Malware & SSL-Fehler

kofferradio · 14.07.2014, 23:36

Hallöchen.

Ich sitze seit 4 Stunden vor meinem Notebook und habe eigentlich schon alles getan, was mir von selbst eingefallen ist, um folgendes Problem zu lösen:

1. Ich wollte heute gegen 19 Uhr auf meine Onlinebankingseite via Mozialla zugreifen und stolperte dort über diese Meldung: ssl_error_rx_malformed_alert

Diese Meldung begleitete mich auch bei Facebook und anderen Seiten.

Im IE und Chrome hatte ich das gleiche Problem.

2. Als ich dann eine Seite ohne HTTPS aufrief, wurde ich massiv mit Werbung zugebombt. Die Geschwindigkeit lag bei gefühlten 56k, da nur noch Werbebanner auf den Seiten geladen wurden.

3. Glary Utilities und Kaspersky Antivirus haben nichts gefunden

4. Trendmicro Housecall hat mir dann einen Trojaner mit dem Namen TROJ_SPNR der an einer Datei der Mysearchdial.exe hing --- ich hab es entfernt

5. Da ich schonmal auf einem anderen System mit dieser Exe konfrontiert war, habe ich dann Malwarebytes durchlaufen lassen, hier das Protokoll:

PHP-Code:

  Malwarebytes Anti-Malware

www.malwarebytes.org

 
Scan Date: 14.07.2014

Scan Time: 21:23:40

Logfile: 

Administrator: Yes

 
Version: 2.00.2.1012

Malware Database: v2014.07.14.10

Rootkit Database: v2014.07.09.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 
OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Bruno

 
Scan Type: Threat Scan

Result: Completed

Objects Scanned: 284948

Time Elapsed: 5 min, 9 sec

 
Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 
Processes: 1

PUP.Optional.UniversalUpdater.A, C:\Program Files (x86)\Universal Updater\UpdaterService.exe, 2960, Delete-on-Reboot, [373b5f406417dd59f08c59049c6545bb]

 
Modules: 0

(No malicious items detected)

 
Registry Keys: 62

PUP.Optional.UniversalUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UniversalUpdater, Quarantined, [373b5f406417dd59f08c59049c6545bb], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\APPID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}, Quarantined, [ea88c3dc3843c3739970ed9fbc4658a8], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}, Quarantined, [ea88c3dc3843c3739970ed9fbc4658a8], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\mysearchdial.mysearchdialHlpr.1, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\mysearchdial.mysearchdialHlpr, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\mysearchdial.mysearchdialHlpr, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\mysearchdial.mysearchdialHlpr.1, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 

PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 

PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0400EBCA-042C-4000-AA89-9713FBEDB671}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0BD19251-4B4B-4B94-AB16-617106245BB7}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{44B29DDD-CF7A-454A-A275-A322A398D93F}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B2DB115C-8278-4947-9A07-57B53D1C4215}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{B97FC455-DB33-431D-84DB-6F1514110BD5}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E72E9312-0367-4216-BFC7-21485FA8390B}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{FBC322D5-407E-4854-8C0B-555B951FD8E3}, Quarantined, [cda52a7584f768ce85ea08849e64ff01], 

PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [551df7a86c0ff244e2d7450db44eff01], 

PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [9ed4603f3b40ce68fdbde27034cee51b], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}, Quarantined, [9ed4603f3b40ce68fdbde27034cee51b], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}, Quarantined, [a5cd564988f3a88e5f61a7e408fa24dc], 

PUP.Optional.HDStreamer, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E6062A33-016E-4BDA-A6F1-890D989F8656}, Quarantined, [571b0e919ae1e84efd001f37a85a36ca], 

PUP.Optional.HDStreamer.A, HKLM\SOFTWARE\HD Streamer, Quarantined, [aac89f00fb802412c4ac15a51fe30ff1], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\iagcajndpnfncplednpbnkahadegklfa, Quarantined, [0a68bce3f08ba690207d656c1de5eb15], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\iagcajndpnfncplednpbnkahadegklfa, Quarantined, [9ed4ffa083f85fd76d30775a659d7987], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLCORE\mysearchdial, Quarantined, [3e34029dc4b7d363aa517a7d59aad030], 

PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\mysearchdial, Quarantined, [581a386756259b9ba5fbae4bf70cf50b], 

PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\mysearchdial.com, Quarantined, [6c065a45accfb28401a030c9867de61a], 

PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\iagcajndpnfncplednpbnkahadegklfa, Quarantined, [2151742bd7a42e08dec07061fa08b050], 

PUP.Optional.InstallCore.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [9cd63867e69571c5f7a30cd6659dbc44], 

PUP.Optional.MySearchDial.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\mysearchdial, Quarantined, [b0c2633c0a712016e275f00ddd261ae6], 

PUP.Optional.InstallCore.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [155d5748aad174c24c5321d7b94a6d93], 

PUP.Optional.Softonic.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [d49e3a654f2cdf5700a1d4fd0df51ee2], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\mysearchdial.mysearchdialappCore.1, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\mysearchdial.mysearchdialappCore, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\mysearchdial.mysearchdialappCore, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\mysearchdial.mysearchdialappCore.1, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\m, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\m, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

 
Registry Values: 2

PUP.Optional.UniversalUpdater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UNIVERSALUPDATER|ImagePath, C:\Program Files (x86)\Universal Updater\UpdaterService.exe, Quarantined, [e9899f00215a96a037121ac5c73b867a]

PUP.Optional.InstallCore.A, HKU\S-1-5-21-3516113746-2983845494-3256310852-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0A2O1C1R1H2Z1S1G1M1F, Quarantined, [155d5748aad174c24c5321d7b94a6d93]

 
Registry Data: 1

PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://start.mysearchdial.com/?f=1&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=, Good: (www.google.com), Bad: (hxxp://start.mysearchdial.com/?f=1&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=),Replaced,[f37ffca3d4a792a4d9e6801f758f9b65]

 
Folders: 10

PUP.Optional.UniversalUpdater.A, C:\Program Files (x86)\Universal Updater, Delete-on-Reboot, [7200801f4e2db4822d1bc7189b67f20e], 

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\mysearchdial, Quarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\mysearchdial\icons_2.20.1.0, Quarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProc, Quarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 

PUP.Optional.Conduit.A, C:\Users\Bruno\AppData\Local\Temp\ct3288691, Quarantined, [bbb7831cadce56e03b6d524dd42e837d], 

PUP.Optional.Conduit.A, C:\Users\Bruno\AppData\Local\Temp\ct3297265, Quarantined, [5f13aff0e9920e28e2c6623d887aad53], 

PUP.Optional.Conduit.A, C:\Users\Bruno\AppData\Local\Temp\ct3297861, Quarantined, [adc5465988f33bfb82262b745aa85ba5], 

PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

 
Files: 69

PUP.Optional.UniversalUpdater.A, C:\Program Files (x86)\Universal Updater\UpdaterService.exe, Delete-on-Reboot, [373b5f406417dd59f08c59049c6545bb], 

PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll, Quarantined, [8be7b2eddd9e5cda0ab4e4a70200ee12], 

PUP.Optional.MySearchDial.A, C:\WINDOWS\System32\Tasks\MySearchDial, Quarantined, [9cd6c0df3744c96da5d65b6423dfb050], 

PUP.Optional.MySearchDial.A, C:\WINDOWS\Tasks\MySearchDial.job, Quarantined, [9cd6544b413a76c0c675338e9c6653ad], 

PUP.Optional.Speedial.A, C:\Users\Bruno\AppData\Local\speedial.crx, Quarantined, [f37f851a25567eb8e318e0eb34ce8c74], 

PUP.Optional.UniversalUpdater.A, C:\Program Files (x86)\Universal Updater\settings.json, Quarantined, [7200801f4e2db4822d1bc7189b67f20e], 

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProc\config.dat, Quarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProc\info.dat, Quarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProc\STTL.DAT, Quarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\mysearchdial\UpdateProc\TTL.DAT, Quarantined, [bfb3c8d7de9d6fc73ce7bce322e0e917], 

PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\FavIcon.ico, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialApp.dll, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialEng.dll, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\Sqlite3.dll, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, C:\Program Files (x86)\Mysearchdial\1.8.29.0\uninst.dat, Quarantined, [f47e653a7a0150e63256782816ecf10f], 

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.AL", 2);), Replaced,[284a0f9097e4ab8bd289a32c917349b7]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.aflt", "ir_14_16_ff");), Replaced,[a4cecfd0f98244f266f57d5230d43ec2]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Replaced,[076b2e71017aa78f1249735c24e0aa56]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q");), Replaced,[80f24f50097248ee5b007a5554b0e51b]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.cr", "1680039074");), Replaced,[91e1900fea9170c68fcc2ba460a4748c]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dfltLng", "");), Replaced,[056da7f87506c47296c52ca35fa59070]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dfltSrch", true);), Replaced,[bdb5128d4b30053190cb4e81d82cbe42]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dnsErr", true);), Replaced,[39396e310c6f2610b2a94e81d133b14f]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.excTlbr", false);), Replaced,[6909346b91ea3df9b8a38748e024fd03]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpg", true);), Replaced,[a6cc8e116c0f4ee8aab11cb3fb09718f]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=");), Replaced,[92e0346b0d6eb086d18a9e3163a1926e]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.id", "74867A530B4568EB");), Replaced,[84ee1b84423957dfa4b725aa53b1f50b]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.instlDay", "16178");), Replaced,[dc96aff0413a90a669f2844b39cb7d83]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.instlRef", "140305_a");), Replaced,[c5ad405f92e9e6508ccf3d9263a145bb]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=");), Replaced,[c1b1306f83f880b6d487705f11f338c8]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Replaced,[a1d18c13fd7ec274203b5778f90b01ff]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Replaced,[e78b930c0c6f2016aab1943bde260df3]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Replaced,[e191aff0f487f93d3625ce012fd543bd]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.tlbrId", "base");), Replaced,[a9c9a0ffb2c9f83e1b40834c46beb848]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=&q=");), Replaced,[d49e7e219eddae88015ac50a2cd808f8]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");), Replaced,[d0a2b3ecc4b792a4a0bb3e9106fe8080]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");), Replaced,[90e2841b4734aa8c88d32ba4b74d26da]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.newTab", false);), Replaced,[3d35c8d75229e353f16ae9e60301cc34]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Replaced,[1f539807a1daab8b8dce15ba1fe5ea16]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\prefs.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.022:4:41");), Replaced,[c4ae742b9edd3ef8bba048878381e61a]

PUP.Optional.MySearch.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.aflt", "ir_14_16_ff");), Replaced,[1f53207f84f758de3122d2fd4db71ee2]

PUP.Optional.MySearch.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.instlRef", "140305_a");), Replaced,[274b326d9dde181e57fca02f8282956b]

PUP.Optional.MySearch.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.cr", "1680039074");), Replaced,[452d2a75205b3df9460d715e8c78cf31]

PUP.Optional.MySearch.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q");), Replaced,[a5cda9f6a4d757dfdf748e41986c6a96]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpg", true);), Replaced,[9bd7dbc4265585b1e07ca6290ef6867a]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=");), Replaced,[51214659b4c73df9ed6fba154db703fd]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dfltSrch", true);), Replaced,[8be77b2492e9b87e451711bea262d729]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Replaced,[2f436b340f6c5bdb3329eae5e42053ad]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dnsErr", true);), Replaced,[89e97d222c4f2d09e27aa02f71937888]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.newTab", false);), Replaced,[5121ffa0d8a339fd84d8fcd316eeda26]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=");), Replaced,[8ae81c83205b0c2a5507a72859ab6799]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=ir_14_16_ff&cd=2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q&cr=1680039074&ir=&q=");), Replaced,[383a5748b4c7f83eacb047888a7a8878]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.id", "74867A530B4568EB");), Replaced,[a8caddc224579e9896c6a22d679dc33d]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.instlDay", "16178");), Replaced,[4f23603f1566a98db8a42ba41aeaa55b]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");), Replaced,[c4aebbe45526bf77cd8f329de222e11f]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");), Replaced,[4f23cdd2b5c6e452a0bcfad549bb669a]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.022:4:41");), Replaced,[c0b2b6e95c1f58dec29a0cc305ffe41c]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Replaced,[8ae8f8a70a71d264c69618b79272ed13]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Replaced,[cfa38a15f3884ee82438d0ff0ef6b947]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.aflt", "ir_14_16_ff");), Replaced,[aac8eab5007b48eeff5df6d99b69619f]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Replaced,[75fd396664176bcb68f4fed118ece11f]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.tlbrId", "base");), Replaced,[1161306f94e7a78fd7853996ce36c43c]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.instlRef", "140305_a");), Replaced,[462ca1fe2259191d86d6933cf80c8c74]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.dfltLng", "");), Replaced,[cea4eab5a4d73afc2438dbf4689c7e82]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Replaced,[7df5811ea6d52511eb71def1ea1a9c64]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.excTlbr", false);), Replaced,[87eb633c037835011b41d4fb56aedd23]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.cr", "1680039074");), Replaced,[2a48f3ac4e2d73c3a4b8b11e4db78a76]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyByEzzyCyB0AyDtAtD0ByEyDyCzz0E0BtN0D0Tzu0SzztAzytN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtBtC0DtC0AtByBtGtDtB0AyEtGtDtC0DzytG0Czy0C0CtGtA0ByCyEyBtCtB0E0EtCzz0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0B0D0BtCtAzz0DtG0BtAzz0FtG0DzzzyyEtGtD0DtA0EtGtAtBtAzyyCtD0CtAyCyCtA0E2Q");), Replaced,[b2c05748374472c4d28a1ab58a7a07f9]

