| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox öffnet selbstständig Tabs mit WerbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.11.2014, 14:28
| #1 |
 |  Firefox öffnet selbstständig Tabs mit Werbung Guten Tag,... seit geraumer Zeit startet Firefox selbstständig und öffnet Werbeseiten. Ich habe ein ähnliches Thema gefunden und bin folgende Schritte vorab schon selbst durchgegangen: Schritt 1: Deinstallation von Programmen Schritt 2: AdwCleaner: Werbeprogramme suchen und löschen (allerdings bekam ich keinen Log danach..., sollte ich nochmals scannen?) Schritt 3: Scan mit DDS (mit attach) - siehe folgende Log-Datei und Attach Ich würde gern auf Nummer Sicher gehen und alle weiteren Schritte, die nötig sind durchlaufen, um den Rechner mal richtig sauber zu bekommen. Wäre nett, wenn Ihr mir dabei helfen könntet. Vielen Dank im voraus... Hier nun die Log- und die Attach-Texte von DDS: Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 11.20.2
Run by Toni_02 at 13:42:44 on 2014-11-12
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.16301.13482 [GMT 1:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
SP: Microsoft Security Essentials *Enabled/Updated* {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMWDSrv.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\System32\TiltWheelMouse.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe
C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMConfig.exe
C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMProcess.exe
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe
C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.de/?gws_rd=cr&ei=lRG8UsLUCdDUsganj4C4Aw
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = about:blank
mStart Page = about:blank
mDefault_Page_URL = about:blank
uSearchAssistant = hxxp://www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll
BHO: Windows Live ID-Anmelde-Hilfsprogramm: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [AdobeBridge] <no file>
uRunOnce: [Report] \AdwCleaner\AdwCleaner[S0].txt
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [KMConfig] "C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe
mRun: [WheelMouse] C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [NWEReboot] <no file>
mRunOnce: [SpUninstallCleanUp] REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
StartupFolder: C:\Users\Toni_02\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Toni_02\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ACTION~1.LNK - C:\Program Files (x86)\Plustek\OpticPro ST48\AM32.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: An OneNote s&enden - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Search the Web - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll/206
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_20-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_20-windows-i586.cab
TCP: Interfaces\{86EA66A2-B974-40D7-B70D-DF7EF99D26E7} : NameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
x64-mStart Page = about:blank
x64-mDefault_Page_URL = about:blank
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [MouseDriver] TiltWheelMouse.exe
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\Windows\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\Windows\System32\igfxpers.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Toni_02\AppData\Roaming\Mozilla\Firefox\Profiles\e0qifbjd.default\
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_20\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Toni_02\AppData\Roaming\Mozilla\Firefox\Profiles\e0qifbjd.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\plugins\np-mswmp.dll
FF - plugin: C:\Users\Toni_02\AppData\Roaming\Mozilla\Firefox\Profiles\e0qifbjd.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\plugins\npConduitFirefoxPlugin.dll
FF - plugin: C:\Windows\System32\Adobe\Director\np32dsw_1205146.dll
FF - plugin: C:\Windows\System32\Adobe\Director\np32dsw_1209149.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
FF - ExtSQL: !HIDDEN! 2013-07-21 14:18; 49ffxtbr@UtilityChest_49.com; C:\Program Files (x86)\UtilityChest_49\bar\1.bin
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-7-17 269008]
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2012-8-8 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2012-8-8 15920]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-2-27 283200]
R1 SLEE_18_DRIVER;Steganos Live Encryption Engine 18 [Driver];C:\Windows\SleeN1864.sys [2012-7-24 108648]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-11-24 13592]
R2 KMWDSERVICE;Keyboard And Mouse Communication Service;C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMWDSrv.exe [2007-5-8 2179072]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2014-7-15 786256]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2011-4-27 125584]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-11-24 2655768]
R2 WDBackup;WD Backup;C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-9-19 1157056]
R2 WDDriveService;WD Drive Manager;C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-9-19 248248]
R2 WDRulesService;WD Rules;C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-9-19 1177536]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2011-3-7 40832]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2011-3-7 65280]
R3 IntcDAud;Intel(R) Display-Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-11-24 317440]
R3 NisSrv;Microsoft-Netzwerkinspektion;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-8-22 368624]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-11-24 413800]
R3 t_mouse.sys;HID-compliand device;C:\Windows\System32\drivers\t_mouse.sys [2012-12-19 6144]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2011-2-16 14464]
S3 BITCOMET_HELPER_SERVICE;BitComet Disk Boost Service;C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service --> C:\Program Files (x86)\BitComet\tools\BitCometService.exe -service [?]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-7-25 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 HPMo4DE3;Mouse Suite Driver_4DE3 (WDF Version);C:\Windows\System32\drivers\HPMo4DE3.sys [2011-12-18 25088]
S3 HPub4DE3;USB Mouse Low Filter Driver_4DE3 (WDF Version);C:\Windows\System32\drivers\HPub4DE3.sys [2011-12-18 18432]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-12 114688]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-11-9 19456]
S3 StorSvc;Speicherdienst;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-9-1 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-11-9 30208]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5.5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-11-12 06:34:39 878080 ----a-w- C:\Windows\System32\IMJP10K.DLL
2014-11-11 16:15:15 1188440 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{737C93ED-A27B-43A6-998F-EAC7B7EBC686}\gapaengine.dll
2014-11-11 16:15:07 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3E68F240-3ECC-4D0B-8B8C-34C27DDE59E9}\mpengine.dll
2014-11-10 06:41:50 11627712 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-11-02 17:19:49 220784 ----a-w- C:\Program Files (x86)\Mozilla Firefox\sandboxbroker.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
2014-10-24 12:06:42 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
2014-10-16 05:21:53 11578928 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine(17).dll
2014-10-16 01:09:54 3528440 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2014-10-16 01:07:46 5085936 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Csi.dll
2014-10-15 05:32:39 3179520 ----a-w- C:\Windows\System32\rdpcorets.dll
2014-10-15 05:32:38 424448 ----a-w- C:\Windows\System32\rastls.dll
2014-10-15 05:32:38 372736 ----a-w- C:\Windows\SysWow64\rastls.dll
2014-10-15 05:32:36 235520 ----a-w- C:\Windows\System32\winsta.dll
2014-10-15 05:32:36 212480 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2014-10-15 05:32:36 157696 ----a-w- C:\Windows\SysWow64\winsta.dll
2014-10-15 05:32:36 150528 ----a-w- C:\Windows\System32\rdpcorekmts.dll
2014-10-15 05:32:35 455168 ----a-w- C:\Windows\System32\winlogon.exe
2014-10-15 05:32:35 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys
2014-10-15 05:32:32 6584320 ----a-w- C:\Windows\System32\mstscax.dll
2014-10-15 05:32:32 5703168 ----a-w- C:\Windows\SysWow64\mstscax.dll
2014-10-14 09:11:23 955848 ----a-w- C:\Windows\System32\npDeployJava1.dll
2014-10-14 09:11:23 839112 ----a-w- C:\Windows\System32\deployJava1.dll
2014-10-14 09:11:16 894888 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll
2014-10-14 09:11:16 815528 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2014-10-14 09:11:10 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-10-14 09:05:44 -------- d-----w- C:\Users\Toni_02\AppData\Roaming\Abelssoft
2014-10-14 09:05:44 -------- d-----w- C:\ProgramData\XDMessagingv4
2014-10-14 09:05:43 338432 ----a-w- C:\Windows\SysWow64\sqlite36_engine.dll
2014-10-14 09:05:43 -------- d-----w- C:\Users\Toni_02\AppData\Local\Abelssoft
2014-10-14 09:05:42 493056 ----a-w- C:\Windows\SysWow64\dhRichClient3.dll
.
==================== Find3M ====================
.
2014-11-12 09:39:14 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-11-12 09:39:14 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-05 17:56:54 304640 ----a-w- C:\Windows\System32\generaltel.dll
2014-11-05 17:56:36 228864 ----a-w- C:\Windows\System32\aepdu.dll
2014-11-05 17:52:22 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-10-30 11:25:26 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-14 02:16:37 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:12:57 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:47 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:49:38 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-02 12:23:20 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-10-02 12:23:20 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2014-09-25 02:08:38 371712 ----a-w- C:\Windows\System32\qdvd.dll
2014-09-25 01:40:50 519680 ----a-w- C:\Windows\SysWow64\qdvd.dll
2014-09-19 09:42:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-09-19 09:42:51 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-09-19 09:42:49 342016 ----a-w- C:\Windows\System32\schannel.dll
2014-09-19 09:42:47 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-09-19 09:42:47 309760 ----a-w- C:\Windows\System32\ncrypt.dll
2014-09-19 09:42:44 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-09-19 09:42:41 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-09-19 09:23:55 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-09-19 09:23:52 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-09-19 09:23:49 248832 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-09-19 09:23:46 221184 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-09-19 09:23:45 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-09-19 09:23:42 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-09-19 09:23:36 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-09-09 22:11:04 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-09-09 21:47:10 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-08-31 14:18:43 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-08-23 02:07:00 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-23 01:45:55 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-21 06:43:26 1882624 ----a-w- C:\Windows\System32\msxml3.dll
2014-08-21 06:40:32 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2014-08-21 06:26:21 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2014-08-21 06:23:10 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2014-08-19 03:11:28 693176 ----a-w- C:\Windows\System32\winload.efi
2014-08-19 03:10:10 616352 ----a-w- C:\Windows\System32\winresume.efi
2014-08-19 03:08:04 503808 ----a-w- C:\Windows\System32\srcore.dll
2014-08-19 03:08:04 50176 ----a-w- C:\Windows\System32\srclient.dll
2014-08-19 03:08:03 63488 ----a-w- C:\Windows\System32\setbcdlocale.dll
2014-08-19 03:07:51 58880 ----a-w- C:\Windows\System32\appidapi.dll
2014-08-19 03:07:51 32256 ----a-w- C:\Windows\System32\appidsvc.dll
2014-08-19 03:07:33 296960 ----a-w- C:\Windows\System32\rstrui.exe
2014-08-19 03:07:11 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2014-08-19 03:07:11 146944 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2014-08-19 02:41:39 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2014-08-19 02:41:22 50688 ----a-w- C:\Windows\SysWow64\appidapi.dll
2014-08-19 02:06:56 61440 ----a-w- C:\Windows\System32\drivers\appid.sys
.
============= FINISH: 13:43:00,82 ===============
Code:
ATTFilter .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 24.11.2011 11:16:27
System Uptime: 12.11.2014 13:38:14 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | Z68A-D3H-B3
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz | Socket 1155 | 3701/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 103 GiB total, 10,753 GiB free.
D: is FIXED (NTFS) - 1863 GiB total, 1519,29 GiB free.
E: is CDROM ()
F: is Removable
G: is CDROM ()
H: is FIXED (NTFS) - 1863 GiB total, 538,385 GiB free.
I: is CDROM ()
J: is CDROM (UDF)
K: is CDROM ()
L: is FIXED (NTFS) - 1397 GiB total, 421,063 GiB free.
M: is Removable
N: is CDROM ()
O: is Removable
P: is Removable
Q: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft-Teredo-Tunneling-Adapter
Device ID: ROOT\*TEREDO\0000
Manufacturer: Microsoft
Name: Teredo Tunneling Pseudo-Interface
PNP Device ID: ROOT\*TEREDO\0000
Service: tunnel
.
==== System Restore Points ===================
.
RP599: 26.10.2014 19:00:39 - Windows-Sicherung
RP600: 29.10.2014 19:52:21 - Windows Update
RP601: 02.11.2014 17:25:33 - Windows Update
RP602: 02.11.2014 19:00:35 - Windows-Sicherung
RP603: 06.11.2014 07:40:41 - Windows Update
RP604: 10.11.2014 07:41:09 - Windows-Sicherung
RP605: 10.11.2014 07:41:43 - Windows Update
RP606: 12.11.2014 11:42:20 - Windows Update
.
==== Installed Programs ======================
.
