| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox öffnet selbstständig Tabs mit WerbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
12.11.2014, 14:28
| #1 |
 |  Firefox öffnet selbstständig Tabs mit Werbung Guten Tag,... seit geraumer Zeit startet Firefox selbstständig und öffnet Werbeseiten. Ich habe ein ähnliches Thema gefunden und bin folgende Schritte vorab schon selbst durchgegangen: Schritt 1: Deinstallation von Programmen Schritt 2: AdwCleaner: Werbeprogramme suchen und löschen (allerdings bekam ich keinen Log danach..., sollte ich nochmals scannen?) Schritt 3: Scan mit DDS (mit attach) - siehe folgende Log-Datei und Attach Ich würde gern auf Nummer Sicher gehen und alle weiteren Schritte, die nötig sind durchlaufen, um den Rechner mal richtig sauber zu bekommen. Wäre nett, wenn Ihr mir dabei helfen könntet. Vielen Dank im voraus... Hier nun die Log- und die Attach-Texte von DDS: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 11.20.2
Run by Toni_02 at 13:42:44 on 2014-11-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16301.13482 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMWDSrv.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe
C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMConfig.exe
C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMProcess.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe
C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.de/?gws_rd=cr&ei=lRG8UsLUCdDUsganj4C4Aw
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = about:blank
mStart Page = about:blank
mDefault_Page_URL = about:blank
uSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AdobeBridge] <no file>
uRunOnce: [Report] \AdwCleaner\AdwCleaner[S0].txt
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [KMConfig] "C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe
mRun: [WheelMouse] C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [NWEReboot] <no file>
mRunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
StartupFolder: C:\Users\Toni_02\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Toni_02\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTION~1.LNK - C:\Program Files (x86)\Plustek\OpticPro ST48\AM32.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_20-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_20-windows-i586.cab
TCP: Interfaces\{86EA66A2-B974-40D7-B70D-DF7EF99D26E7} : NameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mStart Page = about:blank
x64-mDefault_Page_URL = about:blank
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [MouseDriver] TiltWheelMouse.exe
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Toni_02\AppData\Roaming\Mozilla\Firefox\Profiles\e0qifbjd.default\
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Toni_02\AppData\Roaming\Mozilla\Firefox\Profiles\e0qifbjd.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Toni_02\AppData\Roaming\Mozilla\Firefox\Profiles\e0qifbjd.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Windows\System32\Adobe\Director\np32dsw_1205146.dll
FF - plugin: C:\Windows\System32\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
FF - ExtSQL: !HIDDEN! 2013-07-21 14:18; 49ffxtbr@UtilityChest_49.com; C:\Program Files (x86)\UtilityChest_49\bar\1.bin
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-8-8 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-8-8 15920]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-2-27 283200]
R1 SLEE_18_DRIVER;Steganos Live Encryption Engine 18 [Driver];C:\Windows\SleeN1864.sys [2012-7-24 108648]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-24 13592]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMWDSrv.exe [2007-5-8 2179072]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-7-15 786256]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 125584]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-24 2655768]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-9-19 1157056]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-19 248248]
R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-9-19 1177536]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-3-7 40832]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-3-7 65280]
R3 IntcDAud;Intel(R) Display-Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-11-24 317440]
R3 NisSrv;Microsoft-Netzwerkinspektion;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-24 413800]
R3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2011-2-16 14464]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service --> C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-25 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);C:\Windows\System32\drivers\HPMo4DE3.sys [2011-12-18 25088]
S3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);C:\Windows\System32\drivers\HPub4DE3.sys [2011-12-18 18432]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-9 19456]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-1 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-9 30208]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-11-12 06:34:39 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2014-11-11 16:15:15 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{737C93ED-A27B-43A6-998F-EAC7B7EBC686}\gapaengine.dll
2014-11-11 16:15:07 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E68F240-3ECC-4D0B-8B8C-34C27DDE59E9}\mpengine.dll
2014-11-10 06:41:50 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-02 17:19:49 220784 ----a-w- C:\Program Files (x86)\Mozilla Firefox\sandboxbroker.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2014-10-16 05:21:53 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine(17).dll
2014-10-16 01:09:54 3528440 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2014-10-16 01:07:46 5085936 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2014-10-15 05:32:39 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-10-15 05:32:38 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-10-15 05:32:38 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-10-15 05:32:36 235520 ----a-w- C:\Windows\System32\winsta.dll
2014-10-15 05:32:36 212480 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2014-10-15 05:32:36 157696 ----a-w- C:\Windows\SysWow64\winsta.dll
2014-10-15 05:32:36 150528 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2014-10-15 05:32:35 455168 ----a-w- C:\Windows\System32\winlogon.exe
2014-10-15 05:32:35 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2014-10-15 05:32:32 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2014-10-15 05:32:32 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-10-14 09:11:23 955848 ----a-w- C:\Windows\System32\npDeployJava1.dll
2014-10-14 09:11:23 839112 ----a-w- C:\Windows\System32\deployJava1.dll
2014-10-14 09:11:16 894888 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2014-10-14 09:11:16 815528 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2014-10-14 09:11:10 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-10-14 09:05:44 -------- d-----w- C:\Users\Toni_02\AppData\Roaming\Abelssoft
2014-10-14 09:05:44 -------- d-----w- C:\ProgramData\XDMessagingv4
2014-10-14 09:05:43 338432 ----a-w- C:\Windows\SysWow64\sqlite36_engine.dll
2014-10-14 09:05:43 -------- d-----w- C:\Users\Toni_02\AppData\Local\Abelssoft
2014-10-14 09:05:42 493056 ----a-w- C:\Windows\SysWow64\dhRichClient3.dll
.
==================== Find3M ====================
.
2014-11-12 09:39:14 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-12 09:39:14 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-05 17:56:54 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-05 17:56:36 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-05 17:52:22 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-02 12:23:20 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-10-02 12:23:20 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:44 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:42 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-08-31 14:18:43 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-21 06:43:26 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-08-21 06:40:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-08-21 06:26:21 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-08-21 06:23:10 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-08-19 03:11:28 693176 ----a-w- C:\Windows\System32\winload.efi
2014-08-19 03:10:10 616352 ----a-w- C:\Windows\System32\winresume.efi
2014-08-19 03:08:04 503808 ----a-w- C:\Windows\System32\srcore.dll
2014-08-19 03:08:04 50176 ----a-w- C:\Windows\System32\srclient.dll
2014-08-19 03:08:03 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2014-08-19 03:07:51 58880 ----a-w- C:\Windows\System32\appidapi.dll
2014-08-19 03:07:51 32256 ----a-w- C:\Windows\System32\appidsvc.dll
2014-08-19 03:07:33 296960 ----a-w- C:\Windows\System32\rstrui.exe
2014-08-19 03:07:11 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2014-08-19 03:07:11 146944 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2014-08-19 02:41:39 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-08-19 02:41:22 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2014-08-19 02:06:56 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
.
============= FINISH: 13:43:00,82 ===============
Code:
ATTFilter .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 24.11.2011 11:16:27
System Uptime: 12.11.2014 13:38:14 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | Z68A-D3H-B3
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz | Socket 1155 | 3701/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 103 GiB total, 10,753 GiB free.
D: is FIXED (NTFS) - 1863 GiB total, 1519,29 GiB free.
E: is CDROM ()
F: is Removable
G: is CDROM ()
H: is FIXED (NTFS) - 1863 GiB total, 538,385 GiB free.
I: is CDROM ()
J: is CDROM (UDF)
K: is CDROM ()
L: is FIXED (NTFS) - 1397 GiB total, 421,063 GiB free.
