Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Alt 24.08.2014, 12:11   #1
Frau-M
 
Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen - Standard

Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen



Guten Tag,

Mein Firefox startete nicht. Die Fehlermeldung hieß "der Vorgang wurde aufgrund von aktuellen Beschränkungen auf dem Computer abgebrochen-Wenden sie sich an Ihren Systemadministrator"

Ich hab mich durchs Forum gelesen und Malwarebytes drüber laufen lassen. Nachdem einige Files in Quarantäne geschickt und der Rechner neu gestartet wurde, ist Firefox wieder startbar. Könntet ihr vorsichtshalber mal drüberschauen, ob mein System sonst in Ordnung ist?

Ich habe bereits FRST laufen lassen. Als das durch war, kam die Meldung von F-Secure:
"Anwendung blockiert: mod_frst.exe"
Ich habe die Anwendung wieder zugelassen - und hoffe das ist alles OK so.

Was ich erst später gelesen habe, ist, dass ich Defogger zuerst einsetzen soll. Ähem. Das hab ich jetzt noch nicht getan.

Hier die Log-Dateien

Malwarebytes
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 24.08.2014
Scan Time: 12:00:17
Logfile: mwb_140824.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.24.02
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: *******

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 321321
Time Elapsed: 16 min, 6 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-1208740149-4055697789-2788075998-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [0260a822e8932610683acb3afa098779], 

Registry Values: 1
Security.Hijack, HKU\S-1-5-21-1208740149-4055697789-2788075998-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWRUN|1, firefox.exe, Quarantined, [e280ad1df98258dedf2fbacd020116ea]

Registry Data: 0
(No malicious items detected)

Folders: 7
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\40EEB5432DB8427DB1349DD8F81F863D, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\678D9FED7C4F482DB99F335C720C6959, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\8167A672573E404DB8DE3D5B1283A827, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\OpenCandy_C0481209152C41C79FC37A0C037A84E3, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3288691, Quarantined, [bea4b119ec8fac8a3e7f6f4f2ed49c64], 
PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3297861, Quarantined, [df837159c8b390a6b508219d917131cf], 

Files: 19
PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsaDD3A.exe, Quarantined, [97cb9139fb8056e0378313228f72c43c], 
PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsaE047.exe, Quarantined, [79e90ebc760592a45c5e42f3ab5639c7], 
PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsn670F.exe, Quarantined, [70f25179ee8df0468535ce6756aba35d], 
PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsp2BEB.exe, Quarantined, [1c466a608cef58de8733b1848d74f30d], 
PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nspE315.exe, Quarantined, [3e2426a47407d462bdfd9d98c73add23], 
PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsv2E2E.exe, Quarantined, [9ec49b2f8cef9d9905b52b0a43be649c], 
PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsk331E.exe, Quarantined, [3a28e9e1e19a3df9edcdc27330d144bc], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Local\Temp\FreemakeVideoConverter_4.1.2.1.exe, Quarantined, [2042e3e7f18a40f613f6e733e9188080], 
PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\nsp9B78\SpSetup.exe, Quarantined, [a5bd7951adcee2540c9f270304fdd12f], 
PUP.Optional.Conduit.A, C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\conduit-search.xml, Quarantined, [21414c7e2d4e0a2cc3c73d0f36ce5aa6], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\40EEB5432DB8427DB1349DD8F81F863D\rcmswdlm_275.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\678D9FED7C4F482DB99F335C720C6959\DivXInstaller.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\8167A672573E404DB8DE3D5B1283A827\HSS-2.67-install-p76-335-conduit.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\OpenCandy_C0481209152C41C79FC37A0C037A84E3\2343.ico, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\OpenCandy_C0481209152C41C79FC37A0C037A84E3\ds_DeDnCD_driverscanner.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], 
PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3288691\chromeid.txt, Quarantined, [bea4b119ec8fac8a3e7f6f4f2ed49c64], 
PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3288691\setup.ini.txt, Quarantined, [bea4b119ec8fac8a3e7f6f4f2ed49c64], 
PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3297861\chromeid.txt, Quarantined, [df837159c8b390a6b508219d917131cf], 
PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3297861\setup.ini.txt, Quarantined, [df837159c8b390a6b508219d917131cf], 

