-27 15:40 - 2014-05-27 15:40 - 06029100 _____ () C:\Users\ShaRax\Downloads\EdtheGs Pack.zip
2014-05-27 15:39 - 2014-05-27 15:40 - 06439845 _____ () C:\Users\ShaRax\Downloads\TheStripesPackBoy.zip
2014-05-27 15:39 - 2014-05-27 15:39 - 32573771 _____ () C:\Users\ShaRax\Downloads\SlothCraft V3.zip
2014-05-27 15:38 - 2014-05-27 15:38 - 24888563 _____ () C:\Users\ShaRax\Downloads\Rizeax TeamTigerz Edit.zip
2014-05-27 15:36 - 2014-05-27 15:37 - 27259077 _____ () C:\Users\ShaRax\Downloads\RizeaxPvP Pack(Blue Bow).zip
2014-05-27 15:35 - 2014-05-27 15:35 - 22109109 _____ () C:\Users\ShaRax\Downloads\RizeaxPvP Pack by Pieper25.zip
2014-05-26 15:53 - 2014-05-26 15:54 - 26377760 _____ () C:\Users\ShaRax\Downloads\Rizeax PvP Pack Final Version.zip
2014-05-23 18:41 - 2014-05-23 18:42 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\.technic
2014-05-23 13:41 - 2014-05-23 13:41 - 00000000 __SHD () C:\Users\ShaRax\AppData\Local\EmieUserList
2014-05-23 13:41 - 2014-05-23 13:41 - 00000000 __SHD () C:\Users\ShaRax\AppData\Local\EmieSiteList
2014-05-23 12:03 - 2014-05-23 12:04 - 26481912 _____ () C:\Users\ShaRax\Downloads\TheFabo PvP.zip
2014-05-21 19:17 - 2014-05-28 14:19 - 00000516 _____ () C:\Users\ShaRax\Desktop\YT.txt
2014-05-21 17:55 - 2014-05-21 17:55 - 06020490 _____ () C:\Users\ShaRax\Downloads\faithful32pack.zip
2014-05-21 17:50 - 2014-05-21 17:51 - 45953248 _____ () C:\Users\ShaRax\Downloads\Faithful 128x Pack(2).zip
2014-05-17 22:07 - 2014-05-17 22:07 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-17 22:00 - 2014-05-17 22:00 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Aeria Games
2014-05-17 21:59 - 2014-05-17 21:59 - 00000000 ____D () C:\ProgramData\Aeria Games
2014-05-17 21:58 - 2014-05-17 21:58 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-05-17 21:58 - 2014-05-17 21:58 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Aeria Games & Entertainment
2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\Program Files (x86)\Aeria Games
2014-05-17 21:10 - 2014-05-17 21:52 - 00000000 ____D () C:\AeriaGames
2014-05-17 21:10 - 2014-05-17 21:10 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\ShaRax\Downloads\aurakingdom_us_downloader.exe
2014-05-17 15:14 - 2014-05-17 15:14 - 13423227 _____ () C:\Users\ShaRax\Downloads\Sphax PureBDcraft 64x MC17.zip
2014-05-17 14:58 - 2014-05-17 14:58 - 00713575 _____ () C:\Users\ShaRax\Downloads\shaderpacks.zip
2014-05-17 14:56 - 2014-05-17 14:56 - 00395853 _____ () C:\Users\ShaRax\Downloads\ShadersMod-v2.3.15mc1.7.5-installer.jar
2014-05-17 14:55 - 2014-05-17 14:55 - 00814735 _____ () C:\Users\ShaRax\Downloads\OptiFine_1.7.9_HD_U_D2.jar
2014-05-14 19:15 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-14 19:15 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-14 19:15 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-14 19:15 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-14 19:15 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-14 19:15 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-14 13:28 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-14 13:28 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-14 13:28 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-14 13:28 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-14 13:27 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-14 13:27 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-14 13:27 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-14 13:27 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-14 13:27 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-14 13:27 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-14 13:27 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-14 13:27 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-14 13:27 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-14 13:27 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-14 13:27 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-14 13:27 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-14 13:27 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-14 13:27 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-14 13:27 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-14 13:27 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-14 13:27 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-14 13:27 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-14 13:27 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-14 13:27 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-14 13:27 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-14 13:27 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-14 13:27 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-14 13:27 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-14 13:27 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-14 13:27 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-14 13:27 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-14 13:27 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-14 13:27 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-14 13:27 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 13:18 - 2014-05-14 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 13:18 - 2014-05-14 13:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-10 17:44 - 2014-05-10 17:44 - 00496003 _____ () C:\Users\ShaRax\Downloads\PotatoUI-v2.4.1.zip
2014-05-10 17:43 - 2014-05-10 17:43 - 00002539 _____ () C:\Users\ShaRax\Downloads\LocalTime_0.4.zip
2014-05-10 17:33 - 2014-05-10 17:33 - 00067295 _____ () C:\Users\ShaRax\Downloads\SCastBar_v1.2.3_20140503.zip
2014-05-10 17:32 - 2014-05-10 17:32 - 00559982 _____ () C:\Users\ShaRax\Downloads\AuraMastery_1.4.3.zip
2014-05-10 17:28 - 2014-05-10 17:28 - 00044946 _____ () C:\Users\ShaRax\Downloads\GalaxyMeter-18.zip
2014-05-10 17:24 - 2014-05-10 17:24 - 00006305 _____ () C:\Users\ShaRax\Downloads\TrackMaster_0.5.2.zip
2014-05-10 16:39 - 2014-05-10 16:39 - 00000000 ____D () C:\Users\ShaRax\Documents\My Curse
2014-05-10 16:38 - 2014-05-10 16:46 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Curse Advertising
2014-05-10 16:38 - 2014-05-10 16:38 - 00000318 _____ () C:\Users\ShaRax\Desktop\Curse Client.appref-ms
2014-05-10 16:38 - 2014-05-10 16:38 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-05-10 16:35 - 2014-05-10 16:35 - 00402696 _____ () C:\Users\ShaRax\Downloads\setup (3).exe
2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\NCSOFT
2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\NCSOFT
2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Program Files (x86)\NCSOFT
2014-05-09 14:39 - 2014-05-30 18:07 - 10319832 _____ (NCSOFT) C:\Users\ShaRax\Desktop\Wildstar.exe
2014-05-09 14:39 - 2014-05-09 14:39 - 10527224 _____ (NCSOFT) C:\Users\ShaRax\Downloads\Wildstar.exe
2014-05-08 18:59 - 2014-05-08 18:59 - 01062288 _____ () C:\Users\ShaRax\Downloads\DS4-To-XInput-Wrapper-lnstall.exe
2014-05-08 18:59 - 2014-05-08 18:59 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Temp8cb780923f5e378742f738c16a362bd6
2014-05-08 18:54 - 2014-05-08 18:54 - 04117346 _____ () C:\Users\ShaRax\Downloads\MotioninJoy_071001_signed.zip
2014-05-07 14:30 - 2014-05-14 19:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 16:15 - 2014-05-06 16:15 - 00001456 _____ () C:\Users\ShaRax\AppData\Local\Adobe Für Web speichern 13.0 Prefs
==================== One Month Modified Files and Folders =======
2014-06-05 18:03 - 2014-06-05 17:52 - 00027877 _____ () C:\Users\ShaRax\Desktop\Addition.txt
2014-06-05 18:03 - 2014-06-05 17:51 - 00000000 ____D () C:\FRST
2014-06-05 18:03 - 2014-06-05 17:22 - 00016935 _____ () C:\Users\ShaRax\Desktop\FRST.txt
2014-06-05 18:03 - 2013-11-01 15:53 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Battle.net
2014-06-05 18:03 - 2013-10-28 20:13 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Temp
2014-06-05 18:00 - 2013-10-28 21:15 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Skype
2014-06-05 17:55 - 2014-06-05 17:55 - 00000000 ____D () C:\Users\ShaRax\Desktop\Adware
2014-06-05 17:50 - 2014-06-05 17:50 - 02068992 _____ (Farbar) C:\Users\ShaRax\Desktop\FRST64.exe
2014-06-05 17:44 - 2014-01-13 18:44 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6}.job
2014-06-05 17:34 - 2013-10-28 21:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-05 17:30 - 2009-07-14 06:45 - 00025184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-05 17:30 - 2009-07-14 06:45 - 00025184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-05 17:29 - 2014-04-18 02:13 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-05 17:25 - 2013-10-28 20:10 - 01550597 _____ () C:\Windows\WindowsUpdate.log
2014-06-05 17:21 - 2013-11-17 22:13 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Deployment
2014-06-05 17:21 - 2013-10-28 21:12 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\LogMeIn Hamachi
2014-06-05 17:20 - 2013-10-28 20:50 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-05 17:19 - 2013-10-28 20:43 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\TS3Client
2014-06-05 17:16 - 2014-06-05 17:16 - 00000000 ____D () C:\Program Files (x86)\MSR
2014-06-05 17:16 - 2014-04-18 02:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-05 17:16 - 2013-10-31 16:06 - 00176824 _____ () C:\Windows\PFRO.log