M: is Removable
N: is CDROM ()
O: is Removable
P: is Removable
Q: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft-Teredo-Tunneling-Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP599: 26.10.2014 19:00:39 - Windows-Sicherung
RP600: 29.10.2014 19:52:21 - Windows Update
RP601: 02.11.2014 17:25:33 - Windows Update
RP602: 02.11.2014 19:00:35 - Windows-Sicherung
RP603: 06.11.2014 07:40:41 - Windows Update
RP604: 10.11.2014 07:41:09 - Windows-Sicherung
RP605: 10.11.2014 07:41:43 - Windows Update
RP606: 12.11.2014 11:42:20 - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Creative Suite 5.5 Design Premium
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09) - Deutsch
Adobe Shockwave Player 12.0
Adobe Widget Browser
Advanced PSD Repair v1.4
Allgemeine Runtime Files (x86)
Apple Application Support
Apple Software Update
Audacity 2.0
Avidemux 2.6 - 64bits
BitComet 1.37
BitTorrent
Canon iP4600 series Benutzerregistrierung
Canon iP4600 series Printer Driver
Canon Utilities EOS Utility
Canon Utilities My Printer
Canon Utilities PhotoStitch
Canon Utilities WFT Utility
CDBurnerXP
Cliqz
D3DX10
DAEMON Tools Lite
DAPlayer 1.0.1.9
Das große DGS Wörterbuch 1.0.2.9
Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition
Dropbox
DVDFab 8.2.2.6 (25/12/2012) Qt
Etron USB3.0 Host Controller
Exact Audio Copy 1.0beta3
FFmpeg v0.6.2 for Audacity
File Repair
FileZilla Client 3.7.3
FLAC 1.2.1b (remove only)
Free Audio Converter version 5.0.48.923
Free AVI Video Converter version 5.0.17.903
Free Video Dub version
FVD Suite 3.0.0
GIMP 2.8.2
Gimp Themes v1.0
Google Earth
Google Update Helper
HandBrake 0.9.5
HashCheck Shell Extension (x86-32)
HashCheck Shell Extension (x86-64)
ImgBurn
Inkjet Printer/Scanner Extended Survey Program
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) Solid-State Drive Toolbox
Java 8 Update 20
Java 8 Update 20 (64-bit)
Java Auto Updater
Junk Mail filter update
LAME v3.99.3 (for Windows)
LightScribe System Software
MakeMKV v1.7.10
Malwarebytes Anti-Malware Version 1.65.0.1400
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (DEU)
Microsoft .NET Framework 4.5.1 (Deutsch)
Microsoft Antimalware Service DE-DE Language Pack
Microsoft Application Error Reporting
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Security Client
Microsoft Security Client DE-DE Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual J# 2.0 Redistributable Package
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
Mouse Driver V1.0
Movavi Video Suite 12
Mozilla Firefox 33.1 (x86 de)
Mozilla Maintenance Service
MPC-HC 1.7.7 (64-bit)
MSVCRT
MSVCRT_amd64
Multimedia Keyboard Driver
Nero 11
Nero 11 Platinum
Nero 11 Video Samples
Nero Abstract Themes
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Backup Drivers
Nero Blu-ray Player
Nero Blu-ray Player Help (CHM)
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero Cliparts
Nero ControlCenter
Nero ControlCenter 11 Help (CHM)
Nero Core Components
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Disc Menus 1
Nero Disc Menus 2
Nero Disc Menus 3
Nero Disc Menus Basic
Nero Effects Basic
Nero Express 11
Nero Express 11 Help (CHM)
Nero Family and Events Themes
Nero Football (Soccer) Themes
Nero Holiday and Sports Themes
Nero Image Samples
Nero Info
Nero Kwik Themes Basic
Nero MediaHome
Nero MediaHome Help (CHM)
Nero PiP Effects 1
Nero PiP Effects Basic
Nero Prerequisite Installer 1.0
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SharedVideoCodecs
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero Video Transitions 1
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
PDF Settings CS5
Pixum Fotobuch
Plustek OpticPro ST48
Port Forward Network Utilities 2.0.1
QuickTime 7
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Roadkil's Unstoppable Copier Version 5.2
SavingsBull
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Snap.Do Engine
Static Windows Live Mail Backup 2.9
Steganos Safe 2012
SUPER © v2012.build.53 (Sep 13, 2012) Version v2012.build.53
swMSM
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2889935) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2878251) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
VirtualCloneDrive
VLC media player
VLC media player 2.0.8
Voice Manager
VUPlayer
Vuze
Vuze Remote Toolbar
WD SmartWare
WD Software Upgrader
Welcome App (Start-up experience)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR
WinZip 18.5
.
==== End Of File ===========================
|
|
12.11.2014, 14:39
| #2 |
| /// TB-Ausbilder   | Firefox öffnet selbstständig Tabs mit Werbung Hallo Toni69
__________________ Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
 Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg. Wir "arbeiten" hier alle freiwillig und in unserer Freizeit *hust*. Daher kann es bei Antworten zu Verzögerungen kommen. Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist. Mach mir mal bitte FRST Logs. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
12.11.2014, 15:32
| #3 |
| | Firefox öffnet selbstständig Tabs mit Werbung Hallo TIMO,...
__________________danke für Deine Hilfe. Hier die beiden Texte: Additional: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by Toni Standard at 2014-11-12 15:23:38
Running from L:\T\TECHNICS PC\PC Security\Farbar Recovery Scan Tool FRST64
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Design Premium (HKLM-x32\...\{60E59A6C-7399-495A-B85C-C829F4E59602}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Advanced PSD Repair v1.4 (HKLM-x32\...\Advanced PSD Repair v1.4) (Version: - )
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.4 - Sereby Corporation)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
BitComet 1.37 (HKLM-x32\...\BitComet) (Version: 1.37 - CometNetwork)
Canon iP4600 series Benutzerregistrierung (HKLM-x32\...\Canon iP4600 series Benutzerregistrierung) (Version: - )
Canon iP4600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series) (Version: - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3243 - CDBurnerXP)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
DAPlayer 1.0.1.9 (HKLM-x32\...\DAPlayer_is1) (Version: - Digiarty Software,Inc.)
Das große DGS Wörterbuch 1.0.2.9 (HKLM-x32\...\{71FB874A-A992-4ED6-9522-6EFF78ADDDCB}_is1) (Version: - Verlag Karin Kestner)
Dropbox (HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DVDFab 8.2.2.6 (25/12/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.98 - Etron Technology) Hidden
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - )
File Repair (HKLM-x32\...\File Repair_is1) (Version: - File Repair)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
Free Audio Converter version 5.0.48.923 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.48.923 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.17.903 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.17.903 - DVDVideoSoft Ltd.)
Free Video Dub version (HKLM-x32\...\Free Video Dub_is1) (Version: - DVDVideoSoft Ltd.)
FVD Suite 3.0.0 (HKLM-x32\...\{80E4B2D6-BFF2-402C-96C4-3942DF24CABB}_is1) (Version: - flashvideodownloader.org)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Gimp Themes v1.0 (HKLM-x32\...\{833D97B9-AC16-45C1-AD44-0A32198956F8}) (Version: 1.0.0 - www.gimp-tutorials.net)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HandBrake 0.9.5 (HKLM-x32\...\HandBrake) (Version: 0.9.5 - )
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) Solid-State Drive Toolbox (HKLM-x32\...\Intel(R) Solid-State Drive Toolbox) (Version: 3.0.1.400 - Intel Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
MakeMKV v1.7.10 (HKLM-x32\...\MakeMKV) (Version: v1.7.10 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 1.65.0.1400 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.65.0.1400 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Mouse Driver V1.0 (HKLM-x32\...\WheelMouse) (Version: - )
Movavi Video Suite 12 (HKLM-x32\...\Movavi Video Suite 12) (Version: 12.3.0 - Movavi)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
Multimedia Keyboard Driver (HKLM-x32\...\InstallShield_{51B46054-AE28-4BCD-8DE8-3901354F0A1C}) (Version: 2.0 - Ihr Firmenname)
Multimedia Keyboard Driver (x32 Version: 2.0 - Ihr Firmenname) Hidden
Nero 11 (HKLM-x32\...\{FC18AB8F-9BA3-423B-91F2-622990F57978}) (Version: 11.2.01000 - Nero AG)
Nero 11 Platinum (HKLM-x32\...\{DC99552E-8149-4EBB-8812-6069956056AA}) (Version: 11.2.01800 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Prerequisite Installer 1.0 (HKLM-x32\...\{AFD1BFF3-FE02-47BB-8F45-739D46AEA2BC}) (Version: 11.0.12700 - Nero AG)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: - )
Plustek OpticPro ST48 (HKLM-x32\...\{5265664F-6128-405C-9225-9782A85954FD}) (Version: V4.2.0 - )
Port Forward Network Utilities 2.0.1 (HKLM-x32\...\Port Forward Network Utilities) (Version: 2.0.1 - Portforward.com)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version: - Roadkil.Net)
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Static Windows Live Mail Backup 2.9 (HKLM-x32\...\Static Windows Live Mail Backup_is1) (Version: - StaticBackup Inc.)