7-Zip 9.20 (x64 edition)
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Community Help
Adobe Content Viewer
Adobe Creative Suite 5.5 Design Premium
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Reader XI (11.0.09) - Deutsch
Adobe Shockwave Player 12.0
Adobe Widget Browser
Advanced PSD Repair v1.4
Allgemeine Runtime Files (x86)
Apple Application Support
Apple Software Update
Audacity 2.0
Avidemux 2.6 - 64bits
BitComet 1.37
BitTorrent
Canon iP4600 series Benutzerregistrierung
Canon iP4600 series Printer Driver
Canon Utilities EOS Utility
Canon Utilities My Printer
Canon Utilities PhotoStitch
Canon Utilities WFT Utility
CDBurnerXP
Cliqz
D3DX10
DAEMON Tools Lite
DAPlayer 1.0.1.9
Das große DGS Wörterbuch 1.0.2.9
Definition Update for Microsoft Office 2010 (KB2899521) 32-Bit Edition
Dropbox
DVDFab 8.2.2.6 (25/12/2012) Qt
Etron USB3.0 Host Controller
Exact Audio Copy 1.0beta3
FFmpeg v0.6.2 for Audacity
File Repair
FileZilla Client 3.7.3
FLAC 1.2.1b (remove only)
Free Audio Converter version 5.0.48.923
Free AVI Video Converter version 5.0.17.903
Free Video Dub version
FVD Suite 3.0.0
GIMP 2.8.2
Gimp Themes v1.0
Google Earth
Google Update Helper
HandBrake 0.9.5
HashCheck Shell Extension (x86-32)
HashCheck Shell Extension (x86-64)
ImgBurn
Inkjet Printer/Scanner Extended Survey Program
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) Solid-State Drive Toolbox
Java 8 Update 20
Java 8 Update 20 (64-bit)
Java Auto Updater
Junk Mail filter update
LAME v3.99.3 (for Windows)
LightScribe System Software
MakeMKV v1.7.10
Malwarebytes Anti-Malware Version 1.65.0.1400
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4.5.1
Microsoft .NET Framework 4.5.1 (DEU)
Microsoft .NET Framework 4.5.1 (Deutsch)
Microsoft Antimalware Service DE-DE Language Pack
Microsoft Application Error Reporting
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Home and Student 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Security Client
Microsoft Security Client DE-DE Language Pack
Microsoft Security Essentials
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual J# 2.0 Redistributable Package
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
Mouse Driver V1.0
Movavi Video Suite 12
Mozilla Firefox 33.1 (x86 de)
Mozilla Maintenance Service
MPC-HC 1.7.7 (64-bit)
MSVCRT
MSVCRT_amd64
Multimedia Keyboard Driver
Nero 11
Nero 11 Platinum
Nero 11 Video Samples
Nero Abstract Themes
Nero Audio Pack 1
Nero BackItUp 11
Nero BackItUp 11 Help (CHM)
Nero Backup Drivers
Nero Blu-ray Player
Nero Blu-ray Player Help (CHM)
Nero Burning ROM 11
Nero Burning ROM 11 Help (CHM)
Nero Cliparts
Nero ControlCenter
Nero ControlCenter 11 Help (CHM)
Nero Core Components
Nero CoverDesigner 11
Nero CoverDesigner 11 Help (CHM)
Nero Disc Menus 1
Nero Disc Menus 2
Nero Disc Menus 3
Nero Disc Menus Basic
Nero Effects Basic
Nero Express 11
Nero Express 11 Help (CHM)
Nero Family and Events Themes
Nero Football (Soccer) Themes
Nero Holiday and Sports Themes
Nero Image Samples
Nero Info
Nero Kwik Themes Basic
Nero MediaHome
Nero MediaHome Help (CHM)
Nero PiP Effects 1
Nero PiP Effects Basic
Nero Prerequisite Installer 1.0
Nero Recode 11
Nero Recode 11 Help (CHM)
Nero RescueAgent 11
Nero RescueAgent 11 Help (CHM)
Nero SharedVideoCodecs
Nero SoundTrax 11
Nero SoundTrax 11 Help (CHM)
Nero Update
Nero Video 11
Nero Video 11 Help (CHM)
Nero Video Transitions 1
Nero WaveEditor 11
Nero WaveEditor 11 Help (CHM)
nero.prerequisites.msi
PDF Settings CS5
Pixum Fotobuch
Plustek OpticPro ST48
Port Forward Network Utilities 2.0.1
QuickTime 7
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Roadkil's Unstoppable Copier Version 5.2
SavingsBull
Security Update for Microsoft .NET Framework 4.5.1 (KB2894854v2)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972107)
Security Update for Microsoft .NET Framework 4.5.1 (KB2972216)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Security Update for Microsoft .NET Framework 4.5.1 (KB2979578v2)
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2883013) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Snap.Do Engine
Static Windows Live Mail Backup 2.9
Steganos Safe 2012
SUPER © v2012.build.53 (Sep 13, 2012) Version v2012.build.53
swMSM
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Excel 2010 (KB2889935) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2878251) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195
VirtualCloneDrive
VLC media player
VLC media player 2.0.8
Voice Manager
VUPlayer
Vuze
Vuze Remote Toolbar
WD SmartWare
WD Software Upgrader
Welcome App (Start-up experience)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR
WinZip 18.5
.
==== End Of File ===========================
|
|
12.11.2014, 14:39
| #2 |
| /// TB-Ausbilder   | Firefox öffnet selbstständig Tabs mit Werbung Hallo Toni69
__________________ Mein Name ist Timo und ich werde Dir bei deinem Problem behilflich sein.
 Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist immer der sicherste Weg. Wir "arbeiten" hier alle freiwillig und in unserer Freizeit *hust*. Daher kann es bei Antworten zu Verzögerungen kommen. Solltest du innerhalb 48 Std keine Antwort von mir erhalten, dann schreib mit eine PM Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis ich oder jemand vom Team sagt, dass Du clean bist. Mach mir mal bitte FRST Logs. Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
12.11.2014, 15:32
| #3 |
| | Firefox öffnet selbstständig Tabs mit Werbung Hallo TIMO,...
__________________danke für Deine Hilfe. Hier die beiden Texte: Additional: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2014
Ran by Toni Standard at 2014-11-12 15:23:38
Running from L:\T\TECHNICS PC\PC Security\Farbar Recovery Scan Tool FRST64
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Design Premium (HKLM-x32\...\{60E59A6C-7399-495A-B85C-C829F4E59602}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Advanced PSD Repair v1.4 (HKLM-x32\...\Advanced PSD Repair v1.4) (Version: - )
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.4 - Sereby Corporation)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - )
BitComet 1.37 (HKLM-x32\...\BitComet) (Version: 1.37 - CometNetwork)
Canon iP4600 series Benutzerregistrierung (HKLM-x32\...\Canon iP4600 series Benutzerregistrierung) (Version: - )
Canon iP4600 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series) (Version: - )
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities WFT Utility (HKLM-x32\...\WFTK) (Version: 3.5.1.1 - Canon Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3243 - CDBurnerXP)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
DAPlayer 1.0.1.9 (HKLM-x32\...\DAPlayer_is1) (Version: - Digiarty Software,Inc.)
Das große DGS Wörterbuch 1.0.2.9 (HKLM-x32\...\{71FB874A-A992-4ED6-9522-6EFF78ADDDCB}_is1) (Version: - Verlag Karin Kestner)
Dropbox (HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
DVDFab 8.2.2.6 (25/12/2012) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.98 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.98 - Etron Technology) Hidden
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - )
File Repair (HKLM-x32\...\File Repair_is1) (Version: - File Repair)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org)
Free Audio Converter version 5.0.48.923 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.48.923 - DVDVideoSoft Ltd.)
Free AVI Video Converter version 5.0.17.903 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.17.903 - DVDVideoSoft Ltd.)
Free Video Dub version (HKLM-x32\...\Free Video Dub_is1) (Version: - DVDVideoSoft Ltd.)
FVD Suite 3.0.0 (HKLM-x32\...\{80E4B2D6-BFF2-402C-96C4-3942DF24CABB}_is1) (Version: - flashvideodownloader.org)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Gimp Themes v1.0 (HKLM-x32\...\{833D97B9-AC16-45C1-AD44-0A32198956F8}) (Version: 1.0.0 - www.gimp-tutorials.net)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
HandBrake 0.9.5 (HKLM-x32\...\HandBrake) (Version: 0.9.5 - )
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Inkjet Printer/Scanner Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel(R) Solid-State Drive Toolbox (HKLM-x32\...\Intel(R) Solid-State Drive Toolbox) (Version: 3.0.1.400 - Intel Corporation)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java 8 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218020F0}) (Version: 8.0.200 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe)
MakeMKV v1.7.10 (HKLM-x32\...\MakeMKV) (Version: v1.7.10 - GuinpinSoft inc)
Malwarebytes Anti-Malware Version 1.65.0.1400 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.65.0.1400 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Mouse Driver V1.0 (HKLM-x32\...\WheelMouse) (Version: - )
Movavi Video Suite 12 (HKLM-x32\...\Movavi Video Suite 12) (Version: 12.3.0 - Movavi)
Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPC-HC 1.7.7 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.7 - MPC-HC Team)
Multimedia Keyboard Driver (HKLM-x32\...\InstallShield_{51B46054-AE28-4BCD-8DE8-3901354F0A1C}) (Version: 2.0 - Ihr Firmenname)
Multimedia Keyboard Driver (x32 Version: 2.0 - Ihr Firmenname) Hidden
Nero 11 (HKLM-x32\...\{FC18AB8F-9BA3-423B-91F2-622990F57978}) (Version: 11.2.01000 - Nero AG)
Nero 11 Platinum (HKLM-x32\...\{DC99552E-8149-4EBB-8812-6069956056AA}) (Version: 11.2.01800 - Nero AG)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 12.0.4000 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG)
Nero Prerequisite Installer 1.0 (HKLM-x32\...\{AFD1BFF3-FE02-47BB-8F45-739D46AEA2BC}) (Version: 11.0.12700 - Nero AG)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Pixum Fotobuch (HKLM-x32\...\Pixum Fotobuch) (Version: - )
Plustek OpticPro ST48 (HKLM-x32\...\{5265664F-6128-405C-9225-9782A85954FD}) (Version: V4.2.0 - )
Port Forward Network Utilities 2.0.1 (HKLM-x32\...\Port Forward Network Utilities) (Version: 2.0.1 - Portforward.com)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Roadkil's Unstoppable Copier Version 5.2 (HKLM-x32\...\{A306FD29-7D3A-4287-91AC-9A0180931395}_is1) (Version: - Roadkil.Net)
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Static Windows Live Mail Backup 2.9 (HKLM-x32\...\Static Windows Live Mail Backup_is1) (Version: - StaticBackup Inc.)
Steganos Safe 2012 (HKLM-x32\...\{FADC3DC0-BCD9-4F6A-BB9D-360D695C5791}) (Version: 13.0.5 - Steganos Software GmbH)
SUPER © v2012.build.53 (Sep 13, 2012) Version v2012.build.53 (HKLM-x32\...\{8F311E72-C27F-4DF0-8254-B739A1831668}_is1) (Version: v2012.build.53 - eRightSoft)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Voice Manager (HKLM-x32\...\Voice Manager) (Version: - )
VUPlayer (HKLM-x32\...\VUPlayer) (Version: - )
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
Vuze Remote Toolbar (HKLM-x32\...\Vuze_Remote Toolbar) (Version: 6.8.9.0 - Vuze Remote) <==== ATTENTION
WD SmartWare (HKLM\...\{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
WD Software Upgrader (HKLM-x32\...\{57C4F272-9839-45C6-8B83-92EC89C7EE40}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
Welcome App (Start-up experience) (x32 Version: 11.0.23500.0.0 - Nero AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\Windows\Tasks\Intel_C_CVPR135003JA120LGN.job => ?