2014-06-05 17:16 - 2013-10-28 20:35 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-05 17:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-05 17:16 - 2009-07-14 06:51 - 00081367 _____ () C:\Windows\setupact.log
2014-06-05 17:15 - 2014-06-05 16:59 - 00000000 ____D () C:\AdwCleaner
2014-06-05 17:06 - 2014-06-05 17:06 - 00006886 _____ () C:\Users\ShaRax\Desktop\Adw cleaner dokument.txt
2014-06-05 17:02 - 2013-10-28 20:13 - 00000997 _____ () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-05 17:02 - 2013-10-28 20:13 - 00000000 ____D () C:\Users\ShaRax
2014-06-05 16:58 - 2014-06-05 16:58 - 01327971 _____ () C:\Users\ShaRax\Desktop\adwcleaner_3.211.exe
2014-06-05 02:00 - 2013-10-28 21:18 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Adobe
2014-06-04 00:41 - 2014-03-30 00:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\.minecraft
2014-06-03 03:07 - 2013-10-28 20:41 - 00000000 ____D () C:\Users\ShaRax\Desktop\Alle Ordner
2014-06-03 03:03 - 2014-06-03 03:03 - 00007598 _____ () C:\Users\ShaRax\AppData\Local\Resmon.ResmonCfg
2014-06-03 02:34 - 2014-06-03 02:26 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-06-03 02:28 - 2014-06-03 02:28 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-06-03 02:28 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-06-03 02:26 - 2014-06-03 02:26 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Bluestacks
2014-06-01 18:47 - 2013-10-28 21:07 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Spotify
2014-06-01 15:42 - 2013-10-28 21:08 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Spotify
2014-05-31 03:39 - 2014-05-30 23:00 - 00000101 _____ () C:\Users\ShaRax\Desktop\Neues Textdokument (2).txt
2014-05-30 18:07 - 2014-05-09 14:39 - 10319832 _____ (NCSOFT) C:\Users\ShaRax\Desktop\Wildstar.exe
2014-05-30 14:47 - 2014-05-28 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0
2014-05-30 13:58 - 2013-10-28 20:24 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Mozilla
2014-05-30 13:57 - 2014-05-30 13:57 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-30 13:57 - 2014-05-30 13:57 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-30 13:57 - 2014-05-30 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-30 13:57 - 2014-03-29 15:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-30 13:50 - 2014-05-30 13:50 - 00283144 _____ (Mozilla) C:\Users\ShaRax\Downloads\Firefox Setup Stub 29.0.1.exe
2014-05-30 11:32 - 2014-01-07 18:44 - 00000000 ____D () C:\Fraps
2014-05-29 19:01 - 2014-05-29 18:59 - 00000000 ____D () C:\temp
2014-05-29 18:59 - 2014-05-29 18:50 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Genesis_05291650
2014-05-29 18:53 - 2014-05-29 18:53 - 00332800 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750370560_il4115363.exe
2014-05-29 18:52 - 2014-05-29 18:52 - 03500516 _____ () C:\Users\ShaRax\Downloads\Setup.rar
2014-05-29 18:48 - 2014-05-29 18:48 - 00332800 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750346404_il4115363.exe
2014-05-29 18:36 - 2014-05-29 18:34 - 17819328 _____ (Tracker Software Products Ltd ) C:\Users\ShaRax\Downloads\PDFX308Vwer.exe
2014-05-29 18:30 - 2014-05-29 18:30 - 05138022 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack.rar
2014-05-29 00:34 - 2014-02-06 00:58 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Audacity
2014-05-28 17:01 - 2013-10-28 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-28 17:00 - 2013-10-28 20:35 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-28 16:40 - 2014-05-04 00:53 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\NVIDIA Corporation
2014-05-28 15:37 - 2014-05-28 15:37 - 11522868 _____ () C:\Users\ShaRax\Downloads\JustProBros Faithful [1.6.2] V1.4.zip
2014-05-28 14:19 - 2014-05-21 19:17 - 00000516 _____ () C:\Users\ShaRax\Desktop\YT.txt
2014-05-28 13:31 - 2014-03-05 15:06 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Dxtory Software
2014-05-28 13:29 - 2014-05-28 13:29 - 00715038 _____ () C:\Windows\unins000.exe
2014-05-28 13:29 - 2014-03-05 15:06 - 00003440 _____ () C:\Windows\unins000.dat
2014-05-28 13:28 - 2014-05-28 13:28 - 00443445 _____ ( ) C:\Users\ShaRax\Downloads\LagarithSetup_1327.exe
2014-05-28 13:27 - 2014-05-28 13:27 - 04062691 _____ () C:\Users\ShaRax\Downloads\Dxtory 2.0.122 + Neue License File.rar
2014-05-27 15:40 - 2014-05-27 15:40 - 06029100 _____ () C:\Users\ShaRax\Downloads\EdtheGs Pack.zip
2014-05-27 15:40 - 2014-05-27 15:39 - 06439845 _____ () C:\Users\ShaRax\Downloads\TheStripesPackBoy.zip
2014-05-27 15:39 - 2014-05-27 15:39 - 32573771 _____ () C:\Users\ShaRax\Downloads\SlothCraft V3.zip
2014-05-27 15:38 - 2014-05-27 15:38 - 24888563 _____ () C:\Users\ShaRax\Downloads\Rizeax TeamTigerz Edit.zip
2014-05-27 15:37 - 2014-05-27 15:36 - 27259077 _____ () C:\Users\ShaRax\Downloads\RizeaxPvP Pack(Blue Bow).zip
2014-05-27 15:35 - 2014-05-27 15:35 - 22109109 _____ () C:\Users\ShaRax\Downloads\RizeaxPvP Pack by Pieper25.zip
2014-05-26 15:54 - 2014-05-26 15:53 - 26377760 _____ () C:\Users\ShaRax\Downloads\Rizeax PvP Pack Final Version.zip
2014-05-23 18:42 - 2014-05-23 18:41 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\.technic
2014-05-23 13:41 - 2014-05-23 13:41 - 00000000 __SHD () C:\Users\ShaRax\AppData\Local\EmieUserList
2014-05-23 13:41 - 2014-05-23 13:41 - 00000000 __SHD () C:\Users\ShaRax\AppData\Local\EmieSiteList
2014-05-23 12:04 - 2014-05-23 12:03 - 26481912 _____ () C:\Users\ShaRax\Downloads\TheFabo PvP.zip
2014-05-21 17:55 - 2014-05-21 17:55 - 06020490 _____ () C:\Users\ShaRax\Downloads\faithful32pack.zip
2014-05-21 17:51 - 2014-05-21 17:50 - 45953248 _____ () C:\Users\ShaRax\Downloads\Faithful 128x Pack(2).zip
2014-05-20 04:44 - 2014-05-28 16:55 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-28 16:55 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 04:44 - 2014-05-28 16:55 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2014-05-04 01:00 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2013-10-28 20:35 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-05-20 04:44 - 2013-10-28 20:35 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-05-20 04:44 - 2013-10-28 20:30 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2013-10-28 20:30 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2013-10-28 20:30 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2013-10-28 20:30 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44 - 2013-10-28 20:30 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2013-10-28 20:35 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2013-10-28 20:35 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2013-10-28 20:35 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2013-10-28 20:35 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2013-10-28 20:35 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2013-10-28 20:35 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-28 17:00 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-17 22:07 - 2014-05-17 22:07 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-05-17 22:00 - 2014-05-17 22:00 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Aeria Games
2014-05-17 21:59 - 2014-05-17 21:59 - 00000000 ____D () C:\ProgramData\Aeria Games
2014-05-17 21:58 - 2014-05-17 21:58 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-05-17 21:58 - 2014-05-17 21:58 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Aeria Games & Entertainment
2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\Program Files (x86)\Aeria Games
2014-05-17 21:52 - 2014-05-17 21:10 - 00000000 ____D () C:\AeriaGames
2014-05-17 21:52 - 2014-01-22 22:08 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-05-17 21:10 - 2014-05-17 21:10 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\ShaRax\Downloads\aurakingdom_us_downloader.exe
2014-05-17 15:14 - 2014-05-17 15:14 - 13423227 _____ () C:\Users\ShaRax\Downloads\Sphax PureBDcraft 64x MC17.zip
2014-05-17 14:58 - 2014-05-17 14:58 - 00713575 _____ () C:\Users\ShaRax\Downloads\shaderpacks.zip
2014-05-17 14:56 - 2014-05-17 14:56 - 00395853 _____ () C:\Users\ShaRax\Downloads\ShadersMod-v2.3.15mc1.7.5-installer.jar
2014-05-17 14:55 - 2014-05-17 14:55 - 00814735 _____ () C:\Users\ShaRax\Downloads\OptiFine_1.7.9_HD_U_D2.jar
2014-05-15 01:49 - 2013-10-28 20:35 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-14 21:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-14 19:20 - 2013-10-28 20:13 - 00000000 ___RD () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 19:20 - 2013-10-28 20:13 - 00000000 ___RD () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-14 19:17 - 2014-05-07 14:30 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-14 19:15 - 2013-11-08 11:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-14 19:13 - 2013-11-08 11:29 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-14 17:57 - 2013-11-01 17:52 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-05-14 13:18 - 2014-05-14 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-14 13:18 - 2014-05-14 13:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-14 13:18 - 2014-02-11 01:48 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-05-13 21:36 - 2013-10-28 21:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-13 21:36 - 2013-10-28 21:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-13 21:36 - 2013-10-28 21:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-10 17:44 - 2014-05-10 17:44 - 00496003 _____ () C:\Users\ShaRax\Downloads\PotatoUI-v2.4.1.zip
