 | 1 | Ursprüngliche Version |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen bevolgt doch ich habe das problem dass bei AVAST eine fehlermeldung kommt: "die konfiguration von microsoft internet explorer konnte nicht aktualisiert werden. bitte schliessen sie ihren browser und wiederholen sie diesen befehl". ich habe den browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden? und deinstallieren? auch IObit uninstaller listet IE nicht unter den programmen auf! HILFE BITTE!!! ich kenne mich nicht aus mit computern und schreibe gerade meine master arbeit. ich bin verzweifelt!
| | 2 | No.2 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen bevolgt bevolgt, doch ich habe das problem Problem, dass bei AVAST eine fehlermeldung kommt: "die konfiguration von microsoft internet explorer konnte nicht aktualisiert werden. bitte schliessen schließen sie ihren browser Browser und wiederholen sie diesen befehl". ich habe den browser Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden? und deinstallieren? auch IObit uninstaller listet IE nicht unter den programmen auf! HILFE BITTE!!! ich kenne mich nicht aus mit computern und schreibe gerade meine master arbeit. ich bin verzweifelt!
| | 3 | No.3 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen bevolgtbefolgt, doch ich habe das Problem, dass bei AVAST eine fehlermeldung Fehlermeldung kommt: "die konfiguration Konfiguration von microsoft internet explorer Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden? finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den programmen Programmen auf! HILFE BITTE!!! ich
Ich kenne mich nicht aus mit computern und schreibe gerade meine master arbeit. ich Masterarbeit. Ich bin verzweifelt!
| | 4 | No.4 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen befolgt, doch ich habe das Problem, dass bei AVAST eine Fehlermeldung kommt: "die Konfiguration von Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den Programmen auf! HILFE BITTE!!!
Ich kenne mich nicht aus mit computern und schreibe gerade meine Masterarbeit. Ich bin verzweifelt!
Ich lasse den Rkill immer ganz durchlaufen und dann erscheint dieser log:
Rkill 2.6.3 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/05/2013 07:48:07 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
Checking for processes to terminate:
Checking Registry for malware related settings:
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
Checking Windows Service Integrity:
Searching for Missing Digital Signatures:
Checking HOSTS File:
Program finished at: 12/05/2013 07:48:30 PM Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
| | 5 | No.5 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen befolgt, doch ich habe das Problem, dass bei AVAST eine Fehlermeldung kommt: "die Konfiguration von Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den Programmen auf! HILFE BITTE!!!
Ich kenne mich nicht aus mit computern und schreibe gerade meine Masterarbeit. Ich bin verzweifelt!
Ich lasse den Rkill immer ganz durchlaufen und dann erscheint dieser log:
Rkill 2.6.3 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2013 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/05/2013 07:48:07 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
Checking for processes to terminate:
Checking Registry for malware related settings:
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
Checking Windows Service Integrity:
Searching for Missing Digital Signatures:
Checking HOSTS File:
Program finished at: 12/05/2013 07:48:30 PM Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
Ich habe Adwcleaner aufgemacht, auf "suchen" geclickt und nichts ist erschienen unter "Verknüpfungen" "Registrierungsdatenbank" "Internet Explorer" und "Chrome"... nur unter "Firefox" stand etwas. Ich habe dann "Löschen" geclickt.... danach kam der folgende log (aber als ich Adwcleaner nochmals danachaufmachte und laufen lies war wieder das gleiche unter firefox!!):
[ Dienste ]
[ Dateien / Ordner ]
[ Verknüpfungen ]
[ Registrierungsdatenbank ]
[ Browser ]
-\ Internet Explorer v0.0.0.0
-\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\pfm6q073.default-1386251473073\prefs.js ]
| | 6 | No.6 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen befolgt, doch ich habe das Problem, dass bei AVAST eine Fehlermeldung kommt: "die Konfiguration von Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den Programmen auf! HILFE BITTE!!!
Ich kenne mich nicht aus mit computern und schreibe gerade meine Masterarbeit. Ich bin verzweifelt!
Ich lasse den Rkill immer ganz durchlaufen und dann erscheint dieser log:
Ich habe Adwcleaner aufgemacht, auf "suchen" geclickt und nichts ist erschienen unter "Verknüpfungen" "Registrierungsdatenbank" "Internet Explorer" und "Chrome"... nur unter "Firefox" stand etwas. Ich habe dann "Löschen" geclickt.... danach kam der folgende log (aber als ich Adwcleaner nochmals danachaufmachte und laufen lies war wieder das gleiche unter firefox!!):
#
-\
-\
| | 7 | No.7 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen befolgt, doch ich habe das Problem, dass bei AVAST eine Fehlermeldung kommt: "die Konfiguration von Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den Programmen auf! HILFE BITTE!!!
Ich kenne mich nicht aus mit computern und schreibe gerade meine Masterarbeit. Ich bin verzweifelt!