PUP.Optional.MySearchDial.A, C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\cb2dmim4.default\user.js, Good: (), Bad: (user_pref("extensions.mysearchdial.AL", 2);), Replaced,[9bd7d1cea0db74c26cf008c7d03409f7]

 
Physical Sectors: 0

(No malicious items detected)

 
 
(end)

- ich hab das System dann damit gereinigt

6. dennoch immernoch ein Befall vorhanden- Https nicht anwählbar, Werbung blieb

7. CCleaner brachte auch keine Lösung

8. Nun habe ich JRT benutzt, der hat den Rest erledigt.

9. Jetzt habe ich folgende Situation:
Läuft JRT durch und findet nichts mehr, kann ich surfen- ohne Werbung, mit https.
Starte ich den Rechner jedoch neu, ist alles beim Alten. Der SSL-Server ist wieder da und ich werde mit Werbung zugebombt.

10. Gibts noch irgendeine Idee, was ich noch tun kann???

hier noch der letzte FRST-Log:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01
Ran by Bruno (administrator) on BRUNO-PC on 15-07-2014 00:30:18
Running from C:\Users\Bruno\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Validity Sensors, Inc.) C:\WINDOWS\System32\vcsFPService.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\WINDOWS\SysWOW64\irstrtsv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\WINDOWS\System32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\WINDOWS\System32\StikyNot.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\SmartAudio3.exe
(Google Inc.) C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Dropbox, Inc.) C:\Users\Bruno\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
() C:\Program Files (x86)\Isis\isis.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(Intel Corporation) C:\WINDOWS\Temp\irstrtsv\scrncap.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2774864 2013-01-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Dell Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SA3\SACpl.exe [1628288 2011-09-09] (Conexant Systems, Inc.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184112 2012-09-17] (Intel Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-03-05] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [RemoteControl9] => C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2010-10-02] (CyberLink Corp.)
HKLM-x32\...\Run: [PDVD9LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-09-18] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [Isis] => C:\Program Files (x86)\Isis\Isis.exe [330544 2014-07-14] ()
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\Run: [RESTART_STICKY_NOTES] => C:\WINDOWS\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-07-02] (Glarysoft Ltd)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-06-27] (Siber Systems)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\Run: [MusicManager] => C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-3516113746-2983845494-3256310852-1000\...\MountPoints2: {1480661a-ace2-11e3-a954-681729f08920} - F:\LG_PC_Programs.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Bruno\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
BootExecute: autocheck autochk *  

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
SearchScopes: HKLM - DefaultScope {DA206B94-FA80-4EB2-8FC2-483385A471FB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {DA206B94-FA80-4EB2-8FC2-483385A471FB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {DA206B94-FA80-4EB2-8FC2-483385A471FB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=DCJB
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {DA206B94-FA80-4EB2-8FC2-483385A471FB} URL = 
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll (Siber Systems Inc.)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Bruno\AppData\Roaming\Mozilla\Firefox\Profiles\vzlryvn5.default-1405367384393
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Bruno\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Bruno\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2013-11-19]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-21]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: 卡巴斯基網址顧問 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\url_advisor@kaspersky.com [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: 虛擬鍵盤 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: 惡意網站攔截器 - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\FFExt\content_blocker@kaspersky.com [2014-01-25]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014-01-21]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox

Chrome: 
=======
CHR HomePage: 
CHR Extension: (Modul zur Link-Untersuchung) - C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-01-23]
CHR Extension: (Modul zum Sperren von gefährlichen Webseiten) - C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail [2014-01-23]
CHR Extension: (Google Wallet) - C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-21]
CHR Extension: (RoboForm) - C:\Users\Bruno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-02-15]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\urladvisor.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\content_blocker_chrome.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\ChromeExt\virtkbd.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-02-15]

