| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox wurde nicht geöffnet: Aktuelle SystembeschränkungenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
24.08.2014, 12:11
| #1 |
 |  Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen Guten Tag, Mein Firefox startete nicht. Die Fehlermeldung hieß "der Vorgang wurde aufgrund von aktuellen Beschränkungen auf dem Computer abgebrochen-Wenden sie sich an Ihren Systemadministrator" Ich hab mich durchs Forum gelesen und Malwarebytes drüber laufen lassen. Nachdem einige Files in Quarantäne geschickt und der Rechner neu gestartet wurde, ist Firefox wieder startbar. Könntet ihr vorsichtshalber mal drüberschauen, ob mein System sonst in Ordnung ist? Ich habe bereits FRST laufen lassen. Als das durch war, kam die Meldung von F-Secure: "Anwendung blockiert: mod_frst.exe" Ich habe die Anwendung wieder zugelassen - und hoffe das ist alles OK so. Was ich erst später gelesen habe, ist, dass ich Defogger zuerst einsetzen soll. Ähem. Das hab ich jetzt noch nicht getan. Hier die Log-Dateien Malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 24.08.2014 Scan Time: 12:00:17 Logfile: mwb_140824.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.08.24.02 Rootkit Database: v2014.08.21.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: ******* Scan Type: Threat Scan Result: Completed Objects Scanned: 321321 Time Elapsed: 16 min, 6 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.Softonic.A, HKU\S-1-5-21-1208740149-4055697789-2788075998-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Quarantined, [0260a822e8932610683acb3afa098779], Registry Values: 1 Security.Hijack, HKU\S-1-5-21-1208740149-4055697789-2788075998-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWRUN|1, firefox.exe, Quarantined, [e280ad1df98258dedf2fbacd020116ea] Registry Data: 0 (No malicious items detected) Folders: 7 PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\40EEB5432DB8427DB1349DD8F81F863D, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\678D9FED7C4F482DB99F335C720C6959, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\8167A672573E404DB8DE3D5B1283A827, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\OpenCandy_C0481209152C41C79FC37A0C037A84E3, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3288691, Quarantined, [bea4b119ec8fac8a3e7f6f4f2ed49c64], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3297861, Quarantined, [df837159c8b390a6b508219d917131cf], Files: 19 PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsaDD3A.exe, Quarantined, [97cb9139fb8056e0378313228f72c43c], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsaE047.exe, Quarantined, [79e90ebc760592a45c5e42f3ab5639c7], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsn670F.exe, Quarantined, [70f25179ee8df0468535ce6756aba35d], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsp2BEB.exe, Quarantined, [1c466a608cef58de8733b1848d74f30d], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nspE315.exe, Quarantined, [3e2426a47407d462bdfd9d98c73add23], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsv2E2E.exe, Quarantined, [9ec49b2f8cef9d9905b52b0a43be649c], PUP.Optional.SearchProtect.A, C:\Users\*******\AppData\Local\Temp\nsk331E.exe, Quarantined, [3a28e9e1e19a3df9edcdc27330d144bc], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Local\Temp\FreemakeVideoConverter_4.1.2.1.exe, Quarantined, [2042e3e7f18a40f613f6e733e9188080], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\nsp9B78\SpSetup.exe, Quarantined, [a5bd7951adcee2540c9f270304fdd12f], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\conduit-search.xml, Quarantined, [21414c7e2d4e0a2cc3c73d0f36ce5aa6], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\40EEB5432DB8427DB1349DD8F81F863D\rcmswdlm_275.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\678D9FED7C4F482DB99F335C720C6959\DivXInstaller.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\8167A672573E404DB8DE3D5B1283A827\HSS-2.67-install-p76-335-conduit.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\OpenCandy_C0481209152C41C79FC37A0C037A84E3\2343.ico, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.OpenCandy, C:\Users\*******\AppData\Roaming\OpenCandy\OpenCandy_C0481209152C41C79FC37A0C037A84E3\ds_DeDnCD_driverscanner.exe, Quarantined, [2939c505700bae886bdcc2fc748e738d], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3288691\chromeid.txt, Quarantined, [bea4b119ec8fac8a3e7f6f4f2ed49c64], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3288691\setup.ini.txt, Quarantined, [bea4b119ec8fac8a3e7f6f4f2ed49c64], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3297861\chromeid.txt, Quarantined, [df837159c8b390a6b508219d917131cf], PUP.Optional.Conduit.A, C:\Users\*******\AppData\Local\Temp\ct3297861\setup.ini.txt, Quarantined, [df837159c8b390a6b508219d917131cf], Physical Sectors: 0 (No malicious items detected) (end) FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 01 Ran by ********** (administrator) on KARL on 24-08-2014 12:39:33 Running from D:\Downloads Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (cFos Software GmbH) C:\Program Files\ASUS\ROG GameFirst\spd.exe (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE () C:\Windows\DAODx.exe (SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe () C:\Users\**********\AppData\Roaming\Hub Timer\hub.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe () C:\Users\**********\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe (Telefónica I+D) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe (Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE (Flux Software LLC) C:\Users\**********\AppData\Local\FluxSoftware\Flux\flux.exe (PANTERASoft) C:\Program Files (x86)\HDD Health\hddhealth.