==================== Loaded Modules (whitelisted) =============
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-11-24 11:23 - 2011-04-10 03:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2000-05-08 02:54 - 2000-05-08 02:54 - 00061440 _____ () C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:7D2C66B1
AlternateDataStreams: C:\ProgramData\TEMP:E36A723B
AlternateDataStreams: C:\Users\Toni Standard\Cookies:6MopXCGd0f7LxfgxjAfo8Tx
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: MozillaMaintenance => 3
========================= Accounts: ==========================
2th Device (S-1-5-21-1612934075-448063179-3665729200-1005 - Administrator - Enabled) => C:\Users\2th Device
3th Device (S-1-5-21-1612934075-448063179-3665729200-1006 - Limited - Enabled)
Administrator (S-1-5-21-1612934075-448063179-3665729200-500 - Administrator - Disabled) => C:\Users\Administrator
Gast (S-1-5-21-1612934075-448063179-3665729200-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1612934075-448063179-3665729200-1002 - Limited - Enabled)
Toni Standard (S-1-5-21-1612934075-448063179-3665729200-1007 - Limited - Enabled) => C:\Users\Toni Standard
Toni_02 (S-1-5-21-1612934075-448063179-3665729200-1003 - Administrator - Enabled) => C:\Users\Toni_02
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/12/2014 01:40:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 01:23:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 00:57:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 11:57:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 11:42:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-1612934075-448063179-3665729200-1000.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {fdd3cbcd-e0cf-419c-8d5f-fedc883ead5d}
Error: (11/12/2014 07:29:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/11/2014 05:37:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Bridge.exe, Version 4.1.0.54 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1164
Startzeit: 01cffdcd8b8ab482
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe
Berichts-ID: f345e4d4-69c0-11e4-a645-50e5493e14f5
Error: (11/11/2014 05:04:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (11/12/2014 01:36:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/12/2014 01:36:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X86" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WD Backup" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (11/12/2014 01:36:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (11/12/2014 01:40:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 01:23:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 00:57:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 11:57:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/12/2014 11:42:20 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1612934075-448063179-3665729200-1000.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {fdd3cbcd-e0cf-419c-8d5f-fedc883ead5d}
Error: (11/12/2014 07:29:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/11/2014 05:37:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Bridge.exe4.1.0.54116401cffdcd8b8ab4820C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exef345e4d4-69c0-11e4-a645-50e5493e14f5
Error: (11/11/2014 05:04:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2012-02-15 11:02:27.805
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\afd.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-02-15 11:02:27.790
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\afd.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16301.11 MB
Available physical RAM: 13493.71 MB
Total Pagefile: 32600.4 MB
Available Pagefile: 29786.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (System und Programme) (Fixed) (Total:102.54 GB) (Free:10.7 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1519.29 GB) NTFS
Drive h: (A&Y Friends Licence) (Fixed) (Total:1863.01 GB) (Free:538.38 GB) NTFS
Drive j: (WD Unlocker) (CDROM) (Total:0.02 GB) (Free:0 GB) UDF
Drive l: (Videos Music Technic) (Fixed) (Total:1397.26 GB) (Free:421.06 GB) NTFS
Drive m: (EOS_DIGITAL) (Removable) (Total:29.79 GB) (Free:29.79 GB) FAT32
==================== MBR & Partition Table ==================
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Toni Standard (ATTENTION: The logged in user is not administrator) on TONI-PC on 12-11-2014 15:23:16
Running from L:\T\TECHNICS PC\PC Security\Farbar Recovery Scan Tool FRST64
Loaded Profiles: Toni_02 & Toni Standard (Available profiles: Toni_02 & 2th Device & Toni Standard & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe
() C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe
(UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMConfig.exe
(Dropbox, Inc.) C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMProcess.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe
(Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-18] (CANON INC.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [KMConfig] => "C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe
HKLM-x32\...\Run: [WheelMouse] => C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE [61440 2000-05-08] ()
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [NWEReboot] => [X]
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [SAFE2012 HotKeys] => C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe [84480 2012-11-19] (Steganos Software GmbH)
HKLM-x32\...\Run: [SAFE2012 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe [17408 2012-11-19] (Steganos Software GmbH)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\RunOnce: [SpUninstallCleanUp] => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company)
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\Music and more\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd)
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [CSmileys] => "C:\Program Files (x86)\Crawler\Smileys\CSmileysIM.exe"
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\MountPoints2: {0276705e-2a81-11e2-aa71-50e5493e14f5} - J:\unlock.exe autoplay=true
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\MountPoints2: {530ae508-febe-11e2-b141-50e5493e14f5} - S:\pushinst.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Action Manager 32.lnk
ShortcutTarget: Action Manager 32.lnk -> C:\Program Files (x86)\Plustek\OpticPro ST48\AM32.exe ()
Startup: C:\Users\Toni Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Toni_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=ds&q={searchTerms}&installDate=26/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=hp&installDate=26/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=ds&q={searchTerms}&installDate=26/12/2013
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=ds&q={searchTerms}&installDate=26/12/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=6a8b0264-d1b1-dbf7-a40d-dfa37b3d940f&searchtype=ds&q={searchTerms}&installDate=26/12/2013
SearchScopes: HKCU - {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZO^xdm071^YYA^de&si=PI_UT_FIG_GER_147&ptb=6E4AD4F7-E173-4450-8681-A8FBB50F25DC&ind=2013072903&n=77fd0e07&psa=&st=sb&searchfor={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1612934075-448063179-3665729200-1007 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKU\S-1-5-21-1612934075-448063179-3665729200-1007 -> No Name - {BA14329E-9550-4989-B3F2-9732E92D17CC} - No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Tcpip\..\Interfaces\{86EA66A2-B974-40D7-B70D-DF7EF99D26E7}: [NameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default
FF Homepage: https://www.google.de/?gws_rd=cr&ei=lRG8UsLUCdDUsganj4C4Aw
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll No File
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll (InfiniAd GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\artur.dubovoy@gmail.com [2014-11-12]
FF Extension: YouTube Unblocker - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-08]
FF Extension: Flashblock - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-01-16]
FF Extension: mediaplayerconnectivity - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2014-03-24]
FF Extension: WOT - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12]
FF Extension: BitComet Video Downloader - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-07-27]
FF Extension: DownloadHelper - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06]
FF Extension: CSHelper - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2013-12-04]
FF Extension: JavaScript Deobfuscator - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2012-10-10]
FF Extension: Shockwave Flash Shield Free - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{5bac7493-d3a3-4d09-a516-67c368e813eb}.xpi [2013-11-05]
FF Extension: Adblock Plus - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-16]
FF Extension: DownThemAll! - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-14]
FF Extension: {e47bab36-4a3c-45b6-b046-aead3fde2b67} - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{e47bab36-4a3c-45b6-b046-aead3fde2b67}.xpi [2013-10-30]
FF Extension: QuickJava - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2012-10-10]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-11-24]
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
R2 KMWDSERVICE; C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMWDSrv.exe [2179072 2007-05-08] (UASSOFT.COM) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed]
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-27] (DT Soft Ltd)
S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.)
S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-02-27] (Duplex Secure Ltd.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) [File not signed]
U3 amoz4et0; C:\Windows\System32\Drivers\amoz4et0.sys [0 ] (Microsoft Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 15:23 - 2014-11-12 15:23 - 00000000 ____D () C:\FRST
2014-11-12 07:35 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-12 07:35 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 07:35 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-12 07:35 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-12 07:35 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 07:35 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-12 07:35 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-12 07:35 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-12 07:35 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-12 07:35 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-12 07:35 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-12 07:35 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-12 07:35 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-12 07:35 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-12 07:35 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-12 07:35 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-12 07:35 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 07:35 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-12 07:35 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 07:35 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-12 07:35 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-12 07:35 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-12 07:35 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-12 07:35 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-12 07:35 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-12 07:35 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 07:35 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-12 07:35 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-12 07:35 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-12 07:35 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-12 07:35 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-12 07:35 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-12 07:35 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-12 07:35 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-12 07:35 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-12 07:35 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 07:35 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-12 07:35 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-12 07:35 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-12 07:35 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-12 07:35 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-12 07:35 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-12 07:35 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 07:35 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 07:35 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-12 07:35 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 07:35 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-12 07:35 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 07:35 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-12 07:35 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-12 07:35 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-12 07:35 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-12 07:35 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-12 07:35 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-12 07:35 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-12 07:35 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-12 07:35 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-12 07:35 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-12 07:35 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-12 07:35 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-12 07:35 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-12 07:35 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-12 07:35 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-12 07:35 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-12 07:35 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-12 07:35 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-12 07:35 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-12 07:35 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-12 07:34 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-12 07:34 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-12 07:34 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-12 07:34 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 07:34 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-12 07:34 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-12 07:34 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-12 07:34 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-12 07:34 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-12 07:34 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-12 07:34 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-12 07:34 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-12 07:34 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 07:34 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 07:34 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-12 07:34 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 07:34 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-12 07:34 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-12 07:34 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-12 07:34 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-12 07:34 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 07:34 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-12 07:34 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 07:30 - 2014-11-12 07:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{88E11022-9BE3-4BFB-AAC0-062986CE78B9}
2014-11-12 00:01 - 2014-11-12 00:01 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{FB92A79F-CEC0-43E5-B2E4-7C48E30B98B9}
2014-11-11 12:00 - 2014-11-11 12:00 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{ED51EB56-9E71-4D5E-8502-2023E6A826F8}
2014-11-10 23:56 - 2014-11-10 23:56 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{7DF076F2-7252-4B6C-82C3-B1AB2D76D037}
2014-11-10 07:32 - 2014-11-10 07:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{8FE69347-E451-466D-B26F-94CC588F814E}
2014-11-09 00:46 - 2014-11-09 00:46 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{45AF8342-6ECD-4A21-99BB-DD31696E45A7}
2014-11-07 07:31 - 2014-11-07 07:31 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{84DBE661-F8C1-480A-9CC7-131CEB8E4CDB}
2014-11-06 13:19 - 2014-11-06 13:19 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{151F34D1-78A2-4756-BC50-AC75D19E4ED6}
2014-11-05 23:59 - 2014-11-05 23:59 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{B6305BAA-F18F-4DCE-B432-AFA8FB9C5713}
2014-11-05 07:28 - 2014-11-05 07:29 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2D5E13D0-A56B-4EA8-81E9-EF55EB27EE80}
2014-11-04 13:06 - 2014-11-04 13:07 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{937DEF99-B37E-4AB8-A6B4-A791A6BB7D03}
2014-11-03 23:36 - 2014-11-03 23:36 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D673CE2C-98CA-4547-A605-5FA4828F64B1}
2014-11-03 07:38 - 2014-11-03 07:38 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2E454D51-213B-4904-98CC-91FC3BA0938D}
2014-11-02 17:16 - 2014-11-02 17:16 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2E8D3722-E4CE-4B04-885E-696D3480E37D}
2014-10-31 12:49 - 2014-10-31 12:50 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E0F2CE79-562A-44D5-95F5-23ADE9D9CF52}
2014-10-30 23:37 - 2014-10-30 23:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{43F93C75-CFA0-4DDE-9743-03CA08AEAEC9}
2014-10-30 10:32 - 2014-10-30 10:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{4B309154-603A-4460-85B4-E42D69AD7DBA}
2014-10-29 21:37 - 2014-10-29 21:38 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{8355E5A4-4153-4428-9115-A8759A568416}
2014-10-29 07:26 - 2014-10-29 07:27 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E0CB9992-C908-40C3-A00E-AC7DEE8E49F4}
2014-10-28 13:01 - 2014-10-28 13:01 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{12678058-11C6-4087-A030-8998BD12091D}
2014-10-27 22:17 - 2014-10-27 22:18 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{5E4110B6-BB24-4D46-90CE-C81268F99974}
2014-10-27 07:37 - 2014-10-27 07:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{4D187049-020B-4AB1-83DD-66E3BD2D7F0A}
2014-10-26 15:29 - 2014-10-26 15:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{C1FDBF88-8D51-48A0-B2C6-258589117691}
