Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Malware & SSL-Fehler

Malware & SSL-Fehler


Log-Analyse und Auswertung: Malware & SSL-Fehler

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 14.07.2014, 23:36   #1
kofferradio
 
Malware & SSL-Fehler - Standard

Malware & SSL-Fehler


Hallöchen.

Ich sitze seit 4 Stunden vor meinem Notebook und habe eigentlich schon alles getan, was mir von selbst eingefallen ist, um folgendes Problem zu lösen:

1. Ich wollte heute gegen 19 Uhr auf meine Onlinebankingseite via Mozialla zugreifen und stolperte dort über diese Meldung: ssl_error_rx_malformed_alert

Diese Meldung begleitete mich auch bei Facebook und anderen Seiten.

Im IE und Chrome hatte ich das gleiche Problem.

2. Als ich dann eine Seite ohne HTTPS aufrief, wurde ich massiv mit Werbung zugebombt. Die Geschwindigkeit lag bei gefühlten 56k, da nur noch Werbebanner auf den Seiten geladen wurden.

3. Glary Utilities und Kaspersky Antivirus haben nichts gefunden

4. Trendmicro Housecall hat mir dann einen Trojaner mit dem Namen TROJ_SPNR der an einer Datei der Mysearchdial.exe hing --- ich hab es entfernt

5. Da ich schonmal auf einem anderen System mit dieser Exe konfrontiert war, habe ich dann Malwarebytes durchlaufen lassen, hier das Protokoll:
PHP-Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date14.07.2014
Scan Time21:23:40
Logfile
AdministratorYes

Version2.00.2.1012
Malware Databasev2014.07.14.10
Rootkit Databasev2014.07.09.01
LicenseTrial
Malware ProtectionEnabled
Malicious Website ProtectionEnabled
Self-protectionDisabled

OSWindows 7 Service Pack 1
CPUx64
File SystemNTFS
UserBruno

Scan TypeThreat Scan
ResultCompleted
Objects Scanned284948
Time Elapsed5 min9 sec

MemoryEnabled
StartupEnabled
FilesystemEnabled
ArchivesEnabled
RootkitsDisabled
HeuristicsEnabled
PUPEnabled
PUMEnabled

Processes1
PUP.Optional.UniversalUpdater.AC:\Program Files (x86)\Universal Updater\UpdaterService.exe2960Delete-on-Reboot, [373b5f406417dd59f08c59049c6545bb]

Modules0
(No malicious items detected)

Registry Keys62
PUP.Optional.UniversalUpdater.AHKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UniversalUpdaterQuarantined, [373b5f406417dd59f08c59049c6545bb], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\APPID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}, Quarantined, [ea88c3dc3843c3739970ed9fbc4658a8], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}, Quarantined, [ea88c3dc3843c3739970ed9fbc4658a8], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\mysearchdial.mysearchdialHlpr.1Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\mysearchdial.mysearchdialHlprQuarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\mysearchdial.mysearchdialHlprQuarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\mysearchdial.mysearchdialHlpr.1Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 
PUP.Optional.MySearchDial.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 
PUP.Optional.MySearchDial.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\TYPELIB\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 
PUP.Optional.SearchProtect.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [551df7a86c0ff244e2d7450db44eff01], 
PUP.Optional.MySearchDial.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [9ed4603f3b40ce68fdbde27034cee51b], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [9ed4603f3b40ce68fdbde27034cee51b], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}, Quarantined, [a5cd564988f3a88e5f61a7e408fa24dc], 
PUP.Optional.HDStreamerHKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E6062A33-016E-4BDA-A6F1-890D989F8656}, Quarantined, [571b0e919ae1e84efd001f37a85a36ca], 
PUP.Optional.HDStreamer.AHKLM\SOFTWARE\HD StreamerQuarantined, [aac89f00fb802412c4ac15a51fe30ff1], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\iagcajndpnfncplednpbnkahadegklfaQuarantined, [0a68bce3f08ba690207d656c1de5eb15], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\iagcajndpnfncplednpbnkahadegklfaQuarantined, [9ed4ffa083f85fd76d30775a659d7987], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\INSTALLCORE\mysearchdialQuarantined, [3e34029dc4b7d363aa517a7d59aad030], 
PUP.Optional.MySearchDial.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\mysearchdialQuarantined, [581a386756259b9ba5fbae4bf70cf50b], 
PUP.Optional.MySearchDial.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\mysearchdial.comQuarantined, [6c065a45accfb28401a030c9867de61a], 
PUP.Optional.MySearchDial.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\iagcajndpnfncplednpbnkahadegklfaQuarantined, [2151742bd7a42e08dec07061fa08b050], 
PUP.Optional.InstallCore.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1SQuarantined, [9cd63867e69571c5f7a30cd6659dbc44], 
PUP.Optional.MySearchDial.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\mysearchdialQuarantined, [b0c2633c0a712016e275f00ddd261ae6], 
PUP.Optional.InstallCore.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCOREQuarantined, [155d5748aad174c24c5321d7b94a6d93], 
PUP.Optional.Softonic.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal DownloaderQuarantined, [d49e3a654f2cdf5700a1d4fd0df51ee2], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}, Quarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\mysearchdial.mysearchdialappCore.1Quarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\mysearchdial.mysearchdialappCoreQuarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\mysearchdial.mysearchdialappCoreQuarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\mysearchdial.mysearchdialappCore.1Quarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}, Quarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\CLASSES\mQuarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\WOW6432NODE\CLASSES\mQuarantined, [f47e653a7a0150e63256782816ecf10f], 