Ich lasse den Rkill immer ganz durchlaufen und dann erscheint dieser log:
Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/05/2013 07:48:07 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 12/05/2013 07:48:30 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
Ich habe Adwcleaner aufgemacht, auf "suchen" geclickt und nichts ist erschienen unter "Verknüpfungen" "Registrierungsdatenbank" "Internet Explorer" und "Chrome"... nur unter "Firefox" stand etwas. Ich habe dann "Löschen" geclickt.... danach kam der folgende log (aber als ich Adwcleaner nochmals danachaufmachte und laufen lies war wieder das gleiche unter firefox!!):
# AdwCleaner v3.014 - Bericht erstellt am 05/12/2013 um 19:54:39
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Hitzemann - HITZEMANN-PC
# Gestartet von : C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\pfm6q073.default-1386251473073\prefs.js ]
*************************
Nachdem ich Junkware laufen lassen kommt die meldung "the scan completed successfully" und der folgende log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.0.8 (11.05.2013:1) OS: Windows 7 Home Premium x64 Ran by Hitzemann on 05.12.2013 at 20:03:04,33 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEYLOCALMACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\DefaultPageURL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 05.12.2013 at 20:10:35,99 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| | 8 | No.8 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen befolgt, doch ich habe das Problem, dass bei AVAST eine Fehlermeldung kommt: "die Konfiguration von Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den Programmen auf! HILFE BITTE!!!
Ich kenne mich nicht aus mit computern und schreibe gerade meine Masterarbeit. Ich bin verzweifelt!
Ich lasse den Rkill immer ganz durchlaufen und dann erscheint dieser log:
Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/05/2013 07:48:07 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 12/05/2013 07:48:30 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
Ich habe Adwcleaner aufgemacht, auf "suchen" geclickt und nichts ist erschienen unter "Verknüpfungen" "Registrierungsdatenbank" "Internet Explorer" und "Chrome"... nur unter "Firefox" stand etwas. Ich habe dann "Löschen" geclickt.... danach kam der folgende log (aber als ich Adwcleaner nochmals danachaufmachte und laufen lies war wieder das gleiche unter firefox!!):
# AdwCleaner v3.014 - Bericht erstellt am 05/12/2013 um 19:54:39
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Hitzemann - HITZEMANN-PC
# Gestartet von : C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\pfm6q073.default-1386251473073\prefs.js ]
*************************
Nachdem ich Junkware laufen lassen kommt die meldung "the "the scan completed successfully" successfully" und der folgende log:
| | 9 | No.9 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen befolgt, doch ich habe das Problem, dass bei AVAST eine Fehlermeldung kommt: "die Konfiguration von Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den Programmen auf! HILFE BITTE!!!
Ich kenne mich nicht aus mit computern und schreibe gerade meine Masterarbeit. Ich bin verzweifelt!
Ich lasse den Rkill immer ganz durchlaufen und dann erscheint dieser log:
Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/05/2013 07:48:07 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 12/05/2013 07:48:30 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
Ich habe Adwcleaner aufgemacht, auf "suchen" geclickt und nichts ist erschienen unter "Verknüpfungen" "Registrierungsdatenbank" "Internet Explorer" und "Chrome"... nur unter "Firefox" stand etwas. Ich habe dann "Löschen" geclickt.... danach kam der folgende log (aber als ich Adwcleaner nochmals danachaufmachte und laufen lies war wieder das gleiche unter firefox!!):
# AdwCleaner v3.014 - Bericht erstellt am 05/12/2013 um 19:54:39
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Hitzemann - HITZEMANN-PC
# Gestartet von : C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\pfm6q073.default-1386251473073\prefs.js ]
*************************
Nachdem ich Junkware laufen lassen kommt die meldung "the scan completed successfully" und der folgende log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Hitzemann on 05.12.2013 at 20:03:04,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.12.2013 at 20:10:35,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ich habe den FARBER RECOVERY SCAN gemcaht und alles ist ok gelaufen. dann sind die folgenden 2 logs erschienen:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-12-2013 Ran by Hitzemann (administrator) on HITZEMANN-PC on 05-12-2013 22:32:36 Running from C:\Users\Hitzemann\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhiservice.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Chicony) C:\Program Files (x86)\ChiconyCam\CECAPLF.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin119900152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin119900_152.exe
==================== Registry (Whitelisted) ==================
HKLM...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2817320 2011-07-28] (Synaptics Incorporated) HKLM...\Run: [CECAPLF] - C:\Program Files (x86)\ChiconyCam\CECAPLF.exe [121456 2011-07-06] (Chicony) HKLM...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU...\Run: [SkyDrive] - C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-10-17] (Microsoft Corporation) HKCU...\Runonce: [Uninstall C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" HKLM-x32...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-09-12] (VIA) HKLM-x32...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) AppInit_DLLs: [ ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com/?type=hp&ts=1386191614&from=tugs&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A33K9739K9739 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {6DB99E9C-0BDD-49B3-90C9-53E3A6A53FFE} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS SearchScopes: HKLM-x32 - {6DB99E9C-0BDD-49B3-90C9-53E3A6A53FFE} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS SearchScopes: HKCU - {6DB99E9C-0BDD-49B3-90C9-53E3A6A53FFE} URL = BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FF ProfilePath: C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\tlnhbjgc.default-1386276559053 FF NewTab: hxxp://www.google.com/firefox FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com/firefox FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64119900152.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32119900152.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leoendede.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF StartMenuInternet: FIREFOX.EXE - firefox.exe
==================== Services (Whitelisted) =================