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (ASUSTeK Computer Inc.) C:\Program Files\ASUS\Ai Suite\QFan4\FanHelp.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe (Razer Inc.) C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Windows\System32\audiodg.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_6_602_180_ActiveX.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Ocs_SM] => C:\Users\**********\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2012-10-24] (OCS) HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-07-07] (Creative Technology Ltd) HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation) HKLM-x32\...\Run: [QFan Help] => C:\Program Files\ASUS\Ai Suite\QFan4\FanHelp.exe [888960 2010-03-25] (ASUSTeK Computer Inc.) HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2013-11-26] (F-Secure Corporation) HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41336 2014-05-08] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840568 2014-05-08] (Adobe Systems Inc.) HKLM-x32\...\Run: [F-Secure Hoster (666)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-12-11] (F-Secure Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Diamondback] => C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [228352 2010-04-28] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.) HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\Run: [f.lux] => C:\Users\**********\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: E - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {23cb5d4b-3cee-11e3-90c0-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {636fda8e-b6ec-11e2-ab0c-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {636fda9b-b6ec-11e2-ab0c-20cf305ca400} - I:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {b34435d4-b643-11e2-888c-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {b34435e4-b643-11e2-888c-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {b4524698-394d-11e2-9f71-20cf305ca400} - E:\LaunchU3.exe -a HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {be98e1a7-c05a-11e2-bf42-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {c02e27bf-97af-11e3-a9ee-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {fe3e3a5d-26d4-11e3-b1a9-20cf305ca400} - E:\AutoRun.exe HKU\S-1-5-21-1208740149-4055697789-2788075998-1000\...\MountPoints2: {fe3e3a6a-26d4-11e3-b1a9-20cf305ca400} - E:\AutoRun.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk ShortcutTarget: HDDHealth.lnk -> C:\Program Files (x86)\HDD Health\hddhealth.exe (PANTERASoft) Startup: C:\Users\**********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.heise.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xB14AD28C1AF3CD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.) URLSearchHook: HKCU - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.) URLSearchHook: HKCU - (No Name) - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No File SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552 SearchScopes: HKCU - DefaultScope {42D42CF2-13F7-4f52-87DE-819065238EA6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKCU - {006C009F-4EDB-44FD-ADA1-ABE7BE4789EA} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D267372633D49452D536561726368426F7826464F524D3D494538535243&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&k=0 SearchScopes: HKCU - {08D7B683-991A-4DDB-A835-AFCA4B26C8B7} URL = hxxp://websearch.ask.com.anonymize-me.de/?anonymto=687474703A2F2F7765627365617263682E61736B2E636F6D2F72656469726563743F636C69656E743D69652674623D4F524A266F3D267372633D63726D26713D7B7365617263685465726D737D266C6F63616C653D2661706E5F70746E72733D2661706E5F647469643D4F534A3030302661706E5F7569643D38363642354642332D373745322D343233412D394431412D3639344545384344373934322661706E5F73617569643D37304430334341462D324138422D343237412D384644392D324542303046343830313530&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&k=0 SearchScopes: HKCU - {0AA402C9-3801-4824-87D6-EE4A586C7EF9} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms} SearchScopes: HKCU - {42D42CF2-13F7-4f52-87DE-819065238EA6} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKCU - {5D6976E5-669C-45F9-AAB4-6F7A9BA1EF74} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {63D45FA9-A133-4E62-B859-EE6F533433A7} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/Results.aspx?gd=&ctid=CT3321902&octid=EB_ORIGINAL_CTID&ISID=MA2638A1B-6256-4BE8-AC9C-E76F95764066&SearchSource=58&CUI=&UM=5&UP=SP6F991D19-A83B-4EBD-9BF2-674453364517&q={searchTerms}&SSPV= SearchScopes: HKCU - {B406EEB3-11DE-488A-A1DC-FB29D0716140} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {C2327F89-13AE-4BFF-A0EF-2804F941F439} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 SearchScopes: HKCU - {DE247C9D-DDDC-43F6-9AAE-55AB3AAD58CA} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=afc71668-f04a-491f-a86e-037ed887f1bf&pid=ccleanerde&mode=bounce&k=0 BHO: F-Secure Online Safety -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https64.dll (F-Secure Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: F-Secure Online Safety -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: No Name -> {C32F5BF7-6918-4F78-A97A-53CDF7D07C8C} -> C:\Users\**********\AppData\LocalLow\Internet Explorer BHO\bho.dll () BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default FF DefaultSearchEngine: Google Deutschland - auf Deutsch FF SearchEngineOrder.1: Ask.com FF SelectedSearchEngine: Google Deutschland - auf Deutsch FF Homepage: hxxp://www.heise.