Physical Sectors: 0
(No malicious items detected)


(end)
         
Hier FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 01
Ran by ********** (administrator) on KARL on 24-08-2014 12:39:33
Running from D:\Downloads
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\spd.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
() C:\Windows\DAODx.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
() C:\Users\**********\AppData\Roaming\Hub Timer\hub.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Users\**********\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Flux Software LLC) C:\Users\**********\AppData\Local\FluxSoftware\Flux\flux.exe
(PANTERASoft) C:\Program Files (x86)\HDD Health\hddhealth.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files\ASUS\Ai Suite\QFan4\FanHelp.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
() C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_6_602_180_ActiveX.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Ocs_SM] => C:\Users\**********\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-10-24] (OCS)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [QFan Help] => C:\Program Files\ASUS\Ai Suite\QFan4\FanHelp.exe [888960 2010-03-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2013-11-26] (F-Secure Corporation)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-12-11] (F-Secure Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Diamondback] => C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [228352 2010-04-28] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\Run: [f.lux] => C:\Users\**********\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {23cb5d4b-3cee-11e3-90c0-20cf305ca400} - E:\AutoRun.exe
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {636fda8e-b6ec-11e2-ab0c-20cf305ca400} - E:\AutoRun.exe
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {636fda9b-b6ec-11e2-ab0c-20cf305ca400} - I:\AutoRun.exe
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {b34435d4-b643-11e2-888c-20cf305ca400} - E:\AutoRun.exe
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {b34435e4-b643-11e2-888c-20cf305ca400} - E:\AutoRun.exe
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {b4524698-394d-11e2-9f71-20cf305ca400} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {be98e1a7-c05a-11e2-bf42-20cf305ca400} - E:\AutoRun.exe
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {c02e27bf-97af-11e3-a9ee-20cf305ca400} - E:\AutoRun.exe
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {fe3e3a5d-26d4-11e3-b1a9-20cf305ca400} - E:\AutoRun.exe
HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {fe3e3a6a-26d4-11e3-b1a9-20cf305ca400} - E:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk
ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft)
Startup: C:\Users\**********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.heise.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB14AD28C1AF3CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.)
URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
URLSearchHook: HKCU - (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
SearchScopes: HKCU - DefaultScope {42D42CF2-13F7-4f52-87DE-819065238EA6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKCU - {006C009F-4EDB-44FD-ADA1-ABE7BE4789EA} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&k=0
SearchScopes: HKCU - {08D7B683-991A-4DDB-A835-AFCA4B26C8B7} URL = hxxp://websearch.ask.com.anonymize-me.de/?anonymto=687474703A2F2F7765627365617263682E61736B2E636F6D2F72656469726563743F636C69656E743D69652674623D4F524A266F3D267372633D63726D26713D7B7365617263685465726D737D266C6F63616C653D2661706E5F70746E72733D2661706E5F647469643D4F534A3030302661706E5F7569643D38363642354642332D373745322D343233412D394431412D3639344545384344373934322661706E5F73617569643D37304430334341462D324138422D343237412D384644392D324542303046343830313530&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&k=0
SearchScopes: HKCU - {0AA402C9-3801-4824-87D6-EE4A586C7EF9} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKCU - {42D42CF2-13F7-4f52-87DE-819065238EA6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKCU - {5D6976E5-669C-45F9-AAB4-6F7A9BA1EF74} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {63D45FA9-A133-4E62-B859-EE6F533433A7} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321902&octid=EB_ORIGINAL_CTID&ISID=MA2638A1B-6256-4BE8-AC9C-E76F95764066&SearchSource=58&CUI=&UM=5&UP=SP6F991D19-A83B-4EBD-9BF2-674453364517&q={searchTerms}&SSPV=
SearchScopes: HKCU - {B406EEB3-11DE-488A-A1DC-FB29D0716140} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {C2327F89-13AE-4BFF-A0EF-2804F941F439} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0
SearchScopes: HKCU - {DE247C9D-DDDC-43F6-9AAE-55AB3AAD58CA} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0
BHO: F-Secure Online Safety -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: F-Secure Online Safety -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {C32F5BF7-6918-4F78-A97A-53CDF7D07C8C} -> C:\Users\**********\AppData\LocalLow\Internet Explorer BHO\bho.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default
FF DefaultSearchEngine: Google Deutschland - auf Deutsch
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google Deutschland - auf Deutsch
FF Homepage: hxxp://www.heise.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF user.js: detected! => C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\duckduckgo.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\firefox-add-ons.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-deutschland---auf-deutsch.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-deutschland---aus-deutschland.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-maps.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-us.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\mycroft-project.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\{9BB884FC-861C-439B-B6B4-6C8219FAAEA1}.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\{C2F1423C-D646-4004-9A3B-66831ADD4467}.xml
FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\{CDD933C5-0689-4228-ABFA-EC9FC0A14E9B}.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\2020Player_IKEA@2020Technologies.com [2012-11-02]
FF Extension: Cliqz Beta - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\cliqz@cliqz.com [2014-07-23]
FF Extension: FireJump - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\firejump@firejump.net [2012-10-24]
FF Extension: Foxy-Secure v7 - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\fox@foxy.sec.com [2014-08-23]