2014-10-25 11:14 - 2014-10-25 11:14 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{BD6401DA-8C73-447F-8172-26DFD6E66F02}
2014-10-24 23:12 - 2014-10-24 23:12 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{0FA5A21F-1220-448A-ACFF-0AEFC06CCCB8}
2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-10-24 07:21 - 2014-10-24 07:21 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D0263E6C-C7F5-4190-ACF7-6B5D5D2EB4CC}
2014-10-23 19:10 - 2014-10-23 19:10 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{1FDBE744-AFA0-46F5-B43B-4B67ABAAAA4B}
2014-10-23 06:48 - 2014-10-23 06:48 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{073ED4FC-73F7-47E9-AAD3-177D1151A7D1}
2014-10-22 18:22 - 2014-10-22 18:23 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E57BAA36-0A08-43BF-8D8A-EE042B7593F1}
2014-10-22 06:22 - 2014-10-22 06:22 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{7F344EF7-8696-421C-98BA-CDEA0DDDE272}
2014-10-21 11:55 - 2014-10-21 11:55 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{A791F545-BE30-4D22-9213-19607E128CF7}
2014-10-20 22:44 - 2014-10-20 22:44 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{6047BB1D-FBB3-493E-BC56-192BECF3A6C3}
2014-10-20 06:22 - 2014-10-20 06:22 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{851ED735-6FF8-45C9-A8BF-C693F665970E}
2014-10-18 11:32 - 2014-10-18 11:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{92A7216B-8E3C-44A1-9428-D0E7A3CF46CC}
2014-10-17 21:26 - 2014-10-17 21:26 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{0B0230CB-47B0-42A5-AACC-DEB4CA9B7F04}
2014-10-17 08:46 - 2014-10-17 08:46 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{1EE14C65-6665-4DE2-A9B0-212458E2CC2D}
2014-10-16 20:44 - 2014-10-16 20:45 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{F009122B-79E7-4815-9A59-A18454C6D2E0}
2014-10-16 06:29 - 2014-10-16 06:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D882529D-1F71-4756-854B-0BD085EB31A5}
2014-10-15 12:41 - 2014-10-15 12:41 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{298337DC-DB6B-4520-8872-883E4B348CD4}
2014-10-15 06:33 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 06:33 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 06:33 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 06:33 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 06:33 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 06:33 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 06:33 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 06:33 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 06:33 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 06:33 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 06:33 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 06:33 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 06:33 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-10-15 06:33 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-10-15 06:33 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-10-15 06:33 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-10-15 06:33 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 06:33 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 06:33 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 06:33 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 06:33 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 06:33 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 06:33 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 06:33 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 06:33 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 06:33 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 06:33 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 06:33 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 06:33 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 06:33 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 06:33 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 06:33 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 06:33 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 06:33 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 06:33 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 06:33 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 06:32 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 06:32 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 06:32 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 06:32 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 06:32 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 06:32 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 06:32 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 06:32 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 06:32 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 06:32 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 06:32 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-14 22:28 - 2014-10-14 22:28 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E7E27D0F-16E6-4E44-AF82-1BB73DB83C65}
2014-10-14 10:16 - 2014-11-04 07:32 - 00000000 ____D () C:\Users\Toni Standard\.mediathek3
2014-10-14 10:11 - 2014-10-14 10:11 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-10-14 10:11 - 2014-08-31 15:18 - 00894888 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll
2014-10-14 10:11 - 2014-08-31 15:18 - 00815528 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2014-10-14 10:11 - 2012-07-03 14:09 - 00955848 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll
2014-10-14 10:11 - 2012-07-03 14:09 - 00839112 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\Users\Toni_02\AppData\Roaming\Abelssoft
2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\Users\Toni_02\AppData\Local\Abelssoft
2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\ProgramData\XDMessagingv4
2014-10-14 10:05 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll
2014-10-14 10:05 - 2011-03-25 19:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll
2014-10-14 08:34 - 2014-10-14 08:34 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{CED3B3C7-D65E-465D-AB28-AE8E4CC50DB5}
2014-10-13 18:51 - 2014-10-13 18:52 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{DC1FD377-C452-4F80-A2D2-079CEA3E2D8E}
2014-10-13 10:46 - 2014-10-13 10:46 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-13 06:37 - 2014-10-13 06:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{AF9D0675-DDCE-4036-A956-355C43F60DE0}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-12 15:09 - 2014-09-11 20:37 - 00000000 ____D () C:\Windows\rescache
2014-11-12 14:54 - 2012-02-02 09:37 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-12 14:39 - 2012-09-03 06:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 13:45 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 13:45 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 13:43 - 2011-04-12 08:43 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-11-12 13:43 - 2011-04-12 08:43 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-11-12 13:43 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-12 13:42 - 2011-11-24 11:16 - 01342101 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 13:39 - 2012-11-16 13:08 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\Dropbox
2014-11-12 13:39 - 2012-02-02 09:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-12 13:38 - 2011-11-24 15:54 - 00105609 _____ () C:\Windows\setupact.log
2014-11-12 13:38 - 2010-11-21 04:47 - 00420254 _____ () C:\Windows\PFRO.log
2014-11-12 13:38 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 13:36 - 2013-12-26 02:12 - 00001099 _____ () C:\Users\Toni_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-11-12 13:36 - 2012-02-15 22:55 - 00000000 ____D () C:\Users\Toni_02
2014-11-12 13:35 - 2014-02-27 20:57 - 4015803922 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-11-12 13:21 - 2013-08-12 15:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-11-12 13:12 - 2013-08-13 20:00 - 00036821 _____ () C:\Windows\wininit.ini
2014-11-12 13:04 - 2013-10-01 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-12 11:58 - 2012-09-12 12:28 - 00240800 _____ () C:\Users\Toni Standard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-12 11:58 - 2012-02-15 22:55 - 00240800 _____ () C:\Users\Toni_02\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-12 11:57 - 2009-07-14 05:45 - 05801584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 11:56 - 2014-05-06 23:09 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 11:47 - 2011-11-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-12 11:45 - 2013-08-14 11:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 11:42 - 2011-11-24 12:00 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 11:04 - 2013-10-22 12:57 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\vlc
2014-11-12 10:39 - 2012-04-05 08:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 10:39 - 2011-11-24 12:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 09:41 - 2012-04-28 14:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-12 09:32 - 2013-07-29 08:12 - 00000261 _____ () C:\Users\Toni Standard\AppData\Roaming\WB.CFG
2014-11-12 07:38 - 2012-09-12 12:28 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\Adobe
2014-11-05 07:27 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-04 19:35 - 2012-04-05 08:36 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-23 07:33 - 2012-09-27 16:04 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\Audacity
2014-10-23 07:33 - 2012-07-28 11:34 - 00000000 ____D () C:\Users\2th Device
2014-10-23 07:33 - 2011-11-24 14:14 - 00000000 ____D () C:\Users\Administrator
2014-10-23 07:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-10-23 06:47 - 2012-09-12 12:28 - 00000000 ____D () C:\Users\Toni Standard
2014-10-18 11:31 - 2014-09-19 06:24 - 00000000 ____D () C:\Users\Toni_02\AppData\Local\Adobe
2014-10-16 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-14 10:11 - 2012-07-03 14:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-10-14 10:11 - 2012-07-03 14:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-10-14 10:11 - 2012-07-03 14:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-10-14 10:11 - 2012-07-03 14:09 - 00000000 ____D () C:\Program Files\Java
2014-10-14 10:11 - 2012-06-28 11:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-13 10:48 - 2012-08-08 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-10-13 10:48 - 2012-08-08 19:35 - 00000000 ____D () C:\Program Files (x86)\Nero
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2976.dll
Some content of TEMP:
====================
C:\Users\Toni Standard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpn7g0qr.dll
C:\Users\Toni Standard\AppData\Local\Temp\i4jd4668773831472855398.exe
C:\Users\Toni Standard\AppData\Local\Temp\i4jdel0.exe
C:\Users\Toni Standard\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Toni Standard\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\Toni_02\AppData\Local\Temp\ICReinstall_installer_flash_player_Deutsch.exe
C:\Users\Toni_02\AppData\Local\Temp\nse5506.exe
C:\Users\Toni_02\AppData\Local\Temp\nsp9D2F.exe
C:\Users\Toni_02\AppData\Local\Temp\Quarantine.exe
C:\Users\Toni_02\AppData\Local\Temp\Setup.exe
C:\Users\Toni_02\AppData\Local\Temp\sqlite3.dll
C:\Users\Toni_02\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Toni_02\AppData\Local\Temp\tester.dll
C:\Users\Toni_02\AppData\Local\Temp\utt2CEF.tmp.exe
C:\Users\Toni_02\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
Gruß Toni69 |
|
12.11.2014, 15:38
| #4 |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit Werbung Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Downloade Dir bitte  Malwarebytes Anti-Malware
Starte noch einmal FRST.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
12.11.2014, 19:47
| #5 |
| | Firefox öffnet selbstständig Tabs mit Werbung Hallo TIMO,... habe mit Revo Uninstaller Vuze Remote Toolbar deinstalliert. SavingsBull zeigte führte das Programm nicht in der Liste auf. Dafür aber 'snap.do'. Nach kurzem Googlen entfernte ich dies. In der Systemsteuerung/Software deinstallieren wurde es angezeigt. Ist jedenfalls nun deinstalliert. Scann mit AdwCleaner brachte keine Ergebnisse mehr. Könnte ein gutes Zeichen sein. Allerdings erhielt ich wieder keine Logdatei, sodass ich nichts posten kann. Junkware Removal Tool brachte den unten stehenden Text. Allerdings gibt's momentan ein Problem: Nach dem Scann funktioniert Rechtsklick mit der Maus auf dem Desktop nicht mehr. Darstellungsauflösung ist verändert und Links lassen sich im Explorer nicht mehr mit Doppelklick öffnen. Firefox ist plötzlich neu; alle Einstellungen sind weg... Hier erst einmal JRT.txt: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Professional x64
Ran by Toni_02 on 12.11.2014 at 16:36:50,25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{0AF7D6DC-BC74-42B9-BDC3-43607C54092F}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{0FD9C392-08CD-48A4-B98C-51E207B0E622}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{123443E7-0FE3-43B6-82B6-E4BED9B32E4E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{129D0256-DA5E-4285-8F0C-81F6F234A77C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{1A0238EB-385D-4DCF-8587-080616866562}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{1A6B4A7C-9AEB-4E9B-A188-9C37200C3CAA}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{1DE8EF6B-D4A6-4603-B59F-6DA74F667DEF}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{1E17C3A7-CF7F-4209-9435-D124A89B83DE}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{221CBA67-45D9-43B0-8E7E-EC2598318EE2}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{25AE90F3-8FE6-43C8-8340-5673A4FA5147}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{283F4D77-A771-447D-A19A-A5963739E25E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{29E1E355-9A1C-47BC-9076-938F92C9A81D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{2A760A38-91CC-4933-9ABB-4E3F89522D5C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{2AF9A11F-1E13-4D5B-86DB-55EF893D78AB}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{2EF56348-F227-4975-9EDB-FF599BD419AA}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{3566869F-F011-4869-8F0D-EA255EA3919D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{37415E38-DA00-4595-A46C-AEE0B2ACF23D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{3974192F-B723-4E58-A82F-D199822F7554}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{3E9E8276-8BAC-4D6C-9AA5-18A6A5901A0D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{41E3ADB6-C6F6-4652-A22A-84F7C8A228AF}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{42DFB99E-D67D-42E0-ADAC-C1608785BB91}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{43E47A57-2996-4FB9-B0AC-B9672EAD51FA}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{4500B5CE-A9A3-4265-8EB2-CF9916D5DC76}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{4724BF5C-2BB1-4DBB-8540-904205E02A91}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{48113D90-7674-437F-B837-591EE6249F5E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{4AE8AF1A-4BEC-4304-9F58-7B925EFB5072}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{4E3AD42F-7AA4-41E3-ADE1-536DEBD253C1}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{50B38D3B-D848-4C18-BC86-3B6CBB140C5A}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{51A31E5A-E3FD-4C2E-A1D8-1EBB0CED6CB9}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{5231AB34-0811-4381-8400-471146DDB529}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{5576804D-4ABE-4E9F-87F0-03DDC8285333}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{56A163EC-089B-45F9-8BA7-D7F1549CDD66}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{5E1AED2C-0504-4717-968C-C76C203C2F2E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{60209DEB-43C6-40FC-8DAE-25DA8C0B70F7}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{6C7B2B3A-FD6E-4F20-93E0-80F4C087A71A}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{6E905B61-4364-4E30-9F96-EA0C43634215}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{6EAAACC6-DD46-4965-BCD0-8B5088224D84}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{73F5C54D-10F7-4B8B-8CEE-19139AEDE996}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{79339E2B-AEFB-4705-98F4-C409EFF6F420}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{79EDFAC6-F4E5-4C82-ABB0-C73DC96E065C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7A2EB50E-1D75-42EB-AB54-7F3FADA93A72}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7AA419B2-0D45-49FD-AD86-766515CA0F7D}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7AEAC43E-376D-4D0E-8A75-27F50ADBFED7}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7CCE760D-A46D-4964-A7C6-67FBCE2DD9F8}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7E48D7AF-A478-40B0-865D-ED2F01FE8CA0}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{7FB6421F-6C82-4000-B558-D5D048FBD203}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{8173CDBD-A9D8-42F9-9A4D-9EEDD9DC0117}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{8413DFEA-F425-4E93-A035-F468C357D499}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{843E14F9-179A-4405-BCFB-012EF741F35B}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{86F99659-0793-420B-BBB5-207D3B7F74A2}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{88B5D46D-C836-4BB1-8BC1-1A215AE834BD}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{8C98021C-4BC6-452B-A109-08CB2E9EA2C8}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{91F2403D-26C9-4177-BCEB-C4E84D5A7758}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9323EA2B-3FCA-4F2F-9DB9-33A7D9160B0F}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9769664E-5D99-4537-BB83-8F1EA2BD047C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9B03D94A-21F9-4D9F-9CA8-EDCDEACB2E90}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9B128F21-14D0-4CD1-A428-E70393FCBD45}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9BBA8798-50B8-4C36-B5D6-18A581DCF992}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{9F8114C4-7488-4A91-BC16-1481C1311E3A}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{A0777764-C93F-4ECE-8DE0-2436805DA9D9}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{A198D97A-BEF4-4C27-A0E5-9EA3E82B52E5}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{A43C530F-9876-4962-A4B4-F7CE688AB5CC}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{A6E9A3ED-7BDF-4C34-AA4B-3DF8E8B3127A}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{AAA0D4AF-DFB7-4A6A-81FC-79F8DB33B3C5}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{AF81A583-70E8-41A0-8A48-5A88F530EA48}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{B157F549-7830-44C3-B2F1-64D43E0E3A75}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{B265D4CF-027F-4E2E-93E9-918ABB5B96FC}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{B30E6AB9-6392-4D90-BCEF-F3AF187FEE80}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{C39DF455-44FB-42FE-A9E7-7FCA2EE6857C}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{C4BAF178-1E68-45A2-BC22-E41D2E35F0B9}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{C9F0A375-9729-4D29-A2B2-ABDFAAF721F1}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{CA85EAE0-1BA6-4E25-B92E-E853403FCB87}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{CCF404B0-D58A-48E0-BCC0-D10BF7361D64}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{D0AE954D-AEEA-4E0C-867B-CE126F2E2966}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{D62DA920-1070-4B19-909B-02C35AF51FF4}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{D6F7BF4B-B28F-41AB-966E-C4BAD7B70722}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{D833FCD9-2150-470D-991A-AB5AD79789B7}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{DB16E7AB-A4B6-476B-9448-2176770CE7D1}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{DF4BB3D3-9A72-4653-A2E7-01724A8513F3}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{E1E3B74C-CBCB-4FD0-BEE0-6613BFDC15A0}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{E3E2653F-8166-4EBF-869B-E9F67707F354}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{E4090FC7-3ECE-4CA7-902C-548956487D86}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{E8EB63F6-033E-474C-9903-DF569AA6AC51}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{EC54D130-C5D8-4029-AA6C-9CA302403723}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{ED62C5A3-447E-4A1E-986C-B0DF4C9CC3CF}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{F6AAF6E9-D728-4450-ADE1-F45D0E54139E}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{F99ECE78-E367-4CFD-914B-3360829DC138}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{FC19CCAC-F0B3-4F97-A9CF-A38F38143DA0}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{FE363F9D-0507-411D-B5CE-8F18EA7772D9}