==================== Services (Whitelisted) =================

S2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe [214512 2013-10-17] (Kaspersky Lab ZAO)
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-12] (Conexant Systems, Inc.)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [750904 2013-03-26] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-19] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3388144 2013-04-19] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-03] (Glarysoft Ltd)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [131968 2012-10-30] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1345920 2012-11-06] (Motorola Solutions, Inc.)
R0 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2014-07-06] (Glarysoft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28216 2012-12-04] (Intel Corporation)
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [43800 2013-03-26] (Intel Corporation)
R1 isis; C:\Windows\System32\drivers\isis.sys [47408 2014-07-14] (Windows (R) Win 7 DDK provider)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458336 2014-01-25] (Kaspersky Lab ZAO)
S4 klflt; C:\Windows\System32\DRIVERS\klflt.sys [115296 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [625248 2014-03-25] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29792 2013-10-17] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2014-02-18] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2013-05-14] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178272 2014-01-25] (Kaspersky Lab ZAO)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-04] (STMicroelectronics)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2010-08-03] (The OpenVPN Project)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-15 00:03 - 2014-07-15 00:03 - 02347384 _____ (ESET) C:\Users\Bruno\Downloads\esetsmartinstaller_deu.exe
2014-07-15 00:03 - 2014-07-15 00:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-15 00:00 - 2014-07-15 00:01 - 00001796 _____ () C:\sc-cleaner.txt
2014-07-15 00:00 - 2014-07-15 00:00 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Bruno\Downloads\sc-cleaner.exe
2014-07-14 23:11 - 2014-07-14 23:11 - 00000625 _____ () C:\Users\Bruno\Desktop\JRT.txt
2014-07-14 22:51 - 2014-07-14 22:51 - 00000000 ____D () C:\Windows\ERUNT
2014-07-14 22:50 - 2014-07-14 22:50 - 01016261 _____ (Thisisu) C:\Users\Bruno\Downloads\JRT.exe
2014-07-14 22:25 - 2014-07-15 00:30 - 00022771 _____ () C:\Users\Bruno\Downloads\FRST.txt
2014-07-14 22:25 - 2014-07-15 00:30 - 00000000 ____D () C:\FRST
2014-07-14 22:25 - 2014-07-14 22:26 - 00037605 _____ () C:\Users\Bruno\Downloads\Addition.txt
2014-07-14 22:24 - 2014-07-14 22:24 - 02086912 _____ (Farbar) C:\Users\Bruno\Downloads\FRST64.exe
2014-07-14 22:16 - 2014-07-14 23:59 - 00014293 ____N () C:\Windows\WindowsUpdate.log
2014-07-14 22:08 - 2014-07-14 22:13 - 00000000 ____D () C:\AdwCleaner
2014-07-14 22:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-14 22:07 - 2014-07-14 22:07 - 01348263 _____ () C:\Users\Bruno\Downloads\adwcleaner_3.215.exe
2014-07-14 22:03 - 2014-07-14 22:03 - 00130142 _____ () C:\Users\Bruno\Documents\cc_20140714_220319.reg
2014-07-14 22:02 - 2014-07-14 22:02 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-14 22:02 - 2014-07-14 22:02 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-14 22:02 - 2014-07-14 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-14 22:02 - 2014-07-14 22:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-14 22:01 - 2014-07-14 22:01 - 03736040 _____ (Piriform Ltd) C:\Users\Bruno\Downloads\ccsetup415_slim.exe
2014-07-14 21:47 - 2014-07-14 21:49 - 00000000 ____D () C:\Users\Bruno\Desktop\Alte Firefox-Daten
2014-07-14 21:43 - 2014-07-14 21:43 - 00128815 _____ () C:\Users\Bruno\Desktop\bookmarks-2014-07-14.json
2014-07-14 21:23 - 2014-07-14 23:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 21:23 - 2014-07-14 21:23 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-14 21:23 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-14 21:23 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-14 21:23 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-14 21:22 - 2014-07-14 21:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bruno\Downloads\Malwarebytes_Anti_Malware_v2.0.2.exe
2014-07-14 21:16 - 2014-07-14 21:16 - 00324937 _____ () C:\Users\Bruno\AppData\Local\census.cache
2014-07-14 21:16 - 2014-07-14 21:16 - 00116338 _____ () C:\Users\Bruno\AppData\Local\ars.cache
2014-07-14 21:02 - 2014-07-14 21:02 - 00000036 _____ () C:\Users\Bruno\AppData\Local\housecall.guid.cache
2014-07-14 21:01 - 2014-07-14 21:01 - 02405664 _____ (Trend Micro Inc.) C:\Users\Bruno\Downloads\HousecallLauncher64.exe
2014-07-14 20:38 - 2014-07-14 20:59 - 70873088 _____ () C:\Users\Bruno\Downloads\eav_nt64_enu.msi
2014-07-14 19:15 - 2014-07-14 23:34 - 00003314 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-07-14 19:07 - 2014-07-14 19:07 - 00000000 ____D () C:\Program Files (x86)\Isis
2014-07-14 16:41 - 2014-07-14 16:41 - 00047408 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\isis.sys
2014-07-11 15:08 - 2014-07-11 15:08 - 32632278 _____ ( ) C:\Users\Bruno\Downloads\K-Lite_Codec_Pack_1060_Mega.exe
2014-07-11 10:28 - 2014-07-02 21:18 - 756467665 ____N () C:\Users\Bruno\Downloads\Fack.ju.Goehte.2013.German.DTS.1080p.BluRay.x264-iNCEPTiON.mkv
2014-07-09 22:19 - 2014-07-14 23:34 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-09 21:43 - 2014-07-09 21:43 - 00000000 ____D () C:\Users\Bruno\Downloads\AllLocations
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\OpenVPN Technologies
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 ____D () C:\Users\Bruno\AppData\Local\OpenVPN Technologies
2014-07-09 21:36 - 2014-07-09 21:41 - 00000000 ____D () C:\Program Files (x86)\OpenVPN Technologies
2014-07-09 08:10 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 08:10 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 08:10 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 08:10 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 08:10 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 08:10 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 08:10 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 08:10 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 08:10 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 08:10 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 08:10 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 08:10 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 08:10 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 08:10 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 08:10 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 08:10 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 08:10 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 08:10 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 08:10 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 08:10 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 08:10 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 08:10 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 08:10 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 08:10 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 08:10 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 08:10 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 08:10 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 08:10 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 08:10 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 08:10 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 08:10 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 08:10 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 08:10 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 08:10 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 08:10 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 08:10 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 08:10 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 08:10 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 08:10 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 08:10 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 08:10 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 08:10 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 08:10 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 08:10 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 08:10 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 08:10 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 08:10 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 08:10 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 08:10 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 08:10 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 08:10 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 08:10 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 08:10 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 08:10 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 08:10 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 08:10 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 08:01 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 08:01 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 07:59 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 07:59 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 07:59 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 07:58 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 07:58 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 07:58 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 07:58 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 07:58 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 07:58 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 07:58 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 07:58 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 07:35 - 2014-07-09 07:35 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 20:01 - 2014-07-08 20:01 - 00022528 _____ () C:\Users\Bruno\Desktop\Handys.xls
2014-07-07 08:31 - 2014-01-09 04:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-07 08:31 - 2014-01-04 00:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-06 19:16 - 2014-07-06 19:16 - 00000000 ___HD () C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-07-06 17:05 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-07-06 17:05 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-07-06 17:05 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-07-06 17:05 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-07-06 17:05 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-07-06 17:05 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-06 17:05 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-07-06 17:05 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-07-06 17:05 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-07-06 17:05 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-07-06 17:05 - 2013-10-02 02:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-07-06 17:05 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-07-06 17:05 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-07-06 17:05 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-07-06 17:05 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-07-06 17:05 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-07-06 17:04 - 2013-09-25 04:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-07-06 17:04 - 2013-09-25 03:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-07-06 07:26 - 2014-07-06 07:26 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2014-06-29 23:57 - 2014-06-29 23:57 - 00000982 _____ () C:\Users\Bruno\Desktop\1C-1.txt
2014-06-27 23:42 - 2014-06-27 23:42 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\PDF Architect 2
2014-06-26 19:44 - 2014-06-26 19:44 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-26 19:43 - 2014-07-14 22:02 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-06-26 19:43 - 2014-06-26 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-26 19:43 - 2014-04-25 17:44 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-06-26 19:43 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-06-26 19:43 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-06-26 19:43 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-06-26 19:43 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-06-26 19:43 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-06-26 19:43 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-06-25 09:40 - 2014-06-25 09:40 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-06-17 21:19 - 2014-07-10 22:21 - 00000000 ____D () C:\Users\Bruno\Downloads\Neuer Ordner