FF Extension: Shopping-preise.de - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\mail@shopping-preise.de [2012-10-24]
FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\sparpilot@sparpilot.com [2014-08-23]
FF Extension: Hotspot Shield  - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d} [2012-10-24]
FF Extension: FoxLingo - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2014-08-06]
FF Extension: Add to Amazon Wish List Button - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\amznUWL2@amazon.com.xpi [2012-08-21]
FF Extension: Preispilot - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\extension@preispilot.com.xpi [2012-10-26]
FF Extension: DuckDuckGo Plus - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-01-14]
FF Extension: Noia Fox options - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2012-11-21]
FF Extension: Flashblock - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi [2012-08-21]
FF Extension: Noia Fox - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2012-11-21]
FF Extension: Web Developer - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-08-21]
FF Extension: Adblock Plus - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-07-30]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-01-23]
FF HKLM-x32\...\Firefox\Extensions: [{e2f29cc9-4ed8-4c5f-8b49-529560fdf092}] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https
FF Extension: Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https [2014-01-02]
FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\mail@shopping-preise.de
FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\firejump@firejump.net
FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\extension@preispilot.com
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: ""
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (YouTube) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-01]
CHR Extension: (Google-Suche) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-01]
CHR Extension: (Google Wallet) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-10]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2013-01-28]
CHR Extension: (Google Mail) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-01]
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_chrome_https\fs_chrome_https.crx [2014-05-23]
CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\**********\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.)
R2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst\spd.exe [487128 2010-02-09] (cFos Software GmbH)
S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-10-30] (Creative Labs) [File not signed]
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-10-30] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-12-11] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2013-11-26] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-25] (F-Secure Corporation)
S2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [72640 2012-06-07] () [File not signed]
R2 HubService; C:\Users\**********\AppData\Roaming\Hub Timer\hub.exe [536576 2014-07-30] () [File not signed]
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-12-07] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2008-11-25] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [93848 2008-09-18] (SiSoftware) [File not signed]
R2 SearchAnonymizer; C:\Users\**********\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2012-10-24] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D)
S4 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-09-24] ()
S4 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [553800 2012-09-24] (PacketVideo)
S4 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [275272 2012-09-24] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2013-06-05] (VIA Technologies, Inc.)
S2 Seagate Sync Service; "C:\Program Files (x86)\Seagate\Sync\SeaSyncServices.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2013-06-05] (Advanced Micro Devices Inc.)
R0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-07-05] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35936 2013-07-05] (Advanced Micro Devices, Inc.)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R3 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed.sys [1432792 2009-10-12] (cFos Software GmbH)
R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2008-12-31] (Cyberlink Co.,Ltd.)
R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [371696 2008-12-31] (CyberLink Corporation.)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-10] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
S3 FIXUSTOR; C:\Windows\System32\DRIVERS\fixustor.sys [13696 2013-04-18] (GenesysLogic)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-09-09] ()
R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-02-28] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-24] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 pmkbdfltr; C:\Windows\System32\DRIVERS\pmkbdfltr.sys [18832 2012-08-20] (PenMount)
R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd)
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys [23112 2009-08-08] (SiSoftware)
R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
R3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [25600 2009-07-31] (Creative Technology Ltd.)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-08-28] (CyberLink Corp.)
S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-24 12:38 - 2014-08-24 12:39 - 00000000 ____D () C:\FRST
2014-08-24 11:59 - 2014-08-24 12:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 11:59 - 2014-08-24 11:59 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-24 11:59 - 2014-08-24 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-24 11:58 - 2014-08-24 11:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-24 11:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-24 11:58 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-24 11:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-23 15:53 - 2014-08-23 15:55 - 00000000 ____D () C:\Zanni+Partner Ltd Businessplan Tool
2014-08-23 15:53 - 2014-08-23 15:53 - 00000186 _____ () C:\Users\**********\Desktop\Amazon.de.url
2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\ChromeExtensions
2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp3cb33a567175ecd2d17721aca9c18ffe
2014-08-23 15:52 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Security Systems
2014-08-23 15:52 - 2014-08-23 15:52 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Hub Timer