Steganos Safe 2012 (HKLM-x32\...\{FADC3DC0-BCD9-4F6A-BB9D-360D695C5791}) (Version: 13.0.5 - Steganos Software GmbH)
SUPER © v2012.build.53 (Sep 13, 2012) Version v2012.build.53 (HKLM-x32\...\{8F311E72-C27F-4DF0-8254-B739A1831668}_is1) (Version: v2012.build.53 - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Voice Manager (HKLM-x32\...\Voice Manager) (Version: - )
VUPlayer (HKLM-x32\...\VUPlayer) (Version: - )
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
Vuze Remote Toolbar (HKLM-x32\...\Vuze_Remote Toolbar) (Version: 6.8.9.0 - Vuze Remote) <==== ATTENTION
WD SmartWare (HKLM\...\{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
WD Software Upgrader (HKLM-x32\...\{57C4F272-9839-45C6-8B83-92EC89C7EE40}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\Intel_C_CVPR135003JA120LGN.job => ?
==================== Loaded Modules (whitelisted) =============
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-11-24 11:23 - 2011-04-10 03:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2000-05-08 02:54 - 2000-05-08 02:54 - 00061440 _____ () C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:7D2C66B1
AlternateDataStreams: C:\ProgramData\TEMP:E36A723B
AlternateDataStreams: C:\Users\Toni Standard\Cookies:6MopXCGd0f7LxfgxjAfo8Tx
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: MozillaMaintenance => 3
========================= Accounts: ==========================
2th Device (S-1-5-21-1612934075-448063179-3665729200-1005 - Administrator - Enabled) => C:\Users\2th Device
3th Device (S-1-5-21-1612934075-448063179-3665729200-1006 - Limited - Enabled)
Administrator (S-1-5-21-1612934075-448063179-3665729200-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-1612934075-448063179-3665729200-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1612934075-448063179-3665729200-1002 - Limited - Enabled)
Toni Standard (S-1-5-21-1612934075-448063179-3665729200-1007 - Limited - Enabled) => C:\Users\Toni Standard
Toni_02 (S-1-5-21-1612934075-448063179-3665729200-1003 - Administrator - Enabled) => C:\Users\Toni_02
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/12/2014 01:40:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 01:23:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 00:57:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 11:57:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 11:42:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1612934075-448063179-3665729200-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {fdd3cbcd-e0cf-419c-8d5f-fedc883ead5d}
Error: (11/12/2014 07:29:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/11/2014 05:37:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Bridge.exe, Version 4.1.0.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1164
Startzeit: 01cffdcd8b8ab482
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe
Berichts-ID: f345e4d4-69c0-11e4-a645-50e5493e14f5
Error: (11/11/2014 05:04:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (11/12/2014 01:36:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/12/2014 01:36:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X86" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WD Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (11/12/2014 01:40:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 01:23:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 00:57:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 11:57:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 11:42:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1612934075-448063179-3665729200-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {fdd3cbcd-e0cf-419c-8d5f-fedc883ead5d}
Error: (11/12/2014 07:29:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/11/2014 05:37:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Bridge.exe4.1.0.54116401cffdcd8b8ab4820C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exef345e4d4-69c0-11e4-a645-50e5493e14f5
Error: (11/11/2014 05:04:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2012-02-15 11:02:27.805
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\afd.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-02-15 11:02:27.790
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\afd.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16301.11 MB
Available physical RAM: 13493.71 MB
Total Pagefile: 32600.4 MB
Available Pagefile: 29786.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (System und Programme) (Fixed) (Total:102.54 GB) (Free:10.7 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1519.29 GB) NTFS
Drive h: (A&Y Friends Licence) (Fixed) (Total:1863.01 GB) (Free:538.38 GB) NTFS
Drive j: (WD Unlocker) (CDROM) (Total:0.02 GB) (Free:0 GB) UDF
Drive l: (Videos Music Technic) (Fixed) (Total:1397.26 GB) (Free:421.06 GB) NTFS
Drive m: (EOS_DIGITAL) (Removable) (Total:29.79 GB) (Free:29.79 GB) FAT32
==================== MBR & Partition Table ==================
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Toni Standard (ATTENTION: The logged in user is not administrator) on TONI-PC on 12-11-2014 15:23:16
Running from L:\T\TECHNICS PC\PC Security\Farbar Recovery Scan Tool FRST64
Loaded Profiles: Toni_02 & Toni Standard (Available profiles: Toni_02 & 2th Device & Toni Standard & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe
() C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
(UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMConfig.exe
(Dropbox, Inc.) C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMProcess.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-18] (CANON INC.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [KMConfig] => "C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe
HKLM-x32\...\Run: [WheelMouse] => C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE [61440 2000-05-08] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [NWEReboot] => [X]
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SAFE2012 HotKeys] => C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe [84480 2012-11-19] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE2012 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe [17408 2012-11-19] (Steganos Software GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\RunOnce: [SpUninstallCleanUp] => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\Music and more\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [CSmileys] => "C:\Program Files (x86)\Crawler\Smileys\CSmileysIM.exe"
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\MountPoints2: {0276705e-2a81-11e2-aa71-50e5493e14f5} - J:\unlock.exe autoplay=true
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\MountPoints2: {530ae508-febe-11e2-b141-50e5493e14f5} - S:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Action Manager 32.lnk
ShortcutTarget: Action Manager 32.lnk -> C:\Program Files (x86)\Plustek\OpticPro ST48\AM32.exe ()
Startup: C:\Users\Toni Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Toni_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=ds&q={searchTerms}&installDate=26/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=hp&installDate=26/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=ds&q={searchTerms}&installDate=26/12/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=ds&q={searchTerms}&installDate=26/12/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=ds&q={searchTerms}&installDate=26/12/2013
SearchScopes: HKCU - {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZO^xdm071^YYA^de&si=PI_UT_FIG_GER_147&ptb=6E4AD4F7-E173-4450-8681-A8FBB50F25DC&ind=2013072903&n=77fd0e07&psa=&st=sb&searchfor={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1612934075-448063179-3665729200-1007 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-1612934075-448063179-3665729200-1007 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Tcpip\..\Interfaces\{86EA66A2-B974-40D7-B70D-DF7EF99D26E7}: [NameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default
FF Homepage: https://www.google.de/?gws_rd=cr&ei=lRG8UsLUCdDUsganj4C4Aw
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll (InfiniAd GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\artur.dubovoy@gmail.com [2014-11-12]
FF Extension: YouTube Unblocker - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-08]
FF Extension: Flashblock - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-01-16]
FF Extension: mediaplayerconnectivity - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2014-03-24]
FF Extension: WOT - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12]
FF Extension: BitComet Video Downloader - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-07-27]
FF Extension: DownloadHelper - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: CSHelper - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2013-12-04]
FF Extension: JavaScript Deobfuscator - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2012-10-10]
FF Extension: Shockwave Flash Shield Free - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{5bac7493-d3a3-4d09-a516-67c368e813eb}.xpi [2013-11-05]
FF Extension: Adblock Plus - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-16]
FF Extension: DownThemAll! - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-14]
FF Extension: {e47bab36-4a3c-45b6-b046-aead3fde2b67} - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{e47bab36-4a3c-45b6-b046-aead3fde2b67}.xpi [2013-10-30]
FF Extension: QuickJava - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2012-10-10]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-11-24]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 KMWDSERVICE; C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMWDSrv.exe [2179072 2007-05-08] (UASSOFT.COM) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed]
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-27] (DT Soft Ltd)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-02-27] (Duplex Secure Ltd.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) [File not signed]
U3 amoz4et0; C:\Windows\System32\Drivers\amoz4et0.sys [0 ] (Microsoft Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 15:23 - 2014-11-12 15:23 - 00000000 ____D () C:\FRST