2014-05-10 17:43 - 2014-05-10 17:43 - 00002539 _____ () C:\Users\ShaRax\Downloads\LocalTime_0.4.zip
2014-05-10 17:33 - 2014-05-10 17:33 - 00067295 _____ () C:\Users\ShaRax\Downloads\SCastBar_v1.2.3_20140503.zip
2014-05-10 17:32 - 2014-05-10 17:32 - 00559982 _____ () C:\Users\ShaRax\Downloads\AuraMastery_1.4.3.zip
2014-05-10 17:28 - 2014-05-10 17:28 - 00044946 _____ () C:\Users\ShaRax\Downloads\GalaxyMeter-18.zip
2014-05-10 17:24 - 2014-05-10 17:24 - 00006305 _____ () C:\Users\ShaRax\Downloads\TrackMaster_0.5.2.zip
2014-05-10 16:46 - 2014-05-10 16:38 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Curse Advertising
2014-05-10 16:39 - 2014-05-10 16:39 - 00000000 ____D () C:\Users\ShaRax\Documents\My Curse
2014-05-10 16:39 - 2013-10-29 20:13 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-05-10 16:38 - 2014-05-10 16:38 - 00000318 _____ () C:\Users\ShaRax\Desktop\Curse Client.appref-ms
2014-05-10 16:38 - 2014-05-10 16:38 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-05-10 16:35 - 2014-05-10 16:35 - 00402696 _____ () C:\Users\ShaRax\Downloads\setup (3).exe
2014-05-09 22:36 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-05-09 22:36 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-05-09 22:36 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-09 15:41 - 2013-12-05 22:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\NCSOFT
2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\NCSOFT
2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Program Files (x86)\NCSOFT
2014-05-09 14:39 - 2014-05-09 14:39 - 10527224 _____ (NCSOFT) C:\Users\ShaRax\Downloads\Wildstar.exe
2014-05-09 13:19 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-09 08:14 - 2014-05-14 13:28 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-14 13:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 22:24 - 2014-04-18 02:13 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-08 22:24 - 2014-04-18 02:13 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-08 18:59 - 2014-05-08 18:59 - 01062288 _____ () C:\Users\ShaRax\Downloads\DS4-To-XInput-Wrapper-lnstall.exe
2014-05-08 18:59 - 2014-05-08 18:59 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Temp8cb780923f5e378742f738c16a362bd6
2014-05-08 18:54 - 2014-05-08 18:54 - 04117346 _____ () C:\Users\ShaRax\Downloads\MotioninJoy_071001_signed.zip
2014-05-06 16:15 - 2014-05-06 16:15 - 00001456 _____ () C:\Users\ShaRax\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-05-06 16:15 - 2013-10-28 21:20 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Adobe
2014-05-06 06:40 - 2014-05-14 19:15 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-14 19:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-14 19:15 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-14 19:15 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-14 19:15 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-14 19:15 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
Some content of TEMP:
====================
C:\Users\ShaRax\AppData\Local\Temp\amazonicon_v4.exe
C:\Users\ShaRax\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\ShaRax\AppData\Local\Temp\amonetize_rrsavings.exe
C:\Users\ShaRax\AppData\Local\Temp\APNSetup.exe
C:\Users\ShaRax\AppData\Local\Temp\BackupSetup.exe
C:\Users\ShaRax\AppData\Local\Temp\Brave Frontier Hack 2014 Downloader__3687_i750346404_il4115363.exe
C:\Users\ShaRax\AppData\Local\Temp\Brave Frontier Hack 4 1 Downloader__3687_i780550428_il1118312.exe
C:\Users\ShaRax\AppData\Local\Temp\Creative Cloud Helper.exe
C:\Users\ShaRax\AppData\Local\Temp\CreativeCloudSet-Up.exe
C:\Users\ShaRax\AppData\Local\Temp\dxwebsetup.exe
C:\Users\ShaRax\AppData\Local\Temp\foxy_security.exe
C:\Users\ShaRax\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\ShaRax\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\ShaRax\AppData\Local\Temp\GetCC.dll
C:\Users\ShaRax\AppData\Local\Temp\GreyGraySetup.exe
C:\Users\ShaRax\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\ShaRax\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\ShaRax\AppData\Local\Temp\MSETUP4.EXE
C:\Users\ShaRax\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\ShaRax\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\ShaRax\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\ShaRax\AppData\Local\Temp\nvStInst.exe
C:\Users\ShaRax\AppData\Local\Temp\plus-hd-2-5.exe
C:\Users\ShaRax\AppData\Local\Temp\Quarantine.exe
C:\Users\ShaRax\AppData\Local\Temp\riftuninstall.exe
C:\Users\ShaRax\AppData\Local\Temp\sdanircmdc.exe
C:\Users\ShaRax\AppData\Local\Temp\sdapskill.exe
C:\Users\ShaRax\AppData\Local\Temp\sdaspwn.exe
C:\Users\ShaRax\AppData\Local\Temp\SendMsg.dll
C:\Users\ShaRax\AppData\Local\Temp\speedupmypc.exe
C:\Users\ShaRax\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\ShaRax\AppData\Local\Temp\tkVt87w899.exe
C:\Users\ShaRax\AppData\Local\Temp\v-bates.exe
C:\Users\ShaRax\AppData\Local\Temp\vbmz10.exe
C:\Users\ShaRax\AppData\Local\Temp\vcredist_x64.exe
C:\Users\ShaRax\AppData\Local\Temp\vcredist_x86.exe
C:\Users\ShaRax\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-05-29 02:00
==================== End Of Log ============================
Geändert von ShaRax (05.06.2014 um 17:06 Uhr) |
|
05.06.2014, 17:22
| #4 |
| /// TB-Ausbilder | doppelt blaue Unterstreichungen im Browser / Adware entfernen Hi, wie läuft der Rechner nach folgenden Schritten? Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter () C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 1
Task: {6FC0B7D2-3ACF-4FBE-AEC2-035A573083BF} - System32\Tasks\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6} => C:\Program Files\V-bates\PrefHelper.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: C:\Windows\Tasks\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: {057E10C5-747B-48A1-8F68-E3C6792E1E20} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
CHR Extension: (No Name) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe [2014-05-29]
R2 SystemUpdatekb70007; C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe [18944 2014-05-08] ()
S2 fpvoixdaog64; C:\Program Files\002\fpvoixdaog64.exe run options=01110010020000000000000000000000 sourceguid=106056F7-36E2-4861-97FC-AD47C9832713 [X]
C:\Windows\Microsoft\SystemUpdatekb70007
C:\Users\ShaRax\AppData\Local\Temp\*.exe
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 ESET Online Scanner
Schritt 4 Starte noch einmal FRST.
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
|
05.06.2014, 23:12
| #5 |
| | doppelt blaue Unterstreichungen im Browser / Adware entfernen Mein PC läuft absolut besser , ich weiss nicht woran es liegt aber ich habe jetzt statt 3 mb download 16mb , ich hab mich so extrem gewundert ( Extra bei diversen Speedtests getestet weil das ziemlich unwahrscheinlich ist aber es ist so :P )DIe blauen Unterstreichungen sind ausserdem auch weg <3 Danke dafür ! :* Aufjedenfall hier sind die txt dateien , wobei ESET ganze 3 Stunden gebraucht hat ! Der Fixlog : Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-06-2014
Ran by ShaRax at 2014-06-05 18:25:10 Run:1
Running from C:\Users\ShaRax\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
() C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:8118;https=127.0.0.1:8118
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 1
Task: {6FC0B7D2-3ACF-4FBE-AEC2-035A573083BF} - System32\Tasks\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6} => C:\Program Files\V-bates\PrefHelper.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Task: C:\Windows\Tasks\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: {057E10C5-747B-48A1-8F68-E3C6792E1E20} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
CHR Extension: (No Name) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe [2014-05-29]
R2 SystemUpdatekb70007; C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe [18944 2014-05-08] ()
S2 fpvoixdaog64; C:\Program Files\002\fpvoixdaog64.exe run options=01110010020000000000000000000000 sourceguid=106056F7-36E2-4861-97FC-AD47C9832713 [X]
C:\Windows\Microsoft\SystemUpdatekb70007
C:\Users\ShaRax\AppData\Local\Temp\*.exe
*****************
[2204] C:\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe => Process closed successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6FC0B7D2-3ACF-4FBE-AEC2-035A573083BF} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FC0B7D2-3ACF-4FBE-AEC2-035A573083BF} => Key deleted successfully.
C:\Windows\System32\Tasks\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6} => Key deleted successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
C:\Windows\Tasks\FF Watcher {17869826-3131-4D04-9F12-3BC4D3190FE6}.job => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{057E10C5-747B-48A1-8F68-E3C6792E1E20} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{057E10C5-747B-48A1-8F68-E3C6792E1E20} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Desk 365 RunAsStdUser => Key deleted successfully.
C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe => Moved successfully.
SystemUpdatekb70007 => Service deleted successfully.
fpvoixdaog64 => Service deleted successfully.
C:\Windows\Microsoft\SystemUpdatekb70007 => Moved successfully.
C:\Users\ShaRax\AppData\Local\Temp\*.exe => Moved successfully.