2014-08-23 15:48 - 2014-08-23 15:48 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp260923940dbb8a6436400192c6a46c1f
2014-08-21 10:07 - 2014-08-21 10:07 - 00001792 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-21 10:07 - 2014-08-21 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-21 10:05 - 2014-08-21 10:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-21 10:05 - 2014-08-21 10:07 - 00000000 ____D () C:\Program Files\iTunes
2014-08-21 10:05 - 2014-08-21 10:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-21 10:05 - 2014-08-21 10:05 - 00000000 ____D () C:\Program Files\iPod
2014-08-21 09:58 - 2014-08-21 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-21 09:57 - 2014-08-21 09:58 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-21 09:55 - 2014-08-21 09:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-20 14:28 - 2014-08-20 14:29 - 00000000 ____D () C:\Users\**********\Desktop\stick
2014-08-20 13:44 - 2014-08-23 10:40 - 00000000 ____D () C:\Users\**********\AppData\Local\Adobe
2014-08-19 12:21 - 2014-08-19 12:21 - 00003496 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-karl-**********
2014-08-18 22:38 - 2014-08-18 22:38 - 00000000 __HDC () C:\ProgramData\{BC3827BC-FEE6-47F6-A08C-EAFB1CE3AA56}
2014-08-18 22:37 - 2014-08-18 22:37 - 00001325 _____ () C:\Users\Public\Desktop\BMWi-Softwarepaket 10.lnk
2014-08-18 22:37 - 2014-08-18 22:37 - 00000000 __HDC () C:\ProgramData\{DA8DD039-AEE2-4D03-83AC-B1E508D4A724}
2014-08-18 22:36 - 2014-08-18 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMWi
2014-08-18 22:36 - 2014-08-18 22:38 - 00000000 ____D () C:\Program Files (x86)\BMWi
2014-08-18 22:29 - 2014-08-18 22:34 - 00000000 ____D () C:\Users\**********\Desktop\BMWI-Softwarepaket-10
2014-08-18 22:21 - 2014-08-18 22:27 - 391954486 _____ () C:\Users\**********\Desktop\BMWI-Softwarepaket-10.zip
2014-08-15 12:39 - 2014-08-15 12:39 - 00000000 ____D () C:\Program Files (x86)\simple-fax.de
2014-08-15 12:39 - 2013-08-12 09:01 - 00113152 _____ () C:\Windows\system32\redmon64.dll
2014-08-15 12:39 - 2013-08-12 09:01 - 00044032 _____ () C:\Windows\system32\unredmon64.exe
2014-08-15 12:39 - 2013-08-12 09:01 - 00028435 _____ () C:\Windows\system32\redmon.chm
2014-08-13 09:43 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 09:43 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 09:43 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 09:43 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 09:43 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 09:43 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 09:43 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 09:43 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 09:41 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 09:41 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 09:41 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 09:41 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 09:41 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-13 09:41 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 09:41 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 09:41 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-13 09:41 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-13 09:41 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 09:41 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-13 09:41 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 09:41 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 09:41 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 09:41 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 09:41 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-13 09:41 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-13 09:41 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-13 09:41 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-13 09:41 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 09:41 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-13 09:41 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 09:41 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-13 09:41 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-13 09:41 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 09:41 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-13 09:41 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 09:41 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 09:41 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 09:41 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 09:41 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 09:41 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 09:41 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 09:41 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-13 09:41 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-13 09:41 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 09:41 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 09:41 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 09:41 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-13 09:41 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 09:41 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 09:41 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-13 09:41 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 09:41 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 09:41 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 09:41 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 09:41 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 09:41 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 09:41 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-13 09:41 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 09:41 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 09:41 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 09:41 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-13 09:41 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-13 09:41 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 09:41 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 09:40 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 09:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 09:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 09:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 09:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 09:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 09:40 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 