Registry Values2
PUP.Optional.UniversalUpdater.AHKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UNIVERSALUPDATER|ImagePathC:\Program Files (x86)\Universal Updater\UpdaterService.exeQuarantined, [e9899f00215a96a037121ac5c73b867a]
PUP.Optional.InstallCore.AHKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb0A2O1C1R1H2Z1S1G1M1FQuarantined, [155d5748aad174c24c5321d7b94a6d93]

Registry Data1
PUP.Optional.MySearchDial.AHKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Pagehxxp://start.mysearchdial.com/?f=1&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=, Good: (www.google.com), Bad: (hxxp://start.mysearchdial.com/?f=1&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=),Replaced,[f37ffca3d4a792a4d9e6801f758f9b65]

Folders10
PUP.Optional.UniversalUpdater.AC:\Program Files (x86)\Universal UpdaterDelete-on-Reboot, [7200801f4e2db4822d1bc7189b67f20e], 
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\mysearchdialQuarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\mysearchdial\icons_2.20.1.0Quarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProcQuarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 
PUP.Optional.Conduit.AC:\Users\Bruno\AppData\Local\Temp\ct3288691Quarantined, [bbb7831cadce56e03b6d524dd42e837d], 
PUP.Optional.Conduit.AC:\Users\Bruno\AppData\Local\Temp\ct3297265Quarantined, [5f13aff0e9920e28e2c6623d887aad53], 
PUP.Optional.Conduit.AC:\Users\Bruno\AppData\Local\Temp\ct3297861Quarantined, [adc5465988f33bfb82262b745aa85ba5], 
PUP.Optional.MySearchDial.AC:\Program Files (x86)\MysearchdialQuarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AC:\Program Files (x86)\Mysearchdial\1.8.29.0Quarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AC:\Program Files (x86)\Mysearchdial\1.8.29.0\bhQuarantined, [f47e653a7a0150e63256782816ecf10f], 