==== End of Fixlog ====
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 05.06.2014 Suchlauf-Zeit: 18:28:41 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.03.04.09 Rootkit Datenbank: v2014.02.20.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ShaRax Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 272135 Verstrichene Zeit: 17 Min, 26 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 2 PUP.Optional.ClickNMark.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\click-n-mark-5, In Quarantäne, [0148e8177703270f39e1ccf8a65deb15], PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-2.5, In Quarantäne, [3e0b6b94abcfe254239a008f6f93e11f], Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 1 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[4108a15e3446c3731330141b63a1ec14] Ordner: 0 (No malicious items detected) Dateien: 8 PUP.Optional.AdLyrics, C:\Users\ShaRax\AppData\Local\Temp\awh8348.tmp, In Quarantäne, [3118a55accae270fc7537321d9289070], PUP.Optional.SkyTech.A, C:\Users\ShaRax\AppData\Local\Temp\awh8490.tmp, In Quarantäne, [83c640bf97e379bd16052870837e56aa], MSIL.Solimba, C:\Users\ShaRax\AppData\Local\Temp\GetCC.dll, In Quarantäne, [67e246b9c9b169cdd8c3fa64bd4426da], PUP.Optional.WpManager, C:\Users\ShaRax\AppData\Local\Temp\fullpackage_temp1388788271\tmp\NewGdp.exe, In Quarantäne, [2a1f11ee7109b581e77e831fa55ca35d], PUP.Optional.SpeedUpMyPC, C:\Users\ShaRax\AppData\Local\Temp\is-5TMO8.tmp\SpeedUpMyPC-standalone-setup.exe, In Quarantäne, [e267ed129cde5adc9e49efb106fbc739], PUP.Optional.SpeedUpMyPC, C:\Users\ShaRax\AppData\Local\Temp\is-DMCBC.tmp\SpeedUpMyPC-standalone-setup.exe, In Quarantäne, [db6e9a65bebc4beb6d7ac4dcec152ad6], PUP.Optional.OptimumInstaller.A, C:\Users\ShaRax\Downloads\Updater_Setup.exe, In Quarantäne, [331658a7d8a2a690cee34a4556ab20e0], PUP.Optional.InstallMonetizer, C:\Users\ShaRax\Downloads\FlashPlayersetup__5047_i228421192_il3.exe, In Quarantäne, [8dbc8f70b2c81f173495383223deac54], Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=d79eef5f15fa53459bc12f265c8fdd51
# engine=18552
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-06-05 10:04:12
# local_time=2014-06-06 12:04:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 5394928 43311968 0 0
# scanned=297513
# found=69
# cleaned=0
# scan_time=18249
sh=297AB44B22D59DC00DA6E7138A6F57CAAA379D74 ft=1 fh=a263ea30718c1c6d vn="Variante von Win64/Adware.Adpeak.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\002\fpvoixdaog64.exe.vir"
sh=9ABC8223C56064FFDD85E6B10D1C60B2AACCB960 ft=1 fh=e50b7e6d3fcfaa0b vn="Win32/DriverGenius.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\driver-soft\DriverGenius\DriverGenius.exe.vir"
sh=E12820C3C449E8DF12132666647822B9FE266BA3 ft=1 fh=661cdf041cef5cb3 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\Installer.dll.vir"
sh=E99D65BD24FAF328D7314F02B98EE8C3BD793B77 ft=1 fh=8661b13c20727ec0 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\InstallerLibrary.dll.vir"
sh=B11B91F706EA1AFD3D4D625201192EAB850FD3CE ft=1 fh=04b2478a5da86198 vn="MSIL/Adware.Proxomoto.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\InstallFirefoxExtension.dll.vir"
sh=5BD97BEAE0E1E79B233B821DA6813A831B5075FB ft=1 fh=5310de0062903084 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\NewVersionUploader.exe.vir"
sh=49DEEED4E6B0E6134D47A582E209511FCBFD2B72 ft=1 fh=14e2fb72d7f3d82c vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\WindowsUpdater.exe.vir"
sh=E99D65BD24FAF328D7314F02B98EE8C3BD793B77 ft=1 fh=8661b13c20727ec0 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MSR\backup\System Update kb70007\backup\InstallerLibrary.dll.vir"
sh=B5A25E0C620FF01958A749C2163433193779319E ft=0 fh=0000000000000000 vn="JS/Adware.Adpeak.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofjjfgnmnjmoihhmjpafcllkhinmboe\5.0_0\bootstrap.js.vir"
sh=9DD0F7453F429A74EDA0C5519D70C91AF1EC6AA2 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie2.1.36.zip.vir"
sh=12A81C015E84CAB1346754690B8683E3D0F5C542 ft=1 fh=2038865bafb4f80a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\DaemonProcess.exe.vir"
sh=CC52EE1298EA7A344B1C0CD7D03D1A059C77FD39 ft=1 fh=d235b59034f549ec vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\Mobogenie.exe.vir"
sh=659E678C5D8CE742CC03A211C59AA57E6018FDC6 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\MUServer.apk.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\nengine.dll.vir"
sh=930F6C24088B7CB47481D4EDD64A873A817E73FC ft=1 fh=44fb5a4b02bb1a4e vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Local\Mobogenie\Version\NewVersion\Mobogenie\UpdateMoboGenie.exe.vir"
sh=DABC08BDF0203F5946101A0EEA51D494E87F67B9 ft=1 fh=7788df8e5b966f5d vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Local\Temp\OCS\ocs_v71.exe.vir"
sh=848C686280EAA04B172FCCFFBD312132A0C46172 ft=1 fh=7764b0effb0b9556 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Local\Temp\OCS\ocs_v7f.exe.vir"
sh=97C98A20388FD894B92FD8325545966CA945BCFB ft=1 fh=6121d07ea56d1649 vn="Win32/Toolbar.Montiera.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\ShaRax\AppData\Roaming\OpenCandy\E88E3F8C10F1461CABE61D589C349CDB\Setupsft_chr_p1v7.exe.vir"
sh=B5B1BA2915460996A40FF308093C03C477A56594 ft=1 fh=be6f6498d1a57e5b vn="Variante von Win32/Bundled.Toolbar.Ask.E potenziell unsichere Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\ShaRax\AppData\Local\Temp\APNSetup.exe.xBAD"
sh=FA9D69BC738AC10F340E9EACD5F9949861A91B45 ft=1 fh=c71c00116d2a710e vn="Variante von Win32/Amonetize.AS evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\ShaRax\AppData\Local\Temp\Brave Frontier Hack 2014 Downloader__3687_i750346404_il4115363.exe.xBAD"
sh=CBDD93735A3DE45A1D10FA0F3CFEF742BEDB86A6 ft=1 fh=c71c00113f6be6de vn="Variante von Win32/Amonetize.AS evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\ShaRax\AppData\Local\Temp\Brave Frontier Hack 4 1 Downloader__3687_i780550428_il1118312.exe.xBAD"
sh=D2AA3EBE87E595966065720636314D115C02B7C7 ft=1 fh=53571feccc19eebc vn="Win32/BrowseFox.C evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\ShaRax\AppData\Local\Temp\GreyGraySetup.exe.xBAD"
sh=AE16EA0279494A37F9053319AA46ECEEE381FB65 ft=1 fh=7a292d7ea4648334 vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\ShaRax\AppData\Local\Temp\plus-hd-2-5.exe.xBAD"
sh=08796D3E02C491A607478119062A3CC491D6C5FE ft=1 fh=0eb77018286fc954 vn="Win32/SpeedUpMyPC.A evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\ShaRax\AppData\Local\Temp\speedupmypc.exe.xBAD"
sh=72FDBB6E315D5BB25A04EB687095914D484B2EC7 ft=1 fh=625b5f97bb9bcd48 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Users\ShaRax\AppData\Local\Temp\v-bates.exe.xBAD"
sh=E12820C3C449E8DF12132666647822B9FE266BA3 ft=1 fh=661cdf041cef5cb3 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\FRST\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\Installer.dll"
sh=E99D65BD24FAF328D7314F02B98EE8C3BD793B77 ft=1 fh=8661b13c20727ec0 vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\FRST\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\InstallerLibrary.dll"
sh=49DEEED4E6B0E6134D47A582E209511FCBFD2B72 ft=1 fh=14e2fb72d7f3d82c vn="MSIL/Adware.Proxomoto.A Anwendung" ac=I fn="C:\FRST\Quarantine\C\Windows\Microsoft\SystemUpdatekb70007\WindowsUpdater.exe"
sh=15DF73618AC6DC9E3B26953DF9151E1A7BBFC3F5 ft=0 fh=0000000000000000 vn="Win64/Adware.Adpeak.D Anwendung" ac=I fn="C:\temp\InstallFilter64.msi"
sh=95CF733C85D94277029FE3332458A2DF278FA29B ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\temp\t.msi"
sh=B09166ED1B1E138E78F807E6E7B4A19E0934E5A5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29HM3ENO\icm_convertmedia_m[1].js"
sh=F4047FA127C3997FC8D4611885D9C339A0EDF946 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29HM3ENO\monetizationLoader[2].js"
sh=73E3DE6407B972684132A0542884E6109B387FFE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29HM3ENO\retargeting_bi_m[1].js"
sh=6EC8A7FA1D751A88633CB93CF3862E5ABEF3D305 ft=1 fh=dea4ca78f5ce2330 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29HM3ENO\Setup[1].exe"
sh=FCC8AA75FDA8654972407F98F61A3444DA6FE9FB ft=1 fh=f110010c0225fee2 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29HM3ENO\Setup_DE_20131219[1].exe"
sh=094934AA84DB4A8DF48D30BF18B44E0BC95ABA44 ft=1 fh=024fce464bb65a6e vn="Win32/DownWare.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29HM3ENO\VisualBeeSilent[1]"
sh=AD5BCFB5B862C8DC0410E3E7B1382860A1DF2FC7 ft=1 fh=fc9cfac998783104 vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QPQ3BRE\click-n-mark_2040-5060[1].exe"
sh=76383B8DE33E6BBFB98D545DEA12B018A0A8F2C8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QPQ3BRE\icm_m[1].js"
sh=AE16EA0279494A37F9053319AA46ECEEE381FB65 ft=1 fh=7a292d7ea4648334 vn="Win32/Packed.ScrambleWrapper.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QPQ3BRE\plus-hd-2-5[1].exe"
sh=8C65267C1AADD4AB670D6D979C4A686D16A86869 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QPQ3BRE\similar_web_m[1].js"
sh=1097C243B6CA04C4EF81B5242CCCB8112844D77D ft=1 fh=2bce3bf09a57bc5a vn="Win32/SpeedUpMyPC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QPQ3BRE\SpeedUpMyPC-standalone-setup[1].exe"
sh=48BC9F520C48C11D618D4BBDE180E50E6BA62DF4 ft=1 fh=63db1d1c36524d9f vn="Variante von Win32/ELEX.Z evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TAJ0IZAJ\adks_NationZoom_20131230[1]"
sh=7004C50EC82BFA560814E4094FC5D424F58161D3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TAJ0IZAJ\intext_5_m[1].js"
sh=E5408D79CBF2B63C25DD1FF25CA268B3756F3FC9 ft=1 fh=373acdd9f785834b vn="Win32/Mobogenie.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TAJ0IZAJ\Mobogenie_Setup_2.1.27_588[1].exe"
sh=399782A2AB704FCF977DD8C511424301382F4659 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0X2UAZY\50onred_ads_only_no_fb_m[1].js"