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhiservice; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhiservice.exe [165760 2012-07-17] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2013-12-05] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] () R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-09-10] (VIA Technologies, Inc.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation) S3 cpuz136; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-05 22:32 - 2013-12-05 22:33 - 00010374 C:\Users\Hitzemann\Downloads\FRST.txt 2013-12-05 22:31 - 2013-12-05 22:31 - 00000000 D C:\FRST 2013-12-05 22:30 - 2013-12-05 22:30 - 01925140 _ (Farbar) C:\Users\Hitzemann\Downloads\FRST64.exe 2013-12-05 20:10 - 2013-12-05 20:10 - 00000763 C:\Users\Hitzemann\Desktop\JRT.txt 2013-12-05 14:51 - 2013-12-05 21:49 - 00000000 _D C:\Users\Hitzemann\Desktop\Alte Firefox-Daten 2013-12-05 13:47 - 2013-12-05 13:47 - 00000000 _D C:\Program Files (x86)\ESET 2013-12-05 12:36 - 2013-12-05 12:36 - 00001109 C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00001237 C:\Users\Hitzemann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00001213 C:\Users\Hitzemann\Downloads\IObit Uninstaller.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 D C:\Users\Hitzemann\AppData\Roaming\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\ProductData 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\Program Files (x86)\IObit 2013-12-05 11:36 - 2013-12-05 11:36 - 10330944 (IObit) C:\Users\Hitzemann\Downloads\iobituninstaller3-1.0.exe 2013-12-05 11:28 - 2013-12-05 21:58 - 00002040 C:\Users\Hitzemann\Desktop\Rkill.txt 2013-12-05 10:10 - 2013-12-05 10:10 - 02347384 (ESET) C:\Users\Hitzemann\Downloads\esetsmartinstallerdeu.exe 2013-12-05 10:05 - 2013-12-05 10:05 - 01937144 (Bleeping Computer, LLC) C:\Users\Hitzemann\Downloads\alwaysuse.exe 2013-12-05 09:58 - 2013-12-05 09:58 - 02753344 (AVAST Software) C:\Users\Hitzemann\Downloads\avast-browser-cleanup90.exe 2013-12-05 01:38 - 2013-12-05 01:38 - 00000000 D C:\Windows\ERUNT 2013-12-05 01:36 - 2013-12-05 01:37 - 01034531 _ (Thisisu) C:\Users\Hitzemann\Downloads\JRT6.0.8.exe 2013-12-05 01:29 - 2013-12-05 22:00 - 00000000 _D C:\AdwCleaner 2013-12-05 01:29 - 2013-12-05 01:29 - 01110034 _ C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe 2013-12-05 00:28 - 2013-12-05 00:28 - 00001147 C:\Users\Hitzemann\Desktop\Mozilla Firefox.lnk 2013-12-05 00:24 - 2013-12-05 00:24 - 00000000 _D C:\Users\Hitzemann\Downloads\Alte Firefox-Daten 2013-12-05 00:09 - 2013-12-05 22:05 - 00000000 _D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\Malwarebytes 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\ProgramData\Malwarebytes 2013-12-05 00:09 - 2013-04-04 14:50 - 00025928 (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-12-05 00:08 - 2013-12-05 01:26 - 00003196 C:\Windows\System32\Tasks\SuperEasyDriverUpdaterRunAtStartup 2013-12-05 00:08 - 2013-12-05 01:22 - 00000334 C:\Windows\Tasks\SuperEasyDriverUpdaterUPDATES.job 2013-12-05 00:08 - 2013-12-05 00:08 - 00003092 C:\Windows\System32\Tasks\SuperEasyDriverUpdaterUPDATES 2013-12-05 00:08 - 2013-12-05 00:08 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\SuperEasy Software 2013-12-05 00:07 - 2013-12-05 00:07 - 00614784 _ C:\Users\Hitzemann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2013-12-05 00:04 - 2013-12-05 10:09 - 00000000 D C:\Users\Hitzemann\Downloads\rkill 2013-12-04 22:47 - 2013-12-04 22:47 - 00001912 _ C:\Windows\epplauncher.mif 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 D C:\Program Files\Microsoft Security Client 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 _D C:\Program Files (x86)\Microsoft Security Client 2013-12-04 22:37 - 2013-12-04 22:37 - 13697720 (Microsoft Corporation) C:\Users\Hitzemann\Downloads\mseinstall.exe 2013-12-04 22:13 - 2013-12-04 23:26 - 00000000 D C:\ProgramData\WPM 2013-12-04 07:38 - 2013-10-14 18:00 - 00028368 _ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-12-04 07:31 - 2013-12-04 07:31 - 23212032 (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 17142784 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 12995584 (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 11220992 (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 05765120 (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 04240384 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02764288 (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02332160 (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02166272 (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01993728 (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01926656 (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01818112 (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01394176 (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01228800 (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01156608 (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01051136 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00942592 (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00940032 (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00817664 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00774144 (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00708608 (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00703488 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00645120 (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00626176 (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00610304 (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00574976 (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00553472 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00548352 (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00523776 (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00454656 (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00453120 (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00440832 (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00413696 (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00367104 (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00337408 (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00296960 (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00263376 (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00247808 (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00244736 (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00243200 (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00238288 (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235520 (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235008 (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00233472 (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00218624 (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00208384 (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00195584 (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00194048 (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00182272 (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00167424 (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00164864 (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00151552 (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00147968 (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00143872 (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00135680 (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00131072 (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00127488 (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00116736 (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00112128 (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00105984 (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00101376 (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00090112 (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00086016 (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00084992 (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083968 (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083456 (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00081408 (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00077312 (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00074240 (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00069632 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00069120 (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00066048 (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00056832 (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00053760 (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00052224 (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00051200 (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048128 (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00040448 (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00036352 (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00034816 (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00033792 (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00032768 (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00030208 (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00024576 (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00013824 (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00012800 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00004096 (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-12-04 07:28 - 2013-12-04 07:38 - 00010074 C:\Windows\IE11main.log 2013-11-22 16:53 - 2013-11-23 12:14 - 00000000 D C:\Program Files\office.tmp 2013-11-22 16:46 - 2013-11-22 16:46 - 00572088 _ (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB(1).exe 2013-11-22 16:41 - 2013-11-22 16:41 - 00572088 (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB.exe 2013-11-22 14:09 - 2013-11-22 14:09 - 00000000 _D C:\ProgramData\McAfee 2013-11-16 13:27 - 2013-11-16 13:27 - 00000000 _D C:\Program Files (x86)\Mozilla Firefox 2013-11-13 20:48 - 2013-10-05 21:25 - 01474048 (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 20:48 - 2013-10-05 20:57 - 01168384 (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 20:48 - 2013-10-04 03:28 - 00190464 (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 20:48 - 2013-10-04 03:25 - 00197120 (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 20:48 - 2013-10-04 03:24 - 01930752 (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 20:48 - 2013-10-04 02:58 - 00152576 (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 20:48 - 2013-10-04 02:56 - 01796096 (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 20:48 - 2013-10-04 02:56 - 00168960 (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 20:48 - 2013-10-03 03:23 - 00404480 (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 20:48 - 2013-10-03 03:00 - 00311808 (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-13 20:48 - 2013-09-28 02:09 - 00497152 (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 20:48 - 2013-09-25 03:26 - 00154560 (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 20:48 - 2013-09-25 03:26 - 00095680 (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 20:48 - 2013-09-25 03:23 - 00135680 (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 20:48 - 2013-09-25 03:23 - 00028672 (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 20:48 - 2013-09-25 03:23 - 00028160 (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 20:48 - 2013-09-25 03:22 - 00340992 (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 20:48 - 2013-09-25 03:21 - 01447936 (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 20:48 - 2013-09-25 03:21 - 00307200 (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 20:48 - 2013-09-25 02:58 - 00096768 (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 20:48 - 2013-09-25 02:57 - 00247808 (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 20:48 - 2013-09-25 02:57 - 00022016 (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 20:48 - 2013-09-25 02:56 - 00220160 (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 20:48 - 2013-09-25 02:03 - 00030720 (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-13 20:48 - 2013-07-04 13:18 - 00458712 (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-13 20:46 - 2013-10-12 03:30 - 00830464 (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 20:46 - 2013-10-12 03:29 - 00859648 (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 20:46 - 2013-10-12 03:29 - 00324096 (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 20:46 - 2013-10-12 03:03 - 00656896 (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 20:46 - 2013-10-12 03:01 - 00216576 (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
==================== One Month Modified Files and Folders =======
2013-12-05 22:33 - 2013-12-05 22:32 - 00010374 C:\Users\Hitzemann\Downloads\FRST.txt 2013-12-05 22:33 - 2013-10-16 14:39 - 00005004 C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Hitzemann-PC-Hitzemann Hitzemann-PC 2013-12-05 22:33 - 2013-09-11 09:38 - 00000884 C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-05 22:31 - 2013-12-05 22:31 - 00000000 D C:\FRST 2013-12-05 22:30 - 2013-12-05 22:30 - 01925140 _ (Farbar) C:\Users\Hitzemann\Downloads\FRST64.exe 2013-12-05 22:19 - 2009-07-14 05:45 - 00016752 H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-05 22:19 - 2009-07-14 05:45 - 00016752 _H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-05 22:16 - 2011-02-23 13:12 - 00696870 C:\Windows\system32\perfh007.dat 2013-12-05 22:16 - 2011-02-23 13:12 - 00148134 C:\Windows\system32\perfc007.dat 2013-12-05 22:16 - 2009-07-14 06:13 - 01612484 C:\Windows\system32\PerfStringBackup.INI 2013-12-05 22:15 - 2013-08-19 07:22 - 01060418 C:\Windows\WindowsUpdate.log 2013-12-05 22:13 - 2013-10-15 10:57 - 00000000 RD C:\Users\Hitzemann\SkyDrive 2013-12-05 22:11 - 2009-07-14 06:08 - 00000006 _H C:\Windows\Tasks\SA.DAT 2013-12-05 22:11 - 2009-07-14 05:51 - 00032113 C:\Windows\setupact.log 2013-12-05 22:05 - 2013-12-05 00:09 - 00000000 D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-05 22:00 - 2013-12-05 01:29 - 00000000 _D C:\AdwCleaner 2013-12-05 21:58 - 2013-12-05 11:28 - 00002040 C:\Users\Hitzemann\Desktop\Rkill.txt 2013-12-05 21:49 - 2013-12-05 14:51 - 00000000 D C:\Users\Hitzemann\Desktop\Alte Firefox-Daten 2013-12-05 20:10 - 2013-12-05 20:10 - 00000763 _ C:\Users\Hitzemann\Desktop\JRT.txt 2013-12-05 13:47 - 2013-12-05 13:47 - 00000000 D C:\Program Files (x86)\ESET 2013-12-05 12:36 - 2013-12-05 12:36 - 00001109 _ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-05 12:12 - 2013-08-14 10:22 - 00000000 HD C:\Program Files (x86)\InstallShield Installation Information 2013-12-05 11:37 - 2013-12-05 11:37 - 00001237 _ C:\Users\Hitzemann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00001213 C:\Users\Hitzemann\Downloads\IObit Uninstaller.