==================== One Month Modified Files and Folders =======

2014-07-15 00:30 - 2014-07-14 22:25 - 00022771 _____ () C:\Users\Bruno\Downloads\FRST.txt
2014-07-15 00:30 - 2014-07-14 22:25 - 00000000 ____D () C:\FRST
2014-07-15 00:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-07-15 00:19 - 2013-11-19 02:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-15 00:17 - 2014-01-21 21:17 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-15 00:03 - 2014-07-15 00:03 - 02347384 _____ (ESET) C:\Users\Bruno\Downloads\esetsmartinstaller_deu.exe
2014-07-15 00:03 - 2014-07-15 00:03 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-15 00:03 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-15 00:03 - 2009-07-14 06:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-15 00:01 - 2014-07-15 00:00 - 00001796 _____ () C:\sc-cleaner.txt
2014-07-15 00:00 - 2014-07-15 00:00 - 00441592 _____ (Bleeping Computer, LLC) C:\Users\Bruno\Downloads\sc-cleaner.exe
2014-07-14 23:59 - 2014-07-14 22:16 - 00014293 ____N () C:\Windows\WindowsUpdate.log
2014-07-14 23:57 - 2014-03-28 01:06 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000UA.job
2014-07-14 23:34 - 2014-07-14 21:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-14 23:34 - 2014-07-14 19:15 - 00003314 _____ () C:\Windows\System32\Tasks\Intel® Rapid Start Technology Manager
2014-07-14 23:34 - 2014-07-09 22:19 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-07-14 23:34 - 2014-05-15 05:50 - 00000334 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2014-07-14 23:34 - 2014-05-15 05:50 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-07-14 23:34 - 2014-01-25 10:35 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-14 23:34 - 2014-01-21 21:31 - 00000000 ___RD () C:\Users\Bruno\Dropbox
2014-07-14 23:34 - 2014-01-21 21:30 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\DropboxMaster
2014-07-14 23:34 - 2014-01-21 21:28 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\Dropbox
2014-07-14 23:34 - 2014-01-21 21:17 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-14 23:34 - 2013-11-19 02:37 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-07-14 23:34 - 2013-11-19 02:37 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-07-14 23:34 - 2013-11-19 02:31 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-07-14 23:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-14 23:14 - 2011-02-11 12:22 - 01651876 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-07-14 23:14 - 2010-11-21 08:50 - 00703918 _____ () C:\Windows\system32\perfh007.dat
2014-07-14 23:14 - 2010-11-21 08:50 - 00151042 _____ () C:\Windows\system32\perfc007.dat
2014-07-14 23:11 - 2014-07-14 23:11 - 00000625 _____ () C:\Users\Bruno\Desktop\JRT.txt
2014-07-14 22:51 - 2014-07-14 22:51 - 00000000 ____D () C:\Windows\ERUNT
2014-07-14 22:50 - 2014-07-14 22:50 - 01016261 _____ (Thisisu) C:\Users\Bruno\Downloads\JRT.exe
2014-07-14 22:26 - 2014-07-14 22:25 - 00037605 _____ () C:\Users\Bruno\Downloads\Addition.txt
2014-07-14 22:24 - 2014-07-14 22:24 - 02086912 _____ (Farbar) C:\Users\Bruno\Downloads\FRST64.exe
2014-07-14 22:13 - 2014-07-14 22:08 - 00000000 ____D () C:\AdwCleaner
2014-07-14 22:07 - 2014-07-14 22:07 - 01348263 _____ () C:\Users\Bruno\Downloads\adwcleaner_3.215.exe
2014-07-14 22:03 - 2014-07-14 22:03 - 00130142 _____ () C:\Users\Bruno\Documents\cc_20140714_220319.reg
2014-07-14 22:02 - 2014-07-14 22:02 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-07-14 22:02 - 2014-07-14 22:02 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-07-14 22:02 - 2014-07-14 22:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-14 22:02 - 2014-07-14 22:02 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-14 22:02 - 2014-06-26 19:43 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-07-14 22:01 - 2014-07-14 22:01 - 03736040 _____ (Piriform Ltd) C:\Users\Bruno\Downloads\ccsetup415_slim.exe
2014-07-14 21:49 - 2014-07-14 21:47 - 00000000 ____D () C:\Users\Bruno\Desktop\Alte Firefox-Daten
2014-07-14 21:43 - 2014-07-14 21:43 - 00128815 _____ () C:\Users\Bruno\Desktop\bookmarks-2014-07-14.json
2014-07-14 21:30 - 2011-02-11 19:13 - 00000000 ____D () C:\Windows\panther
2014-07-14 21:23 - 2014-07-14 21:23 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-14 21:23 - 2014-07-14 21:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-07-14 21:22 - 2014-07-14 21:22 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Bruno\Downloads\Malwarebytes_Anti_Malware_v2.0.2.exe
2014-07-14 21:16 - 2014-07-14 21:16 - 00324937 _____ () C:\Users\Bruno\AppData\Local\census.cache
2014-07-14 21:16 - 2014-07-14 21:16 - 00116338 _____ () C:\Users\Bruno\AppData\Local\ars.cache
2014-07-14 21:02 - 2014-07-14 21:02 - 00000036 _____ () C:\Users\Bruno\AppData\Local\housecall.guid.cache
2014-07-14 21:01 - 2014-07-14 21:01 - 02405664 _____ (Trend Micro Inc.) C:\Users\Bruno\Downloads\HousecallLauncher64.exe
2014-07-14 20:59 - 2014-07-14 20:38 - 70873088 _____ () C:\Users\Bruno\Downloads\eav_nt64_enu.msi
2014-07-14 20:57 - 2014-01-21 21:32 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\Skype
2014-07-14 19:07 - 2014-07-14 19:07 - 00000000 ____D () C:\Program Files (x86)\Isis
2014-07-14 19:07 - 2014-04-29 19:42 - 00000000 ____D () C:\Program Files (x86)\Addon Enabler
2014-07-14 16:41 - 2014-07-14 16:41 - 00047408 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\isis.sys
2014-07-14 14:42 - 2014-01-21 22:19 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-07-14 14:08 - 2014-03-28 01:06 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000Core.job
2014-07-11 20:50 - 2014-03-29 19:45 - 00041472 _____ () C:\Users\Bruno\Desktop\Feste Ausgaben.xls
2014-07-11 15:08 - 2014-07-11 15:08 - 32632278 _____ ( ) C:\Users\Bruno\Downloads\K-Lite_Codec_Pack_1060_Mega.exe
2014-07-11 10:38 - 2014-01-21 23:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-11 10:38 - 2014-01-21 23:49 - 00000000 ____D () C:\Program Files\DivX
2014-07-11 10:38 - 2014-01-21 23:49 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-11 10:38 - 2014-01-21 23:47 - 00000000 ____D () C:\ProgramData\DivX
2014-07-11 03:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-11 03:20 - 2009-07-14 06:45 - 00299024 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 03:18 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 03:18 - 2010-11-21 09:00 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 03:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 03:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-11 03:02 - 2014-01-21 22:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-11 03:01 - 2014-01-21 22:18 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 22:21 - 2014-06-17 21:19 - 00000000 ____D () C:\Users\Bruno\Downloads\Neuer Ordner
2014-07-10 20:30 - 2014-01-21 21:39 - 00024576 _____ () C:\Users\Bruno\Desktop\Benzin.xls
2014-07-09 22:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-09 21:43 - 2014-07-09 21:43 - 00000000 ____D () C:\Users\Bruno\Downloads\AllLocations
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\OpenVPN Technologies
2014-07-09 21:41 - 2014-07-09 21:41 - 00000000 ____D () C:\Users\Bruno\AppData\Local\OpenVPN Technologies
2014-07-09 21:41 - 2014-07-09 21:36 - 00000000 ____D () C:\Program Files (x86)\OpenVPN Technologies
2014-07-09 07:35 - 2014-07-09 07:35 - 05659136 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-09 07:35 - 2013-11-19 02:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 07:35 - 2013-11-19 02:13 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-08 23:37 - 2013-11-19 02:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-07-08 20:01 - 2014-07-08 20:01 - 00022528 _____ () C:\Users\Bruno\Desktop\Handys.xls