Files69
PUP.Optional.UniversalUpdater.AC:\Program Files (x86)\Universal Updater\UpdaterService.exeDelete-on-Reboot, [373b5f406417dd59f08c59049c6545bb], 
PUP.Optional.MySearchDial.AC:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dllQuarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 
PUP.Optional.MySearchDial.AC:\WINDOWS\System32\Tasks\MySearchDialQuarantined, [9cd6c0df3744c96da5d65b6423dfb050], 
PUP.Optional.MySearchDial.AC:\WINDOWS\Tasks\MySearchDial.jobQuarantined, [9cd6544b413a76c0c675338e9c6653ad], 
PUP.Optional.Speedial.AC:\Users\Bruno\AppData\Local\speedial.crxQuarantined, [f37f851a25567eb8e318e0eb34ce8c74], 
PUP.Optional.UniversalUpdater.AC:\Program Files (x86)\Universal Updater\settings.jsonQuarantined, [7200801f4e2db4822d1bc7189b67f20e], 
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProc\config.datQuarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProc\info.datQuarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProc\STTL.DATQuarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProc\TTL.DATQuarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 
PUP.Optional.MySearchDial.AC:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.icoQuarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AC:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialApp.dllQuarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AC:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialEng.dllQuarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AC:\Program Files (x86)\Mysearchdial\1.8.29.0\Sqlite3.dllQuarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AC:\Program Files (x86)\Mysearchdial\1.8.29.0\uninst.datQuarantined, [f47e653a7a0150e63256782816ecf10f], 
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.AL"2);), Replaced,[284a0f9097e4ab8bd289a32c917349b7]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.aflt""ir_14_16_ff");), Replaced,[a4cecfd0f98244f266f57d5230d43ec2]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.appId""{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Replaced,[076b2e71017aa78f1249735c24e0aa56]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.cd""2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q");), Replaced,[80f24f50097248ee5b007a5554b0e51b]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.cr""1680039074");), Replaced,[91e1900fea9170c68fcc2ba460a4748c]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.dfltLng""");), Replaced,[056da7f87506c47296c52ca35fa59070]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.dfltSrch"true);), Replaced,[bdb5128d4b30053190cb4e81d82cbe42]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.dnsErr"true);), Replaced,[39396e310c6f2610b2a94e81d133b14f]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.excTlbr"false);), Replaced,[6909346b91ea3df9b8a38748e024fd03]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.hmpg"true);), Replaced,[a6cc8e116c0f4ee8aab11cb3fb09718f]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.hmpgUrl""hxxp://start.mysearchdial.com/?f=1&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=");), Replaced,[92e0346b0d6eb086d18a9e3163a1926e]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.id""74867A530B4568EB");), Replaced,[84ee1b84423957dfa4b725aa53b1f50b]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.instlDay""16178");), Replaced,[dc96aff0413a90a669f2844b39cb7d83]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.instlRef""140305_a");), Replaced,[c5ad405f92e9e6508ccf3d9263a145bb]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.newTabUrl""hxxp://start.mysearchdial.com/?f=2&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=");), Replaced,[c1b1306f83f880b6d487705f11f338c8]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.prdct""mysearchdial");), Replaced,[a1d18c13fd7ec274203b5778f90b01ff]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.prtnrId""mysearchdial");), Replaced,[e78b930c0c6f2016aab1943bde260df3]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.srchPrvdr""Mysearchdial");), Replaced,[e191aff0f487f93d3625ce012fd543bd]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.tlbrId""base");), Replaced,[a9c9a0ffb2c9f83e1b40834c46beb848]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.tlbrSrchUrl""hxxp://start.mysearchdial.com/?f=3&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=&q=");), Replaced,[d49e7e219eddae88015ac50a2cd808f8]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.vrsn""1.8.29.0");), Replaced,[d0a2b3ecc4b792a4a0bb3e9106fe8080]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial.vrsni""1.8.29.0");), Replaced,[90e2841b4734aa8c88d32ba4b74d26da]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial_i.newTab"false);), Replaced,[3d35c8d75229e353f16ae9e60301cc34]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial_i.smplGrp""none");), Replaced,[1f539807a1daab8b8dce15ba1fe5ea16]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.jsGood: (), Bad: (user_pref("extensions.mysearchdial_i.vrsnTs""1.8.29.022:4:41");), Replaced,[c4ae742b9edd3ef8bba048878381e61a]
PUP.Optional.MySearch.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.irmysearch.aflt""ir_14_16_ff");), Replaced,[1f53207f84f758de3122d2fd4db71ee2]
PUP.Optional.MySearch.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.irmysearch.instlRef""140305_a");), Replaced,[274b326d9dde181e57fca02f8282956b]
PUP.Optional.MySearch.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.irmysearch.cr""1680039074");), Replaced,[452d2a75205b3df9460d715e8c78cf31]
PUP.Optional.MySearch.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.irmysearch.cd""2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q");), Replaced,[a5cda9f6a4d757dfdf748e41986c6a96]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.hmpg"true);), Replaced,[9bd7dbc4265585b1e07ca6290ef6867a]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.hmpgUrl""hxxp://start.mysearchdial.com/?f=1&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=");), Replaced,[51214659b4c73df9ed6fba154db703fd]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.dfltSrch"true);), Replaced,[8be77b2492e9b87e451711bea262d729]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.srchPrvdr""Mysearchdial");), Replaced,[2f436b340f6c5bdb3329eae5e42053ad]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.dnsErr"true);), Replaced,[89e97d222c4f2d09e27aa02f71937888]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial_i.newTab"false);), Replaced,[5121ffa0d8a339fd84d8fcd316eeda26]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.newTabUrl""hxxp://start.mysearchdial.com/?f=2&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=");), Replaced,[8ae81c83205b0c2a5507a72859ab6799]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.tlbrSrchUrl""hxxp://start.mysearchdial.com/?f=3&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=&q=");), Replaced,[383a5748b4c7f83eacb047888a7a8878]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.id""74867A530B4568EB");), Replaced,[a8caddc224579e9896c6a22d679dc33d]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.instlDay""16178");), Replaced,[4f23603f1566a98db8a42ba41aeaa55b]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.vrsn""1.8.29.0");), Replaced,[c4aebbe45526bf77cd8f329de222e11f]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.vrsni""1.8.29.0");), Replaced,[4f23cdd2b5c6e452a0bcfad549bb669a]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial_i.vrsnTs""1.8.29.022:4:41");), Replaced,[c0b2b6e95c1f58dec29a0cc305ffe41c]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.prtnrId""mysearchdial");), Replaced,[8ae8f8a70a71d264c69618b79272ed13]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.prdct""mysearchdial");), Replaced,[cfa38a15f3884ee82438d0ff0ef6b947]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.aflt""ir_14_16_ff");), Replaced,[aac8eab5007b48eeff5df6d99b69619f]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial_i.smplGrp""none");), Replaced,[75fd396664176bcb68f4fed118ece11f]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.tlbrId""base");), Replaced,[1161306f94e7a78fd7853996ce36c43c]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.instlRef""140305_a");), Replaced,[462ca1fe2259191d86d6933cf80c8c74]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.dfltLng""");), Replaced,[cea4eab5a4d73afc2438dbf4689c7e82]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.appId""{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Replaced,[7df5811ea6d52511eb71def1ea1a9c64]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.excTlbr"false);), Replaced,[87eb633c037835011b41d4fb56aedd23]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.cr""1680039074");), Replaced,[2a48f3ac4e2d73c3a4b8b11e4db78a76]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.cd""2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q");), Replaced,[b2c05748374472c4d28a1ab58a7a07f9]
PUP.Optional.MySearchDial.AC:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.jsGood: (), Bad: (user_pref("extensions.mysearchdial.AL"2);), Replaced,[9bd7d1cea0db74c26cf008c7d03409f7]