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 D C:\Users\Hitzemann\AppData\Roaming\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\ProductData 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\Program Files (x86)\IObit 2013-12-05 11:36 - 2013-12-05 11:36 - 10330944 (IObit) C:\Users\Hitzemann\Downloads\iobituninstaller3-1.0.exe 2013-12-05 10:10 - 2013-12-05 10:10 - 02347384 (ESET) C:\Users\Hitzemann\Downloads\esetsmartinstallerdeu.exe 2013-12-05 10:09 - 2013-12-05 00:04 - 00000000 D C:\Users\Hitzemann\Downloads\rkill 2013-12-05 10:05 - 2013-12-05 10:05 - 01937144 _ (Bleeping Computer, LLC) C:\Users\Hitzemann\Downloads\alwaysuse.exe 2013-12-05 09:58 - 2013-12-05 09:58 - 02753344 (AVAST Software) C:\Users\Hitzemann\Downloads\avast-browser-cleanup90.exe 2013-12-05 01:38 - 2013-12-05 01:38 - 00000000 D C:\Windows\ERUNT 2013-12-05 01:37 - 2013-12-05 01:36 - 01034531 _ (Thisisu) C:\Users\Hitzemann\Downloads\JRT6.0.8.exe 2013-12-05 01:29 - 2013-12-05 01:29 - 01110034 C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe 2013-12-05 01:26 - 2013-12-05 00:08 - 00003196 C:\Windows\System32\Tasks\SuperEasyDriverUpdaterRunAtStartup 2013-12-05 01:22 - 2013-12-05 00:08 - 00000334 C:\Windows\Tasks\SuperEasyDriverUpdaterUPDATES.job 2013-12-05 01:22 - 2010-11-21 04:47 - 00020800 C:\Windows\PFRO.log 2013-12-05 00:28 - 2013-12-05 00:28 - 00001147 C:\Users\Hitzemann\Desktop\Mozilla Firefox.lnk 2013-12-05 00:24 - 2013-12-05 00:24 - 00000000 _D C:\Users\Hitzemann\Downloads\Alte Firefox-Daten 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\Malwarebytes 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\ProgramData\Malwarebytes 2013-12-05 00:08 - 2013-12-05 00:08 - 00003092 _ C:\Windows\System32\Tasks\SuperEasyDriverUpdaterUPDATES 2013-12-05 00:08 - 2013-12-05 00:08 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\SuperEasy Software 2013-12-05 00:07 - 2013-12-05 00:07 - 00614784 _ C:\Users\Hitzemann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2013-12-04 23:27 - 2013-09-11 09:39 - 00000000 D C:\Users\Hitzemann\AppData\Roaming\Skype 2013-12-04 23:27 - 2013-09-11 09:39 - 00000000 _D C:\ProgramData\Skype 2013-12-04 23:26 - 2013-12-04 22:13 - 00000000 _D C:\ProgramData\WPM 2013-12-04 23:19 - 2013-09-11 09:16 - 00000000 _RD C:\Users\Hitzemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-04 22:47 - 2013-12-04 22:47 - 00001912 C:\Windows\epplauncher.mif 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 _D C:\Program Files\Microsoft Security Client 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 _D C:\Program Files (x86)\Microsoft Security Client 2013-12-04 22:41 - 2013-09-17 13:01 - 00000000 _D C:\ProgramData\Avira 2013-12-04 22:37 - 2013-12-04 22:37 - 13697720 _ (Microsoft Corporation) C:\Users\Hitzemann\Downloads\mseinstall.exe 2013-12-04 17:17 - 2009-07-14 04:20 - 00000000 D C:\Windows\rescache 2013-12-04 07:53 - 2009-07-14 04:20 - 00000000 _D C:\Windows\PolicyDefinitions 2013-12-04 07:38 - 2013-12-04 07:28 - 00010074 C:\Windows\IE11main.log 2013-12-04 07:31 - 2013-12-04 07:31 - 23212032 (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 17142784 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 12995584 (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 11220992 (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 05765120 (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 04240384 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02764288 (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02332160 (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02166272 (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01993728 (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01926656 (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01818112 (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01394176 (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01228800 (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01156608 (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01051136 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00942592 (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00940032 (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00817664 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00774144 (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00708608 (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00703488 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00645120 (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00626176 (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00610304 (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00574976 (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00553472 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00548352 (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00523776 (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00454656 (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00453120 (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00440832 (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00413696 (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00367104 (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00337408 (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00296960 (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00263376 (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00247808 (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00244736 (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00243200 (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00238288 (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235520 (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235008 (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00233472 (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00218624 (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00208384 (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00195584 (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00194048 (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00182272 (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00167424 (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00164864 (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00151552 (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00147968 (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00143872 (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00135680 (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00131072 (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00127488 (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00116736 (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00112128 (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00105984 (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00101376 (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00090112 (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00086016 (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00084992 (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083968 (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083456 (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00081408 (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00077312 (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00074240 (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00069632 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00069120 (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00066048 (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00056832 (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00053760 (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00052224 (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00051200 (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048128 (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00040448 (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00036352 (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00034816 (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00033792 (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00032768 (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00030208 (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00024576 (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00013824 (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00012800 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00004096 (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-26 21:40 - 2009-07-14 04:20 - 00000000 _D C:\Windows\system32\NDF 2013-11-23 12:14 - 2013-11-22 16:53 - 00000000 _D C:\Program Files\office.tmp 2013-11-22 16:53 - 2013-10-15 10:46 - 00000000 _D C:\Program Files\Microsoft Office 15 2013-11-22 16:46 - 2013-11-22 16:46 - 00572088 _ (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB(1).exe 2013-11-22 16:41 - 2013-11-22 16:41 - 00572088 (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB.exe 2013-11-22 14:51 - 2013-09-11 09:27 - 00000000 _D C:\Users\Hitzemann\AppData\Local\Adobe 2013-11-22 14:09 - 2013-11-22 14:09 - 00000000 _D C:\ProgramData\McAfee 2013-11-22 14:09 - 2013-09-11 09:38 - 00692616 (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-22 14:09 - 2013-09-11 09:38 - 00071048 (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-22 14:09 - 2013-09-11 09:38 - 00003822 C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-19 11:21 - 2010-11-21 04:27 - 00267936 N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-11-17 16:22 - 2013-09-11 09:35 - 00000000 _D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-16 13:27 - 2013-11-16 13:27 - 00000000 _D C:\Program Files (x86)\Mozilla Firefox 2013-11-14 09:11 - 2013-09-11 10:52 - 00000000 _D C:\Windows\system32\MRT 2013-11-14 09:09 - 2013-09-11 10:52 - 82896128 _ (Microsoft Corporation) C:\Windows\system32\MRT.exe
C:\Users\Hitzemann\AppData\Local\Temp\avgnt.exe C:\Users\Hitzemann\AppData\Local\Temp\BackupSetup.exe C:\Users\Hitzemann\AppData\Local\Temp\OfficeSetup.exe C:\Users\Hitzemann\AppData\Local\Temp\Quarantine.exe C:\Users\Hitzemann\AppData\Local\Temp\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB.exe C:\Users\Hitzemann\AppData\Local\Temp\vcredistx64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-30 13:22
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2013 Ran by Hitzemann at 2013-12-05 22:33:53 Running from C:\Users\Hitzemann\Downloads
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152) Adobe Reader XI (11.0.05) MUI (x32 Version: 11.0.05) BisonCam (x32 Version: ) ChiconyCam (x32 Version: 1.0.47.0819) D3DX10 (x32 Version: 15.4.2368.0902) ESET Online Scanner v3 (x32) Fotogalerie (x32 Version: 16.4.3505.0912) Galería de fotos (x32 Version: 16.4.3505.0912) Galerie de photos (x32 Version: 16.4.3505.0912) Intel PROSet Wireless Intel(R) Management Engine Components (x32 Version: 8.1.0.1252) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 9.17.10.2932) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.2.0.0284) Intel® PROSet/Wireless WiFi-Software (Version: 15.02.0000.1258) Intel® Trusted Connect Service Client (Version: 1.24.388.1) IObit Uninstaller (x32 Version: 3.0.4.922) Junk Mail filter update (x32 Version: 16.4.3505.0912) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1005) Microsoft Security Client (Version: 4.4.0304.0) Microsoft Security Essentials (Version: 4.4.304.0) Microsoft SkyDrive (HKCU Version: 17.0.2015.0811) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Movie Maker (x32 Version: 16.4.3505.0912) Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1) Mozilla Maintenance Service (x32 Version: 25.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRTamd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110amd64 (Version: 16.4.1109.0912) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1005) Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005) Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1005) Photo Common (x32 Version: 16.4.3505.0912) Photo Gallery (x32 Version: 16.4.3505.0912) Platform (x32 Version: 1.39) Realtek Ethernet Controller Driver (x32 Version: 7.58.411.2012) Realtek PCIE Card Reader (x32 Version: 6.2.8400.27024) Synaptics Pointing Device Driver (Version: 15.3.18.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) VIA Plattform-Geräte-Manager (x32 Version: 1.39) WebCam Installer (x32 Version: 4.04) Windows Live (x32 Version: 16.4.3505.0912) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live Family Safety (Version: 16.4.3505.0912) Windows Live Family Safety (x32 Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Mail (x32 Version: 16.4.3505.0912) Windows Live Messenger (x32 Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) Windows Live Writer (x32 Version: 16.4.3505.0912) Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
==================== Restore Points =========================
21-11-2013 10:35:46 Geplanter Prüfpunkt 29-11-2013 13:09:22 Geplanter Prüfpunkt 04-12-2013 06:27:37 Windows Update 04-12-2013 22:26:51 Removed Skype™ 6.11 04-12-2013 22:29:34 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 05-12-2013 10:40:04 IObit Uninstaller restore point 05-12-2013 10:40:32 Configured Hotkey 6.0069 05-12-2013 13:04:52 Windows Modules Installer
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 __A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {3248393E-9AF8-4DD8-B6A9-7427EEBE4CB9} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: {3CD55B8E-CDA4-4E70-A3A8-5919583C500D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Hitzemann-PC-Hitzemann Hitzemann-PC => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-11-22] (Microsoft Corporation) Task: {570207C4-575D-4A1D-87F7-18B45BFB3702} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation) Task: {72229C57-432B-4D13-917B-A882B1CF9305} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-11-22] (Microsoft Corporation) Task: {8DFD6A19-9C72-4765-824B-83313F991416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-22] (Adobe Systems Incorporated) Task: {B3772305-3BFF-4EF5-9115-5C2433E9A509} - System32\Tasks\SuperEasyDriverUpdaterUPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\SuperEasyDriverUpdaterUPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
==================== Loaded Modules (whitelisted) =============