2014-11-12 07:35 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:35 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:35 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:35 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:35 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:35 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:35 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:35 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:35 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:35 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:35 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:35 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:35 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:35 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:35 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:35 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:35 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:35 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:35 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:35 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:35 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:35 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:35 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:35 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:35 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:35 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:35 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:35 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:35 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:35 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:35 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:35 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:35 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:35 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:35 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:35 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:35 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:35 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:35 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:35 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:35 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:35 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:35 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:35 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:35 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:35 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:35 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:35 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:35 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:35 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:35 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:35 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:35 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 07:35 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:35 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:35 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:35 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:35 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:35 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:35 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:35 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:35 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:35 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:35 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:35 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:35 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:35 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:35 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:34 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:34 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:34 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:34 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 07:34 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:34 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:34 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:34 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:34 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:34 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:34 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:34 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:34 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:34 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:34 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:34 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:34 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:34 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:34 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:34 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:34 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:30 - 2014-11-12 07:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{88E11022-9BE3-4BFB-AAC0-062986CE78B9}
2014-11-12 00:01 - 2014-11-12 00:01 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{FB92A79F-CEC0-43E5-B2E4-7C48E30B98B9}
2014-11-11 12:00 - 2014-11-11 12:00 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{ED51EB56-9E71-4D5E-8502-2023E6A826F8}
2014-11-10 23:56 - 2014-11-10 23:56 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{7DF076F2-7252-4B6C-82C3-B1AB2D76D037}
2014-11-10 07:32 - 2014-11-10 07:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{8FE69347-E451-466D-B26F-94CC588F814E}
2014-11-09 00:46 - 2014-11-09 00:46 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{45AF8342-6ECD-4A21-99BB-DD31696E45A7}
2014-11-07 07:31 - 2014-11-07 07:31 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{84DBE661-F8C1-480A-9CC7-131CEB8E4CDB}
2014-11-06 13:19 - 2014-11-06 13:19 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{151F34D1-78A2-4756-BC50-AC75D19E4ED6}
2014-11-05 23:59 - 2014-11-05 23:59 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{B6305BAA-F18F-4DCE-B432-AFA8FB9C5713}
2014-11-05 07:28 - 2014-11-05 07:29 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2D5E13D0-A56B-4EA8-81E9-EF55EB27EE80}
2014-11-04 13:06 - 2014-11-04 13:07 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{937DEF99-B37E-4AB8-A6B4-A791A6BB7D03}
2014-11-03 23:36 - 2014-11-03 23:36 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D673CE2C-98CA-4547-A605-5FA4828F64B1}
2014-11-03 07:38 - 2014-11-03 07:38 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2E454D51-213B-4904-98CC-91FC3BA0938D}
2014-11-02 17:16 - 2014-11-02 17:16 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2E8D3722-E4CE-4B04-885E-696D3480E37D}
2014-10-31 12:49 - 2014-10-31 12:50 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E0F2CE79-562A-44D5-95F5-23ADE9D9CF52}
2014-10-30 23:37 - 2014-10-30 23:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{43F93C75-CFA0-4DDE-9743-03CA08AEAEC9}
2014-10-30 10:32 - 2014-10-30 10:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{4B309154-603A-4460-85B4-E42D69AD7DBA}
2014-10-29 21:37 - 2014-10-29 21:38 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{8355E5A4-4153-4428-9115-A8759A568416}
2014-10-29 07:26 - 2014-10-29 07:27 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E0CB9992-C908-40C3-A00E-AC7DEE8E49F4}
2014-10-28 13:01 - 2014-10-28 13:01 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{12678058-11C6-4087-A030-8998BD12091D}
2014-10-27 22:17 - 2014-10-27 22:18 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{5E4110B6-BB24-4D46-90CE-C81268F99974}
2014-10-27 07:37 - 2014-10-27 07:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{4D187049-020B-4AB1-83DD-66E3BD2D7F0A}
2014-10-26 15:29 - 2014-10-26 15:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{C1FDBF88-8D51-48A0-B2C6-258589117691}
2014-10-25 11:14 - 2014-10-25 11:14 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{BD6401DA-8C73-447F-8172-26DFD6E66F02}
2014-10-24 23:12 - 2014-10-24 23:12 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{0FA5A21F-1220-448A-ACFF-0AEFC06CCCB8}
2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-24 07:21 - 2014-10-24 07:21 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D0263E6C-C7F5-4190-ACF7-6B5D5D2EB4CC}
2014-10-23 19:10 - 2014-10-23 19:10 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{1FDBE744-AFA0-46F5-B43B-4B67ABAAAA4B}
2014-10-23 06:48 - 2014-10-23 06:48 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{073ED4FC-73F7-47E9-AAD3-177D1151A7D1}
2014-10-22 18:22 - 2014-10-22 18:23 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E57BAA36-0A08-43BF-8D8A-EE042B7593F1}
2014-10-22 06:22 - 2014-10-22 06:22 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{7F344EF7-8696-421C-98BA-CDEA0DDDE272}
2014-10-21 11:55 - 2014-10-21 11:55 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{A791F545-BE30-4D22-9213-19607E128CF7}
2014-10-20 22:44 - 2014-10-20 22:44 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{6047BB1D-FBB3-493E-BC56-192BECF3A6C3}
2014-10-20 06:22 - 2014-10-20 06:22 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{851ED735-6FF8-45C9-A8BF-C693F665970E}
2014-10-18 11:32 - 2014-10-18 11:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{92A7216B-8E3C-44A1-9428-D0E7A3CF46CC}
2014-10-17 21:26 - 2014-10-17 21:26 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{0B0230CB-47B0-42A5-AACC-DEB4CA9B7F04}
2014-10-17 08:46 - 2014-10-17 08:46 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{1EE14C65-6665-4DE2-A9B0-212458E2CC2D}
2014-10-16 20:44 - 2014-10-16 20:45 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{F009122B-79E7-4815-9A59-A18454C6D2E0}
2014-10-16 06:29 - 2014-10-16 06:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D882529D-1F71-4756-854B-0BD085EB31A5}
2014-10-15 12:41 - 2014-10-15 12:41 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{298337DC-DB6B-4520-8872-883E4B348CD4}
2014-10-15 06:33 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 06:33 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 06:33 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 06:33 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 06:33 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 06:33 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 06:33 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 06:33 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 06:33 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 06:33 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 06:33 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 06:33 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 06:33 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-15 06:33 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-15 06:33 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-15 06:33 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-15 06:33 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 06:33 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 06:33 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 06:33 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 06:33 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 06:33 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 06:33 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 06:33 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 06:33 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 06:33 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 06:33 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 06:33 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 06:33 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 06:33 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 06:33 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 06:33 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 06:33 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 06:33 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 06:33 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 06:32 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 06:32 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 06:32 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 06:32 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 06:32 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 06:32 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 06:32 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 06:32 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 06:32 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 06:32 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 06:32 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 22:28 - 2014-10-14 22:28 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E7E27D0F-16E6-4E44-AF82-1BB73DB83C65}