09:40 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 09:40 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 09:40 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 09:40 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 09:40 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 09:40 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 09:40 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 09:40 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 09:40 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 09:40 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 09:39 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 09:39 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 09:39 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 09:39 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 09:39 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 09:39 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 09:39 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 09:39 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-11 22:59 - 2014-08-11 22:59 - 00003088 _____ () C:\Windows\System32\Tasks\{2132C062-9907-4D6F-830F-DE3E53E0C0EF}
2014-08-11 14:31 - 2014-08-11 14:31 - 00004442 _____ () C:\Users\**********\Desktop\etracker-Wochenstatistik 32 - 2014 ID 12335.eml
2014-08-08 19:50 - 2014-08-08 19:50 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-08 19:50 - 2014-08-08 19:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-08 19:50 - 2014-08-08 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-08 10:38 - 2014-08-08 10:38 - 00001410 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
2014-08-07 18:24 - 2014-08-07 18:24 - 00001040 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-08-07 16:20 - 2014-08-08 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2014-08-07 16:20 - 2014-08-08 10:41 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-07-30 11:03 - 2014-07-30 11:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 12:05 - 2014-07-28 12:05 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-24 12:39 - 2014-08-24 12:38 - 00000000 ____D () C:\FRST
2014-08-24 12:32 - 2009-07-14 06:45 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-24 12:32 - 2009-07-14 06:45 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-24 12:28 - 2011-10-30 22:55 - 01140638 _____ () C:\Windows\WindowsUpdate.log
2014-08-24 12:26 - 2014-08-24 11:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-24 12:23 - 2013-01-01 02:14 - 00083968 _____ () C:\Windows\setupact.log
2014-08-24 12:23 - 2012-11-01 18:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-24 12:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-24 12:23 - 2009-07-14 06:45 - 05017408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-24 12:22 - 2013-01-01 02:13 - 01833138 _____ () C:\Windows\PFRO.log
2014-08-24 12:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors
2014-08-24 12:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-08-24 12:03 - 2012-11-01 18:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-24 11:59 - 2014-08-24 11:59 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-24 11:59 - 2014-08-24 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-24 11:59 - 2014-08-24 11:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-24 11:58 - 2012-11-01 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-24 11:47 - 2014-07-18 08:46 - 00000280 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-08-24 11:43 - 2012-08-29 16:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-23 16:49 - 2011-10-30 22:04 - 00000000 ____D () C:\Users\**********
2014-08-23 16:17 - 2012-10-12 16:56 - 00000000 ____D () C:\Users\**********\AppData\Roaming\FileZilla
2014-08-23 15:55 - 2014-08-23 15:53 - 00000000 ____D () C:\Zanni+Partner Ltd Businessplan Tool
2014-08-23 15:53 - 2014-08-23 15:53 - 00000186 _____ () C:\Users\**********\Desktop\Amazon.de.url
2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\ChromeExtensions
2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp3cb33a567175ecd2d17721aca9c18ffe
2014-08-23 15:53 - 2014-08-23 15:52 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Security Systems
2014-08-23 15:52 - 2014-08-23 15:52 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Hub Timer
2014-08-23 15:48 - 2014-08-23 15:48 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp260923940dbb8a6436400192c6a46c1f
2014-08-23 10:40 - 2014-08-20 13:44 - 00000000 ____D () C:\Users\**********\AppData\Local\Adobe
2014-08-21 11:50 - 2012-11-17 21:39 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Apple Computer
2014-08-21 10:07 - 2014-08-21 10:07 - 00001792 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-21 10:07 - 2014-08-21 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-21 10:07 - 2014-08-21 10:05 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-21 10:07 - 2014-08-21 10:05 - 00000000 ____D () C:\Program Files\iTunes
2014-08-21 10:07 - 2014-08-21 10:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-21 10:05 - 2014-08-21 10:05 - 00000000 ____D () C:\Program Files\iPod
2014-08-21 10:00 - 2012-11-17 21:37 - 00000000 ____D () C:\ProgramData\Apple
2014-08-21 09:58 - 2014-08-21 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-21 09:58 - 2014-08-21 09:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-21 09:55 - 2014-08-21 09:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-21 09:54 - 2013-12-21 22:04 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-20 14:29 - 2014-08-20 14:28 - 00000000 ____D () C:\Users\**********\Desktop\stick
2014-08-20 14:29 - 2009-07-14 19:58 - 00704346 _____ () C:\Windows\system32\perfh007.dat
2014-08-20 14:29 - 2009-07-14 19:58 - 00152206 _____ () C:\Windows\system32\perfc007.dat
2014-08-20 14:29 - 2009-07-14 07:13 - 01636108 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-20 13:15 - 2012-08-29 16:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-20 13:15 - 2012-03-30 19:07 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-20 13:15 - 2011-11-04 00:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-19 12:21 - 2014-08-19 12:21 - 00003496 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-karl-**********
2014-08-18 22:38 - 2014-08-18 22:38 - 00000000 __HDC () C:\ProgramData\{BC3827BC-FEE6-47F6-A08C-EAFB1CE3AA56}
2014-08-18 22:38 - 2014-08-18 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMWi
2014-08-18 22:38 - 2014-08-18 22:36 - 00000000 ____D () C:\Program Files (x86)\BMWi
2014-08-18 22:37 - 2014-08-18 22:37 - 00001325 _____ () C:\Users\Public\Desktop\BMWi-Softwarepaket 10.lnk