Successfully deleted: [Empty Folder] C:\Users\Toni_02\appdata\local\{FEB7D47B-3550-42FB-9107-F9182DB6DC28}
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\smartbar
Successfully deleted: [Folder] C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\extensions\staged
Successfully deleted: [Folder] C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Successfully deleted the following from C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\prefs.js
user_pref("extensions.AMAZONNEW_NS_PH.toolbarXMLText", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<toolbar>\n <replacements>\n <replacement>\n <key><![CDATA[__REGIO
user_pref("valueApps.storage.mam_gk_userId", "35613464663365362D666336362D346631622D393735372D336264623336656163663331");
Emptied folder: C:\Users\Toni_02\AppData\Roaming\mozilla\firefox\profiles\e0qifbjd.default\minidumps [3 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.11.2014 at 16:38:29,62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hallo TIMO,... nach Neustart war alles wieder im 'Normalzustand' und somit gab's keine Probleme. Hier nun mbam.txt --> es sind zwei, da es zwei Scanns gab (ergab sich so, weil das Fenster verschwunden war und ich einen neuen Scann durchführte. Dann kam die Meldung vom ersten. Somit gibt's zwei mbam.txt-Dateien: 2014-11-18_mbam1.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 2014-11-12 Suchlauf-Zeit: 17:52:06 Logdatei: 2014-11-18_mbam1.txt Administrator: Nein Version: 2.00.3.1025 Malware Datenbank: v2014.11.12.08 Rootkit Datenbank: v2014.11.12.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Toni Standard Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 479110 Verstrichene Zeit: 6 Min, 59 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 1 PUP.LoadTubes, C:\Program Files (x86)\Mozilla Firefox\plugins\npmieze.dll, In Quarantäne, [9553a69484f8999dfb43655906fad42c], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Update, 2014-11-12 17:43:25, SYSTEM, TONI-PC, Manual, Rootkit Database, 2014.9.18.1, 2014.11.12.1, Update, 2014-11-12 17:43:28, SYSTEM, TONI-PC, Manual, Malware Database, 2014.9.19.5, 2014.11.12.8, Scan, 2014-11-12 18:17:55, SYSTEM, TONI-PC, Manual, Start: % 1 "% 2", Dauer: % 1 min 6 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "% 1" nicht-Malware-Erkennung, (end) 2014-11-18_FRST_02.txt: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014 Ran by Toni Standard (ATTENTION: The logged in user is not administrator) on TONI-PC on 12-11-2014 18:29:08 Running from L:\T\TECHNICS PC\PC Security\Farbar Recovery Scan Tool FRST64 Loaded Profiles: Toni_02 & Toni Standard (Available profiles: Toni_02 & 2th Device & Toni Standard & Administrator) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe (Microsoft Corporation) C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe (UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe () C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Nero AG) C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMConfig.exe (Dropbox, Inc.) C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (UASSOFT.COM) C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMProcess.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe (Steganos Software GmbH) C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-18] (CANON INC.) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-04-30] (Intel Corporation) HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [41360 2014-09-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.) HKLM-x32\...\Run: [KMConfig] => "C:\Program Files (x86)\Multimedia Keyboard Driver\V5\StartAutorun.exe" KMConfig.exe HKLM-x32\...\Run: [WheelMouse] => C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE [61440 2000-05-08] () HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG) HKLM-x32\...\Run: [NWEReboot] => [X] HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe [1493288 2012-01-13] (Nero AG) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [SAFE2012 HotKeys] => C:\Program Files (x86)\Steganos Safe 2012\SteganosHotKeyService.exe [84480 2012-11-19] (Steganos Software GmbH) HKLM-x32\...\Run: [SAFE2012 File Redirection Starter] => C:\Program Files (x86)\Steganos Safe 2012\fredirstarter.exe [17408 2012-11-19] (Steganos Software GmbH) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\RunOnce: [SpUninstallCleanUp] => REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2014-10-01] (Malwarebytes Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2013-01-16] (Hewlett-Packard Company) HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\Music and more\DAEMON Tools Lite\DTLite.exe [3481408 2012-02-13] (DT Soft Ltd) HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\Run: [CSmileys] => "C:\Program Files (x86)\Crawler\Smileys\CSmileysIM.exe" HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\MountPoints2: {0276705e-2a81-11e2-aa71-50e5493e14f5} - J:\unlock.exe autoplay=true HKU\S-1-5-21-1612934075-448063179-3665729200-1007\...\MountPoints2: {530ae508-febe-11e2-b141-50e5493e14f5} - S:\pushinst.exe Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Action Manager 32.lnk ShortcutTarget: Action Manager 32.lnk -> C:\Program Files (x86)\Plustek\OpticPro ST48\AM32.exe () Startup: C:\Users\Toni Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Toni_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\Users\Toni Standard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = SearchScopes: HKCU - {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZO^xdm071^YYA^de&si=PI_UT_FIG_GER_147&ptb=6E4AD4F7-E173-4450-8681-A8FBB50F25DC&ind=2013072903&n=77fd0e07&psa=&st=sb&searchfor={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll (BitComet) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKU\S-1-5-21-1612934075-448063179-3665729200-1007 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab Tcpip\..\Interfaces\{86EA66A2-B974-40D7-B70D-DF7EF99D26E7}: [NameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default FF Homepage: https://www.google.de/?gws_rd=cr&ei=lRG8UsLUCdDUsganj4C4Aw FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll () FF Plugin: @java.com/DTPlugin,version=10.4.0 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll No File FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.20.2 -> C:\Windows\SysWOW64\npdeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files (x86)\Java\jre1.8.0_20\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll (1 mal 1 Software GmbH) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Flash Video Downloader - Full HD Download - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\artur.dubovoy@gmail.com [2014-11-12] FF Extension: YouTube Unblocker - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-08] FF Extension: Flashblock - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2014-01-16] FF Extension: mediaplayerconnectivity - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{84b24861-62f6-364b-eba5-2e5e2061d7e6} [2014-03-24] FF Extension: WOT - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-01-12] FF Extension: BitComet Video Downloader - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2014-07-27] FF Extension: DownloadHelper - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-06] FF Extension: CSHelper - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{d91a2be6-3b56-4dfb-97f5-5e48fe3ed473} [2013-12-04] FF Extension: JavaScript Deobfuscator - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2012-10-10] FF Extension: Shockwave Flash Shield Free - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{5bac7493-d3a3-4d09-a516-67c368e813eb}.xpi [2013-11-05] FF Extension: Adblock Plus - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-16] FF Extension: DownThemAll! - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-08-14] FF Extension: {e47bab36-4a3c-45b6-b046-aead3fde2b67} - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{e47bab36-4a3c-45b6-b046-aead3fde2b67}.xpi [2013-10-30] FF Extension: QuickJava - C:\Users\Toni Standard\AppData\Roaming\Mozilla\Firefox\Profiles\fmsvmakq.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2012-10-10] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-11-24] Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] () R2 KMWDSERVICE; C:\Program Files (x86)\Multimedia Keyboard Driver\V5\KMWDSrv.exe [2179072 2007-05-08] (UASSOFT.COM) [File not signed] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2013-01-16] (Hewlett-Packard Company) [File not signed] R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation) R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed] R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital ) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-19] (Western Digital) R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital ) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-27] (DT Soft Ltd) S3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.) S3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation) R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [108648 2012-07-24] (Softwareentwicklung Remus - ArchiCrypt - ) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564792 2012-02-27] (Duplex Secure Ltd.) R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] () S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [8944 1999-05-05] (Microsoft Corporation) [File not signed] U3 a2obxh1d; C:\Windows\System32\Drivers\a2obxh1d.sys [0 ] (Microsoft Corporation) S3 gdrv; \??\C:\Windows\gdrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-12 17:43 - 2014-11-12 17:43 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-12 17:43 - 2014-11-12 17:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-12 17:42 - 2014-11-12 17:43 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-12 17:42 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-12 17:42 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-12 16:36 - 2014-11-12 16:36 - 00000000 ____D () C:\Windows\ERUNT 2014-11-12 16:00 - 2014-11-12 16:00 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-11-12 15:23 - 2014-11-12 18:29 - 00000000 ____D () C:\FRST 2014-11-12 07:35 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-12 07:35 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-12 07:35 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-11-12 07:35 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-12 07:35 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-11-12 07:35 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-12 07:35 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-12 07:35 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-12 07:35 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-12 07:35 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-12 07:35 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-12 07:35 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-12 07:35 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-12 07:35 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-12 07:35 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-12 07:35 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-12 07:35 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-11-12 07:35 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-12 07:35 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-11-12 07:35 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-12 07:35 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-12 07:35 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-12 07:35 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-12 07:35 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-12 07:35 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-12 07:35 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-12 07:35 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-12 07:35 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-12 07:35 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-12 07:35 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-12 07:35 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-12 07:35 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-12 07:35 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-12 07:35 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-12 07:35 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-12 07:35 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-12 07:35 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-12 07:35 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-12 07:35 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-12 07:35 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-11-12 07:35 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-12 07:35 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-12 07:35 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-12 07:35 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-12 07:35 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-12 07:35 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-12 07:35 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-12 07:35 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-12 07:35 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-11-12 07:35 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-12 07:35 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-12 07:35 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-12 07:35 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-12 07:35 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-12 07:35 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-12 07:35 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-12 07:35 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-12 07:35 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-12 07:35 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-12 07:35 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-12 07:35 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-11-12 07:35 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-12 07:35 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-12 07:35 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-12 07:35 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-11-12 07:35 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-11-12 07:35 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-12 07:35 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-12 07:34 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-12 07:34 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-12 07:34 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-12 07:34 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-12 07:34 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-12 07:34 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-12 07:34 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-12 07:34 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-12 07:34 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-12 07:34 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-12 07:34 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-12 07:34 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-12 07:34 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-12 07:34 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-12 07:34 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-11-12 07:34 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-11-12 07:34 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-11-12 07:34 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-12 07:34 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-11-12 07:34 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-12 07:34 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-11-12 07:34 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL 2014-11-12 07:34 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL 2014-11-12 07:30 - 2014-11-12 07:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{88E11022-9BE3-4BFB-AAC0-062986CE78B9} 2014-11-12 00:01 - 2014-11-12 00:01 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{FB92A79F-CEC0-43E5-B2E4-7C48E30B98B9} 2014-11-11 12:00 - 2014-11-11 12:00 