2014-07-06 19:23 - 2014-01-21 21:30 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-06 19:16 - 2014-07-06 19:16 - 00000000 ___HD () C:\Users\Bruno\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2014-07-06 17:04 - 2009-07-14 07:13 - 01596986 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-06 17:00 - 2014-05-15 05:50 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2014-07-06 17:00 - 2014-05-15 05:50 - 00002972 _____ () C:\Windows\System32\Tasks\GU5SkipUAC
2014-07-06 17:00 - 2014-05-15 05:50 - 00002630 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2014-07-06 17:00 - 2014-05-15 05:50 - 00001098 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-07-06 16:57 - 2014-06-01 19:45 - 00000000 ____D () C:\Program Files (x86)\DictaNet
2014-07-06 16:53 - 2014-01-21 21:17 - 00000000 ____D () C:\Users\Bruno\AppData\Local\Deployment
2014-07-06 07:26 - 2014-07-06 07:26 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2014-07-05 21:32 - 2014-04-25 22:47 - 00000000 ____D () C:\Users\Bruno\Desktop\Tafel
2014-07-04 14:34 - 2014-01-21 21:39 - 00000000 ____D () C:\Users\Bruno\Documents\Eigene Scans
2014-07-02 21:18 - 2014-07-11 10:28 - 756467665 ____N () C:\Users\Bruno\Downloads\Fack.ju.Goehte.2013.German.DTS.1080p.BluRay.x264-iNCEPTiON.mkv
2014-06-30 04:09 - 2014-07-09 08:01 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-30 04:04 - 2014-07-09 08:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 23:57 - 2014-06-29 23:57 - 00000982 _____ () C:\Users\Bruno\Desktop\1C-1.txt
2014-06-27 23:42 - 2014-06-27 23:42 - 00000000 ____D () C:\Users\Bruno\AppData\Roaming\PDF Architect 2
2014-06-27 06:29 - 2014-01-21 21:39 - 00004108 _____ () C:\Windows\System32\Tasks\Open URL by RoboForm
2014-06-27 06:29 - 2014-01-21 21:39 - 00003492 _____ () C:\Windows\System32\Tasks\Run RoboForm TaskBar Icon
2014-06-27 06:29 - 2014-01-21 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RoboForm
2014-06-26 19:44 - 2014-06-26 19:44 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-06-26 19:43 - 2014-06-26 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-06-25 09:44 - 2014-03-28 01:06 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000UA
2014-06-25 09:44 - 2014-03-28 01:06 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000Core
2014-06-25 09:40 - 2014-06-25 09:40 - 00000000 ____D () C:\Program Files (x86)\Dell Digital Delivery
2014-06-25 09:40 - 2013-11-19 02:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2014-06-20 22:14 - 2014-07-09 08:10 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 21:39 - 2014-07-09 08:10 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 08:12 - 2014-01-21 21:17 - 00004104 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-20 08:12 - 2014-01-21 21:17 - 00003852 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-19 03:39 - 2014-07-09 08:10 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-19 03:06 - 2014-07-09 08:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-19 03:06 - 2014-07-09 08:10 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-19 02:48 - 2014-07-09 08:10 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-19 02:42 - 2014-07-09 08:10 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-19 02:42 - 2014-07-09 08:10 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-19 02:41 - 2014-07-09 08:10 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-19 02:41 - 2014-07-09 08:10 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-19 02:32 - 2014-07-09 08:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-19 02:31 - 2014-07-09 08:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-19 02:26 - 2014-07-09 08:10 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-19 02:24 - 2014-07-09 08:10 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-19 02:24 - 2014-07-09 08:10 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-19 02:23 - 2014-07-09 08:10 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-19 02:16 - 2014-07-09 08:10 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-19 02:14 - 2014-07-09 08:10 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-19 02:09 - 2014-07-09 08:10 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-19 01:59 - 2014-07-09 08:10 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-19 01:56 - 2014-07-09 08:10 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-19 01:53 - 2014-07-09 08:10 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-19 01:51 - 2014-07-09 08:10 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-19 01:50 - 2014-07-09 08:10 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-19 01:48 - 2014-07-09 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-19 01:39 - 2014-07-09 08:10 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-19 01:38 - 2014-07-09 08:10 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-19 01:37 - 2014-07-09 08:10 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-19 01:36 - 2014-07-09 08:10 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-19 01:35 - 2014-07-09 08:10 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-19 01:33 - 2014-07-09 08:10 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-19 01:32 - 2014-07-09 08:10 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-19 01:28 - 2014-07-09 08:10 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-19 01:28 - 2014-07-09 08:10 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-19 01:27 - 2014-07-09 08:10 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-19 01:27 - 2014-07-09 08:10 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-19 01:25 - 2014-07-09 08:10 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-19 01:23 - 2014-07-09 08:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-19 01:22 - 2014-07-09 08:10 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-19 01:12 - 2014-07-09 08:10 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-19 01:06 - 2014-07-09 08:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-19 01:01 - 2014-07-09 08:10 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-19 00:59 - 2014-07-09 08:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-19 00:58 - 2014-07-09 08:10 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-19 00:58 - 2014-07-09 08:10 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-19 00:52 - 2014-07-09 08:10 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-19 00:51 - 2014-07-09 08:10 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-19 00:49 - 2014-07-09 08:10 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-19 00:46 - 2014-07-09 08:10 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-19 00:45 - 2014-07-09 08:10 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-19 00:35 - 2014-07-09 08:10 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-19 00:34 - 2014-07-09 08:10 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-19 00:15 - 2014-07-09 08:10 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-19 00:13 - 2014-07-09 08:10 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-19 00:09 - 2014-07-09 08:10 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-19 00:07 - 2014-07-09 08:10 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-18 06:56 - 2014-05-15 05:50 - 00001086 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk
2014-06-18 06:55 - 2014-06-06 18:37 - 00000310 _____ () C:\BackupLoader.ini
2014-06-18 04:18 - 2014-07-09 07:59 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-18 03:51 - 2014-07-09 07:59 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-18 03:10 - 2014-07-09 07:59 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