2014-10-14 10:16 - 2014-11-04 07:32 - 00000000 ____D () C:\Users\Toni Standard\.mediathek3
2014-10-14 10:11 - 2014-10-14 10:11 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-14 10:11 - 2014-08-31 15:18 - 00894888 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2014-10-14 10:11 - 2014-08-31 15:18 - 00815528 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2014-10-14 10:11 - 2012-07-03 14:09 - 00955848 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2014-10-14 10:11 - 2012-07-03 14:09 - 00839112 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\Users\Toni_02\AppData\Roaming\Abelssoft
2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\Users\Toni_02\AppData\Local\Abelssoft
2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-14 10:05 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2014-10-14 10:05 - 2011-03-25 19:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll
2014-10-14 08:34 - 2014-10-14 08:34 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{CED3B3C7-D65E-465D-AB28-AE8E4CC50DB5}
2014-10-13 18:51 - 2014-10-13 18:52 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{DC1FD377-C452-4F80-A2D2-079CEA3E2D8E}
2014-10-13 10:46 - 2014-10-13 10:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-13 06:37 - 2014-10-13 06:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{AF9D0675-DDCE-4036-A956-355C43F60DE0}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 15:09 - 2014-09-11 20:37 - 00000000 ____D () C:\Windows\rescache
2014-11-12 14:54 - 2012-02-02 09:37 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-12 14:39 - 2012-09-03 06:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 13:45 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 13:45 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 13:43 - 2011-04-12 08:43 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-11-12 13:43 - 2011-04-12 08:43 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-11-12 13:43 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-12 13:42 - 2011-11-24 11:16 - 01342101 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 13:39 - 2012-11-16 13:08 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\Dropbox
2014-11-12 13:39 - 2012-02-02 09:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 13:38 - 2011-11-24 15:54 - 00105609 _____ () C:\Windows\setupact.log
2014-11-12 13:38 - 2010-11-21 04:47 - 00420254 _____ () C:\Windows\PFRO.log
2014-11-12 13:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 13:36 - 2013-12-26 02:12 - 00001099 _____ () C:\Users\Toni_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-11-12 13:36 - 2012-02-15 22:55 - 00000000 ____D () C:\Users\Toni_02
2014-11-12 13:35 - 2014-02-27 20:57 - 4015803922 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-11-12 13:21 - 2013-08-12 15:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-12 13:12 - 2013-08-13 20:00 - 00036821 _____ () C:\Windows\wininit.ini
2014-11-12 13:04 - 2013-10-01 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-12 11:58 - 2012-09-12 12:28 - 00240800 _____ () C:\Users\Toni Standard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-12 11:58 - 2012-02-15 22:55 - 00240800 _____ () C:\Users\Toni_02\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-12 11:57 - 2009-07-14 05:45 - 05801584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 11:56 - 2014-05-06 23:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 11:47 - 2011-11-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 11:45 - 2013-08-14 11:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 11:42 - 2011-11-24 12:00 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 11:04 - 2013-10-22 12:57 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\vlc
2014-11-12 10:39 - 2012-04-05 08:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 10:39 - 2011-11-24 12:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 09:41 - 2012-04-28 14:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 09:32 - 2013-07-29 08:12 - 00000261 _____ () C:\Users\Toni Standard\AppData\Roaming\WB.CFG
2014-11-12 07:38 - 2012-09-12 12:28 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\Adobe
2014-11-05 07:27 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-04 19:35 - 2012-04-05 08:36 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-23 07:33 - 2012-09-27 16:04 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\Audacity
2014-10-23 07:33 - 2012-07-28 11:34 - 00000000 ____D () C:\Users\2th Device
2014-10-23 07:33 - 2011-11-24 14:14 - 00000000 ____D () C:\Users\Administrator
2014-10-23 07:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-23 06:47 - 2012-09-12 12:28 - 00000000 ____D () C:\Users\Toni Standard
2014-10-18 11:31 - 2014-09-19 06:24 - 00000000 ____D () C:\Users\Toni_02\AppData\Local\Adobe
2014-10-16 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 10:11 - 2012-07-03 14:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-14 10:11 - 2012-07-03 14:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-14 10:11 - 2012-07-03 14:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-14 10:11 - 2012-07-03 14:09 - 00000000 ____D () C:\Program Files\Java
2014-10-14 10:11 - 2012-06-28 11:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-13 10:48 - 2012-08-08 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-10-13 10:48 - 2012-08-08 19:35 - 00000000 ____D () C:\Program Files (x86)\Nero
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2976.dll
Some content of TEMP:
====================
C:\Users\Toni Standard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn7g0qr.dll
C:\Users\Toni Standard\AppData\Local\Temp\i4jd4668773831472855398.exe
C:\Users\Toni Standard\AppData\Local\Temp\i4jdel0.exe
C:\Users\Toni Standard\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Toni Standard\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Toni_02\AppData\Local\Temp\ICReinstall_installer_flash_player_Deutsch.exe
C:\Users\Toni_02\AppData\Local\Temp\nse5506.exe
C:\Users\Toni_02\AppData\Local\Temp\nsp9D2F.exe
C:\Users\Toni_02\AppData\Local\Temp\Quarantine.exe
C:\Users\Toni_02\AppData\Local\Temp\Setup.exe
C:\Users\Toni_02\AppData\Local\Temp\sqlite3.dll
C:\Users\Toni_02\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Toni_02\AppData\Local\Temp\tester.dll
C:\Users\Toni_02\AppData\Local\Temp\utt2CEF.tmp.exe
C:\Users\Toni_02\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Gruß Toni69 |
|
12.11.2014, 15:38
| #4 |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit Werbung Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Downloade Dir bitte  Malwarebytes Anti-Malware
Starte noch einmal FRST.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
12.11.2014, 19:47
| #5 |
| | Firefox öffnet selbstständig Tabs mit Werbung Hallo TIMO,... habe mit Revo Uninstaller Vuze Remote Toolbar deinstalliert. SavingsBull zeigte führte das Programm nicht in der Liste auf. Dafür aber 'snap.do'. Nach kurzem Googlen entfernte ich dies. In der Systemsteuerung/Software deinstallieren wurde es angezeigt. Ist jedenfalls nun deinstalliert. Scann mit AdwCleaner brachte keine Ergebnisse mehr. Könnte ein gutes Zeichen sein. Allerdings erhielt ich wieder keine Logdatei, sodass ich nichts posten kann. Junkware Removal Tool brachte den unten stehenden Text. Allerdings gibt's momentan ein Problem: Nach dem Scann funktioniert Rechtsklick mit der Maus auf dem Desktop nicht mehr. Darstellungsauflösung ist verändert und Links lassen sich im Explorer nicht mehr mit Doppelklick öffnen. Firefox ist plötzlich neu; alle Einstellungen sind weg... Hier erst einmal JRT.txt: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Professional x64
Ran by Toni_02 on 12.11.2014 at 16:36:50,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{0AF7D6DC-BC74-42B9-BDC3-43607C54092F}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{0FD9C392-08CD-48A4-B98C-51E207B0E622}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{123443E7-0FE3-43B6-82B6-E4BED9B32E4E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{129D0256-DA5E-4285-8F0C-81F6F234A77C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{1A0238EB-385D-4DCF-8587-080616866562}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{1A6B4A7C-9AEB-4E9B-A188-9C37200C3CAA}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{1DE8EF6B-D4A6-4603-B59F-6DA74F667DEF}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{1E17C3A7-CF7F-4209-9435-D124A89B83DE}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{221CBA67-45D9-43B0-8E7E-EC2598318EE2}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{25AE90F3-8FE6-43C8-8340-5673A4FA5147}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{283F4D77-A771-447D-A19A-A5963739E25E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{29E1E355-9A1C-47BC-9076-938F92C9A81D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{2A760A38-91CC-4933-9ABB-4E3F89522D5C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{2AF9A11F-1E13-4D5B-86DB-55EF893D78AB}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{2EF56348-F227-4975-9EDB-FF599BD419AA}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{3566869F-F011-4869-8F0D-EA255EA3919D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{37415E38-DA00-4595-A46C-AEE0B2ACF23D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{3974192F-B723-4E58-A82F-D199822F7554}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{3E9E8276-8BAC-4D6C-9AA5-18A6A5901A0D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{41E3ADB6-C6F6-4652-A22A-84F7C8A228AF}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{42DFB99E-D67D-42E0-ADAC-C1608785BB91}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{43E47A57-2996-4FB9-B0AC-B9672EAD51FA}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{4500B5CE-A9A3-4265-8EB2-CF9916D5DC76}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{4724BF5C-2BB1-4DBB-8540-904205E02A91}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{48113D90-7674-437F-B837-591EE6249F5E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{4AE8AF1A-4BEC-4304-9F58-7B925EFB5072}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{4E3AD42F-7AA4-41E3-ADE1-536DEBD253C1}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{50B38D3B-D848-4C18-BC86-3B6CBB140C5A}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{51A31E5A-E3FD-4C2E-A1D8-1EBB0CED6CB9}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{5231AB34-0811-4381-8400-471146DDB529}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{5576804D-4ABE-4E9F-87F0-03DDC8285333}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{56A163EC-089B-45F9-8BA7-D7F1549CDD66}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{5E1AED2C-0504-4717-968C-C76C203C2F2E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{60209DEB-43C6-40FC-8DAE-25DA8C0B70F7}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{6C7B2B3A-FD6E-4F20-93E0-80F4C087A71A}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{6E905B61-4364-4E30-9F96-EA0C43634215}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{6EAAACC6-DD46-4965-BCD0-8B5088224D84}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{73F5C54D-10F7-4B8B-8CEE-19139AEDE996}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{79339E2B-AEFB-4705-98F4-C409EFF6F420}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{79EDFAC6-F4E5-4C82-ABB0-C73DC96E065C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7A2EB50E-1D75-42EB-AB54-7F3FADA93A72}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7AA419B2-0D45-49FD-AD86-766515CA0F7D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