sh=3A98A147794DBB06F0943A9B14258FAB2E2B11CC ft=1 fh=98fa861d870cfe6e vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0X2UAZY\Cloud_Backup_Setup[1]"
sh=316AD88F43CC33313DB30CA9C001AE6BB1FBC414 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V0X2UAZY\revizer_p_dynamic_m[1].js"
sh=D77A2DFB01E148F461F73D98CFFF3E04E5012997 ft=1 fh=6453ffe7a49e7c54 vn="Variante von Win32/Kryptik.BQZZ Trojaner" ac=I fn="C:\Users\ShaRax\AppData\Local\Temp\awh8326.tmp"
sh=73E9E0963770572C552267E301B77F23D98603EF ft=1 fh=955fe88fde12a7ce vn="Variante von Win32/Amonetize.X evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Temp\awh8336.tmp"
sh=DC42973156A731A80143564375560E396229A10C ft=1 fh=d1327dbc75682e9e vn="Win32/Mobogenie.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Temp\awh8740.tmp"
sh=ECE633D288A0E81CCB096BB7C019142FAAF45B80 ft=0 fh=0000000000000000 vn="MSIL/Adware.Proxomoto.D Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Temp\MsiToExe.SetupExtension.msi"
sh=AF92022A73E072242A8B95BC42475BDB244E0A30 ft=1 fh=0f1d648c9e10fd22 vn="Variante von Win32/ELEX.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\AppData\Local\Temp\fullpackage_temp1388788271\tmp\desk365.exe"
sh=52A0B3BE7359CBF91825C42998F7D010EAED3273 ft=1 fh=4acb1de59817921c vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\ShaRax\Desktop\Alle Ordner\Allgemein\Inschstalations Exe'n\FreeYouTubeToMP3Converter3.12.17.1127.exe"
sh=9895779E1425CFAB7D0DC94EEEF86258AF80DE89 ft=1 fh=97358303de0c6ebe vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\Desktop\Alle Ordner\Allgemein\Inschstalations Exe'n\Notepad - CHIP-Downloader.exe"
sh=EDF26F17CFCE89576F9366E215F01FB3C6F8F96B ft=0 fh=0000000000000000 vn="Variante von Win32/GameTool.H potenziell unsichere Anwendung" ac=I fn="C:\Users\ShaRax\Desktop\Alle Ordner\Games\MW3\mw3.rar"
sh=FA9D69BC738AC10F340E9EACD5F9949861A91B45 ft=1 fh=c71c00116d2a710e vn="Variante von Win32/Amonetize.AS evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750346404_il4115363.exe"
sh=FA9D69BC738AC10F340E9EACD5F9949861A91B45 ft=1 fh=c71c00116d2a710e vn="Variante von Win32/Amonetize.AS evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750370560_il4115363.exe"
sh=53F1724C6BFA1B6AF721BF7B380D1ABA6D8FCFED ft=0 fh=0000000000000000 vn="Win32/DriverGenius.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\Downloads\Driver Genius Cracked.zip"
sh=1A660618DD0583C8BBF3AD6FCED30EE0E0149EF8 ft=1 fh=cc2adb00fa885ec8 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\Downloads\DS4-To-XInput-Wrapper-lnstall.exe"
sh=30E7DED8ECAA1E9EBFA0B442B33C5F2A521F703A ft=1 fh=349e47aa85c8d9c3 vn="Win32/OutBrowse.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\Downloads\setup (1).exe"
sh=30E7DED8ECAA1E9EBFA0B442B33C5F2A521F703A ft=1 fh=349e47aa85c8d9c3 vn="Win32/OutBrowse.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\Downloads\setup (2).exe"
sh=295D757076E58276B0B3A45F939B513560E97D79 ft=0 fh=0000000000000000 vn="Win32/OutBrowse.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\Downloads\Setup.rar"
sh=9ABC8223C56064FFDD85E6B10D1C60B2AACCB960 ft=1 fh=e50b7e6d3fcfaa0b vn="Win32/DriverGenius.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ShaRax\Downloads\Driver Genius Cracked\Driver Genius v12.0.0.1211\Crack\DriverGenius.exe"
sh=ECE633D288A0E81CCB096BB7C019142FAAF45B80 ft=0 fh=0000000000000000 vn="MSIL/Adware.Proxomoto.D Anwendung" ac=I fn="C:\Windows\Installer\101417b.msi"
sh=95CF733C85D94277029FE3332458A2DF278FA29B ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows\Installer\12f0ab0.msi"
sh=15087CCA54DCBEAD06C36619A6F149241CA27873 ft=1 fh=c71c00111974b402 vn="Win32/AdWare.Adpeak.H Anwendung" ac=I fn="C:\Windows\Installer\MSI1760.tmp"
sh=F4BBB551315DBE49911663D85F079AFE8B5F8F51 ft=1 fh=96414ff33da39282 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[1]"
sh=F4BBB551315DBE49911663D85F079AFE8B5F8F51 ft=1 fh=96414ff33da39282 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[1]"
sh=F4BBB551315DBE49911663D85F079AFE8B5F8F51 ft=1 fh=96414ff33da39282 vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Temp\INJ002\ExtensionUpdate.exe"
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-06-2014 Ran by ShaRax (administrator) on SHARAX-PC on 06-06-2014 00:07:32 Running from C:\Users\ShaRax\Desktop Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Wondershare) C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE (Aeria Games & Entertainment) C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (Microsoft Corporation) C:\Windows\splwow64.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE (CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE (Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe (Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.4656\Battle.net.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-06-11] (Logitech Inc.) HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2413128 2010-06-11] (Logitech Inc.) HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-06-11] (Logitech Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation) HKLM-x32\...\Run: [Driver Genius] => [X] HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Wondershare Helper Compact] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.) HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment) HKLM-x32\...\Run: [fst_de_18] => [X] HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-21] (BlueStack Systems, Inc.) HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-10-31] (Microsoft Corporation) HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20473504 2013-10-02] (Skype Technologies S.A.) HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Wondershare Helper Compact] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare) HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [TeamSpeak 3 Client] => C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe [9266120 2014-03-13] (TeamSpeak Systems GmbH) HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\ShaRax\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software) HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Run: [GoogleChromeAutoLaunch_A33A7CD9AFDF27921783C41AE11FDF24] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.) HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-3474377499-699924289-263119520-1000\...\MountPoints2: {ca34c627-3ffb-11e3-8308-806e6f6e6963} - "D:\Diablo III Setup.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MobileGo Service.lnk ShortcutTarget: MobileGo Service.lnk -> C:\Program Files (x86)\Wondershare\MobileGo for Android\MobileGoService.exe (Wondershare) Startup: C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip () ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFE82CDD20AD4CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 62.117.1.25 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\ShaRax\AppData\Roaming\Mozilla\Firefox\Profiles\fte27z7g.default FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml Chrome: ======= CHR HomePage: CHR Extension: (Google Docs) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-18] CHR Extension: (Google Drive) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-18] CHR Extension: (YouTube) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-18] CHR Extension: (Google-Suche) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-18] CHR Extension: (Google Wallet) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-18] CHR Extension: (Google Mail) - C:\Users\ShaRax\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-18] ==================== Services (Whitelisted) ================= R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-21] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-21] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-21] (BlueStack Systems, Inc.) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1618888 2014-04-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21009352 2014-04-30] (NVIDIA Corporation) ==================== Drivers (Whitelisted) ==================== S3 androidusb; C:\Windows\System32\Drivers\wsadb.sys [40808 2013-12-11] (Google Inc) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-21] (BlueStack Systems) S3 hxsyol; C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [86352 2013-11-27] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-05] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19744 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-05 18:56 - 2014-06-05 18:56 - 02347384 _____ (ESET) C:\Users\ShaRax\Desktop\esetsmartinstaller_deu.exe 2014-06-05 18:56 - 2014-06-05 18:56 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-05 18:55 - 2014-06-05 18:55 - 00002810 _____ () C:\Users\ShaRax\Desktop\mbam.txt 2014-06-05 18:26 - 2014-06-05 22:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-05 18:26 - 2014-06-05 18:26 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-05 18:26 - 2014-06-05 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-05 18:26 - 2014-06-05 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-05 18:26 - 2014-06-05 18:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-05 18:26 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-05 18:26 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-05 18:26 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-05 18:25 - 2014-06-05 18:26 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\ShaRax\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-05 17:52 - 2014-06-05 18:05 - 00027877 _____ () C:\Users\ShaRax\Desktop\Addition.txt 2014-06-05 17:51 - 2014-06-06 00:07 - 00000000 ____D () C:\FRST 2014-06-05 17:50 - 2014-06-05 17:50 - 02068992 _____ (Farbar) C:\Users\ShaRax\Desktop\FRST64.exe 2014-06-05 17:22 - 2014-06-06 00:07 - 00016355 _____ () C:\Users\ShaRax\Desktop\FRST.txt 2014-06-05 17:16 - 2014-06-05 17:16 - 00000000 ____D () C:\Program Files (x86)\MSR 2014-06-05 17:06 - 2014-06-05 17:06 - 00006886 _____ () C:\Users\ShaRax\Desktop\Adw cleaner dokument.txt 2014-06-05 17:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll 2014-06-05 16:59 - 2014-06-05 17:15 - 00000000 ____D () C:\AdwCleaner 2014-06-05 16:58 - 2014-06-05 16:58 - 01327971 _____ () C:\Users\ShaRax\Desktop\adwcleaner_3.211.exe 2014-06-03 03:03 - 2014-06-03 03:03 - 00007598 _____ () C:\Users\ShaRax\AppData\Local\Resmon.ResmonCfg 2014-06-03 02:28 - 2014-06-03 02:28 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk 2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\ProgramData\BlueStacks 2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\Program Files (x86)\BlueStacks 2014-06-03 02:26 - 2014-06-03 02:34 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2014-06-03 02:26 - 2014-06-03 02:26 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Bluestacks 2014-05-30 23:00 - 2014-05-31 03:39 - 00000101 _____ () C:\Users\ShaRax\Desktop\Neues Textdokument (2).txt 2014-05-30 13:57 - 2014-05-30 13:57 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-30 13:57 - 2014-05-30 13:57 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-05-30 13:57 - 2014-05-30 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-30 13:50 - 2014-05-30 13:50 - 00283144 _____ (Mozilla) C:\Users\ShaRax\Downloads\Firefox Setup Stub 29.0.1.exe 2014-05-29 18:59 - 2014-05-29 19:01 - 00000000 ____D () C:\temp 2014-05-29 18:53 - 2014-05-29 18:53 - 00332800 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750370560_il4115363.exe 2014-05-29 18:52 - 2014-05-29 18:52 - 03500516 _____ () C:\Users\ShaRax\Downloads\Setup.rar 2014-05-29 18:50 - 2014-05-29 18:59 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Genesis_05291650 2014-05-29 18:48 - 2014-05-29 18:48 - 00332800 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750346404_il4115363.exe 2014-05-29 18:34 - 2014-05-29 18:36 - 17819328 _____ (Tracker Software Products Ltd ) C:\Users\ShaRax\Downloads\PDFX308Vwer.exe 2014-05-29 18:30 - 2014-05-29 18:30 - 05138022 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack.rar 2014-05-28 17:00 - 2014-05-20 01:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-05-28 16:55 - 2014-05-20 04:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-05-28 16:55 - 2014-05-20 04:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-05-28 16:55 - 2014-05-20 04:44 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-05-28 16:39 - 2014-03-31 18:42 - 00040392 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2014-05-28 16:39 - 2014-03-31 18:42 - 00034760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2014-05-28 15:37 - 2014-05-28 15:37 - 11522868 _____ () C:\Users\ShaRax\Downloads\JustProBros Faithful [1.6.2] V1.4.zip 2014-05-28 13:31 - 2014-05-30 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0 2014-05-28 13:31 - 2013-03-24 17:43 - 00569344 _____ (Dxtory Software) C:\Users\ShaRax\Desktop\Dxtory.exe 2014-05-28 13:31 - 2013-02-15 22:44 - 08300544 _____ (Dxtory Software) C:\Windows\SysWOW64\DxtoryCodec.dll 2014-05-28 13:31 - 2013-02-15 22:44 - 08043008 _____ (Dxtory Software) C:\Windows\system32\DxtoryCodec.dll 2014-05-28 13:29 - 2014-05-28 13:29 - 00715038 _____ () C:\Windows\unins000.exe 2014-05-28 13:28 - 2014-05-28 13:28 - 00443445 _____ ( ) C:\Users\ShaRax\Downloads\LagarithSetup_1327.exe 2014-05-28 13:27 - 2014-05-28 13:27 - 04062691 _____ () C:\Users\ShaRax\Downloads\Dxtory 2.0.122 + Neue License File.rar 2014-05-27 15:40 - 2014-05-27 15:40 - 06029100 _____ () C:\Users\ShaRax\Downloads\EdtheGs Pack.zip 2014-05-27 15:39 - 2014-05-27 15:40 - 06439845 _____ () C:\Users\ShaRax\Downloads\TheStripesPackBoy.zip 2014-05-27 15:39 - 2014-05-27 15:39 - 32573771 _____ () C:\Users\ShaRax\Downloads\SlothCraft V3.zip 2014-05-27 15:38 - 2014-05-27 15:38 - 24888563 _____ () C:\Users\ShaRax\Downloads\Rizeax TeamTigerz Edit.zip 2014-05-27 15:36 - 2014-05-27 15:37 - 27259077 _____ () C:\Users\ShaRax\Downloads\RizeaxPvP Pack(Blue Bow).zip 2014-05-27 15:35 - 2014-05-27 15:35 - 22109109 _____ () C:\Users\ShaRax\Downloads\RizeaxPvP Pack by Pieper25.zip 2014-05-26 15:53 - 2014-05-26 15:54 - 26377760 _____ () C:\Users\ShaRax\Downloads\Rizeax PvP Pack Final Version.zip 2014-05-23 18:41 - 2014-05-23 18:42 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\.technic 2014-05-23 13:41 - 2014-05-23 13:41 - 00000000 __SHD () C:\Users\ShaRax\AppData\Local\EmieUserList 2014-05-23 13:41 - 2014-05-23 13:41 - 00000000 __SHD () C:\Users\ShaRax\AppData\Local\EmieSiteList 2014-05-23 12:03 - 2014-05-23 12:04 - 26481912 _____ () C:\Users\ShaRax\Downloads\TheFabo PvP.zip 2014-05-21 17:55 - 2014-05-21 17:55 - 06020490 _____ () C:\Users\ShaRax\Downloads\faithful32pack.zip 2014-05-21 17:50 - 2014-05-21 17:51 - 45953248 _____ () C:\Users\ShaRax\Downloads\Faithful 128x Pack(2).zip 2014-05-17 22:07 - 2014-05-17 22:07 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-05-17 22:00 - 2014-05-17 22:00 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Aeria Games 2014-05-17 21:59 - 2014-05-17 21:59 - 00000000 ____D () C:\ProgramData\Aeria Games 2014-05-17 21:58 - 2014-05-17 21:58 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-05-17 21:58 - 2014-05-17 21:58 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Aeria Games & Entertainment 2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames 2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\Program Files (x86)\Aeria Games 2014-05-17 21:10 - 2014-05-17 21:52 - 00000000 ____D () C:\AeriaGames 2014-05-17 21:10 - 2014-05-17 21:10 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\ShaRax\Downloads\aurakingdom_us_downloader.exe 2014-05-17 15:14 - 2014-05-17 15:14 - 13423227 _____ () C:\Users\ShaRax\Downloads\Sphax PureBDcraft 64x MC17.zip 2014-05-17 14:58 - 2014-05-17 14:58 - 00713575 _____ () C:\Users\ShaRax\Downloads\shaderpacks.zip 2014-05-17 14:56 - 2014-05-17 14:56 - 00395853 _____ () C:\Users\ShaRax\Downloads\ShadersMod-v2.3.15mc1.7.5-installer.jar 2014-05-17 14:55 - 2014-05-17 14:55 - 00814735 _____ () C:\Users\ShaRax\Downloads\OptiFine_1.7.9_HD_U_D2.jar 2014-05-14 19:15 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-14 19:15 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-14 19:15 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-14 19:15 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-14 19:15 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-14 19:15 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-14 13:28 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-14 13:28 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-14 13:28 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-05-14 13:28 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-05-14 13:27 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-05-14 13:27 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-05-14 13:27 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-05-14 13:27 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-05-14 13:27 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-05-14 13:27 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-05-14 13:27 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-05-14 13:27 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-05-14 13:27 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-05-14 13:27 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-05-14 13:27 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-05-14 13:27 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-05-14 13:27 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-05-14 13:27 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-05-14 13:27 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-05-14 13:27 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-05-14 13:27 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-05-14 13:27 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-05-14 13:27 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-05-14 13:27 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-05-14 13:27 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-05-14 13:27 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-05-14 13:27 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-05-14 13:27 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-05-14 13:27 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-05-14 13:27 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-05-14 13:27 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-05-14 13:27 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-05-14 13:27 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-05-14 13:27 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-05-14 13:18 - 2014-05-14 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-05-14 13:18 - 2014-05-14 13:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-05-10 17:44 - 2014-05-10 17:44 - 00496003 _____ () C:\Users\ShaRax\Downloads\PotatoUI-v2.4.1.zip 2014-05-10 17:43 - 2014-05-10 17:43 - 00002539 _____ () C:\Users\ShaRax\Downloads\LocalTime_0.4.zip 2014-05-10 17:33 - 2014-05-10 17:33 - 00067295 _____ () C:\Users\ShaRax\Downloads\SCastBar_v1.2.3_20140503.zip 2014-05-10 17:32 - 2014-05-10 17:32 - 00559982 _____ () C:\Users\ShaRax\Downloads\AuraMastery_1.4.3.zip 2014-05-10 17:28 - 2014-05-10 17:28 - 00044946 _____ () C:\Users\ShaRax\Downloads\GalaxyMeter-18.zip 2014-05-10 17:24 - 2014-05-10 17:24 - 00006305 _____ () C:\Users\ShaRax\Downloads\TrackMaster_0.5.2.zip 2014-05-10 16:39 - 2014-05-10 16:39 - 00000000 ____D () C:\Users\ShaRax\Documents\My Curse 2014-05-10 16:38 - 2014-05-10 16:46 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Curse Advertising 2014-05-10 16:38 - 2014-05-10 16:38 - 00000318 _____ () C:\Users\ShaRax\Desktop\Curse Client.appref-ms 2014-05-10 16:38 - 2014-05-10 16:38 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse 2014-05-10 16:35 - 2014-05-10 16:35 - 00402696 _____ () C:\Users\ShaRax\Downloads\setup (3).exe 2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\NCSOFT 2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\NCSOFT 2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT 2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Program Files (x86)\NCSOFT 2014-05-09 14:39 - 2014-05-30 18:07 - 10319832 _____ (NCSOFT) C:\Users\ShaRax\Desktop\Wildstar.exe 2014-05-09 14:39 - 2014-05-09 14:39 - 10527224 _____ (NCSOFT) C:\Users\ShaRax\Downloads\Wildstar.exe 2014-05-08 18:59 - 2014-05-08 18:59 - 01062288 _____ () C:\Users\ShaRax\Downloads\DS4-To-XInput-Wrapper-lnstall.exe 2014-05-08 18:59 - 2014-05-08 18:59 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Temp8cb780923f5e378742f738c16a362bd6 2014-05-08 18:54 - 2014-05-08 18:54 - 04117346 _____ () C:\Users\ShaRax\Downloads\MotioninJoy_071001_signed.zip 2014-05-07 14:30 - 2014-05-14 19:17 - 00000000 ___SD () C:\Windows\system32\CompatTel ==================== One Month Modified Files and Folders ======= 2014-06-06 00:07 - 2014-06-05 17:51 - 00000000 ____D () C:\FRST 2014-06-06 00:07 - 2014-06-05 17:22 - 00016355 _____ () C:\Users\ShaRax\Desktop\FRST.txt 2014-06-06 00:07 - 2013-10-28 20:13 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Temp 2014-06-06 00:05 - 2013-10-28 20:43 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\TS3Client 2014-06-06 00:04 - 2013-11-01 15:53 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Battle.net 2014-06-05 23:50 - 2013-10-28 21:15 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Skype 2014-06-05 23:34 - 2013-10-28 21:19 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-05 23:29 - 2014-04-18 02:13 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-05 22:46 - 2014-06-05 18:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-05 22:29 - 2014-04-18 02:12 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-05 22:27 - 2014-02-02 23:55 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\ftblauncher 2014-06-05 22:15 - 2013-10-29 20:13 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft 2014-06-05 22:11 - 2013-11-01 15:53 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-06-05 21:24 - 2013-10-28 20:10 - 01560077 _____ () C:\Windows\WindowsUpdate.log 2014-06-05 19:47 - 2013-10-28 21:12 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\LogMeIn Hamachi 2014-06-05 18:58 - 2009-07-14 06:45 - 00025184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-05 18:58 - 2009-07-14 06:45 - 00025184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-05 18:56 - 2014-06-05 18:56 - 02347384 _____ (ESET) C:\Users\ShaRax\Desktop\esetsmartinstaller_deu.exe 2014-06-05 18:56 - 2014-06-05 18:56 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-06-05 18:55 - 2014-06-05 18:55 - 00002810 _____ () C:\Users\ShaRax\Desktop\mbam.txt 2014-06-05 18:48 - 2014-03-15 17:32 - 00000000 ____D () C:\Program Files (x86)\Canon 2014-06-05 18:48 - 2013-10-31 16:06 - 00179442 _____ () C:\Windows\PFRO.log 2014-06-05 18:48 - 2013-10-28 20:35 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-06-05 18:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-05 18:48 - 2009-07-14 06:51 - 00081535 _____ () C:\Windows\setupact.log 2014-06-05 18:26 - 2014-06-05 18:26 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-05 18:26 - 2014-06-05 18:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-05 18:26 - 2014-06-05 18:26 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-06-05 18:26 - 2014-06-05 18:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-05 18:26 - 2014-06-05 18:25 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\ShaRax\Desktop\mbam-setup-2.0.2.1012.exe 2014-06-05 18:21 - 2013-10-28 20:50 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-06-05 18:20 - 2014-03-15 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2014-06-05 18:05 - 2014-06-05 17:52 - 00027877 _____ () C:\Users\ShaRax\Desktop\Addition.txt 2014-06-05 17:50 - 2014-06-05 17:50 - 02068992 _____ (Farbar) C:\Users\ShaRax\Desktop\FRST64.exe 2014-06-05 17:21 - 2013-11-17 22:13 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Deployment 2014-06-05 17:16 - 2014-06-05 17:16 - 00000000 ____D () C:\Program Files (x86)\MSR 2014-06-05 17:15 - 2014-06-05 16:59 - 00000000 ____D () C:\AdwCleaner 2014-06-05 17:06 - 2014-06-05 17:06 - 00006886 _____ () C:\Users\ShaRax\Desktop\Adw cleaner dokument.txt 2014-06-05 17:02 - 2013-10-28 20:13 - 00000997 _____ () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-06-05 17:02 - 2013-10-28 20:13 - 00000000 ____D () C:\Users\ShaRax 2014-06-05 16:58 - 2014-06-05 16:58 - 01327971 _____ () C:\Users\ShaRax\Desktop\adwcleaner_3.211.exe 2014-06-05 02:00 - 2013-10-28 21:18 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Adobe 2014-06-04 00:41 - 2014-03-30 00:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\.minecraft 2014-06-03 03:07 - 2013-10-28 20:41 - 00000000 ____D () C:\Users\ShaRax\Desktop\Alle Ordner 2014-06-03 03:03 - 2014-06-03 03:03 - 00007598 _____ () C:\Users\ShaRax\AppData\Local\Resmon.ResmonCfg 2014-06-03 02:34 - 2014-06-03 02:26 - 00000000 ____D () C:\ProgramData\BlueStacksSetup 2014-06-03 02:28 - 2014-06-03 02:28 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk 2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\ProgramData\BlueStacks 2014-06-03 02:28 - 2014-06-03 02:28 - 00000000 ____D () C:\Program Files (x86)\BlueStacks 2014-06-03 02:28 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-06-03 02:26 - 2014-06-03 02:26 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Bluestacks 2014-06-01 18:47 - 2013-10-28 21:07 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Spotify 2014-06-01 15:42 - 2013-10-28 21:08 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Spotify 2014-05-31 03:39 - 2014-05-30 23:00 - 00000101 _____ () C:\Users\ShaRax\Desktop\Neues Textdokument (2).txt 2014-05-30 18:07 - 2014-05-09 14:39 - 10319832 _____ (NCSOFT) C:\Users\ShaRax\Desktop\Wildstar.exe 2014-05-30 14:47 - 2014-05-28 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0 2014-05-30 13:58 - 2013-10-28 20:24 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Mozilla 2014-05-30 13:57 - 2014-05-30 13:57 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-05-30 13:57 - 2014-05-30 13:57 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-05-30 13:57 - 2014-05-30 13:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-05-30 13:57 - 2014-03-29 15:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-05-30 13:50 - 2014-05-30 13:50 - 00283144 _____ (Mozilla) C:\Users\ShaRax\Downloads\Firefox Setup Stub 29.0.1.exe 2014-05-30 11:32 - 2014-01-07 18:44 - 00000000 ____D () C:\Fraps 2014-05-29 19:01 - 2014-05-29 18:59 - 00000000 ____D () C:\temp 2014-05-29 18:59 - 2014-05-29 18:50 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Genesis_05291650 2014-05-29 18:53 - 2014-05-29 18:53 - 00332800 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750370560_il4115363.exe 2014-05-29 18:52 - 2014-05-29 18:52 - 03500516 _____ () C:\Users\ShaRax\Downloads\Setup.rar 2014-05-29 18:48 - 2014-05-29 18:48 - 00332800 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack 2014 Downloader__3687_i750346404_il4115363.exe 2014-05-29 18:36 - 2014-05-29 18:34 - 17819328 _____ (Tracker Software Products Ltd ) C:\Users\ShaRax\Downloads\PDFX308Vwer.exe 2014-05-29 18:30 - 2014-05-29 18:30 - 05138022 _____ () C:\Users\ShaRax\Downloads\Brave Frontier Hack.rar 2014-05-29 00:34 - 2014-02-06 00:58 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Audacity 2014-05-28 17:01 - 2013-10-28 20:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-05-28 17:00 - 2013-10-28 20:35 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-05-28 16:40 - 2014-05-04 00:53 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\NVIDIA Corporation 2014-05-28 15:37 - 2014-05-28 15:37 - 11522868 _____ () C:\Users\ShaRax\Downloads\JustProBros Faithful [1.6.2] V1.4.zip 2014-05-28 13:31 - 2014-03-05 15:06 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Dxtory Software 2014-05-28 13:29 - 2014-05-28 13:29 - 00715038 _____ () C:\Windows\unins000.exe 2014-05-28 13:29 - 2014-03-05 15:06 - 00003440 _____ () C:\Windows\unins000.dat 2014-05-28 13:28 - 2014-05-28 13:28 - 00443445 _____ ( ) C:\Users\ShaRax\Downloads\LagarithSetup_1327.exe 2014-05-28 13:27 - 2014-05-28 13:27 - 04062691 _____ () C:\Users\ShaRax\Downloads\Dxtory 2.0.122 + Neue License File.rar 2014-05-27 15:40 - 2014-05-27 15:40 - 06029100 _____ () C:\Users\ShaRax\Downloads\EdtheGs Pack.zip 2014-05-27 15:40 - 2014-05-27 15:39 - 06439845 _____ () C:\Users\ShaRax\Downloads\TheStripesPackBoy.zip 2014-05-27 15:39 - 2014-05-27 15:39 - 32573771 _____ () C:\Users\ShaRax\Downloads\SlothCraft V3.zip 2014-05-27 15:38 - 2014-05-27 15:38 - 24888563 _____ () C:\Users\ShaRax\Downloads\Rizeax TeamTigerz Edit.zip 2014-05-27 15:37 - 2014-05-27 15:36 - 27259077 _____ () C:\Users\ShaRax\Downloads\RizeaxPvP Pack(Blue Bow).zip 2014-05-27 15:35 - 2014-05-27 15:35 - 22109109 _____ () C:\Users\ShaRax\Downloads\RizeaxPvP Pack by Pieper25.zip 2014-05-26 15:54 - 2014-05-26 15:53 - 26377760 _____ () C:\Users\ShaRax\Downloads\Rizeax PvP Pack Final Version.zip 2014-05-23 18:42 - 2014-05-23 18:41 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\.technic 2014-05-23 13:41 - 2014-05-23 13:41 - 00000000 __SHD () C:\Users\ShaRax\AppData\Local\EmieUserList 2014-05-23 13:41 - 2014-05-23 13:41 - 00000000 __SHD () C:\Users\ShaRax\AppData\Local\EmieSiteList 2014-05-23 12:04 - 2014-05-23 12:03 - 26481912 _____ () C:\Users\ShaRax\Downloads\TheFabo PvP.zip 2014-05-21 17:55 - 2014-05-21 17:55 - 06020490 _____ () C:\Users\ShaRax\Downloads\faithful32pack.zip 2014-05-21 17:51 - 2014-05-21 17:50 - 45953248 _____ () C:\Users\ShaRax\Downloads\Faithful 128x Pack(2).zip 2014-05-20 04:44 - 2014-05-28 16:55 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2014-05-20 