Physical Sectors0
(No malicious items detected)


(end
- ich hab das System dann damit gereinigt

6. dennoch immernoch ein Befall vorhanden- Https nicht anwählbar, Werbung blieb

7. CCleaner brachte auch keine Lösung

8. Nun habe ich JRT benutzt, der hat den Rest erledigt.

9. Jetzt habe ich folgende Situation:
Läuft JRT durch und findet nichts mehr, kann ich surfen- ohne Werbung, mit https.
Starte ich den Rechner jedoch neu, ist alles beim Alten. Der SSL-Server ist wieder da und ich werde mit Werbung zugebombt.

10. Gibts noch irgendeine Idee, was ich noch tun kann???

hier noch der letzte FRST-Log:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01
Ran by Bruno (administrator) on BRUNO-PC on 15-07-2014 00:30:18
Running from C:\Users\Bruno\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Validity Sensors, Inc.) C:\WINDOWS\System32\vcsFPService.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\WINDOWS\SysWOW64\irstrtsv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\WINDOWS\System32\StikyNot.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Google Inc.) C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Dropbox, Inc.) C:\Users\Bruno\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
() C:\Program Files (x86)\Isis\isis.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Intel Corporation) C:\WINDOWS\Temp\irstrtsv\scrncap.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2774864 2013-01-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1628288 2011-09-09] (Conexant Systems, Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-03-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-02] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Isis] => C:\Program Files (x86)\Isis\Isis.exe [330544 2014-07-14] ()
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\Run: [RESTART_STICKY_NOTES] => C:\WINDOWS\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-07-02] (Glarysoft Ltd)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-06-27] (Siber Systems)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\Run: [MusicManager] => C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\MountPoints2: {1480661a-ace2-11e3-a954-681729f08920} - F:\LG_PC_Programs.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bruno\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk *  

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
SearchScopes: HKLM - DefaultScope {DA206B94-FA80-4EB2-8FC2-483385A471FB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {DA206B94-FA80-4EB2-8FC2-483385A471FB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {DA206B94-FA80-4EB2-8FC2-483385A471FB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {DA206B94-FA80-4EB2-8FC2-483385A471FB} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\vzlryvn5.default-1405367384393
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Bruno\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Bruno\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2013-11-19]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-21]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-01-21]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-01-23]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-01-23]
CHR Extension: (Google Wallet) - C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (RoboForm) - C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-02-15]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-02-15]