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{ED51EB56-9E71-4D5E-8502-2023E6A826F8} 2014-11-10 23:56 - 2014-11-10 23:56 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{7DF076F2-7252-4B6C-82C3-B1AB2D76D037} 2014-11-10 07:32 - 2014-11-10 07:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{8FE69347-E451-466D-B26F-94CC588F814E} 2014-11-09 00:46 - 2014-11-09 00:46 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{45AF8342-6ECD-4A21-99BB-DD31696E45A7} 2014-11-07 07:31 - 2014-11-07 07:31 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{84DBE661-F8C1-480A-9CC7-131CEB8E4CDB} 2014-11-06 13:19 - 2014-11-06 13:19 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{151F34D1-78A2-4756-BC50-AC75D19E4ED6} 2014-11-05 23:59 - 2014-11-05 23:59 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{B6305BAA-F18F-4DCE-B432-AFA8FB9C5713} 2014-11-05 07:28 - 2014-11-05 07:29 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2D5E13D0-A56B-4EA8-81E9-EF55EB27EE80} 2014-11-04 13:06 - 2014-11-04 13:07 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{937DEF99-B37E-4AB8-A6B4-A791A6BB7D03} 2014-11-03 23:36 - 2014-11-03 23:36 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D673CE2C-98CA-4547-A605-5FA4828F64B1} 2014-11-03 07:38 - 2014-11-03 07:38 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2E454D51-213B-4904-98CC-91FC3BA0938D} 2014-11-02 17:16 - 2014-11-02 17:16 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{2E8D3722-E4CE-4B04-885E-696D3480E37D} 2014-10-31 12:49 - 2014-10-31 12:50 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E0F2CE79-562A-44D5-95F5-23ADE9D9CF52} 2014-10-30 23:37 - 2014-10-30 23:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{43F93C75-CFA0-4DDE-9743-03CA08AEAEC9} 2014-10-30 10:32 - 2014-10-30 10:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{4B309154-603A-4460-85B4-E42D69AD7DBA} 2014-10-29 21:37 - 2014-10-29 21:38 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{8355E5A4-4153-4428-9115-A8759A568416} 2014-10-29 07:26 - 2014-10-29 07:27 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E0CB9992-C908-40C3-A00E-AC7DEE8E49F4} 2014-10-28 13:01 - 2014-10-28 13:01 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{12678058-11C6-4087-A030-8998BD12091D} 2014-10-27 22:17 - 2014-10-27 22:18 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{5E4110B6-BB24-4D46-90CE-C81268F99974} 2014-10-27 07:37 - 2014-10-27 07:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{4D187049-020B-4AB1-83DD-66E3BD2D7F0A} 2014-10-26 15:29 - 2014-10-26 15:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{C1FDBF88-8D51-48A0-B2C6-258589117691} 2014-10-25 11:14 - 2014-10-25 11:14 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{BD6401DA-8C73-447F-8172-26DFD6E66F02} 2014-10-24 23:12 - 2014-10-24 23:12 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{0FA5A21F-1220-448A-ACFF-0AEFC06CCCB8} 2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime 2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-10-24 13:06 - 2014-10-24 13:06 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2014-10-24 07:21 - 2014-10-24 07:21 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D0263E6C-C7F5-4190-ACF7-6B5D5D2EB4CC} 2014-10-23 19:10 - 2014-10-23 19:10 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{1FDBE744-AFA0-46F5-B43B-4B67ABAAAA4B} 2014-10-23 06:48 - 2014-10-23 06:48 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{073ED4FC-73F7-47E9-AAD3-177D1151A7D1} 2014-10-22 18:22 - 2014-10-22 18:23 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E57BAA36-0A08-43BF-8D8A-EE042B7593F1} 2014-10-22 06:22 - 2014-10-22 06:22 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{7F344EF7-8696-421C-98BA-CDEA0DDDE272} 2014-10-21 11:55 - 2014-10-21 11:55 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{A791F545-BE30-4D22-9213-19607E128CF7} 2014-10-20 22:44 - 2014-10-20 22:44 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{6047BB1D-FBB3-493E-BC56-192BECF3A6C3} 2014-10-20 06:22 - 2014-10-20 06:22 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{851ED735-6FF8-45C9-A8BF-C693F665970E} 2014-10-18 11:32 - 2014-10-18 11:32 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{92A7216B-8E3C-44A1-9428-D0E7A3CF46CC} 2014-10-17 21:26 - 2014-10-17 21:26 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{0B0230CB-47B0-42A5-AACC-DEB4CA9B7F04} 2014-10-17 08:46 - 2014-10-17 08:46 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{1EE14C65-6665-4DE2-A9B0-212458E2CC2D} 2014-10-16 20:44 - 2014-10-16 20:45 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{F009122B-79E7-4815-9A59-A18454C6D2E0} 2014-10-16 06:29 - 2014-10-16 06:30 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{D882529D-1F71-4756-854B-0BD085EB31A5} 2014-10-15 12:41 - 2014-10-15 12:41 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{298337DC-DB6B-4520-8872-883E4B348CD4} 2014-10-15 06:33 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2014-10-15 06:33 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2014-10-15 06:33 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-10-15 06:33 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-10-15 06:33 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2014-10-15 06:33 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2014-10-15 06:33 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2014-10-15 06:33 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2014-10-15 06:33 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2014-10-15 06:33 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2014-10-15 06:33 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2014-10-15 06:33 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-10-15 06:33 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-10-15 06:33 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-10-15 06:33 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-10-15 06:33 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-10-15 06:33 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-10-15 06:33 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-10-15 06:33 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-10-15 06:33 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-10-15 06:33 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-10-15 06:33 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-10-15 06:33 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-10-15 06:33 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-10-15 06:33 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-10-15 06:33 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-10-15 06:33 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-10-15 06:33 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2014-10-15 06:33 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2014-10-15 06:33 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2014-10-15 06:33 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-10-15 06:33 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-10-15 06:33 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-10-15 06:33 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-10-15 06:33 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-10-15 06:33 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-10-15 06:33 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-10-15 06:33 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-10-15 06:33 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-15 06:33 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-15 06:32 - 2014-09-05 03:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-15 06:32 - 2014-09-05 02:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-15 06:32 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-15 06:32 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-15 06:32 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-10-15 06:32 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-15 06:32 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-15 06:32 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-15 06:32 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-15 06:32 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-15 06:32 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-14 22:28 - 2014-10-14 22:28 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{E7E27D0F-16E6-4E44-AF82-1BB73DB83C65} 2014-10-14 10:16 - 2014-11-04 07:32 - 00000000 ____D () C:\Users\Toni Standard\.mediathek3 2014-10-14 10:11 - 2014-10-14 10:11 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll 2014-10-14 10:11 - 2014-08-31 15:18 - 00894888 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll 2014-10-14 10:11 - 2014-08-31 15:18 - 00815528 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2014-10-14 10:11 - 2012-07-03 14:09 - 00955848 _____ (Oracle Corporation) C:\Windows\system32\npDeployJava1.dll 2014-10-14 10:11 - 2012-07-03 14:09 - 00839112 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll 2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\Users\Toni_02\AppData\Roaming\Abelssoft 2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\Users\Toni_02\AppData\Local\Abelssoft 2014-10-14 10:05 - 2014-10-14 10:05 - 00000000 ____D () C:\ProgramData\XDMessagingv4 2014-10-14 10:05 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll 2014-10-14 10:05 - 2011-03-25 19:42 - 00338432 _____ () C:\Windows\SysWOW64\sqlite36_engine.dll 2014-10-14 08:34 - 2014-10-14 08:34 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{CED3B3C7-D65E-465D-AB28-AE8E4CC50DB5} 2014-10-13 18:51 - 2014-10-13 18:52 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{DC1FD377-C452-4F80-A2D2-079CEA3E2D8E} 2014-10-13 10:46 - 2014-10-13 10:46 - 00000000 ____D () C:\ProgramData\Package Cache 2014-10-13 06:37 - 2014-10-13 06:37 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\{AF9D0675-DDCE-4036-A956-355C43F60DE0} ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-12 18:28 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-12 18:28 - 2009-07-14 05:45 - 00031872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-12 18:25 - 2011-04-12 08:43 - 00699432 _____ () C:\Windows\system32\perfh007.dat 2014-11-12 18:25 - 2011-04-12 08:43 - 00149572 _____ () C:\Windows\system32\perfc007.dat 2014-11-12 18:25 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-12 18:24 - 2011-11-24 11:16 - 01387959 _____ () C:\Windows\WindowsUpdate.log 2014-11-12 18:22 - 2012-11-16 13:08 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\Dropbox 2014-11-12 18:22 - 2012-02-02 09:37 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-12 18:20 - 2012-09-10 16:18 - 00000000 ____D () C:\Windows\Sun 2014-11-12 18:20 - 2011-11-24 15:54 - 00105777 _____ () C:\Windows\setupact.log 2014-11-12 18:20 - 2010-11-21 04:47 - 00484198 _____ () C:\Windows\PFRO.log 2014-11-12 18:20 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-12 17:54 - 2012-02-02 09:37 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-12 17:43 - 2012-09-10 22:33 - 00000000 ____D () C:\Users\Toni_02\AppData\Roaming\Malwarebytes 2014-11-12 17:43 - 2012-09-10 22:32 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-12 17:39 - 2012-09-03 06:55 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-11-12 16:37 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2014-11-12 15:09 - 2014-09-11 20:37 - 00000000 ____D () C:\Windows\rescache 2014-11-12 13:36 - 2013-12-26 02:12 - 00001099 _____ () C:\Users\Toni_02\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-11-12 13:36 - 2012-02-15 22:55 - 00000000 ____D () C:\Users\Toni_02 2014-11-12 13:35 - 2014-02-27 20:57 - 4015803922 _____ () C:\Windows\system32\SavingsBullFilterService.log 2014-11-12 13:21 - 2013-08-12 15:32 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-11-12 13:04 - 2013-10-01 13:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-12 11:58 - 2012-09-12 12:28 - 00240800 _____ () C:\Users\Toni Standard\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-12 11:58 - 2012-02-15 22:55 - 00240800 _____ () C:\Users\Toni_02\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-12 11:57 - 2009-07-14 05:45 - 05801584 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-12 11:56 - 2014-05-06 23:09 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-12 11:47 - 2011-11-24 12:41 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-11-12 11:45 - 2013-08-14 11:07 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-12 11:42 - 2011-11-24 12:00 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-12 11:04 - 2013-10-22 12:57 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\vlc 2014-11-12 10:39 - 2012-04-05 08:01 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-12 10:39 - 2011-11-24 12:39 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-12 09:41 - 2012-04-28 14:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-12 09:32 - 2013-07-29 08:12 - 00000261 _____ () C:\Users\Toni Standard\AppData\Roaming\WB.CFG 2014-11-12 07:38 - 2012-09-12 12:28 - 00000000 ____D () C:\Users\Toni Standard\AppData\Local\Adobe 2014-11-05 07:27 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-11-04 19:35 - 2012-04-05 08:36 - 00000000 ____D () C:\ProgramData\CanonIJPLM 2014-10-30 12:25 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-23 07:33 - 2012-09-27 16:04 - 00000000 ____D () C:\Users\Toni Standard\AppData\Roaming\Audacity 2014-10-23 07:33 - 2012-07-28 11:34 - 00000000 ____D () C:\Users\2th Device 2014-10-23 07:33 - 2011-11-24 14:14 - 00000000 ____D () C:\Users\Administrator 2014-10-23 07:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration 2014-10-23 06:47 - 2012-09-12 12:28 - 00000000 ____D () C:\Users\Toni Standard 2014-10-18 11:31 - 2014-09-19 06:24 - 00000000 ____D () C:\Users\Toni_02\AppData\Local\Adobe 2014-10-16 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-10-16 06:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-10-14 10:11 - 2012-07-03 14:09 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe 2014-10-14 10:11 - 2012-07-03 14:09 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe 2014-10-14 10:11 - 2012-07-03 14:09 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe 2014-10-14 10:11 - 2012-07-03 14:09 - 00000000 ____D () C:\Program Files\Java 2014-10-14 10:11 - 2012-06-28 11:40 - 00000000 ____D () C:\Program Files (x86)\Java 2014-10-13 10:48 - 2012-08-08 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2014-10-13 10:48 - 2012-08-08 19:35 - 00000000 ____D () C:\Program Files (x86)\Nero Files to move or delete: ==================== C:\Users\Public\AlexaNSISPlugin.2976.dll Some content of TEMP: ==================== C:\Users\Toni Standard\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpa4s_io.dll C:\Users\Toni Standard\AppData\Local\Temp\i4jd4668773831472855398.exe C:\Users\Toni Standard\AppData\Local\Temp\i4jdel0.exe C:\Users\Toni Standard\AppData\Local\Temp\jre-8u20-windows-au.exe C:\Users\Toni Standard\AppData\Local\Temp\vlc-2.1.5-win32.exe C:\Users\Toni_02\AppData\Local\Temp\Quarantine.exe C:\Users\Toni_02\AppData\Local\Temp\Setup.exe C:\Users\Toni_02\AppData\Local\Temp\sqlite3.dll C:\Users\Toni_02\AppData\Local\Temp\System.Data.SQLite.dll C:\Users\Toni_02\AppData\Local\Temp\tester.dll C:\Users\Toni_02\AppData\Local\Temp\vcredist_x64.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ --- --- --- Gruß Toni |
|
13.11.2014, 09:10
| #6 |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit Werbung Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter SearchScopes: HKCU - {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZO^xdm071^YYA^de&si=PI_UT_FIG_GER_147&ptb=6E4AD4F7-E173-4450-8681-A8FBB50F25DC&ind=2013072903&n=77fd0e07&psa=&st=sb&searchfor={searchTerms}
Toolbar: HKU\S-1-5-21-1612934075-448063179-3665729200-1007 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:7D2C66B1
AlternateDataStreams: C:\ProgramData\TEMP:E36A723B
AlternateDataStreams: C:\Users\Toni Standard\Cookies:6MopXCGd0f7LxfgxjAfo8Tx
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloade Dir bitte  SecurityCheck und:
ESET Online Scanner
__________________ --> Firefox öffnet selbstständig Tabs mit Werbung |
|
13.11.2014, 21:23
| #7 |
| | Firefox öffnet selbstständig Tabs mit Werbung Guten Abend, TIMO,... hier die Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-11-2014
Ran by Toni Standard at 2014-11-13 11:48:01 Run:1
Running from L:\T\TECHNICS PC\PC Security\Farbar Recovery Scan Tool FRST64
Loaded Profiles: Toni_02 & Toni Standard (Available profiles: Toni_02 & 2th Device & Toni Standard & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
SearchScopes: HKCU - {84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^ZO^xdm071^YYA^de&si=PI_UT_FIG_GER_147&ptb=6E4AD4F7-E173-4450-8681-A8FBB50F25DC&ind=2013072903&n=77fd0e07&psa=&st=sb&searchfor={searchTerms}
Toolbar: HKU\S-1-5-21-1612934075-448063179-3665729200-1007 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:7D2C66B1
AlternateDataStreams: C:\ProgramData\TEMP:E36A723B
AlternateDataStreams: C:\Users\Toni Standard\Cookies:6MopXCGd0f7LxfgxjAfo8Tx
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni Standard\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temp:6SwxtUJwTyGYTI1Dui7Qvhlhw6
AlternateDataStreams: C:\Users\Toni_02\AppData\Local\Temporary Internet Files:LROZLtS1iMUXCUZZLmOpBycZdrhJ8
emptytemp:
*****************
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}" => Key not found.
"HKCR\CLSID\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}" => Key not found.
HKU\S-1-5-21-1612934075-448063179-3665729200-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
"HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => Key not found.
"C:\ProgramData\TEMP" => ":373E1720" ADS not found.
"C:\ProgramData\TEMP" => ":7D2C66B1" ADS not found.
"C:\ProgramData\TEMP" => ":E36A723B" ADS not found.
"C:\Users\Toni Standard\Cookies" => ":6MopXCGd0f7LxfgxjAfo8Tx" ADS not found.
C:\Users\Toni Standard\AppData\Local\Temp => ":6SwxtUJwTyGYTI1Dui7Qvhlhw6" ADS removed successfully.
"C:\Users\Toni Standard\AppData\Local\Temporary Internet Files" => ":LROZLtS1iMUXCUZZLmOpBycZdrhJ8" ADS not found.
C:\Users\Toni_02\AppData\Local\Temp => ":6SwxtUJwTyGYTI1Dui7Qvhlhw6" ADS removed successfully.
"C:\Users\Toni_02\AppData\Local\Temporary Internet Files" => ":LROZLtS1iMUXCUZZLmOpBycZdrhJ8" ADS not found.
EmptyTemp: => Removed 3.5 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
Code:
ATTFilter Results of screen317's Security Check version 0.99.89
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 20
Java version out of Date!