04:44 - 2014-05-28 16:55 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2014-05-20 04:44 - 2014-05-28 16:55 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2014-05-20 04:44 - 2014-05-04 01:00 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2014-05-20 04:44 - 2013-10-28 20:35 - 00061216 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll 2014-05-20 04:44 - 2013-10-28 20:35 - 00052056 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll 2014-05-20 04:44 - 2013-10-28 20:30 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2014-05-20 04:44 - 2013-10-28 20:30 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2014-05-20 04:44 - 2013-10-28 20:30 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2014-05-20 04:44 - 2013-10-28 20:30 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2014-05-20 04:44 - 2013-10-28 20:30 - 00026069 _____ () C:\Windows\system32\nvinfo.pb 2014-05-20 03:25 - 2013-10-28 20:35 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2014-05-20 03:25 - 2013-10-28 20:35 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2014-05-20 03:25 - 2013-10-28 20:35 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2014-05-20 03:25 - 2013-10-28 20:35 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2014-05-20 03:25 - 2013-10-28 20:35 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2014-05-20 03:25 - 2013-10-28 20:35 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2014-05-20 01:10 - 2014-05-28 17:00 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2014-05-17 22:07 - 2014-05-17 22:07 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-05-17 22:00 - 2014-05-17 22:00 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Aeria Games 2014-05-17 21:59 - 2014-05-17 21:59 - 00000000 ____D () C:\ProgramData\Aeria Games 2014-05-17 21:58 - 2014-05-17 21:58 - 00000000 ___HD () C:\Windows\msdownld.tmp 2014-05-17 21:58 - 2014-05-17 21:58 - 00000000 ____D () C:\Windows\SysWOW64\directx 2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Aeria Games & Entertainment 2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames 2014-05-17 21:52 - 2014-05-17 21:52 - 00000000 ____D () C:\Program Files (x86)\Aeria Games 2014-05-17 21:52 - 2014-05-17 21:10 - 00000000 ____D () C:\AeriaGames 2014-05-17 21:52 - 2014-01-22 22:08 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin 2014-05-17 21:10 - 2014-05-17 21:10 - 00581656 _____ (Aeria Games & Entertainment) C:\Users\ShaRax\Downloads\aurakingdom_us_downloader.exe 2014-05-17 15:14 - 2014-05-17 15:14 - 13423227 _____ () C:\Users\ShaRax\Downloads\Sphax PureBDcraft 64x MC17.zip 2014-05-17 14:58 - 2014-05-17 14:58 - 00713575 _____ () C:\Users\ShaRax\Downloads\shaderpacks.zip 2014-05-17 14:56 - 2014-05-17 14:56 - 00395853 _____ () C:\Users\ShaRax\Downloads\ShadersMod-v2.3.15mc1.7.5-installer.jar 2014-05-17 14:55 - 2014-05-17 14:55 - 00814735 _____ () C:\Users\ShaRax\Downloads\OptiFine_1.7.9_HD_U_D2.jar 2014-05-15 01:49 - 2013-10-28 20:35 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin 2014-05-14 21:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-05-14 19:20 - 2013-10-28 20:13 - 00000000 ___RD () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-14 19:20 - 2013-10-28 20:13 - 00000000 ___RD () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-14 19:17 - 2014-05-07 14:30 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-05-14 19:15 - 2013-11-08 11:30 - 00000000 ____D () C:\Windows\system32\MRT 2014-05-14 19:13 - 2013-11-08 11:29 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-05-14 17:57 - 2013-11-01 17:52 - 00000000 ____D () C:\Program Files (x86)\Diablo III 2014-05-14 13:18 - 2014-05-14 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2014-05-14 13:18 - 2014-05-14 13:18 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi 2014-05-14 13:18 - 2014-02-11 01:48 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk 2014-05-13 21:36 - 2013-10-28 21:19 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-05-13 21:36 - 2013-10-28 21:19 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-05-13 21:36 - 2013-10-28 21:19 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-05-12 07:26 - 2014-06-05 18:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-05-12 07:26 - 2014-06-05 18:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-05-12 07:25 - 2014-06-05 18:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-05-10 17:44 - 2014-05-10 17:44 - 00496003 _____ () C:\Users\ShaRax\Downloads\PotatoUI-v2.4.1.zip 2014-05-10 17:43 - 2014-05-10 17:43 - 00002539 _____ () C:\Users\ShaRax\Downloads\LocalTime_0.4.zip 2014-05-10 17:33 - 2014-05-10 17:33 - 00067295 _____ () C:\Users\ShaRax\Downloads\SCastBar_v1.2.3_20140503.zip 2014-05-10 17:32 - 2014-05-10 17:32 - 00559982 _____ () C:\Users\ShaRax\Downloads\AuraMastery_1.4.3.zip 2014-05-10 17:28 - 2014-05-10 17:28 - 00044946 _____ () C:\Users\ShaRax\Downloads\GalaxyMeter-18.zip 2014-05-10 17:24 - 2014-05-10 17:24 - 00006305 _____ () C:\Users\ShaRax\Downloads\TrackMaster_0.5.2.zip 2014-05-10 16:46 - 2014-05-10 16:38 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Curse Advertising 2014-05-10 16:39 - 2014-05-10 16:39 - 00000000 ____D () C:\Users\ShaRax\Documents\My Curse 2014-05-10 16:38 - 2014-05-10 16:38 - 00000318 _____ () C:\Users\ShaRax\Desktop\Curse Client.appref-ms 2014-05-10 16:38 - 2014-05-10 16:38 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse 2014-05-10 16:35 - 2014-05-10 16:35 - 00402696 _____ () C:\Users\ShaRax\Downloads\setup (3).exe 2014-05-09 22:36 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat 2014-05-09 22:36 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat 2014-05-09 22:36 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-05-09 15:41 - 2013-12-05 22:17 - 00000000 ____D () C:\Program Files (x86)\Hearthstone 2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Roaming\NCSOFT 2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\NCSOFT 2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT 2014-05-09 14:40 - 2014-05-09 14:40 - 00000000 ____D () C:\Program Files (x86)\NCSOFT 2014-05-09 14:39 - 2014-05-09 14:39 - 10527224 _____ (NCSOFT) C:\Users\ShaRax\Downloads\Wildstar.exe 2014-05-09 13:19 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-05-09 08:14 - 2014-05-14 13:28 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-05-09 08:11 - 2014-05-14 13:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-08 22:24 - 2014-04-18 02:13 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-05-08 22:24 - 2014-04-18 02:13 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-05-08 18:59 - 2014-05-08 18:59 - 01062288 _____ () C:\Users\ShaRax\Downloads\DS4-To-XInput-Wrapper-lnstall.exe 2014-05-08 18:59 - 2014-05-08 18:59 - 00000000 ____D () C:\Users\ShaRax\AppData\Local\Temp8cb780923f5e378742f738c16a362bd6 2014-05-08 18:54 - 2014-05-08 18:54 - 04117346 _____ () C:\Users\ShaRax\Downloads\MotioninJoy_071001_signed.zip Some content of TEMP: ==================== C:\Users\ShaRax\AppData\Local\Temp\nvSCPAPI.dll C:\Users\ShaRax\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\ShaRax\AppData\Local\Temp\nvStereoApiI.dll C:\Users\ShaRax\AppData\Local\Temp\SendMsg.dll C:\Users\ShaRax\AppData\Local\Temp\swt-win32-3349.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-05-29 02:00 ==================== End Of Log ============================ |
|
06.06.2014, 07:58
| #6 |
| /// TB-Ausbilder | doppelt blaue Unterstreichungen im Browser / Adware entfernen Das sieht sehr gut aus, diese Funde sind allesamt irrelevant. Schritt 1 Lade dir  TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
Schritt 2 Dein Java ist nicht mehr aktuell. Ältere Versionen enthalten Sicherheitslücken, die von Malware zur Infizierung per Drive-by Download missbraucht werden können. Die aktuelle Version ist Java 7 Update 60.
Überleg dir also, ob du eine Java-Installation wirklich brauchst. Falls du Java weiterhin verwenden möchtest, dann:
Cleanup Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
>> OK << Wir sind durch, deine Logs sehen für mich im Moment sauber aus.  Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst. Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann. Epilog: Tipps, Dos & Don'ts  Aktualität von System und SoftwareDas Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
Auch die installierte Software sollte immer in der aktuellsten Version vorliegen. Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
Sicherheits-SoftwareEine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt). Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt. Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
(Un-)Sicheres Verhalten im InternetNebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Allgemeine HinweiseAbschliessend noch ein paar grundsätzliche Bemerkungen:
Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen. Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. 
__________________ --> doppelt blaue Unterstreichungen im Browser / Adware entfernen |
|
06.06.2014, 15:13
| #7 |
| | doppelt blaue Unterstreichungen im Browser / Adware entfernen Heey , Erstmal vorn weg habe ich alle Schritte befolgt und dank dir läuft mein PC und mein Browser wieder wie am Schnürchen , ich muss sagen das ich es echt bemerkenswert und wirklich Super finde wie ihr euch für die User die hier ihre Probleme schildern einsetzt.Ich bin echt froh hier in diesem Forum mein Problem gepostet habe und auch sofort eine Antwort , was äußerst selten bei Forumen der Fall ist , bekommen habe. Ich wünsche dir Leo und denen die ihre Probleme hier schildern viel Erfolg und danke dir sehr! |
|
06.06.2014, 18:51
| #8 |
| /// TB-Ausbilder | doppelt blaue Unterstreichungen im Browser / Adware entfernen Danke für die Rückmeldung. Freut mich, dass wir helfen konnten.  Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
Linear-Darstellung