2014-08-18 22:37 - 2014-08-18 22:37 - 00000000 __HDC () C:\ProgramData\{DA8DD039-AEE2-4D03-83AC-B1E508D4A724}
2014-08-18 22:34 - 2014-08-18 22:29 - 00000000 ____D () C:\Users\**********\Desktop\BMWI-Softwarepaket-10
2014-08-18 22:27 - 2014-08-18 22:21 - 391954486 _____ () C:\Users\**********\Desktop\BMWI-Softwarepaket-10.zip
2014-08-18 10:03 - 2013-03-18 22:00 - 00000000 ____D () C:\Users\**********\Desktop\130319-gd
2014-08-15 12:39 - 2014-08-15 12:39 - 00000000 ____D () C:\Program Files (x86)\simple-fax.de
2014-08-13 13:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-13 10:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-13 09:59 - 2013-02-03 14:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 09:53 - 2013-07-25 16:27 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 09:49 - 2011-10-31 00:06 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 22:59 - 2014-08-11 22:59 - 00003088 _____ () C:\Windows\System32\Tasks\{2132C062-9907-4D6F-830F-DE3E53E0C0EF}
2014-08-11 14:31 - 2014-08-11 14:31 - 00004442 _____ () C:\Users\**********\Desktop\etracker-Wochenstatistik 32 - 2014 ID 12335.eml
2014-08-11 00:00 - 2011-11-04 16:49 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-08-08 20:16 - 2013-10-19 12:13 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-08 19:50 - 2014-08-08 19:50 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-08 19:50 - 2014-08-08 19:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-08 19:50 - 2014-08-08 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-08 19:50 - 2012-09-01 01:27 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-08 10:42 - 2011-10-30 22:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-08 10:41 - 2014-08-07 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2014-08-08 10:41 - 2014-08-07 16:20 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-08-08 10:38 - 2014-08-08 10:38 - 00001410 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk
2014-08-08 10:38 - 2014-03-21 18:13 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-07 22:41 - 2011-11-04 12:56 - 00000000 ____D () C:\Users\**********\AppData\Roaming\TS3Client
2014-08-07 19:21 - 2011-10-31 01:53 - 00007596 _____ () C:\Users\**********\AppData\Local\Resmon.ResmonCfg
2014-08-07 19:13 - 2011-11-01 21:29 - 00000000 ____D () C:\Users\**********\AppData\Local\Deployment
2014-08-07 18:24 - 2014-08-07 18:24 - 00001040 _____ () C:\Users\Public\Desktop\MozBackup.lnk
2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\Program Files (x86)\MozBackup
2014-08-07 17:42 - 2013-07-30 20:41 - 00124749 _____ () C:\Users\**********\Documents\Report.html
2014-08-01 01:41 - 2014-08-13 09:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-13 09:41 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-30 13:05 - 2012-05-15 00:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-30 11:03 - 2014-07-30 11:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-28 12:05 - 2014-07-28 12:05 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-27 10:46 - 2013-03-13 14:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 10:46 - 2013-03-13 14:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-26 19:22 - 2013-03-13 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 16:52 - 2014-08-13 09:41 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-13 09:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-13 09:41 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:30 - 2014-08-13 09:41 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-13 09:41 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-13 09:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-13 09:41 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-13 09:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-13 09:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-13 09:41 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-13 09:41 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-13 09:41 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-13 09:41 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-13 09:41 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-13 09:41 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-13 09:41 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-13 09:41 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-13 09:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-13 09:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-13 09:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-13 09:41 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-13 09:41 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-13 09:41 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-13 09:41 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-13 09:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-13 09:41 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-13 09:41 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-13 09:41 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-13 09:41 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-13 09:41 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-13 09:41 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-13 09:41 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-13 09:41 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-13 09:41 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-13 09:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-13 09:41 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-13 09:41 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-13 09:41 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-13 09:41 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-13 09:41 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-13 09:41 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-13 09:41 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-13 09:41 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-13 09:41 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-13 09:41 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-13 09:41 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-13 09:41 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-13 09:41 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-13 09:41 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-13 09:41 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-13 09:41 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-13 09:41 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