Adobe Flash Player 15.0.0.223
Adobe Reader XI
Mozilla Firefox (33.1)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=80829c6aeb33f4429a059e374e351916
# engine=21071
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-11-13 12:49:58
# local_time=2014-11-13 01:49:58 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 5465058 110060608 0 0
# scanned=467463
# found=9
# cleaned=0
# scan_time=3893
sh=A77DAB0CC1A063A0AC9B44E94E12FA6598810723 ft=0 fh=0000000000000000 vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="C:\Program Files\Vuze\bunndle.zip"
sh=6B6105C0BF9C8942B523C7BC6279BF1D241909BA ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\temp\InstallFilter64.msi"
sh=153D61D882922BA440ED0EDB0BE44F58CB47DC5B ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\2th Device\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E3KS1LYF\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi"
sh=153D61D882922BA440ED0EDB0BE44F58CB47DC5B ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\3th Device.Toni-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L9FUXXGC\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi"
sh=6B6105C0BF9C8942B523C7BC6279BF1D241909BA ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows\Installer\292ad92.msi"
sh=8897369209BC58C470D772DE87987B5BFB2589E2 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\432f0f.msi"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Temp\TBU001\Update.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=80829c6aeb33f4429a059e374e351916
# engine=21074
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-13 06:53:55
# local_time=2014-11-13 07:53:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 5486895 110082445 0 0
# scanned=1412478
# found=109
# cleaned=0
# scan_time=21632
sh=6B6105C0BF9C8942B523C7BC6279BF1D241909BA ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\temp\InstallFilter64.msi"
sh=153D61D882922BA440ED0EDB0BE44F58CB47DC5B ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\2th Device\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E3KS1LYF\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi"
sh=153D61D882922BA440ED0EDB0BE44F58CB47DC5B ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\3th Device.Toni-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L9FUXXGC\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi"
sh=6B6105C0BF9C8942B523C7BC6279BF1D241909BA ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Windows\Installer\292ad92.msi"
sh=8897369209BC58C470D772DE87987B5BFB2589E2 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\432f0f.msi"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Temp\TBU001\Update.exe"
sh=5E030E8AA0B1E23FF6AD034A37625F7A619C7895 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="D:\TONI-PC\Backup Set 2012-09-11 020447\Backup Files 2012-09-11 020447\Backup files 1.zip"
sh=EBA98004CD80235441DD35C9A6E6B56D36FF24BA ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="D:\TONI-PC\Backup Set 2012-09-11 020447\Backup Files 2012-09-17 080313\Backup files 1.zip"
sh=C33D570AED509FF6AADC73F1E14C254DFB65B9B1 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="D:\TONI-PC\Backup Set 2012-11-04 190002\Backup Files 2012-11-04 190002\Backup files 1.zip"
sh=AA92D13A4C2AD076FFA521D4A2D91C16AC618407 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="D:\TONI-PC\Backup Set 2012-11-11 190011\Backup Files 2012-11-11 190011\Backup files 1.zip"
sh=38DA791538F890604D21024FDD3C48765E0503E6 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\TONI-PC\Backup Set 2012-11-11 190011\Backup Files 2012-11-11 190011\Backup files 2.zip"
sh=8E2778E092B0E372327325EA1DA893DA53689E23 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="D:\TONI-PC\Backup Set 2012-11-11 190011\Backup Files 2012-11-11 190011\Backup files 3.zip"
sh=7C2ACFD94FFB0F3A514DC5BE6BADE7EDC939365F ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="D:\TONI-PC\Backup Set 2013-01-04 122247\Backup Files 2013-01-04 122247\Backup files 1.zip"
sh=82E7DD2429F13B3328280AD97D12D335031865F4 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\TONI-PC\Backup Set 2013-01-04 122247\Backup Files 2013-01-04 122247\Backup files 2.zip"
sh=EC730AC115D8791A33C70ED3D000018D7BCECB98 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="D:\TONI-PC\Backup Set 2013-01-04 122247\Backup Files 2013-01-04 122247\Backup files 3.zip"
sh=83AB7C8937788BF9F84F959187053658DE71DF78 ft=1 fh=f76d4e86b1fdb09e vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="H:\K\Kunst Fabrik\Work Shops - AGs\00 Extras WS\01 Programme\Photo Pos Pro 1.76\PhotoPosPro_SetUp-1.76.exe"
sh=8DD3802B84ABEE28C2EDA52417E3A2635B812897 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-01-27 204428\Backup Files 2013-01-27 204428\Backup files 1.zip"
sh=BBBB1EC840266262905DDB6EC8CA227737075459 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-01-27 204428\Backup Files 2013-01-27 204428\Backup files 2.zip"
sh=F5FD9D9E251033727EE54C68FA85291394B4B076 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-02-17 190000\Backup Files 2013-02-17 190000\Backup files 1.zip"
sh=63B07B3D2ED768BB8EC5884CC78ADDF7F3070B38 ft=0 fh=0000000000000000 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-02-17 190000\Backup Files 2013-03-10 190002\Backup files 1.zip"
sh=FA1A8E7186D5A73F69944769AF39FF87F52A36AA ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-03-31 190001\Backup Files 2013-03-31 190001\Backup files 1.zip"
sh=CA23732FDF84867D0CF1412D84649ABDCFEEC7DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-03-31 190001\Backup Files 2013-04-07 190001\Backup files 2.zip"
sh=D736F96E82D1D359FDBDC9AB3F625D08878AED91 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-03-31 190001\Backup Files 2013-06-17 080301\Backup files 1.zip"
sh=F8D29856F825CF04392CB2B6994DE568A5D74526 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-06-23 190001\Backup Files 2013-06-23 190001\Backup files 1.zip"
sh=D70CEAED8CAF227973213634B469C2D5CB732D0E ft=0 fh=0000000000000000 vn="Win32/DownWare.E evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-06-23 190001\Backup Files 2013-06-23 190001\Backup files 2.zip"
sh=DB16E38BBD635B25D5B338C68CE3E542DC3795CD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-06-23 190001\Backup Files 2013-06-30 190000\Backup files 1.zip"
sh=B3BD464381298F5F321E10D5DEE9D49FD727F668 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-07-21 190000\Backup Files 2013-07-21 190000\Backup files 1.zip"
sh=B89B0E0375E9CC3306CD4FC720899CCB30A5B950 ft=0 fh=0000000000000000 vn="Win32/DownWare.E evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-07-21 190000\Backup Files 2013-07-21 190000\Backup files 2.zip"
sh=51D1DD5CE24422BFEA85F7B1D90C3F62C9B9B579 ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.F evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-07-21 190000\Backup Files 2013-09-08 113846\Backup files 1.zip"
sh=3812A0EAF52DA70D84E7E19B16E69A7E28EF4A29 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-10-20 190000\Backup Files 2013-10-20 190000\Backup files 1.zip"
sh=77BF07F514099421B78B348630DF17E9F63BD314 ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.F evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-10-20 190000\Backup Files 2013-10-20 190000\Backup files 2.zip"
sh=C2556BE2C169E323022BE5944532CCC6C78C90BA ft=0 fh=0000000000000000 vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-10-20 190000\Backup Files 2013-12-29 190000\Backup files 1.zip"
sh=17CF12D656E64B269BD4B88807FB637BB405A935 ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-10-20 190000\Backup Files 2014-01-05 190000\Backup files 1.zip"
sh=25FEB8F3B9FBD5D3179873D99F8732179E13D776 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2013-10-20 190000\Backup Files 2014-01-12 190000\Backup files 1.zip"
sh=FA1F301F0C98A517516F0E714164DF0AF6CD51AC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-01-26 190000\Backup Files 2014-01-26 190000\Backup files 1.zip"
sh=F8F2CE0B083EA8B67B193C85828ED4D6623CB31E ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-01-26 190000\Backup Files 2014-01-26 190000\Backup files 2.zip"
sh=CF0E3179B371C1579C959E7796054D87667D6597 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-01-26 190000\Backup Files 2014-02-02 190009\Backup files 1.zip"
sh=6434382931A24900F51A8C985CC47372633D9130 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-01-26 190000\Backup Files 2014-02-09 190001\Backup files 1.zip"
sh=2051428A9E93330918CE8C24E3BCC1B7374184E8 ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-01-26 190000\Backup Files 2014-02-16 190000\Backup files 1.zip"
sh=6353320B3E9D964CEAFD2B04918F8FFBBC2CF5E5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-01-26 190000\Backup Files 2014-02-23 192615\Backup files 1.zip"
sh=CDB4D0D3564C60BAFC0B68EA223C97B7863008BB ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-04-13 190000\Backup Files 2014-04-13 190000\Backup files 1.zip"
sh=755310ED52F0967E4C782F6B1ABB789726FA949A ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-04-13 190000\Backup Files 2014-04-13 190000\Backup files 2.zip"
sh=196C866DC559384BE48115782385FAE4ACE536F9 ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-06-29 230141\Backup Files 2014-06-29 230141\Backup files 1.zip"
sh=BA47FE920EED43796F9C0A7710FC39FE44CAA274 ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-06-29 230141\Backup Files 2014-06-29 230141\Backup files 2.zip"
sh=A7E193AFB276EA2771E5AF8F865A52A7759E12C4 ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-10-05 194232\Backup Files 2014-10-05 194232\Backup files 1.zip"
sh=6739B1F659A5D059E5B73E7E002DEC27A1794EAB ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-10-05 194232\Backup Files 2014-10-05 194232\Backup files 2.zip"
sh=FC698F6C7078D2EDB0CFCBC4D6B3852055FE05A2 ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-10-05 194232\Backup Files 2014-10-13 074549\Backup files 1.zip"
sh=CF4502B0ADB3A77EAEDBC45DEF8259DD90519DA3 ft=0 fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-10-26 190001\Backup Files 2014-10-26 190001\Backup files 1.zip"
sh=D3F4494F3EE2B100C43FAD23348FC7B61B1B7A91 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="H:\TONI-PC\Backup Set 2014-10-26 190001\Backup Files 2014-10-26 190001\Backup files 19.zip"
sh=D28DBBCE0779DB456D3EF5B6F31B9B7B57D53E5F ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.AM evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-10-26 190001\Backup Files 2014-10-26 190001\Backup files 2.zip"
sh=ED423AEA1ED0EABDDF917EC503528ECC34C4D275 ft=0 fh=0000000000000000 vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="H:\TONI-PC\Backup Set 2014-10-26 190001\Backup Files 2014-10-26 190001\Backup files 3.zip"
sh=AB3F728ACAE000AB49DD1CCD3DB80DB7D9463AFA ft=1 fh=aade3cb16bf4a690 vn="Win64/Adware.Adpeak.E Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files\SavingsbullFilter\Installbat64.dll.vir"
sh=9CA71C727934861E9351AF97CC28CEA38811B07C ft=1 fh=15a0a042e9313939 vn="Variante von Win32/AdWare.Adpeak.G Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files\SavingsbullFilter\netfilter64.sys.vir"
sh=EC07AAF65632ED729B0E5A9D94BEAA66BD2A1EB2 ft=1 fh=0584d299fef2ae77 vn="Win64/Adware.Adpeak.E Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe.vir"
sh=EDBC0CB424493F3E897925E2075801FA7CB5D4BB ft=1 fh=654070895c8ba4d6 vn="Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\DaemonProcess.exe.vir"
sh=6604ADA3DC713685EE37809E61539AFB31D8D458 ft=1 fh=f6ab035aa658afbe vn="Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\Mobogenie.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir"
sh=3E2A095D83F5EFFFA7333296F3D9501492035A61 ft=1 fh=3f4519af0d34dc6c vn="Variante von MSIL/Adware.iBryte.F Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\RocketTab\Client.exe.vir"
sh=0D4D92D327825997FEAE80BEAEF423B4CBB2C09F ft=1 fh=0ef5832a429354e9 vn="Variante von MSIL/Adware.iBryte.G Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\RocketTab\uninstall.exe.vir"
sh=E1754E0B4B8DD287D758245E21631A3505E879D5 ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\SavingsBull\bootstrap.js.vir"
sh=60B05812631F311E76964A51EFA1B77D8B9CABC9 ft=1 fh=c8d0fac17e540556 vn="Win32/AdWare.Adpeak.I Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\SavingsBull\CustomActionInstall.vir"
sh=8360F01C509182D1979F89DF347C152F44B4B4A8 ft=1 fh=8178fc5ad221d18e vn="Win32/AdWare.Adpeak.I Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\SavingsBull\CustomActionUninstall.vir"
sh=AE7038C74B0CC19A571A5748AB029F6B7A55F4D1 ft=1 fh=4393341c14bbcb80 vn="Win32/AdWare.Adpeak.I Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\SavingsBull\IEOptimizer.dll.vir"
sh=356514362FBAEDD2B76F8C35B75B9ED77B6B0F1F ft=1 fh=d19b12c9c8aaa781 vn="Win64/Adware.Adpeak.E Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Program Files (x86)\SavingsBull\IEOptimizer64.dll.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni Standard\AppData\LocalLow\Vuze_Remote\ldrtbVuz0.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni Standard\AppData\LocalLow\Vuze_Remote\tbVuz0.dll.vir"
sh=74EDCD9720A9743DF258703EFAB1400762FAEFA3 ft=1 fh=4d56f1daf690e0d4 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni Standard\AppData\LocalLow\Vuze_Remote\tbVuz1.dll.vir"