==================== Services (Whitelisted) =================

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-12] (Conexant Systems, Inc.)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [750904 2013-03-26] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-19] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-19] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-03] (Glarysoft Ltd)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1345920 2012-11-06] (Motorola Solutions, Inc.)
R0 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-07-06] (Glarysoft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-12-04] (Intel Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [43800 2013-03-26] (Intel Corporation)
R1 isis; C:\Windows\System32\drivers\isis.sys [47408 2014-07-14] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-25] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-25] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-04] (STMicroelectronics)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-15 00:03 - 2014-07-15 00:03 - 02347384 _____ (ESET) C:\Users\Bruno\Downloads\esetsmartinstaller_deu.exe
2014-07-15 00:03 - 2014-07-15 00:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-15 00:00 - 2014-07-15 00:01 - 00001796 _____ () C:\sc-cleaner.txt
2014-07-15 00:00 - 2014-07-15 00:00 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Bruno\Downloads\sc-cleaner.exe
2014-07-14 23:11 - 2014-07-14 23:11 - 00000625 _____ () C:\Users\Bruno\Desktop\JRT.txt
2014-07-14 22:51 - 2014-07-14 22:51 - 00000000 ____D () C:\Windows\ERUNT
2014-07-14 22:50 - 2014-07-14 22:50 - 01016261 _____ (Thisisu) C:\Users\Bruno\Downloads\JRT.exe
2014-07-14 22:25 - 2014-07-15 00:30 - 00022771 _____ () C:\Users\Bruno\Downloads\FRST.txt
2014-07-14 22:25 - 2014-07-15 00:30 - 00000000 ____D () C:\FRST
2014-07-14 22:25 - 2014-07-14 22:26 - 00037605 _____ () C:\Users\Bruno\Downloads\Addition.txt
2014-07-14 22:24 - 2014-07-14 22:24 - 02086912 _____ (Farbar) C:\Users\Bruno\Downloads\FRST64.exe
2014-07-14 22:16 - 2014-07-14 23:59 - 00014293 ____N () C:\Windows\WindowsUpdate.log
2014-07-14 22:08 - 2014-07-14 22:13 - 00000000 ____D () C:\AdwCleaner
2014-07-14 22:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-14 22:07 - 2014-07-14 22:07 - 01348263 _____ () C:\Users\Bruno\Downloads\adwcleaner_3.215.exe
2014-07-14 22:03 - 2014-07-14 22:03 - 00130142 _____ () C:\Users\Bruno\Documents\cc_20140714_220319.reg
2014-07-14 22:02 - 2014-07-14 22:02 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-14 22:02 - 2014-07-14 22:02 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-14 22:02 - 2014-07-14 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-14 22:02 - 2014-07-14 22:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-14 22:01 - 2014-07-14 22:01 - 03736040 _____ (Piriform Ltd) C:\Users\Bruno\Downloads\ccsetup415_slim.exe
2014-07-14 21:47 - 2014-07-14 21:49 - 00000000 ____D () C:\Users\Bruno\Desktop\Alte Firefox-Daten
2014-07-14 21:43 - 2014-07-14 21:43 - 00128815 _____ () C:\Users\Bruno\Desktop\bookmarks-2014-07-14.json
2014-07-14 21:23 - 2014-07-14 23:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 21:23 - 2014-07-14 21:23 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-14 21:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-14 21:23 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-14 21:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-14 21:22 - 2014-07-14 21:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bruno\Downloads\Malwarebytes_Anti_Malware_v2.0.2.exe
2014-07-14 21:16 - 2014-07-14 21:16 - 00324937 _____ () C:\Users\Bruno\AppData\Local\census.cache
2014-07-14 21:16 - 2014-07-14 21:16 - 00116338 _____ () C:\Users\Bruno\AppData\Local\ars.cache
2014-07-14 21:02 - 2014-07-14 21:02 - 00000036 _____ () C:\Users\Bruno\AppData\Local\housecall.guid.cache
2014-07-14 21:01 - 2014-07-14 21:01 - 02405664 _____ (Trend Micro Inc.) C:\Users\Bruno\Downloads\HousecallLauncher64.exe
2014-07-14 20:38 - 2014-07-14 20:59 - 70873088 _____ () C:\Users\Bruno\Downloads\eav_nt64_enu.msi
2014-07-14 19:15 - 2014-07-14 23:34 - 00003314 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-07-14 19:07 - 2014-07-14 19:07 - 00000000 ____D () C:\Program Files (x86)\Isis
2014-07-14 16:41 - 2014-07-14 16:41 - 00047408 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\isis.sys
2014-07-11 15:08 - 2014-07-11 15:08 - 32632278 _____ ( ) C:\Users\Bruno\Downloads\K-Lite_Codec_Pack_1060_Mega.exe
2014-07-11 10:28 - 2014-07-02 21:18 - 756467665 ____N () C:\Users\Bruno\Downloads\Fack.ju.Goehte.2013.German.DTS.1080p.BluRay.x264-iNCEPTiON.mkv
2014-07-09 22:19 - 2014-07-14 23:34 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-09 21:43 - 2014-07-09 21:43 - 00000000 ____D () C:\Users\Bruno\Downloads\AllLocations
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\OpenVPN Technologies
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 ____D () C:\Users\Bruno\AppData\Local\OpenVPN Technologies
2014-07-09 21:36 - 2014-07-09 21:41 - 00000000 ____D () C:\Program Files (x86)\OpenVPN Technologies
2014-07-09 08:10 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 08:10 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 08:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 08:10 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 08:10 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 08:10 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 08:10 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 08:10 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 08:10 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 08:10 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 08:10 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 08:10 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 08:10 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 08:10 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 08:10 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 08:10 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 08:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 08:10 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 08:10 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 08:10 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 08:10 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 08:10 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 08:10 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 08:10 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 08:10 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 08:10 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 08:10 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 08:10 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 08:10 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 08:10 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 08:10 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 08:10 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 08:10 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 08:10 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 08:10 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 08:10 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 08:10 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 08:10 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 08:10 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 08:10 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 08:10 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 08:10 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 08:10 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 08:10 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 08:10 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 08:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 08:10 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 08:10 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 08:10 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 08:10 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 08:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 08:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 08:10 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 08:10 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 08:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 08:10 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 08:01 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 08:01 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 07:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 07:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 07:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 07:58 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 07:58 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 07:58 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 07:58 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 07:58 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 07:58 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 07:35 - 2014-07-09 07:35 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 20:01 - 2014-07-08 20:01 - 00022528 _____ () C:\Users\Bruno\Desktop\Handys.xls
2014-07-07 08:31 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-07 08:31 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-06 19:16 - 2014-07-06 19:16 - 00000000 ___HD () C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-07-06 17:05 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-07-06 17:05 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-07-06 17:05 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-07-06 17:05 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-07-06 17:05 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-07-06 17:05 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-06 17:05 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-07-06 17:05 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-07-06 17:05 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-07-06 17:05 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-07-06 17:05 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-07-06 17:05 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-07-06 17:05 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-07-06 17:05 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-07-06 17:05 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-07-06 17:05 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-07-06 17:04 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-07-06 17:04 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-07-06 07:26 - 2014-07-06 07:26 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2014-06-29 23:57 - 2014-06-29 23:57 - 00000982 _____ () C:\Users\Bruno\Desktop\1C-1.txt
2014-06-27 23:42 - 2014-06-27 23:42 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\PDF Architect 2
2014-06-26 19:44 - 2014-06-26 19:44 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-26 19:43 - 2014-07-14 22:02 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-06-26 19:43 - 2014-06-26 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-26 19:43 - 2014-04-25 17:44 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-06-26 19:43 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-06-26 19:43 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-06-26 19:43 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-06-26 19:43 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-06-26 19:43 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-06-26 19:43 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-06-25 09:40 - 2014-06-25 09:40 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-06-17 21:19 - 2014-07-10 22:21 - 00000000 ____D () C:\Users\Bruno\Downloads\Neuer Ordner