2013-11-22 16:56 - 2013-11-22 16:56 - 08866472 () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-12-10 11:45 - 2012-05-21 03:38 - 00094208 () C:\Windows\System32\IccLibDllx64.dll 2013-08-14 10:27 - 2012-09-12 16:55 - 00078480 () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2013-08-14 10:27 - 2012-09-12 16:55 - 00386192 () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2013-11-16 13:27 - 2013-11-16 13:27 - 03363952 () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-11-22 16:56 - 2013-11-22 16:56 - 00316584 () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2013-11-22 16:56 - 2013-11-22 16:56 - 00359592 () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll 2013-08-14 10:24 - 2012-06-25 03:41 - 01198912 () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-11-22 14:09 - 2013-11-22 14:09 - 16237448 () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32119900152.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Error: (12/05/2013 10:12:01 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 10:01:32 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 08:17:47 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 10:12:01 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 10:01:32 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 08:17:47 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 40% Total physical RAM: 3988.03 MB Available physical RAM: 2386.57 MB Total Pagefile: 7974.24 MB Available Pagefile: 6092.03 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:889.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 07209C32) Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
| | 10 | No.10 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen befolgt, doch ich habe das Problem, dass bei AVAST eine Fehlermeldung kommt: "die Konfiguration von Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den Programmen auf! HILFE BITTE!!!
Ich kenne mich nicht aus mit computern und schreibe gerade meine Masterarbeit. Ich bin verzweifelt!
Ich lasse den Rkill immer ganz durchlaufen und dann erscheint dieser log:
Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/05/2013 07:48:07 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 12/05/2013 07:48:30 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
Ich habe Adwcleaner aufgemacht, auf "suchen" geclickt und nichts ist erschienen unter "Verknüpfungen" "Registrierungsdatenbank" "Internet Explorer" und "Chrome"... nur unter "Firefox" stand etwas. Ich habe dann "Löschen" geclickt.... danach kam der folgende log (aber als ich Adwcleaner nochmals danachaufmachte und laufen lies war wieder das gleiche unter firefox!!):
# AdwCleaner v3.014 - Bericht erstellt am 05/12/2013 um 19:54:39
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Hitzemann - HITZEMANN-PC
# Gestartet von : C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\pfm6q073.default-1386251473073\prefs.js ]
*************************
Nachdem ich Junkware laufen lassen kommt die meldung "the scan completed successfully" und der folgende log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Hitzemann on 05.12.2013 at 20:03:04,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.12.2013 at 20:10:35,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ich habe den FARBER RECOVERY SCAN gemcaht und alles ist ok gelaufen. dann sind die folgenden 2 logs erschienen:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-12-2013 Ran by Hitzemann (administrator) on HITZEMANN-PC on 05-12-2013 22:32:36 Running from C:\Users\Hitzemann\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhiservice.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Chicony) C:\Program Files (x86)\ChiconyCam\CECAPLF.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin119900152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin119900_152.exe
==================== Registry (Whitelisted) ==================
HKLM...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2817320 2011-07-28] (Synaptics Incorporated) HKLM...\Run: [CECAPLF] - C:\Program Files (x86)\ChiconyCam\CECAPLF.exe [121456 2011-07-06] (Chicony) HKLM...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU...\Run: [SkyDrive] - C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-10-17] (Microsoft Corporation) HKCU...\Runonce: [Uninstall C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" HKLM-x32...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-09-12] (VIA) HKLM-x32...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) AppInit_DLLs: [ ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com/?type=hp&ts=1386191614&from=tugs&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A33K9739K9739 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {6DB99E9C-0BDD-49B3-90C9-53E3A6A53FFE} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS SearchScopes: HKLM-x32 - {6DB99E9C-0BDD-49B3-90C9-53E3A6A53FFE} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS SearchScopes: HKCU - {6DB99E9C-0BDD-49B3-90C9-53E3A6A53FFE} URL = BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FF ProfilePath: C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\tlnhbjgc.default-1386276559053 FF NewTab: hxxp://www.google.com/firefox FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com/firefox FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64119900152.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32119900152.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leoendede.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF StartMenuInternet: FIREFOX.EXE - firefox.exe
==================== Services (Whitelisted) =================
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhiservice; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhiservice.exe [165760 2012-07-17] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2013-12-05] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] () R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-09-10] (VIA Technologies, Inc.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation) S3 cpuz136; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-05 22:32 - 2013-12-05 22:33 - 00010374 C:\Users\Hitzemann\Downloads\FRST.txt 2013-12-05 22:31 - 2013-12-05 22:31 - 00000000 D C:\FRST 2013-12-05 22:30 - 2013-12-05 22:30 - 01925140 _ (Farbar) C:\Users\Hitzemann\Downloads\FRST64.exe 2013-12-05 20:10 - 2013-12-05 20:10 - 00000763 C:\Users\Hitzemann\Desktop\JRT.txt 2013-12-05 14:51 - 2013-12-05 21:49 - 00000000 _D C:\Users\Hitzemann\Desktop\Alte Firefox-Daten 2013-12-05 13:47 - 2013-12-05 13:47 - 00000000 _D C:\Program Files (x86)\ESET 2013-12-05 12:36 - 2013-12-05 12:36 - 00001109 C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00001237 C:\Users\Hitzemann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00001213 C:\Users\Hitzemann\Downloads\IObit Uninstaller.