sh=0370B6AD0DBA8328E67A307235F717A3A1B22FA5 ft=1 fh=ad0a89014f15914b vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni Standard\AppData\LocalLow\Vuze_Remote\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.8\bin\PriceGongIE.dll.vir"
sh=FD0663F63F87B7B5B310EC6CE26E72AF58243084 ft=1 fh=f52ffd4db74c8f0b vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni Standard\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni_02\AppData\Local\genienext\nengine.dll.vir"
sh=FED7CAA2E24771B66065C8D30131FC8037B6BD2A ft=1 fh=b41296876ed186e5 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni_02\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni_02\AppData\LocalLow\Vuze_Remote\ldrtbVuz0.dll.vir"
sh=0460B794834ED78BE69BA5EB9C0E6211EBEAD9B6 ft=1 fh=0f8145e534b0e78b vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni_02\AppData\LocalLow\Vuze_Remote\ldrtbVuze.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni_02\AppData\LocalLow\Vuze_Remote\tbVuz0.dll.vir"
sh=42C28E041EA5F8B06D4857E8E6FCA75ABD4BCF2F ft=1 fh=b55fe72874790c5f vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni_02\AppData\LocalLow\Vuze_Remote\tbVuz1.dll.vir"
sh=8CA209A796CAB152BC9907BCEF283C221AC5F058 ft=1 fh=16efebacbcd5a9c9 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni_02\AppData\LocalLow\Vuze_Remote\tbVuze.dll.vir"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni_02\AppData\LocalLow\Vuze_Remote\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Users\Toni_02\AppData\Roaming\newnext.me\nengine.dll.vir"
sh=0FD7F3F732BFBD0956BB319E25F361E2AE6D8F12 ft=1 fh=a33b31cb5f52c3c7 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=9CA71C727934861E9351AF97CC28CEA38811B07C ft=1 fh=15a0a042e9313939 vn="Variante von Win32/AdWare.Adpeak.G Anwendung" ac=I fn="L:\AdwCleaner\Quarantine\C\Windows\System32\drivers\netfilter64.sys.vir"
sh=9866EE182CB361AC96FD6162349C96DC8E01FBC1 ft=1 fh=afe3272f0579dc22 vn="Variante von Win32/GetNow.B evtl. unerwünschte Anwendung" ac=I fn="L:\T\Technics Multifunction Fax Scan Copy\Brother Model MFC-7320\user guide exe\BROTHER MFC-7320 user guide provided through pdfretriever.com.exe"
sh=9BAC64A295EF41E255CAAD650513F44192F15527 ft=1 fh=a743b476095adb23 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Compress Programs\7-Zip 4.65\7z465.exe"
sh=5044F1302B0607D1108DA47C39BDC597A1DABB53 ft=1 fh=478a20712df7dd73 vn="Variante von Win32/SoftonicDownloader.G evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Compress Programs\File Repair\SoftonicDownloader_fuer_file-repair.exe"
sh=8897369209BC58C470D772DE87987B5BFB2589E2 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Compress Programs\WinZip 18.5 (Test until Oct. 27)\wz185gev-64.msi"
sh=14FD1929AACD43DF19E3A5C9A8FA4B584B77097D ft=1 fh=060d7ccbd35e652f vn="Variante von Win32/LoadTubes.A evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\For PC\00 Diverse\DivX_Reloaded_4.7\DivX_Reloaded_4.7.exe"
sh=F0A30BF3D07017E827291A6662BF955E6CE4E6AF ft=1 fh=3e06788cfa283c8c vn="Win32/Packed.RBCrypt.A.Gen evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\For PC\Cleaning PC\Registry Booster\registrybooster.exe"
sh=6132216F9E5E76DEA273CE255C726440E781F887 ft=1 fh=bfddb86230341519 vn="Mehrere Bedrohungen" ac=I fn="L:\T\TECHNICS PC\For PC\PC Design\02 Themes\Win Xp Pro.exe"
sh=37B8DB4E1DFC67E5972DE520E21A59DECB153296 ft=1 fh=aaf250e3573e4c49 vn="MSIL/DomaIQ.B evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Graphic Design\Adobe CS5\Adobe Flash Player Updates\Setup.exe"
sh=83AB7C8937788BF9F84F959187053658DE71DF78 ft=1 fh=f76d4e86b1fdb09e vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Graphic Design\Photo Pos Pro 1.76\PhotoPosPro_SetUp-1.76.exe"
sh=780DA72278AF62EACE361D65DC54E771671745B1 ft=1 fh=3039ce713bb49190 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Music and more\02 CDs DVDs\DVDVideoSoft Free Studio 4.8\FreeStudio.exe"
sh=72BB409E3CD1F7FFB76BB3E34B3C705BB6BCFCE3 ft=1 fh=8ae750594b542a83 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Music and more\04 Tools Codecs\Codecs\GSpot 2.70 a\SoftonicDownloader27169.exe"
sh=09C07B0535A962AAC7F5E987D9AA50A901DCC725 ft=1 fh=f435b9f35d29f3b6 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Music and more\05 Player\QuickTime Alternative 3.2.2\SoftonicDownloader26910.exe"
sh=FA4007C5E78FC34C6B114EA9B35ADFD19714F827 ft=1 fh=9264ea08ebb2477a vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Music and more\06 Video Works\Free Video Dub 2.0.14 (Build 903)\FreeAVIVideoConverter.exe"
sh=D7542128697214C9FCDE8C344BCC473609C9805C ft=1 fh=eb9d05f6160faaf1 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Music and more\06 Video Works\Free Video Dub 2.0.14 (Build 903)\FreeVideoDub.exe"
sh=DB5C6FC4C280CF426D7B4347B4D2FFE501D02539 ft=1 fh=8373310b7e7393f4 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Music and more\06 Video Works\Xilisoft MOV Converter\SoftonicDownloader42978.exe"
sh=7865F72A09630306977C48EC1AEFB77C00A01D65 ft=1 fh=989c98f9162840a4 vn="Win32/DownWare.W evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Music and more\07 Converter Rip\SUPER © v2012.build.53 (Sep 13, 2012)\SUPERsetup.exe"
sh=07B734A88E67391BCDD1A0833F836006C48A94CF ft=1 fh=2c5e9d8800942d08 vn="Variante von Win32/InstallCore.AG evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\Music and more\Nero 11 Platinum\Extras\Video Converter\VideoConverterSetup.exe"
sh=DE793BBD6056F71F532839B15002407633D4CFFF ft=1 fh=de15b504eeb0fba2 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\PC Repair Win7\rcpsetupmarm1_marm10de.exe"
sh=8EA197DE7DBA22F77907CA1CF8AE3B646B550979 ft=1 fh=f10268456f844abf vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\PC Repair Win7\rcpsetupmarm1_marm1451129596de.exe"
sh=0864B5F0F4AF7BE8954F5630ABCDF3BD37B6A0B0 ft=1 fh=5df23b61763d6d78 vn="Variante von Win32/FirseriaInstaller.C evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\System Problems and Repair\QtCore4.dll-Data\qtcore4.exe"
sh=C4D39D2DC534FE5DB07D2FC877B6D1968E8AA9CD ft=1 fh=cac44e7cb47f88a7 vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\WWW\Videos Online\Free FLV Converter 6.6.4\Setup_FreeFlvConverter664.exe"
sh=5293DBC3B6E7824E985FD8FE8492D6DEF5BC7997 ft=1 fh=f64f4ef2e6cded2b vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="L:\T\TECHNICS PC\WWW\Videos Online\Free FLV Converter 6.7.0\Setup_FreeFlvConverter.exe"
sh=ED5B5B823F9124BD3225455E10FA644AFED21F88 ft=1 fh=2bca196997f3925e vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="L:\T\Technics WWW\BitComet\32 Bit\BitComet - CHIP-Installer.exe"
sh=40540787FA62E77943EE1A739EF1BE398786E36E ft=1 fh=602337d07b86d971 vn="Variante von Win32/DomaIQ.AT evtl. unerwünschte Anwendung" ac=I fn="L:\T\Technics WWW\Firefox\Downloadmanager\Setup_V2.1.exe"
sh=3C3FF81EE0529ED44B22ABBA541499F1AC415FFF ft=1 fh=d3072a82debb50b6 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="L:\T\Technics WWW\SG TCP Optimizer\SG TCP Optimizer - CHIP-Installer.exe"
sh=D0CC32CACBE3D28A5B0083891D984066F07E7E36 ft=1 fh=52b9d8e28921ef79 vn="Win32/DownloadAdmin.G evtl. unerwünschte Anwendung" ac=I fn="L:\T\Technics WWW\Videos Downloaden\Vixy Freerecorder 7\freecorder7-setup.exe"
sh=9844F81E72D8400666ADC6530A178105728C58B5 ft=1 fh=149c301bce78d606 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="L:\T\Technics WWW\Zone Alarm\zaSetupWeb_101_065_000.exe"
|
|
14.11.2014, 09:08
| #8 |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit Werbung Löschen wir grad noch die Sachen die auf C: liegen: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\temp\InstallFilter64.msi
C:\Windows\Installer\292ad92.msi
C:\Windows\Installer\432f0f.msi
"C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
"C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
"C:\Users\2th Device\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\E3KS1LYF\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi"
"C:\Users\3th Device.Toni-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\L9FUXXGC\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}[1].cpi"
"C:\Windows\Temp\TBU001\Update.exe"
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Der Rest liegt auf Backup Laufwerken, wie du dem ESET Log entnehmen kannst. Entweder per Hand löschen oder du machst nen neuen ESET Lauf und wählt dann "Entdeckte Bedrohungen entfernen" bei den Einstellungen. Bis auf die ESET Sachen ist das Log soweit sauber. Selbständige Tabs mit Werbung sollten verschwunden sein, richtig ? Die Reihenfolge ist hier entscheidend.
Abschließend habe ich noch ein paar Tipps zur Absicherung deines Systems. Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür
Ich kann gar nicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti-Viren-Programm und zusätzlicher Schutz
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden. Mozilla Firefox
Performance
Was du vermeiden solltest:
Nun bleibt mir nur noch dir viel Spaß beim sicheren Surfen zu wünschen... ... und vielleicht möchtest du ja das Trojaner-Board unterstützen? Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
15.11.2014, 14:33
| #9 |
| | Firefox öffnet selbstständig Tabs mit Werbung Hallo TIMO,... vorab: Du kannst den Thread nun schließen. Ich habe nun ESET nochmals laufen lassen und alle Funde in die Quarantäne verschieben lassen. Nach Überprüfung habe ich alles gelöscht und RESET deinstalliert (+Ordner gelöscht). Allerdings hat RESET auch die Exe des Adobe Flashplayer Updaters als 'unerwünscht' eingestuft, auch die Exe von 'FreeVideoDub'. Nun ist es so, dass ich, um meine Filmaufnahmen (Canon EOS 5D Mk II und 7D) von MOV in Avi, Empg etc. umzuwandeln, viele kostenfreie Programme nutze, um bestimmte Arbeitsschritte absolvieren zu können. Dies alles, um teuren Programmen aus dem Weg zu gehen. Dabei öffnet sich natürlich immer wieder eine Hintertür für Adware & Co.... Gibt es Alternativen? Ich kenne keine... Vielleicht hast Du einen Tipp. Eine Frage: Gehört dieser Absatz zu Deiner gewollten Antwort: "Die Reihenfolge ist hier entscheidend. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten) Windowstaste + R > Combofix /Uninstall (eingeben) > OK Alternative: Combofix.exe in uninstall.exe umbenennen und starten Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop: Schließe alle offenen Programme. Starte die delfix.exe mit einem Doppelklick. Setze vor jede Funktion ein Häkchen. Klicke auf Start. Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen. " Wenn dieses Programm alle Programme löscht, die als Bedrohung eingestuft wurden, müsste ich vielleicht befürchten, dass es sich am Adobe CS5 vergreift. (Siehe Flash Player.exe) Oder hat der Flash Player nix mit Adobe CS5 zu tun?!? Bin nicht ganz sicher... Die selbst öffnenden Werbefenster sind verschwunden und C:\ etwas leerer sprich sauber. Danke für Deine Hilfe. Hat mir sehr geholfen und mancher Tipp ist sehr wertvoll. Sichere Passwörter verwende ich schon immer, auch unterschiedliche und ich wechsle sie auch regelmäßig. IE bentze ich seit Jahren nicht mehr, bin mit Mozilla unterwegs... Die Infos zu Softonic und Chip überraschten mich dann aber doch. Nun bleibt die Frage, woher man gute und saubere Freeware bekommt, dann und wann??!? Filepony vielleicht? Hab noch nicht genauer geschaut, ob da auch andere Software zu bekommen ist. Noch eine Frage zum Schluss: Werde demnächst einen Server nutzen, um meine imense Menge an Daten zu sichern für die Zukunft. --> TurboNAS TS-869L (QNAP). Gibt es Dinge, die ich bezüglich der Sicherheit noch wissen sollte und besteht die Möglichkeit einer virtuellen Cloud für Webspace auf diesem Server? Schätze, das wäre Grund für einen neuen Thread. Aber vielleicht hast Du einen Tipp am Rande. Danke für Deine Zeit und Mühe bis hierhin. Im Rahmen meiner nächsten größeren Aufträge werde ich auch auf eine Spende zurückkommen. Viele Grüße Toni69 |
|
17.11.2014, 12:39
| #10 |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit Werbung Nö, das Delfix löscht nur unsere Tools+ dessen Quarantäne, Java-Cache und dann sich selbst.
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
17.11.2014, 13:00
| #11 |
| | Firefox öffnet selbstständig Tabs mit Werbung Danke. Merke schon, Du hast auch nicht all zuviel Zeit. Besten Dank für Deine Mühe und Zeit nochmal. Viel Erfolg und Freude bei Deiner tollen Arbeit in der Zukunft. Viele grüße Toni |
|
17.11.2014, 13:07
| #12 | |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit WerbungZitat:
Filepony mit AdWare Blocker ist auch ok. QNAP bietet MyCloudNAS Service - Home an. Wir (Arbeit) haben 3 QNAP NAS Systeme, aber die Daten darauf sind nix für Cloud-Einsätze ^^ Deshalb hab ich damit keine Erfahrung gemacht. Es lassen sich aber auch andere Cloud Dienste einbinden, Amazon S3, Elephant Drive, als externes Backup-Ziel z.b. Für die QNAP Systeme gibts nen App-Store, die Geräte sind ganz "geil" ansich ;-)
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
17.11.2014, 13:08
| #13 | |
| /// TB-Ausbilder | Firefox öffnet selbstständig Tabs mit WerbungZitat:
__________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie | Spende | Lob & Kritik |
|
dann auf 
und dann auf 
. 
Linear-Darstellung