==================== One Month Modified Files and Folders =======

2014-07-15 00:30 - 2014-07-14 22:25 - 00022771 _____ () C:\Users\Bruno\Downloads\FRST.txt
2014-07-15 00:30 - 2014-07-14 22:25 - 00000000 ____D () C:\FRST
2014-07-15 00:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-07-15 00:19 - 2013-11-19 02:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-15 00:17 - 2014-01-21 21:17 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-15 00:03 - 2014-07-15 00:03 - 02347384 _____ (ESET) C:\Users\Bruno\Downloads\esetsmartinstaller_deu.exe
2014-07-15 00:03 - 2014-07-15 00:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-15 00:03 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-15 00:03 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-15 00:01 - 2014-07-15 00:00 - 00001796 _____ () C:\sc-cleaner.txt
2014-07-15 00:00 - 2014-07-15 00:00 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Bruno\Downloads\sc-cleaner.exe
2014-07-14 23:59 - 2014-07-14 22:16 - 00014293 ____N () C:\Windows\WindowsUpdate.log
2014-07-14 23:57 - 2014-03-28 01:06 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000UA.job
2014-07-14 23:34 - 2014-07-14 21:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 23:34 - 2014-07-14 19:15 - 00003314 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-07-14 23:34 - 2014-07-09 22:19 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-14 23:34 - 2014-05-15 05:50 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-07-14 23:34 - 2014-05-15 05:50 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-07-14 23:34 - 2014-01-25 10:35 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-14 23:34 - 2014-01-21 21:31 - 00000000 ___RD () C:\Users\Bruno\Dropbox
2014-07-14 23:34 - 2014-01-21 21:30 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\DropboxMaster
2014-07-14 23:34 - 2014-01-21 21:28 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\Dropbox
2014-07-14 23:34 - 2014-01-21 21:17 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-14 23:34 - 2013-11-19 02:37 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-07-14 23:34 - 2013-11-19 02:37 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-07-14 23:34 - 2013-11-19 02:31 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-07-14 23:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-14 23:14 - 2011-02-11 12:22 - 01651876 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-14 23:14 - 2010-11-21 08:50 - 00703918 _____ () C:\Windows\system32\perfh007.dat
2014-07-14 23:14 - 2010-11-21 08:50 - 00151042 _____ () C:\Windows\system32\perfc007.dat
2014-07-14 23:11 - 2014-07-14 23:11 - 00000625 _____ () C:\Users\Bruno\Desktop\JRT.txt
2014-07-14 22:51 - 2014-07-14 22:51 - 00000000 ____D () C:\Windows\ERUNT
2014-07-14 22:50 - 2014-07-14 22:50 - 01016261 _____ (Thisisu) C:\Users\Bruno\Downloads\JRT.exe
2014-07-14 22:26 - 2014-07-14 22:25 - 00037605 _____ () C:\Users\Bruno\Downloads\Addition.txt
2014-07-14 22:24 - 2014-07-14 22:24 - 02086912 _____ (Farbar) C:\Users\Bruno\Downloads\FRST64.exe
2014-07-14 22:13 - 2014-07-14 22:08 - 00000000 ____D () C:\AdwCleaner
2014-07-14 22:07 - 2014-07-14 22:07 - 01348263 _____ () C:\Users\Bruno\Downloads\adwcleaner_3.215.exe
2014-07-14 22:03 - 2014-07-14 22:03 - 00130142 _____ () C:\Users\Bruno\Documents\cc_20140714_220319.reg
2014-07-14 22:02 - 2014-07-14 22:02 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-14 22:02 - 2014-07-14 22:02 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-14 22:02 - 2014-07-14 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-14 22:02 - 2014-07-14 22:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-14 22:02 - 2014-06-26 19:43 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-07-14 22:01 - 2014-07-14 22:01 - 03736040 _____ (Piriform Ltd) C:\Users\Bruno\Downloads\ccsetup415_slim.exe
2014-07-14 21:49 - 2014-07-14 21:47 - 00000000 ____D () C:\Users\Bruno\Desktop\Alte Firefox-Daten
2014-07-14 21:43 - 2014-07-14 21:43 - 00128815 _____ () C:\Users\Bruno\Desktop\bookmarks-2014-07-14.json
2014-07-14 21:30 - 2011-02-11 19:13 - 00000000 ____D () C:\Windows\panther
2014-07-14 21:23 - 2014-07-14 21:23 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-14 21:22 - 2014-07-14 21:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bruno\Downloads\Malwarebytes_Anti_Malware_v2.0.2.exe
2014-07-14 21:16 - 2014-07-14 21:16 - 00324937 _____ () C:\Users\Bruno\AppData\Local\census.cache
2014-07-14 21:16 - 2014-07-14 21:16 - 00116338 _____ () C:\Users\Bruno\AppData\Local\ars.cache
2014-07-14 21:02 - 2014-07-14 21:02 - 00000036 _____ () C:\Users\Bruno\AppData\Local\housecall.guid.cache
2014-07-14 21:01 - 2014-07-14 21:01 - 02405664 _____ (Trend Micro Inc.) C:\Users\Bruno\Downloads\HousecallLauncher64.exe
2014-07-14 20:59 - 2014-07-14 20:38 - 70873088 _____ () C:\Users\Bruno\Downloads\eav_nt64_enu.msi
2014-07-14 20:57 - 2014-01-21 21:32 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\Skype
2014-07-14 19:07 - 2014-07-14 19:07 - 00000000 ____D () C:\Program Files (x86)\Isis
2014-07-14 19:07 - 2014-04-29 19:42 - 00000000 ____D () C:\Program Files (x86)\Addon Enabler
2014-07-14 16:41 - 2014-07-14 16:41 - 00047408 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\isis.sys
2014-07-14 14:42 - 2014-01-21 22:19 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-07-14 14:08 - 2014-03-28 01:06 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000Core.job
2014-07-11 20:50 - 2014-03-29 19:45 - 00041472 _____ () C:\Users\Bruno\Desktop\Feste Ausgaben.xls
2014-07-11 15:08 - 2014-07-11 15:08 - 32632278 _____ ( ) C:\Users\Bruno\Downloads\K-Lite_Codec_Pack_1060_Mega.exe
2014-07-11 10:38 - 2014-01-21 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-11 10:38 - 2014-01-21 23:49 - 00000000 ____D () C:\Program Files\DivX
2014-07-11 10:38 - 2014-01-21 23:49 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-11 10:38 - 2014-01-21 23:47 - 00000000 ____D () C:\ProgramData\DivX
2014-07-11 03:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-11 03:20 - 2009-07-14 06:45 - 00299024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 03:18 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 03:18 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 03:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 03:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 03:02 - 2014-01-21 22:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 03:01 - 2014-01-21 22:18 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 22:21 - 2014-06-17 21:19 - 00000000 ____D () C:\Users\Bruno\Downloads\Neuer Ordner
2014-07-10 20:30 - 2014-01-21 21:39 - 00024576 _____ () C:\Users\Bruno\Desktop\Benzin.xls
2014-07-09 22:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-09 21:43 - 2014-07-09 21:43 - 00000000 ____D () C:\Users\Bruno\Downloads\AllLocations
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\OpenVPN Technologies