Some content of TEMP:
====================
C:\Users\Bruno\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdqztnq.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 23:11

==================== End Of Log ============================

--- --- ---

--- --- ---

schrauber · 15.07.2014, 06:21

Hi,

Addition.txt fehlt noch.

kofferradio · 15.07.2014, 20:27

Da isser:

Zitat:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2014 01
Ran by Bruno at 2014-07-15 08:10:07
Running from C:\Users\Bruno\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
AMD APP SDK Runtime (Version: 10.0.851.6 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 12.2.0.20305 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{D2EBABAC-7DA0-FAD4-7FAE-8D3C2EA779F3}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
C410 (x32 Version: 140.0.273.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0305.348.6610 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0305.348.6610 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0305.348.6610 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2012.0305.348.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0305.0347.6610 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0305.348.6610 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.29.0 - Conexant)
CyberLink PowerDVD 9.5 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.2.6102 - CyberLink Corp.)
CyberLink PowerDVD 9.5 (x32 Version: 9.5.2.6102 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Custom Help (Version: 15.08.0000.0172 - Intel Corporation) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{D850CB7E-72BC-4510-BA4F-48932BFAB295}) (Version: 2.9.901.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.0.16 - Dell)
Dell Touchpad (HKLM\...\Elantech) (Version: 11.3.5.4 - ELAN Microelectronic Corp.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DigitalPersona Fingerprint Software 6.1 (HKLM\...\{208DCBFA-D02A-426B-865F-312529654438}) (Version: 6.1.0.279 - DigitalPersona, Inc.)
DocProc (x32 Version: 140.0.99.000 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.8.4 - Dropbox, Inc.)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
Fax (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Glary Utilities PRO 5.3 (HKLM-x32\...\Glary Utilities 5) (Version: 5.3.0.8 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{C1164ED0-EF08-4B0B-8084-3BDAEAAEFD8D}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IDroo 1.0.0.186 (HKLM-x32\...\IDroo) (Version: 1.0.0.186 - Iteral Group OÃœ)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.1.1399 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.8.0.0548 - Intel Corporation) Hidden
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{DA2600C1-6BDF-4FD1-1211-148929CC1385}) (Version: 2.6.1211.0294 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software Driver (Version: 15.08.0000.0249 - Intel Corporation) Hidden
Intel(R) Rapid Start Technology (HKLM-x32\...\{3D073343-CEEB-4ce7-85AC-A69A7631B5D6}) (Version: 3.0.0.1031 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless Software (HKLM-x32\...\{deff5bea-aa8c-46fb-b17d-1cc69b242494}) (Version: 15.8.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.08.0000.0172 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{538B98C3-773F-4F20-9C66-802D104DCBE2}) (Version: 1.23.219.2 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{6F6873E3-5C92-4049-B511-231A138DD090}) (Version: 14.0.0.4651 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 14.0.0.4651 - Kaspersky Lab) Hidden
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.14.20140117 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.1.54.0 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.91 - Heiko Schröder)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version: - Google, Inc.)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
ODF Add-In für Microsoft Office (HKLM-x32\...\{2BC21CD2-8053-406A-80F6-9AB61717B49D}) (Version: 4.0.5309.0 - OpenXML/ODF Translator Team)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PowerXpressHybrid (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
PS_AIO_07_C410_SW_Min (x32 Version: 140.0.273.000 - Hewlett-Packard) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
RoboForm 7-9-8-5 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-8-5 - Siber Systems)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shared Add-in Extensibility Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{09959E11-AD5D-408E-96AF-E3346954D6B8}) (Version: 1.0.0 - Microsoft)
Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) (HKLM-x32\...\{64F3B15C-24C7-4B2B-9B72-65CCBBD7F06B}) (Version: 1.0.0 - Microsoft)
Shark007 Standard Codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 1.8.8 - Shark007)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.11.0018 - ST Microelectronics)
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Validity Sensors DDK (HKLM\...\{459CD4B8-A458-4100-91A5-3388354B3F7D}) (Version: 4.3.215.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02266B1E-AE42-45E4-986D-EFB83C1FB6A4} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {08773A47-B4B6-4C5E-A80F-F4100FF46270} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-06-27] (Siber Systems)
Task: {418F8F03-8915-4AE8-833C-A914D4CE07DD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-21] (Google Inc.)
Task: {42E5D396-07C6-42F6-A100-67CEFFA1313C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {52195B84-9BB6-409F-B5D9-F5E043AD75FE} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMPMOMLJPMOJKMKMLJCNJMLMHMJJCNLMOJNMHMCNHMKJIMGMCNNJGMLMLJKJLJOJGMNMPMOMJJJNJICMIMCNGMCNHMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJN PICMOMFMMJBJKJLIMJFMOMKMJMJNHICMOMNMLJPMOMJNBJCMNLNIKIBJAJJNKJCMJNNICMJNDJCMLJKJJNMJCMLMFMKMHMNMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ"
Task: {68CA6E94-DCC5-4566-983D-0DB3A23FCEA0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)
Task: {70D18B67-B940-4505-829B-8257880DC7FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {713F6BC6-59D7-4309-959A-C4378AF2E661} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-21] (Google Inc.)
Task: {85146D88-09FB-4A4F-BF86-F7A28C115AC8} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {A4F417FD-859F-4E97-A05A-D72257D31954} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000Core => C:\Users\Bruno\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-28] (Google Inc.)
Task: {AF86A492-C6AC-405E-8499-4C5EF8C9BAE2} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-07-02] (Glarysoft Ltd)
Task: {C40C0276-1964-45D5-9118-C00583D16D1E} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-07-03] (Glarysoft Ltd)
Task: {C7823A60-2A88-4F75-B060-86ACFAE19D46} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {D4057A45-31EE-4471-8B81-A1E7D8CA63ED} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000UA => C:\Users\Bruno\AppData\Local\Google\Update\GoogleUpdate.exe [2014-03-28] (Google Inc.)
Task: {FE53687D-B76A-44D5-90FB-E284C766E5AD} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2013-03-26] (Intel)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000Core.job => C:\Users\Bruno\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3516113746-2983845494-3256310852-1000UA.job => C:\Users\Bruno\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-19 03:48 - 2012-03-19 12:09 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2013-11-19 02:16 - 2012-01-10 23:36 - 00159360 _____ () C:\Program Files\Conexant\SA3\MaxxAudioWrapper.dll
2013-11-19 02:31 - 2012-01-27 05:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-07-14 16:41 - 2014-07-14 16:41 - 00330544 _____ () C:\Program Files (x86)\Isis\isis.exe
2013-06-17 13:35 - 2013-06-17 13:35 - 00478400 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\dblite.dll
2013-05-08 15:52 - 2013-05-08 15:52 - 01270464 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\kpcengine.2.3.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 10683392 _____ () C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 07741952 _____ () C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 02248192 _____ () C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 01681408 _____ () C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2014-05-15 23:20 - 2014-05-15 23:20 - 00117248 _____ () C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2014-05-15 23:20 - 2014-05-15 23:20 - 00231936 _____ () C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2014-05-15 23:21 - 2014-05-15 23:21 - 00253440 _____ () C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2014-05-15 23:24 - 2014-05-15 23:24 - 00344064 _____ () C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-12-10 23:06 - 2013-12-10 23:06 - 00026624 _____ () C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2014-07-15 08:09 - 2014-07-15 08:09 - 00043008 _____ () c:\users\bruno\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphadzsm.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Bruno\AppData\Roaming\Dropbox\bin\libcef.dll
2014-04-04 10:25 - 2014-04-04 10:25 - 00102400 _____ () C:\Program Files (x86)\Isis\nfapi.dll
2014-06-05 06:41 - 2014-06-05 06:41 - 00331776 _____ () C:\Program Files (x86)\Isis\ProtocolFilters.dll
2014-07-02 11:09 - 2014-07-02 11:09 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Bruno\Desktop\2010-01-01 14.51.57.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Bruno\Desktop\2010-01-01 14.52.02.jpg:com.dropbox.attributes
AlternateDataStreams: C:\Users\Bruno\Desktop\2014-06-30 22.31.17.jpg:com.dropbox.attributes