7AEAC43E-376D-4D0E-8A75-27F50ADBFED7}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7CCE760D-A46D-4964-A7C6-67FBCE2DD9F8}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7E48D7AF-A478-40B0-865D-ED2F01FE8CA0}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7FB6421F-6C82-4000-B558-D5D048FBD203}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{8173CDBD-A9D8-42F9-9A4D-9EEDD9DC0117}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{8413DFEA-F425-4E93-A035-F468C357D499}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{843E14F9-179A-4405-BCFB-012EF741F35B}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{86F99659-0793-420B-BBB5-207D3B7F74A2}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{88B5D46D-C836-4BB1-8BC1-1A215AE834BD}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{8C98021C-4BC6-452B-A109-08CB2E9EA2C8}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{91F2403D-26C9-4177-BCEB-C4E84D5A7758}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9323EA2B-3FCA-4F2F-9DB9-33A7D9160B0F}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9769664E-5D99-4537-BB83-8F1EA2BD047C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9B03D94A-21F9-4D9F-9CA8-EDCDEACB2E90}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9B128F21-14D0-4CD1-A428-E70393FCBD45}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9BBA8798-50B8-4C36-B5D6-18A581DCF992}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9F8114C4-7488-4A91-BC16-1481C1311E3A}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{A0777764-C93F-4ECE-8DE0-2436805DA9D9}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{A198D97A-BEF4-4C27-A0E5-9EA3E82B52E5}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{A43C530F-9876-4962-A4B4-F7CE688AB5CC}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{A6E9A3ED-7BDF-4C34-AA4B-3DF8E8B3127A}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{AAA0D4AF-DFB7-4A6A-81FC-79F8DB33B3C5}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{AF81A583-70E8-41A0-8A48-5A88F530EA48}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{B157F549-7830-44C3-B2F1-64D43E0E3A75}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{B265D4CF-027F-4E2E-93E9-918ABB5B96FC}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{B30E6AB9-6392-4D90-BCEF-F3AF187FEE80}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{C39DF455-44FB-42FE-A9E7-7FCA2EE6857C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{C4BAF178-1E68-45A2-BC22-E41D2E35F0B9}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{C9F0A375-9729-4D29-A2B2-ABDFAAF721F1}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{CA85EAE0-1BA6-4E25-B92E-E853403FCB87}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{CCF404B0-D58A-48E0-BCC0-D10BF7361D64}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{D0AE954D-AEEA-4E0C-867B-CE126F2E2966}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{D62DA920-1070-4B19-909B-02C35AF51FF4}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{D6F7BF4B-B28F-41AB-966E-C4BAD7B70722}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{D833FCD9-2150-470D-991A-AB5AD79789B7}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{DB16E7AB-A4B6-476B-9448-2176770CE7D1}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{DF4BB3D3-9A72-4653-A2E7-01724A8513F3}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{E1E3B74C-CBCB-4FD0-BEE0-6613BFDC15A0}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{E3E2653F-8166-4EBF-869B-E9F67707F354}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{E4090FC7-3ECE-4CA7-902C-548956487D86}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{E8EB63F6-033E-474C-9903-DF569AA6AC51}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{EC54D130-C5D8-4029-AA6C-9CA302403723}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{ED62C5A3-447E-4A1E-986C-B0DF4C9CC3CF}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{F6AAF6E9-D728-4450-ADE1-F45D0E54139E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{F99ECE78-E367-4CFD-914B-3360829DC138}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{FC19CCAC-F0B3-4F97-A9CF-A38F38143DA0}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{FE363F9D-0507-411D-B5CE-8F18EA7772D9}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{FEB7D47B-3550-42FB-9107-F9182DB6DC28}
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\smartbar
Successfully deleted: [Folder] C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\extensions\staged
Successfully deleted: [Folder] C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Successfully deleted the following from C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\prefs.js
user_pref("extensions.AMAZONNEW_NS_PH.toolbarXMLText", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<toolbar>\n <replacements>\n <replacement>\n <key><![CDATA[__REGIO
user_pref("valueApps.storage.mam_gk_userId", "35613464663365362D666336362D346631622D393735372D336264623336656163663331");
Emptied folder: C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.11.2014 at 16:38:29,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hallo TIMO,... nach Neustart war alles wieder im 'Normalzustand' und somit gab's keine Probleme. Hier nun mbam.txt --> es sind zwei, da es zwei Scanns gab (ergab sich so, weil das Fenster verschwunden war und ich einen neuen Scann durchführte. Dann kam die Meldung vom ersten. Somit gibt's zwei mbam.txt-Dateien: 2014-11-18_mbam1.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 2014-11-12 Suchlauf-Zeit: 17:52:06 Logdatei: 2014-11-18_mbam1.txt Administrator: Nein Version: 2.00.3.1025 Malware Datenbank: v2014.11.12.08 Rootkit Datenbank: v2014.11.12.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Toni Standard Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 479110 Verstrichene Zeit: 6 Min, 59 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 1 PUP.LoadTubes, C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll, In Quarantäne, [9553a69484f8999dfb43655906fad42c], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 2014-11-12 17:43:25, SYSTEM, TONI-PC, Manual, Rootkit Database, 2014.9.18.1, 2014.11.12.1, Update, 2014-11-12 17:43:28, SYSTEM, TONI-PC, Manual, Malware Database, 2014.9.19.5, 2014.11.12.8, Scan, 2014-11-12 18:17:55, SYSTEM, TONI-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 6 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "% 1" nicht-Malware-Erkennung, (end) 2014-11-18_FRST_02.txt: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014 Ran by Toni Standard (ATTENTION: The logged in user is not administrator) on TONI-PC on 12-11-2014 18:29:08 Running from L:\T\TECHNICS PC\PC Security\Farbar Recovery Scan Tool FRST64 Loaded Profiles: Toni_02 & Toni Standard (Available profiles: Toni_02 & 2th Device & Toni Standard & Administrator) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe () C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Nero AG) C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMConfig.exe (Dropbox, Inc.) C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMProcess.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-18] (CANON INC.) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.) HKLM-x32\...\Run: [KMConfig] => "C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe HKLM-x32\...\Run: [WheelMouse] => C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE [61440 2000-05-08] () HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG) HKLM-x32\...\Run: [NWEReboot] => [X] HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [SAFE2012 HotKeys] => C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe [84480 2012-11-19] (Steganos Software GmbH) HKLM-x32\...\Run: [SAFE2012 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe [17408 2012-11-19] (Steganos Software GmbH) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\RunOnce: [SpUninstallCleanUp] => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company) HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\Music and more\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd) HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [CSmileys] => "C:\Program Files (x86)\Crawler\Smileys\CSmileysIM.exe" HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\MountPoints2: {0276705e-2a81-11e2-aa71-50e5493e14f5} - J:\unlock.exe autoplay=true HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\MountPoints2: {530ae508-febe-11e2-b141-50e5493e14f5} - S:\pushinst.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Action Manager 32.lnk ShortcutTarget: Action Manager 32.lnk -> C:\Program Files (x86)\Plustek\OpticPro ST48\AM32.exe () Startup: C:\Users\Toni Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Toni_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKCU - {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZO^xdm071^YYA^de&si=PI_UT_FIG_GER_147&ptb=6E4AD4F7-E173-4450-8681-A8FBB50F25DC&ind=2013072903&n=77fd0e07&psa=&st=sb&searchfor={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-1612934075-448063179-3665729200-1007 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Tcpip\..\Interfaces\{86EA66A2-B974-40D7-B70D-DF7EF99D26E7}: [NameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default FF Homepage: https://www.google.de/?gws_rd=cr&ei=lRG8UsLUCdDUsganj4C4Aw FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll () FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll No File FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\artur.dubovoy@gmail.com [2014-11-12] FF Extension: YouTube Unblocker - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-08] FF Extension: Flashblock - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-01-16] FF Extension: mediaplayerconnectivity - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2014-03-24] FF Extension: WOT - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12] FF Extension: BitComet Video Downloader - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-07-27] FF Extension: DownloadHelper - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06] FF Extension: CSHelper - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2013-12-04] FF Extension: JavaScript Deobfuscator - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2012-10-10] FF Extension: Shockwave Flash Shield Free - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{5bac7493-d3a3-4d09-a516-67c368e813eb}.xpi [2013-11-05] FF Extension: Adblock Plus - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-16] FF Extension: DownThemAll! - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-14] FF Extension: {e47bab36-4a3c-45b6-b046-aead3fde2b67} - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{e47bab36-4a3c-45b6-b046-aead3fde2b67}.xpi [2013-10-30] FF Extension: QuickJava - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2012-10-10] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-11-24] Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] () R2 KMWDSERVICE; C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMWDSrv.exe [2179072 2007-05-08] (UASSOFT.COM) [File not signed] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed] R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital ) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital) R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital ) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-27] (DT Soft Ltd) S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.) S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - ) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-02-27] (Duplex Secure