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 ____D () C:\Users\Bruno\AppData\Local\OpenVPN Technologies
2014-07-09 21:41 - 2014-07-09 21:36 - 00000000 ____D () C:\Program Files (x86)\OpenVPN Technologies
2014-07-09 07:35 - 2014-07-09 07:35 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-09 07:35 - 2013-11-19 02:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 07:35 - 2013-11-19 02:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 23:37 - 2013-11-19 02:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 20:01 - 2014-07-08 20:01 - 00022528 _____ () C:\Users\Bruno\Desktop\Handys.xls
2014-07-06 19:23 - 2014-01-21 21:30 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-06 19:16 - 2014-07-06 19:16 - 00000000 ___HD () C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-07-06 17:04 - 2009-07-14 07:13 - 01596986 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-06 17:00 - 2014-05-15 05:50 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-07-06 17:00 - 2014-05-15 05:50 - 00002972 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-07-06 17:00 - 2014-05-15 05:50 - 00002630 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-07-06 17:00 - 2014-05-15 05:50 - 00001098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-07-06 16:57 - 2014-06-01 19:45 - 00000000 ____D () C:\Program Files (x86)\DictaNet
2014-07-06 16:53 - 2014-01-21 21:17 - 00000000 ____D () C:\Users\Bruno\AppData\Local\Deployment
2014-07-06 07:26 - 2014-07-06 07:26 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2014-07-05 21:32 - 2014-04-25 22:47 - 00000000 ____D () C:\Users\Bruno\Desktop\Tafel
2014-07-04 14:34 - 2014-01-21 21:39 - 00000000 ____D () C:\Users\Bruno\Documents\Eigene Scans
2014-07-02 21:18 - 2014-07-11 10:28 - 756467665 ____N () C:\Users\Bruno\Downloads\Fack.ju.Goehte.2013.German.DTS.1080p.BluRay.x264-iNCEPTiON.mkv
2014-06-30 04:09 - 2014-07-09 08:01 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 08:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 23:57 - 2014-06-29 23:57 - 00000982 _____ () C:\Users\Bruno\Desktop\1C-1.txt
2014-06-27 23:42 - 2014-06-27 23:42 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\PDF Architect 2
2014-06-27 06:29 - 2014-01-21 21:39 - 00004108 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-06-27 06:29 - 2014-01-21 21:39 - 00003492 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-06-27 06:29 - 2014-01-21 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2014-06-26 19:44 - 2014-06-26 19:44 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-26 19:43 - 2014-06-26 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-25 09:44 - 2014-03-28 01:06 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000UA
2014-06-25 09:44 - 2014-03-28 01:06 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000Core
2014-06-25 09:40 - 2014-06-25 09:40 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-06-25 09:40 - 2013-11-19 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-06-20 22:14 - 2014-07-09 08:10 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 08:10 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 08:12 - 2014-01-21 21:17 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 08:12 - 2014-01-21 21:17 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 03:39 - 2014-07-09 08:10 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 08:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 08:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 08:10 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 08:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 08:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 08:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 08:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 08:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 08:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 08:10 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 08:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 08:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 08:10 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 08:10 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 08:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 08:10 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 08:10 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 08:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 08:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 08:10 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 08:10 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 08:10 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 08:10 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 08:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 08:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 08:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 08:10 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 08:10 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 08:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 08:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 08:10 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 08:10 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 08:10 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 08:10 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 08:10 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 08:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 08:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 08:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 08:10 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 08:10 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 08:10 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 08:10 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 08:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 08:10 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 08:10 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 08:10 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 08:10 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 08:10 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 08:10 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 08:10 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 08:10 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 06:56 - 2014-05-15 05:50 - 00001086 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-06-18 06:55 - 2014-06-06 18:37 - 00000310 _____ () C:\BackupLoader.ini
2014-06-18 04:18 - 2014-07-09 07:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 07:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 07:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\Bruno\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdqztnq.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 23:11