Some content of TEMP:
====================
C:\Users\**********\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe
C:\Users\**********\AppData\Local\Temp\amazonicon_v9.exe
C:\Users\**********\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\**********\AppData\Local\Temp\AutoDetect.exe
C:\Users\**********\AppData\Local\Temp\Businessplan.exe
C:\Users\**********\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\**********\AppData\Local\Temp\DivXSetup.exe
C:\Users\**********\AppData\Local\Temp\FoxySecurity_6.2_GIGA_FF_IE_Setup.exe
C:\Users\**********\AppData\Local\Temp\FreemakeVideoConverter_3.2.1.7.exe
C:\Users\**********\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe
C:\Users\**********\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\**********\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\**********\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\**********\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\**********\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\**********\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\**********\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\**********\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\**********\AppData\Local\Temp\ose00000.exe
C:\Users\**********\AppData\Local\Temp\ResetDevice.exe
C:\Users\**********\AppData\Local\Temp\sdanircmdc.exe
C:\Users\**********\AppData\Local\Temp\sdapskill.exe
C:\Users\**********\AppData\Local\Temp\sdaspwn.exe
C:\Users\**********\AppData\Local\Temp\sfamcc00001.dll
C:\Users\**********\AppData\Local\Temp\SkypeSetup.exe
C:\Users\**********\AppData\Local\Temp\tmp2D28.exe
C:\Users\**********\AppData\Local\Temp\vcredist_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 19:34