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart Prem C410 series
Description: Photosmart Prem C410 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/15/2014 08:09:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 02:15:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/15/2014 02:15:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/15/2014 02:15:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/15/2014 02:14:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/15/2014 02:12:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 01:58:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/15/2014 01:58:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/15/2014 01:58:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (07/15/2014 01:58:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

System errors:
=============
Error: (07/15/2014 02:43:49 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/15/2014 02:11:37 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Microsoft Office Sessions:
=========================
Error: (07/15/2014 08:09:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 02:15:09 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Bruno\Downloads\esetsmartinstaller_deu.exe

Error: (07/15/2014 02:15:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Bruno\Downloads\esetsmartinstaller_deu.exe

Error: (07/15/2014 02:15:05 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Bruno\Downloads\esetsmartinstaller_deu.exe

Error: (07/15/2014 02:14:42 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Bruno\Downloads\esetsmartinstaller_deu(1).exe

Error: (07/15/2014 02:12:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/15/2014 01:58:49 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

Error: (07/15/2014 01:58:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Media Foundation Components\DivXPropertyHandler.dll

Error: (07/15/2014 01:58:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Media Foundation Components\DivXThumbnailProvider.dll

Error: (07/15/2014 01:58:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Media Foundation Components\ACMWrapperDMO.dll

CodeIntegrity Errors:
===================================
Date: 2014-07-12 09:34:47.761
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-12 09:34:47.760
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-12 09:34:47.756
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-12 09:34:47.704
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-12 09:33:54.112
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-12 09:33:54.085
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-11 19:48:53.570
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-11 19:48:53.457
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-11 19:48:53.387
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2014-07-11 19:48:53.342
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\WINDOWS\System32\MaxxAudioAPOShell64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Memory info ===========================

Percentage of memory in use: 31%
Total physical RAM: 8067.31 MB
Available physical RAM: 5562.41 MB
Total Pagefile: 16132.8 MB
Available Pagefile: 13409.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:919.71 GB) (Free:828.07 GB) NTFS
Drive e: () (Removable) (Total:3.79 GB) (Free:3.79 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: AA6BA900)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=920 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 8 GB) (Disk ID: AA6BA6CF)
Partition 1: (Not Active) - (Size=8 GB) - (Type=84)

========================================================
Disk: 2 (Size: 4 GB) (Disk ID: CCFF738E)
Partition 1: (Not Active) - (Size=4 GB) - (Type=0B)

==================== End Of Log ============================

Was mich völlig irritiert ist, dass ich nach jedem Neustart das Problem wieder habe. Wenn ich dann JRT ausführe, geht alles wieder wie vorher- ohne jegliche Probleme. Auch wenn JRT mir im Log keine gereinigte Datei anzeigt.

Da scheint irgendwo ein Hijacker oder sowas versteckt zu sein, den ich nicht zu fassen kriege.

Neue Erkenntnis:

Wenn Kaspersky Antivirus aus ist, geht alles.
Sobald ich es aktiviere, sind alle Fehler wieder da.

Die Sache mit kaspersky trifft leider auch nicht immer zu. Mir fällt nichts mehr ein.

und hier noch der Log von hijackthis

HiJackthis Logfile:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:57:32, on 15.07.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Users\Bruno\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\Isis\isis.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avpui.exe
C:\Users\Bruno\Downloads\HiJackThis204.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: RoboForm BHO - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
O4 - HKLM\..\Run: [PDVD9LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [Isis] C:\Program Files (x86)\Isis\Isis.exe
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\WINDOWS\System32\StikyNot.exe
O4 - HKCU\..\Run: [GUDelayStartup] "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
O4 - HKCU\..\Run: [MusicManager] "C:\Users\Bruno\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - Startup: Dropbox.lnk = C:\Users\Bruno\AppData\Roaming\Dropbox\bin\Dropbox.exe
O9 - Extra button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O9 - Extra button: Ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF - Formular ausfüllen - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF - Formular speichern - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Symbolleiste anzeigen - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra 'Tools' menuitem: RF - RoboForm-Leiste ein/aus - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Link-Untersuchung - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\UrlAdvisor\klwtbbho.dll
O9 - Extra button: HP Smart Web Printing ein- oder ausblenden - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: An Bluetooth senden - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: An Bluetooth senden - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.dell.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\avp.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth Media Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: CxUtilSvc - Conexant Systems, Inc. - C:\Program Files\Conexant\SA3\CxUtilSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: @C:\Program Files\DigitalPersona\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-Dienst (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage-Technologie (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Rapid Start Technology Service (irstrtsv) - Intel Corporation - C:\Windows\SysWOW64\irstrtsv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) Turbo Boost Technology Monitor 2.0 (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14207 bytes

--- --- ---

Hoffentlich fällt irgendwem was ein/auf, um mir zu helfen.

Eins noch:

Ich frage mich gerade, was die Datei ISIS.exe hier zu suchen hat.
Wenn ich den Ordner öffne, in dem sie liegt, sehe ich den letzten Zugriff gestern zu der Zeit, als mein System anfing, herum zu zicken. Da gibt es auch einen Ordner namens SSL. Ich hab nur leider keine Ahnung, was ich da nun machen muss.

Lustigerweise funktioniert alles, wenn ich ISIS.exe manuell stoppe. Das habe ich soeben getan.

Dennoch besteht weiteres Interesse meinerseits, zu erfahren, was ich nun noch machen kann.

Ich habe mal den Ordner in den Dateien abfotografiert:
hxxp://s1.directupload.net/images/140715/nkz4k2sw.jpg

und so sieht es dann in dem ordner Isis/isis/ssl aus:
hxxp://s1.directupload.net/images/140715/d7yxp2wp.jpg

schrauber · 16.07.2014, 18:34

hi,

ja die Datei ist das Hauptproblem.

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

15.07.2014, 06:21	#2
schrauber /// the machine /// TB-Ausbilder	Malware & SSL-Fehler Hi, Addition.txt fehlt noch. __________________ __________________

Malware & SSL-Fehler

Log-Analyse und Auswertung: Malware & SSL-Fehler