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/wpi,version=1.4 -> C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll (Microsoft Corp) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems) FF user.js: detected! => C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\user.js FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\askcom.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\duckduckgo.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\firefox-add-ons.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-deutschland---auf-deutsch.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-deutschland---aus-deutschland.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-maps.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\google-us.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\mycroft-project.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\{9BB884FC-861C-439B-B6B4-6C8219FAAEA1}.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\{C2F1423C-D646-4004-9A3B-66831ADD4467}.xml FF SearchPlugin: C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\searchplugins\{CDD933C5-0689-4228-ABFA-EC9FC0A14E9B}.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: 20-20 3D Viewer - IKEA - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\2020Player_IKEA@2020Technologies.com [2012-11-02] FF Extension: Cliqz Beta - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\cliqz@cliqz.com [2014-07-23] FF Extension: FireJump - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\firejump@firejump.net [2012-10-24] FF Extension: Foxy-Secure v7 - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\fox@foxy.sec.com [2014-08-23] FF Extension: Shopping-preise.de - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\mail@shopping-preise.de [2012-10-24] FF Extension: SparPilot - Gutscheine & mehr... - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\sparpilot@sparpilot.com [2014-08-23] FF Extension: Hotspot Shield - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d} [2012-10-24] FF Extension: FoxLingo - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66} [2014-08-06] FF Extension: Add to Amazon Wish List Button - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\amznUWL2@amazon.com.xpi [2012-08-21] FF Extension: Preispilot - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\extension@preispilot.com.xpi [2012-10-26] FF Extension: DuckDuckGo Plus - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2014-01-14] FF Extension: Noia Fox options - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\NoiaFoxoption@davidvincent.tld.xpi [2012-11-21] FF Extension: Flashblock - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi [2012-08-21] FF Extension: Noia Fox - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{7b90e860-5d61-11e0-80e3-0800200c9a66}.xpi [2012-11-21] FF Extension: Web Developer - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-08-21] FF Extension: Adblock Plus - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-08-21] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-07-30] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-01-23] FF HKLM-x32\...\Firefox\Extensions: [{e2f29cc9-4ed8-4c5f-8b49-529560fdf092}] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https FF Extension: Online Safety - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\deploy\fs_firefox_https [2014-01-02] FF HKCU\...\Firefox\Extensions: [mail@shopping-preise.de] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\mail@shopping-preise.de FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\firejump@firejump.net FF HKCU\...\Firefox\Extensions: [extension@preispilot.com] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\extension@preispilot.com FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\**********\AppData\Roaming\Mozilla\Firefox\Profiles\ks3lcj5q.default\extensions\cliqz@cliqz.com Chrome: ======= CHR HomePage: CHR StartupUrls: "" CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter} CHR Extension: (YouTube) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-01] CHR Extension: (Google-Suche) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-01] CHR Extension: (Google Wallet) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-10] CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2013-01-28] CHR Extension: (Google Mail) - C:\Users\**********\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-01] CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:\Program Files (x86)\F-Secure\apps\OnlineSafety\browser\install\fs_chrome_https\fs_chrome_https.crx [2014-05-23] CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\**********\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2014-08-23] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed] R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2009-12-28] (ASUSTeK Computer Inc.) R2 cFosSpeedS; C:\Program Files\ASUS\ROG GameFirst\spd.exe [487128 2010-02-09] (cFos Software GmbH) S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-10-30] (Creative Labs) [File not signed] S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-10-30] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed] R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed] R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [191528 2013-12-11] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2013-11-26] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-25] (F-Secure Corporation) S2 HDDHealth; C:\Program Files (x86)\HDD Health\HDDHealthService.exe [72640 2012-06-07] () [File not signed] R2 HubService; C:\Users\**********\AppData\Roaming\Hub