Ltd.) R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) [File not signed] U3 a2obxh1d; C:\Windows\System32\Drivers\a2obxh1d.sys [0 ] (Microsoft Corporation) S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-12 17:43 - 2014-11-12 17:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-12 17:43 - 2014-11-12 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-12 17:42 - 2014-11-12 17:43 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-12 17:42 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-12 17:42 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-12 16:36 - 2014-11-12 16:36 - 00000000 ____D () C:\Windows\ERUNT 2014-11-12 16:00 - 2014-11-12 16:00 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-11-12 15:23 - 2014-11-12 18:29 - 00000000 ____D () C:\FRST 2014-11-12 07:35 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 07:35 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-12 07:35 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 07:35 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 07:35 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 07:35 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 07:35 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 07:35 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 07:35 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 07:35 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 07:35 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 07:35 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 07:35 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 07:35 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 07:35 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 07:35 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 07:35 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-12 07:35 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 07:35 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 07:35 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 07:35 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-12 07:35 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-12 07:35 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-12 07:35 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-12 07:35 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-12 07:35 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 07:35 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-12 07:35 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-12 07:35 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-12 07:35 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 07:35 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-12 07:35 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 07:35 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-12 07:35 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-12 07:35 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 07:35 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-12 07:35 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 07:35 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 07:35 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 07:35 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 07:35 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 07:35 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-12 07:35 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-12 07:35 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-12 07:35 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 07:35 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-12 07:35 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-12 07:35 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-12 07:35 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-12 07:35 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 07:35 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 07:35 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-12 07:35 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-12 07:35 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-12 07:35 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-12 07:35 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-12 07:35 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-12 07:35 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-12 07:35 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-12 07:35 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 07:35 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 07:35 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 07:35 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 07:35 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-12 07:35 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-12 07:35 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-12 07:35 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-12 07:35 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-12 07:34 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 07:34 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-12 07:34 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 07:34 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-12 07:34 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 07:34 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-12 07:34 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 07:34 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 07:34 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 07:34 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 07:34 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 07:34 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 07:34 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-12 07:34 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-12 07:34 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-12 07:34 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 07:34 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 07:34 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-12 07:34 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-12 07:34 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 07:34 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-12 07:30 - 2014-11-12 07:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{88E11022-9BE3-4BFB-AAC0-062986CE78B9} 2014-11-12 00:01 - 2014-11-12 00:01 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{FB92A79F-CEC0-43E5-B2E4-7C48E30B98B9} 2014-11-11 12:00 - 2014-11-11 12:00 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{ED51EB56-9E71-4D5E-8502-2023E6A826F8} 2014-11-10 23:56 - 2014-11-10 23:56 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{7DF076F2-7252-4B6C-82C3-B1AB2D76D037} 2014-11-10 07:32 - 2014-11-10 07:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{8FE69347-E451-466D-B26F-94CC588F814E} 2014-11-09 00:46 - 2014-11-09 00:46 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{45AF8342-6ECD-4A21-99BB-DD31696E45A7} 2014-11-07 07:31 - 2014-11-07 07:31 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{84DBE661-F8C1-480A-9CC7-131CEB8E4CDB} 2014-11-06 13:19 - 2014-11-06 13:19 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{151F34D1-78A2-4756-BC50-AC75D19E4ED6} 2014-11-05 23:59 - 2014-11-05 23:59 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{B6305BAA-F18F-4DCE-B432-AFA8FB9C5713} 2014-11-05 07:28 - 2014-11-05 07:29 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2D5E13D0-A56B-4EA8-81E9-EF55EB27EE80} 2014-11-04 13:06 - 2014-11-04 13:07 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{937DEF99-B37E-4AB8-A6B4-A791A6BB7D03} 2014-11-03 23:36 - 2014-11-03 23:36 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D673CE2C-98CA-4547-A605-5FA4828F64B1} 2014-11-03 07:38 - 2014-11-03 07:38 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2E454D51-213B-4904-98CC-91FC3BA0938D} 2014-11-02 17:16 - 2014-11-02 17:16 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2E8D3722-E4CE-4B04-885E-696D3480E37D} 2014-10-31 12:49 - 2014-10-31 12:50 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E0F2CE79-562A-44D5-95F5-23ADE9D9CF52} 2014-10-30 23:37 - 2014-10-30 23:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{43F93C75-CFA0-4DDE-9743-03CA08AEAEC9} 2014-10-30 10:32 - 2014-10-30 10:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{4B309154-603A-4460-85B4-E42D69AD7DBA} 2014-10-29 21:37 - 2014-10-29 21:38 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{8355E5A4-4153-4428-9115-A8759A568416} 2014-10-29 07:26 - 2014-10-29 07:27 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E0CB9992-C908-40C3-A00E-AC7DEE8E49F4} 2014-10-28 13:01 - 2014-10-28 13:01 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{12678058-11C6-4087-A030-8998BD12091D} 2014-10-27 22:17 - 2014-10-27 22:18 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{5E4110B6-BB24-4D46-90CE-C81268F99974} 2014-10-27 07:37 - 2014-10-27 07:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{4D187049-020B-4AB1-83DD-66E3BD2D7F0A} 2014-10-26 15:29 - 2014-10-26 15:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{C1FDBF88-8D51-48A0-B2C6-258589117691} 2014-10-25 11:14 - 2014-10-25 11:14 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{BD6401DA-8C73-447F-8172-26DFD6E66F02} 2014-10-24 23:12 - 2014-10-24 23:12 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{0FA5A21F-1220-448A-ACFF-0AEFC06CCCB8} 2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-10-24 07:21 - 2014-10-24 07:21 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D0263E6C-C7F5-4190-ACF7-6B5D5D2EB4CC} 2014-10-23 19:10 - 2014-10-23 19:10 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{1FDBE744-AFA0-46F5-B43B-4B67ABAAAA4B} 2014-10-23 06:48 - 2014-10-23 06:48 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{073ED4FC-73F7-47E9-AAD3-177D1151A7D1} 2014-10-22 18:22 - 2014-10-22 18:23 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E57BAA36-0A08-43BF-8D8A-EE042B7593F1} 2014-10-22 06:22 - 2014-10-22 06:22 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{7F344EF7-8696-421C-98BA-CDEA0DDDE272} 2014-10-21 11:55 - 2014-10-21 11:55 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{A791F545-BE30-4D22-9213-19607E128CF7} 2014-10-20 22:44 - 2014-10-20 22:44 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{6047BB1D-FBB3-493E-BC56-192BECF3A6C3} 2014-10-20 06:22 - 2014-10-20 06:22 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{851ED735-6FF8-45C9-A8BF-C693F665970E} 2014-10-18 11:32 - 2014-10-18 11:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{92A7216B-8E3C-44A1-9428-D0E7A3CF46CC} 2014-10-17 21:26 - 2014-10-17 21:26 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{0B0230CB-47B0-42A5-AACC-DEB4CA9B7F04} 2014-10-17 08:46 - 2014-10-17 08:46 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{1EE14C65-6665-4DE2-A9B0-212458E2CC2D} 2014-10-16 20:44 - 2014-10-16 20:45 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{F009122B-79E7-4815-9A59-A18454C6D2E0} 2014-10-16 06:29 - 2014-10-16 06:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D882529D-1F71-4756-854B-0BD085EB31A5} 2014-10-15 12:41 - 2014-10-15 12:41 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{298337DC-DB6B-4520-8872-883E4B348CD4} 2014-10-15 06:33 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2014-10-15 06:33 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2014-10-15 06:33 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-10-15 06:33 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-10-15 06:33 