==================== End Of Log ============================
--- --- ---

--- --- ---

 

Themen zu Malware & SSL-Fehler
antivirus, ccsetup, detected, downloader, error, explorer, firefox, google, ics, internet, internet explorer, kaspersky, malware, malwarebytes, microsoft, mozilla, namen, neu, notebook, problem, software, system, temp, trojaner, werbung, windows


« Win7 mit sehr hoher CPU-Auslastung und div. Flashplayerproblemen | Wie kann ich Thicknice und Quick Start entfernen? »


Ähnliche Themen: Malware & SSL-Fehler


  1. Ständiger Internet abbruch - Fehler im System oder Malware?
    Plagegeister aller Art und deren Bekämpfung - 05.08.2015 (9)
  2. rpcss.dll von Malwarebytes als Malware erkannt. Fehler oder akute bedrohung?
    Plagegeister aller Art und deren Bekämpfung - 26.04.2015 (15)
  3. Windows7: Fehler in C:\windows\system32\explorerframe.dll (nach Verwendung des Malwarebytes Anti-Malware-Scanner)
    Plagegeister aller Art und deren Bekämpfung - 06.04.2015 (25)
  4. Malware & SSL-Fehler
    Log-Analyse und Auswertung - 23.07.2014 (16)
  5. Viele Fehler mit Malwarebites Anti-Malware gefunden
    Log-Analyse und Auswertung - 21.07.2014 (43)
  6. Ereignissprotokolle fehler nach Malware
    Plagegeister aller Art und deren Bekämpfung - 06.01.2014 (13)
  7. Pc neu Instaliert / fehler bleiben / Malware gefunden / PC brutal langsam
    Plagegeister aller Art und deren Bekämpfung - 19.09.2013 (14)
  8. Unerkannte Malware & CHKDSK Main.dbd fehler
    Log-Analyse und Auswertung - 05.08.2013 (9)
  9. DLL-Fehler nach Polizei-Malware Entfernung mit Kaspersky Rescue Disk 10
    Log-Analyse und Auswertung - 07.11.2012 (10)
  10. Malware + verschiedene Fehler im System
    Log-Analyse und Auswertung - 25.12.2010 (7)
  11. Malware, kritischer Fehler
    Plagegeister aller Art und deren Bekämpfung - 12.08.2010 (20)
  12. RUNDLL - Fehler beim Laden der colonfig.dll (Malware?)
    Plagegeister aller Art und deren Bekämpfung - 30.07.2010 (4)
  13. Rundll Fehler nach entfernen von Anti Malware Doctor
    Plagegeister aller Art und deren Bekämpfung - 14.06.2010 (3)
  14. Rundll Fehler Anti Malware Doctor
    Plagegeister aller Art und deren Bekämpfung - 13.06.2010 (1)
  15. Mehrere Malware Einträge, Run DLL Fehler, \DWWIzoom.dll kann nicht ausgeführt werden
    Log-Analyse und Auswertung - 12.01.2010 (2)
  16. Malware oder Sonstige Fehler
    Log-Analyse und Auswertung - 07.11.2008 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Malware & SSL-Fehler - Hallöchen. Ich sitze seit 4 Stunden vor meinem Notebook und habe eigentlich schon alles getan, was mir von selbst eingefallen ist, um folgendes Problem zu lösen: 1. Ich wollte heute - Malware & SSL-Fehler...
Archiv
Du betrachtest: Malware & SSL-Fehler auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19