Timer\hub.exe [536576 2014-07-30] () [File not signed] S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-12-07] (Hewlett-Packard Company) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2008-11-25] () S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\RpcAgentSrv.exe [93848 2008-09-18] (SiSoftware) [File not signed] R2 SearchAnonymizer; C:\Users\**********\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2012-10-24] () [File not signed] S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [200624 2010-09-29] (Telefónica I+D) S4 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [545608 2012-09-24] () S4 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [553800 2012-09-24] (PacketVideo) S4 TwonkyWebDav; C:\Program Files (x86)\Twonky\TwonkyServer\twonkywebdav.exe [275272 2012-09-24] () R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2013-06-05] (VIA Technologies, Inc.) S2 Seagate Sync Service; "C:\Program Files (x86)\Seagate\Sync\SeaSyncServices.exe" [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11904 2013-06-05] (Advanced Micro Devices Inc.) R0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21160 2013-07-05] (Advanced Micro Devices, Inc.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [35936 2013-07-05] (Advanced Micro Devices, Inc.) S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] () R3 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed.sys [1432792 2009-10-12] (cFos Software GmbH) R1 CLBStor; C:\Windows\System32\DRIVERS\CLBStor.sys [24560 2008-12-31] (Cyberlink Co.,Ltd.) R2 CLBUDF; C:\Windows\System32\Drivers\CLBUDF.sys [371696 2008-12-31] (CyberLink Corporation.) S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [256000 2010-08-31] (Huawei Technologies Co., Ltd.) R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-10] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation) S3 FIXUSTOR; C:\Windows\System32\DRIVERS\fixustor.sys [13696 2013-04-18] (GenesysLogic) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-09-09] () R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [42248 2013-02-28] () R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation) R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-06-24] () R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-24] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] () R3 pmkbdfltr; C:\Windows\System32\DRIVERS\pmkbdfltr.sys [18832 2012-08-20] (PenMount) R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd) S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [108296 2007-04-24] (MCCI Corporation) S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [19720 2007-04-24] (MCCI Corporation) S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [144648 2007-04-24] (MCCI Corporation) S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [126216 2007-04-24] (MCCI Corporation) S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [123656 2007-04-24] (MCCI Corporation) S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP5\WNt500x64\Sandra.sys [23112 2009-08-08] (SiSoftware) R3 seehcri; C:\Windows\System32\DRIVERS\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications) R3 VMfilt; C:\Windows\System32\drivers\VMfilt64.sys [25600 2009-07-31] (Creative Technology Ltd.) U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation) R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-08-28] (CyberLink Corp.) S3 atillk64; \??\C:\Program Files (x86)\AMD\System Monitor\atillk64.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-24 12:38 - 2014-08-24 12:39 - 00000000 ____D () C:\FRST 2014-08-24 11:59 - 2014-08-24 12:26 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-24 11:59 - 2014-08-24 11:59 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-24 11:59 - 2014-08-24 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-24 11:58 - 2014-08-24 11:59 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-24 11:58 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-24 11:58 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-24 11:58 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-23 15:53 - 2014-08-23 15:55 - 00000000 ____D () C:\Zanni+Partner Ltd Businessplan Tool 2014-08-23 15:53 - 2014-08-23 15:53 - 00000186 _____ () C:\Users\**********\Desktop\Amazon.de.url 2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\ChromeExtensions 2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp3cb33a567175ecd2d17721aca9c18ffe 2014-08-23 15:52 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Security Systems 2014-08-23 15:52 - 2014-08-23 15:52 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Hub Timer 2014-08-23 15:48 - 2014-08-23 15:48 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp260923940dbb8a6436400192c6a46c1f 2014-08-21 10:07 - 2014-08-21 10:07 - 00001792 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-08-21 10:07 - 2014-08-21 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-21 10:05 - 2014-08-21 10:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-21 10:05 - 2014-08-21 10:07 - 00000000 ____D () C:\Program Files\iTunes 2014-08-21 10:05 - 2014-08-21 10:07 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-08-21 10:05 - 2014-08-21 10:05 - 00000000 ____D () C:\Program Files\iPod 2014-08-21 09:58 - 2014-08-21 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-08-21 09:57 - 2014-08-21 09:58 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-08-21 09:55 - 2014-08-21 09:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-08-20 14:28 - 2014-08-20 14:29 - 00000000 ____D () C:\Users\**********\Desktop\stick 2014-08-20 13:44 - 2014-08-23 10:40 - 00000000 ____D () C:\Users\**********\AppData\Local\Adobe 2014-08-19 12:21 - 2014-08-19 12:21 - 00003496 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-karl-********** 2014-08-18 22:38 - 2014-08-18 22:38 - 00000000 __HDC () C:\ProgramData\{BC3827BC-FEE6-47F6-A08C-EAFB1CE3AA56} 2014-08-18 22:37 - 2014-08-18 22:37 - 00001325 _____ () C:\Users\Public\Desktop\BMWi-Softwarepaket 10.lnk 2014-08-18 22:37 - 2014-08-18 22:37 - 00000000 __HDC () C:\ProgramData\{DA8DD039-AEE2-4D03-83AC-B1E508D4A724} 2014-08-18 22:36 - 2014-08-18 22:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMWi 2014-08-18 22:36 - 2014-08-18 22:38 - 00000000 ____D () C:\Program Files (x86)\BMWi 2014-08-18 22:29 - 2014-08-18 22:34 - 00000000 ____D () C:\Users\**********\Desktop\BMWI-Softwarepaket-10 2014-08-18 22:21 - 2014-08-18 22:27 - 391954486 _____ () C:\Users\**********\Desktop\BMWI-Softwarepaket-10.zip 2014-08-15 12:39 - 2014-08-15 12:39 - 00000000 ____D () C:\Program Files (x86)\simple-fax.de 2014-08-15 12:39 - 2013-08-12 09:01 - 00113152 _____ () C:\Windows\system32\redmon64.dll 2014-08-15 12:39 - 2013-08-12 09:01 - 00044032 _____ () C:\Windows\system32\unredmon64.exe 2014-08-15 12:39 - 2013-08-12 09:01 - 00028435 _____ () C:\Windows\system32\redmon.chm 2014-08-13 09:43 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-08-13 09:43 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-08-13 09:43 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-08-13 09:43 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-08-13 09:43 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-08-13 09:43 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-08-13 09:43 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-08-13 09:43 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-08-13 09:41 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-13 09:41 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-08-13 09:41 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-08-13 09:41 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-08-13 09:41 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-08-13 09:41 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-08-13 09:41 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-08-13 09:41 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-08-13 09:41 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-08-13 09:41 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-08-13 09:41 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-08-13 09:41 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-08-13 09:41 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-08-13 09:41 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-08-13 09:41 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-08-13 09:41 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-08-13 09:41 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-08-13 09:41 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-08-13 09:41 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-08-13 09:41 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-08-13 09:41 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-08-13 09:41 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-08-13 09:41 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-08-13 09:41 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-08-13 09:41 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-08-13 09:41 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-08-13 09:41 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-08-13 09:41 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-08-13 09:41 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-08-13 09:41 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-08-13 09:41 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-08-13 09:41 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-08-13 09:41 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-08-13 09:41 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-08-13 09:41 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-08-13 09:41 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-08-13 09:41 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-08-13 09:41 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-08-13 09:41 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-13 09:41 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-08-13 09:41 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-08-13 09:41 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-08-13 09:41 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-08-13 09:41 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-08-13 09:41 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-08-13 09:41 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-08-13 09:41 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-08-13 09:41 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-08-13 09:41 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-08-13 09:41 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-08-13 09:41 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-08-13 09:41 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-08-13 09:41 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-08-13 09:41 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-08-13 09:41 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-08-13 09:41 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-08-13 09:40 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-08-13 09:40 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-08-13 09:40 