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2014-10-15 06:33 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2014-10-15 06:33 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2014-10-15 06:33 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2014-10-15 06:33 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2014-10-15 06:33 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2014-10-15 06:33 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2014-10-15 06:33 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-10-15 06:33 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-10-15 06:33 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-10-15 06:33 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-10-15 06:33 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-10-15 06:33 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-10-15 06:33 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-10-15 06:33 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-10-15 06:33 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-10-15 06:33 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-10-15 06:33 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-10-15 06:33 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-10-15 06:33 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-10-15 06:33 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2014-10-15 06:33 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2014-10-15 06:33 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-10-15 06:33 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-10-15 06:33 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-10-15 06:33 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-10-15 06:33 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-10-15 06:33 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-10-15 06:33 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-10-15 06:33 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-10-15 06:33 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-15 06:32 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-15 06:32 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-15 06:32 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-15 06:32 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-15 06:32 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-15 06:32 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-15 06:32 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-15 06:32 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-15 06:32 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-15 06:32 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-15 06:32 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-14 22:28 - 2014-10-14 22:28 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E7E27D0F-16E6-4E44-AF82-1BB73DB83C65} 2014-10-14 10:16 - 2014-11-04 07:32 - 00000000 ____D () C:\Users\Toni Standard\.mediathek3 2014-10-14 10:11 - 2014-10-14 10:11 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-10-14 10:11 - 2014-08-31 15:18 - 00894888 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll 2014-10-14 10:11 - 2014-08-31 15:18 - 00815528 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2014-10-14 10:11 - 2012-07-03 14:09 - 00955848 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2014-10-14 10:11 - 2012-07-03 14:09 - 00839112 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\Users\Toni_02\AppData\Roaming\Abelssoft 2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\Users\Toni_02\AppData\Local\Abelssoft 2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\ProgramData\XDMessagingv4 2014-10-14 10:05 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll 2014-10-14 10:05 - 2011-03-25 19:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll 2014-10-14 08:34 - 2014-10-14 08:34 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{CED3B3C7-D65E-465D-AB28-AE8E4CC50DB5} 2014-10-13 18:51 - 2014-10-13 18:52 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{DC1FD377-C452-4F80-A2D2-079CEA3E2D8E} 2014-10-13 10:46 - 2014-10-13 10:46 - 00000000 ____D () C:\ProgramData\Package Cache 2014-10-13 06:37 - 2014-10-13 06:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{AF9D0675-DDCE-4036-A956-355C43F60DE0} ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-12 18:28 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-12 18:28 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-12 18:25 - 2011-04-12 08:43 - 00699432 _____ () C:\Windows\system32\perfh007.dat 2014-11-12 18:25 - 2011-04-12 08:43 - 00149572 _____ () C:\Windows\system32\perfc007.dat 2014-11-12 18:25 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-12 18:24 - 2011-11-24 11:16 - 01387959 _____ () C:\Windows\WindowsUpdate.log 2014-11-12 18:22 - 2012-11-16 13:08 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\Dropbox 2014-11-12 18:22 - 2012-02-02 09:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-12 18:20 - 2012-09-10 16:18 - 00000000 ____D () C:\Windows\Sun 2014-11-12 18:20 - 2011-11-24 15:54 - 00105777 _____ () C:\Windows\setupact.log 2014-11-12 18:20 - 2010-11-21 04:47 - 00484198 _____ () C:\Windows\PFRO.log 2014-11-12 18:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-12 17:54 - 2012-02-02 09:37 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-12 17:43 - 2012-09-10 22:33 - 00000000 ____D () C:\Users\Toni_02\AppData\Roaming\Malwarebytes 2014-11-12 17:43 - 2012-09-10 22:32 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-12 17:39 - 2012-09-03 06:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-12 16:37 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-11-12 15:09 - 2014-09-11 20:37 - 00000000 ____D () C:\Windows\rescache 2014-11-12 13:36 - 2013-12-26 02:12 - 00001099 _____ () C:\Users\Toni_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-11-12 13:36 - 2012-02-15 22:55 - 00000000 ____D () C:\Users\Toni_02 2014-11-12 13:35 - 2014-02-27 20:57 - 4015803922 _____ () C:\Windows\system32\SavingsBullFilterService.log 2014-11-12 13:21 - 2013-08-12 15:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-11-12 13:04 - 2013-10-01 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-12 11:58 - 2012-09-12 12:28 - 00240800 _____ () C:\Users\Toni Standard\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-12 11:58 - 2012-02-15 22:55 - 00240800 _____ () C:\Users\Toni_02\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-12 11:57 - 2009-07-14 05:45 - 05801584 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-12 11:56 - 2014-05-06 23:09 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-12 11:47 - 2011-11-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-11-12 11:45 - 2013-08-14 11:07 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-12 11:42 - 2011-11-24 12:00 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-12 11:04 - 2013-10-22 12:57 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\vlc 2014-11-12 10:39 - 2012-04-05 08:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-12 10:39 - 2011-11-24 12:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-12 09:41 - 2012-04-28 14:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-12 09:32 - 2013-07-29 08:12 - 00000261 _____ () C:\Users\Toni Standard\AppData\Roaming\WB.CFG 2014-11-12 07:38 - 2012-09-12 12:28 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\Adobe 2014-11-05 07:27 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-04 19:35 - 2012-04-05 08:36 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-23 07:33 - 2012-09-27 16:04 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\Audacity 2014-10-23 07:33 - 2012-07-28 11:34 - 00000000 ____D () C:\Users\2th Device 2014-10-23 07:33 - 2011-11-24 14:14 - 00000000 ____D () C:\Users\Administrator 2014-10-23 07:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-10-23 06:47 - 2012-09-12 12:28 - 00000000 ____D () C:\Users\Toni Standard 2014-10-18 11:31 - 2014-09-19 06:24 - 00000000 ____D () C:\Users\Toni_02\AppData\Local\Adobe 2014-10-16 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-10-16 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-10-14 10:11 - 2012-07-03 14:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-10-14 10:11 - 2012-07-03 14:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-10-14 10:11 - 2012-07-03 14:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-10-14 10:11 - 2012-07-03 14:09 - 00000000 ____D () C:\Program Files\Java 2014-10-14 10:11 - 2012-06-28 11:40 - 00000000 ____D () C:\Program Files (x86)\Java 2014-10-13 10:48 - 2012-08-08 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2014-10-13 10:48 - 2012-08-08 19:35 - 00000000 ____D () C:\Program Files (x86)\Nero Files to move or delete: ==================== C:\Users\Public\AlexaNSISPlugin.2976.dll Some content of TEMP: ==================== C:\Users\Toni Standard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa4s_io.dll C:\Users\Toni Standard\AppData\Local\Temp\i4jd4668773831472855398.exe C:\Users\Toni Standard\AppData\Local\Temp\i4jdel0.exe C:\Users\Toni Standard\AppData\Local\Temp\jre-8u20-windows-au.exe C:\Users\Toni Standard\AppData\Local\Temp\vlc-2.1.5-win32.exe C:\Users\Toni_02\AppData\Local\Temp\Quarantine.exe C:\Users\Toni_02\AppData\Local\Temp\Setup.exe C:\Users\Toni_02\AppData\Local\Temp\sqlite3.dll C:\Users\Toni_02\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Toni_02\AppData\Local\Temp\tester.dll C:\Users\Toni_02\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ --- --- --- Gruß Toni |
|
13.11.2014, 09:10
| #6 |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit Werbung Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter SearchScopes: HKCU - {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZO^xdm071^YYA^de&si=PI_UT_FIG_GER_147&ptb=6E4AD4F7-E173-4450-8681-A8FBB50F25DC&ind=2013072903&n=77fd0e07&psa=&st=sb&searchfor={searchTerms}
Toolbar: HKU\S-1-5-21-1612934075-448063179-3665729200-1007 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:7D2C66B1
AlternateDataStreams: C:\ProgramData\TEMP:E36A723B
AlternateDataStreams: C:\Users\Toni Standard\Cookies:6MopXCGd0f7LxfgxjAfo8Tx
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade Dir bitte  SecurityCheck und:
ESET Online Scanner
__________________ --> Firefox öffnet selbstständig Tabs mit Werbung |
|
17.11.2014, 12:39
| #7 |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit Werbung Nö, das Delfix löscht nur unsere Tools+ dessen Quarantäne, Java-Cache und dann sich selbst.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
17.11.2014, 13:00
| #8 |
| | Firefox öffnet selbstständig Tabs mit Werbung Danke. Merke schon, Du hast auch nicht all zuviel Zeit. Besten Dank für Deine Mühe und Zeit nochmal. Viel Erfolg und Freude bei Deiner tollen Arbeit in der Zukunft. Viele grüße Toni |
|
17.11.2014, 13:07
| #9 | |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit WerbungZitat:
Filepony mit AdWare Blocker ist auch ok. QNAP bietet MyCloudNAS Service - Home an. Wir (Arbeit) haben 3 QNAP NAS Systeme, aber die Daten darauf sind nix für Cloud-Einsätze ^^ Deshalb hab ich damit keine Erfahrung gemacht. Es lassen sich aber auch andere Cloud Dienste einbinden, Amazon S3, Elephant Drive, als externes Backup-Ziel z.b. Für die QNAP Systeme gibts nen App-Store, die Geräte sind ganz "geil" ansich ;-)
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
17.11.2014, 13:08
| #10 | |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit WerbungZitat:
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
dann auf 
und dann auf 
. 
Hybrid-Darstellung