==================== End Of Log ============================
         
--- --- ---


Addition kommt im nächsten Post - passt hier nicht mehr rein, der Post wird zu lang...

Geändert von Frau-M (24.08.2014 um 12:33 Uhr)

 

Themen zu Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen
adobe flash player, conduit-search, conduit-search entfernen, crystaldiskinfo, hotspot, php/kryptik.ab, pup.optional.conduit.a, pup.optional.opencandy, pup.optional.searchprotect.a, pup.optional.softonic.a, security.hijack, vcredist, win32/downloadsponsor.a, win32/downware.l, win32/installmonetizer.ah, win32/softonicdownloader.a, win32/softonicdownloader.f, win32/softonicdownloader.g, win32/toolbar.conduit.y, win32/winloadsda.f




Ähnliche Themen: Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen


  1. Aktuelle Spiele laufen nicht was tun? ist es ein harter virus
    Plagegeister aller Art und deren Bekämpfung - 22.08.2015 (1)
  2. AntiVir kann nicht geöffnet werden. (Dieses Programm wurde durch eine Gruppenrichtlinie blockiert..
    Plagegeister aller Art und deren Bekämpfung - 14.06.2015 (22)
  3. Link in Phishing-Mail wurde geöffnet
    Plagegeister aller Art und deren Bekämpfung - 27.10.2014 (12)
  4. Firefox läßt sich nicht mehr öffnen - Der Vorgang wurde aufgrund von Beschränkungen auf dem Computer abgebrochen. Wenden sie sich an den Sys
    Log-Analyse und Auswertung - 05.08.2014 (17)
  5. Firefox ließ sich nicht mehr öffnen - Der Vorgang wurde aufgrund von Beschränkungen auf dem Computer abgebrochen. Wenden sie sich an den Sy
    Lob, Kritik und Wünsche - 05.08.2014 (0)
  6. Firefox läßt sich nicht mehr öffnen - Der Vorgang wurde aufgrund von Beschränkungen auf dem Computer abgebrochen. Wenden sie sich an den Sys
    Alles rund um Windows - 28.07.2014 (2)
  7. Sehr hoher Datentraffik im Netzwerk nachdem Firefox geöffnet wurde, obwohl nichts gedownloaded oder geladen wird
    Log-Analyse und Auswertung - 13.06.2014 (5)
  8. Antiviren- und Antimalwareprogramme können nicht installiert oder geöffnet werden, Firewall wurde auch deaktiviert.
    Plagegeister aller Art und deren Bekämpfung - 12.05.2014 (18)
  9. Startseite Google - ( Firefox 21 ) wird nicht geöffnet.
    Plagegeister aller Art und deren Bekämpfung - 28.07.2013 (5)
  10. Verschlüsselungstrojaner wurde entfernt aber die Dateien können nicht geöffnet werden
    Plagegeister aller Art und deren Bekämpfung - 07.06.2012 (5)
  11. Google Suchergebnisse/Verlinkungen können nicht mehr geöffnet werden (Win7, Firefox)
    Plagegeister aller Art und deren Bekämpfung - 12.02.2012 (7)
  12. Laptop fährt nicht mehr hoch nachdem auf facebook ein bild geöffnet wurde
    Plagegeister aller Art und deren Bekämpfung - 15.10.2011 (5)
  13. Firefox startet nicht; Antivir Guard kann nicht geöffnet werden; seltsames Computerverhalten
    Plagegeister aller Art und deren Bekämpfung - 04.03.2011 (3)
  14. Nachvollziehen wann ordner/Program geöffnet wurde
    Überwachung, Datenschutz und Spam - 10.06.2010 (3)
  15. Firefox im Taskmanager, obwohl nicht geöffnet!
    Log-Analyse und Auswertung - 16.12.2009 (40)
  16. AntiMalware kan nicht geöffnet werden, System stürzt ab und nfach geöffnet
    Log-Analyse und Auswertung - 10.01.2009 (29)
  17. escan - aktuelle version löscht nicht automatisch
    Log-Analyse und Auswertung - 16.11.2004 (1)

Zum Thema Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen - Guten Tag, Mein Firefox startete nicht. Die Fehlermeldung hieß "der Vorgang wurde aufgrund von aktuellen Beschränkungen auf dem Computer abgebrochen-Wenden sie sich an Ihren Systemadministrator" Ich hab mich durchs Forum - Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen...
Archiv
Du betrachtest: Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.