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-08-13 09:40 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-08-13 09:40 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-08-13 09:40 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-08-13 09:40 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-08-13 09:40 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-08-13 09:40 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-08-13 09:40 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-08-13 09:40 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-08-13 09:40 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-08-13 09:40 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-08-13 09:40 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-08-13 09:39 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2014-08-13 09:39 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-08-13 09:39 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2014-08-13 09:39 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-08-13 09:39 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-08-13 09:39 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2014-08-13 09:39 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2014-08-13 09:39 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2014-08-11 22:59 - 2014-08-11 22:59 - 00003088 _____ () C:\Windows\System32\Tasks\{2132C062-9907-4D6F-830F-DE3E53E0C0EF} 2014-08-11 14:31 - 2014-08-11 14:31 - 00004442 _____ () C:\Users\**********\Desktop\etracker-Wochenstatistik 32 - 2014 ID 12335.eml 2014-08-08 19:50 - 2014-08-08 19:50 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-08 19:50 - 2014-08-08 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-08 10:38 - 2014-08-08 10:38 - 00001410 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk 2014-08-07 18:24 - 2014-08-07 18:24 - 00001040 _____ () C:\Users\Public\Desktop\MozBackup.lnk 2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup 2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\Program Files (x86)\MozBackup 2014-08-07 16:20 - 2014-08-08 10:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2014-08-07 16:20 - 2014-08-08 10:41 - 00000000 ____D () C:\Program Files (x86)\Seagate 2014-07-30 11:03 - 2014-07-30 11:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-28 12:05 - 2014-07-28 12:05 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-24 12:39 - 2014-08-24 12:38 - 00000000 ____D () C:\FRST 2014-08-24 12:32 - 2009-07-14 06:45 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-08-24 12:32 - 2009-07-14 06:45 - 00015376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-08-24 12:28 - 2011-10-30 22:55 - 01140638 _____ () C:\Windows\WindowsUpdate.log 2014-08-24 12:26 - 2014-08-24 11:59 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-24 12:23 - 2013-01-01 02:14 - 00083968 _____ () C:\Windows\setupact.log 2014-08-24 12:23 - 2012-11-01 18:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-24 12:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-24 12:23 - 2009-07-14 06:45 - 05017408 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-08-24 12:22 - 2013-01-01 02:13 - 01833138 _____ () C:\Windows\PFRO.log 2014-08-24 12:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Cursors 2014-08-24 12:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-08-24 12:03 - 2012-11-01 18:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-24 11:59 - 2014-08-24 11:59 - 00001115 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-08-24 11:59 - 2014-08-24 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-08-24 11:59 - 2014-08-24 11:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-08-24 11:58 - 2012-11-01 14:32 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-08-24 11:47 - 2014-07-18 08:46 - 00000280 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job 2014-08-24 11:43 - 2012-08-29 16:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-23 16:49 - 2011-10-30 22:04 - 00000000 ____D () C:\Users\********** 2014-08-23 16:17 - 2012-10-12 16:56 - 00000000 ____D () C:\Users\**********\AppData\Roaming\FileZilla 2014-08-23 15:55 - 2014-08-23 15:53 - 00000000 ____D () C:\Zanni+Partner Ltd Businessplan Tool 2014-08-23 15:53 - 2014-08-23 15:53 - 00000186 _____ () C:\Users\**********\Desktop\Amazon.de.url 2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\ChromeExtensions 2014-08-23 15:53 - 2014-08-23 15:53 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp3cb33a567175ecd2d17721aca9c18ffe 2014-08-23 15:53 - 2014-08-23 15:52 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Security Systems 2014-08-23 15:52 - 2014-08-23 15:52 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Hub Timer 2014-08-23 15:48 - 2014-08-23 15:48 - 00000000 ____D () C:\Users\**********\AppData\Local\Temp260923940dbb8a6436400192c6a46c1f 2014-08-23 10:40 - 2014-08-20 13:44 - 00000000 ____D () C:\Users\**********\AppData\Local\Adobe 2014-08-21 11:50 - 2012-11-17 21:39 - 00000000 ____D () C:\Users\**********\AppData\Roaming\Apple Computer 2014-08-21 10:07 - 2014-08-21 10:07 - 00001792 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-08-21 10:07 - 2014-08-21 10:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-08-21 10:07 - 2014-08-21 10:05 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-08-21 10:07 - 2014-08-21 10:05 - 00000000 ____D () C:\Program Files\iTunes 2014-08-21 10:07 - 2014-08-21 10:05 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-08-21 10:05 - 2014-08-21 10:05 - 00000000 ____D () C:\Program Files\iPod 2014-08-21 10:00 - 2012-11-17 21:37 - 00000000 ____D () C:\ProgramData\Apple 2014-08-21 09:58 - 2014-08-21 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-08-21 09:58 - 2014-08-21 09:57 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-08-21 09:55 - 2014-08-21 09:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2014-08-21 09:54 - 2013-12-21 22:04 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-08-20 14:29 - 2014-08-20 14:28 - 00000000 ____D () C:\Users\**********\Desktop\stick 2014-08-20 14:29 - 2009-07-14 19:58 - 00704346 _____ () C:\Windows\system32\perfh007.dat 2014-08-20 14:29 - 2009-07-14 19:58 - 00152206 _____ () C:\Windows\system32\perfc007.dat 2014-08-20 14:29 - 2009-07-14 07:13 - 01636108 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-08-20 13:15 - 2012-08-29 16:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-08-20 13:15 - 2012-03-30 19:07 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-08-20 13:15 - 2011-11-04 00:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-08-19 12:21 - 2014-08-19 12:21 - 00003496 _____ () C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-karl-********** 2014-08-18 22:38 - 2014-08-18 22:38 - 00000000 __HDC () C:\ProgramData\{BC3827BC-FEE6-47F6-A08C-EAFB1CE3AA56} 2014-08-18 22:38 - 2014-08-18 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMWi 2014-08-18 22:38 - 2014-08-18 22:36 - 00000000 ____D () C:\Program Files (x86)\BMWi 2014-08-18 22:37 - 2014-08-18 22:37 - 00001325 _____ () C:\Users\Public\Desktop\BMWi-Softwarepaket 10.lnk 2014-08-18 22:37 - 2014-08-18 22:37 - 00000000 __HDC () C:\ProgramData\{DA8DD039-AEE2-4D03-83AC-B1E508D4A724} 2014-08-18 22:34 - 2014-08-18 22:29 - 00000000 ____D () C:\Users\**********\Desktop\BMWI-Softwarepaket-10 2014-08-18 22:27 - 2014-08-18 22:21 - 391954486 _____ () C:\Users\**********\Desktop\BMWI-Softwarepaket-10.zip 2014-08-18 10:03 - 2013-03-18 22:00 - 00000000 ____D () C:\Users\**********\Desktop\130319-gd 2014-08-15 12:39 - 2014-08-15 12:39 - 00000000 ____D () C:\Program Files (x86)\simple-fax.de 2014-08-13 13:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-08-13 10:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-08-13 09:59 - 2013-02-03 14:28 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-13 09:53 - 2013-07-25 16:27 - 00000000 ____D () C:\Windows\system32\MRT 2014-08-13 09:49 - 2011-10-31 00:06 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-08-11 22:59 - 2014-08-11 22:59 - 00003088 _____ () C:\Windows\System32\Tasks\{2132C062-9907-4D6F-830F-DE3E53E0C0EF} 2014-08-11 14:31 - 2014-08-11 14:31 - 00004442 _____ () C:\Users\**********\Desktop\etracker-Wochenstatistik 32 - 2014 ID 12335.eml 2014-08-11 00:00 - 2011-11-04 16:49 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-08-08 20:16 - 2013-10-19 12:13 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-08 19:50 - 2014-08-08 19:50 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-08-08 19:50 - 2014-08-08 19:50 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-08-08 19:50 - 2014-08-08 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-08 19:50 - 2012-09-01 01:27 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-08 10:42 - 2011-10-30 22:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-08-08 10:41 - 2014-08-07 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate 2014-08-08 10:41 - 2014-08-07 16:20 - 00000000 ____D () C:\Program Files (x86)\Seagate 2014-08-08 10:38 - 2014-08-08 10:38 - 00001410 _____ () C:\Users\Public\Desktop\SeaTools for Windows.lnk 2014-08-08 10:38 - 2014-03-21 18:13 - 00000000 ____D () C:\ProgramData\Package Cache 2014-08-07 22:41 - 2011-11-04 12:56 - 00000000 ____D () C:\Users\**********\AppData\Roaming\TS3Client 2014-08-07 19:21 - 2011-10-31 01:53 - 00007596 _____ () C:\Users\**********\AppData\Local\Resmon.ResmonCfg 2014-08-07 19:13 - 2011-11-01 21:29 - 00000000 ____D () C:\Users\**********\AppData\Local\Deployment 2014-08-07 18:24 - 2014-08-07 18:24 - 00001040 _____ () C:\Users\Public\Desktop\MozBackup.lnk 2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup 2014-08-07 18:24 - 2014-08-07 18:24 - 00000000 ____D () C:\Program Files (x86)\MozBackup 2014-08-07 17:42 - 2013-07-30 20:41 - 00124749 _____ () C:\Users\**********\Documents\Report.html 2014-08-01 01:41 - 2014-08-13 09:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-08-01 01:16 - 2014-08-13 09:41 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-30 13:05 - 2012-05-15 00:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-07-30 11:03 - 2014-07-30 11:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-07-28 12:05 - 2014-07-28 12:05 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log 2014-07-27 10:46 - 2013-03-13 14:50 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-27 10:46 - 2013-03-13 14:50 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-26 19:22 - 2013-03-13 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-25 16:52 - 2014-08-13 09:41 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-25 16:02 - 2014-08-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-25 16:01 - 2014-08-13 09:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-25 15:51 - 2014-08-13 09:41 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-25 15:30 - 2014-08-13 09:41 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-25 15:28 - 2014-08-13 09:41 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-25 15:28 - 2014-08-13 09:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-25 15:25 - 2014-08-13 09:41 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-25 15:25 - 2014-08-13 09:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-25 15:11 - 2014-08-13 09:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-25 15:10 - 2014-08-13 09:41 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-25 15:04 - 2014-08-13 09:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-25 15:03 - 2014-08-13 09:41 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-25 15:00 - 2014-08-13 09:41 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-25 15:00 - 2014-08-13 09:41 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-25 14:59 - 2014-08-13 09:41 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-25 14:47 - 2014-08-13 09:41 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-25 14:40 - 2014-08-13 09:41 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-25 14:34 - 2014-08-13 09:41 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-25 14:34 - 2014-08-13 09:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-25 14:33 - 2014-08-13 09:41 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-25 14:30 - 2014-08-13 09:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-25 14:28 - 2014-08-13 09:41 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-25 14:28 - 2014-08-13 09:41 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-25 14:21 - 2014-08-13 09:41 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-25 14:19 - 2014-08-13 09:41 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-25 14:18 - 2014-08-13 09:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-25 14:17 - 2014-08-13 09:41 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-25 14:17 - 2014-08-13 09:41 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-25 14:12 - 2014-08-13 09:41 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-25 14:10 - 2014-08-13 09:41 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-25 14:10 - 2014-08-13 09:41 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-25 14:08 - 2014-08-13 09:41 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-25 14:06 - 2014-08-13 09:41 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-25 13:52 - 2014-08-13 09:41 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-25 13:47 - 2014-08-13 09:41 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-25 13:43 - 2014-08-13 09:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-25 13:42 - 2014-08-13 09:41 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-25 13:39 - 2014-08-13 09:41 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-25 13:39 - 2014-08-13 09:41 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-25 13:36 - 2014-08-13 09:41 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-25 13:34 - 2014-08-13 09:41 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-25 13:29 - 2014-08-13 09:41 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-25 13:23 - 2014-08-13 09:41 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-25 13:13 - 2014-08-13 09:41 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-25 13:07 - 2014-08-13 09:41 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-25 13:07 - 2014-08-13 09:41 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-25 13:03 - 2014-08-13 09:41 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-25 12:52 - 2014-08-13 09:41 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-25 12:26 - 2014-08-13 09:41 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-25 12:17 - 2014-08-13 09:41 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-25 12:09 - 2014-08-13 09:41 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-25 12:05 - 2014-08-13 09:41 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-25 12:00 - 2014-08-13 09:41 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll Some content of TEMP: ==================== C:\Users\**********\AppData\Local\Temp\13-12_win7_win8_64_dd_ccc_whql.exe C:\Users\**********\AppData\Local\Temp\amazonicon_v9.exe C:\Users\**********\AppData\Local\Temp\amazoninstallernircmdc.exe C:\Users\**********\AppData\Local\Temp\AutoDetect.exe C:\Users\**********\AppData\Local\Temp\Businessplan.exe C:\Users\**********\AppData\Local\Temp\DataCard_Setup64.exe C:\Users\**********\AppData\Local\Temp\DivXSetup.exe C:\Users\**********\AppData\Local\Temp\FoxySecurity_6.2_GIGA_FF_IE_Setup.exe C:\Users\**********\AppData\Local\Temp\FreemakeVideoConverter_3.2.1.7.exe C:\Users\**********\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe C:\Users\**********\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\**********\AppData\Local\Temp\ose00000.exe C:\Users\**********\AppData\Local\Temp\ResetDevice.exe C:\Users\**********\AppData\Local\Temp\sdanircmdc.exe C:\Users\**********\AppData\Local\Temp\sdapskill.exe C:\Users\**********\AppData\Local\Temp\sdaspwn.exe C:\Users\**********\AppData\Local\Temp\sfamcc00001.dll C:\Users\**********\AppData\Local\Temp\SkypeSetup.exe C:\Users\**********\AppData\Local\Temp\tmp2D28.exe C:\Users\**********\AppData\Local\Temp\vcredist_x86.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-17 19:34 ==================== End Of Log ============================ Addition kommt im nächsten Post - passt hier nicht mehr rein, der Post wird zu lang... Geändert von Frau-M (24.08.2014 um 12:33 Uhr) |
| Themen zu Firefox wurde nicht geöffnet: Aktuelle Systembeschränkungen |
| adobe flash player, conduit-search, conduit-search entfernen, crystaldiskinfo, hotspot, php/kryptik.ab, pup.optional.conduit.a, pup.optional.opencandy, pup.optional.searchprotect.a, pup.optional.softonic.a, security.hijack, vcredist, win32/downloadsponsor.a, win32/downware.l, win32/installmonetizer.ah, win32/softonicdownloader.a, win32/softonicdownloader.f, win32/softonicdownloader.g, win32/toolbar.conduit.y, win32/winloadsda.f |
Baum-Darstellung