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 D C:\Users\Hitzemann\AppData\Roaming\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\ProductData 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\Program Files (x86)\IObit 2013-12-05 11:36 - 2013-12-05 11:36 - 10330944 (IObit) C:\Users\Hitzemann\Downloads\iobituninstaller3-1.0.exe 2013-12-05 11:28 - 2013-12-05 21:58 - 00002040 C:\Users\Hitzemann\Desktop\Rkill.txt 2013-12-05 10:10 - 2013-12-05 10:10 - 02347384 (ESET) C:\Users\Hitzemann\Downloads\esetsmartinstallerdeu.exe 2013-12-05 10:05 - 2013-12-05 10:05 - 01937144 (Bleeping Computer, LLC) C:\Users\Hitzemann\Downloads\alwaysuse.exe 2013-12-05 09:58 - 2013-12-05 09:58 - 02753344 (AVAST Software) C:\Users\Hitzemann\Downloads\avast-browser-cleanup90.exe 2013-12-05 01:38 - 2013-12-05 01:38 - 00000000 D C:\Windows\ERUNT 2013-12-05 01:36 - 2013-12-05 01:37 - 01034531 _ (Thisisu) C:\Users\Hitzemann\Downloads\JRT6.0.8.exe 2013-12-05 01:29 - 2013-12-05 22:00 - 00000000 _D C:\AdwCleaner 2013-12-05 01:29 - 2013-12-05 01:29 - 01110034 _ C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe 2013-12-05 00:28 - 2013-12-05 00:28 - 00001147 C:\Users\Hitzemann\Desktop\Mozilla Firefox.lnk 2013-12-05 00:24 - 2013-12-05 00:24 - 00000000 _D C:\Users\Hitzemann\Downloads\Alte Firefox-Daten 2013-12-05 00:09 - 2013-12-05 22:05 - 00000000 _D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\Malwarebytes 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\ProgramData\Malwarebytes 2013-12-05 00:09 - 2013-04-04 14:50 - 00025928 (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-12-05 00:08 - 2013-12-05 01:26 - 00003196 C:\Windows\System32\Tasks\SuperEasyDriverUpdaterRunAtStartup 2013-12-05 00:08 - 2013-12-05 01:22 - 00000334 C:\Windows\Tasks\SuperEasyDriverUpdaterUPDATES.job 2013-12-05 00:08 - 2013-12-05 00:08 - 00003092 C:\Windows\System32\Tasks\SuperEasyDriverUpdaterUPDATES 2013-12-05 00:08 - 2013-12-05 00:08 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\SuperEasy Software 2013-12-05 00:07 - 2013-12-05 00:07 - 00614784 _ C:\Users\Hitzemann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2013-12-05 00:04 - 2013-12-05 10:09 - 00000000 D C:\Users\Hitzemann\Downloads\rkill 2013-12-04 22:47 - 2013-12-04 22:47 - 00001912 _ C:\Windows\epplauncher.mif 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 D C:\Program Files\Microsoft Security Client 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 _D C:\Program Files (x86)\Microsoft Security Client 2013-12-04 22:37 - 2013-12-04 22:37 - 13697720 (Microsoft Corporation) C:\Users\Hitzemann\Downloads\mseinstall.exe 2013-12-04 22:13 - 2013-12-04 23:26 - 00000000 D C:\ProgramData\WPM 2013-12-04 07:38 - 2013-10-14 18:00 - 00028368 _ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-12-04 07:31 - 2013-12-04 07:31 - 23212032 (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 17142784 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 12995584 (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 11220992 (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 05765120 (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 04240384 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02764288 (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02332160 (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02166272 (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01993728 (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01926656 (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01818112 (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01394176 (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01228800 (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01156608 (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01051136 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00942592 (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00940032 (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00817664 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00774144 (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00708608 (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00703488 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00645120 (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00626176 (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00610304 (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00574976 (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00553472 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00548352 (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00523776 (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00454656 (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00453120 (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00440832 (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00413696 (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00367104 (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00337408 (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00296960 (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00263376 (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00247808 (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00244736 (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00243200 (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00238288 (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235520 (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235008 (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00233472 (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00218624 (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00208384 (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00195584 (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00194048 (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00182272 (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00167424 (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00164864 (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00151552 (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00147968 (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00143872 (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00135680 (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00131072 (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00127488 (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00116736 (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00112128 (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00105984 (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00101376 (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00090112 (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00086016 (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00084992 (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083968 (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083456 (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00081408 (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00077312 (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00074240 (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00069632 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00069120 (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00066048 (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00056832 (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00053760 (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00052224 (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00051200 (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048128 (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00040448 (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00036352 (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00034816 (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00033792 (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00032768 (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00030208 (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00024576 (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00013824 (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00012800 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00004096 (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-12-04 07:28 - 2013-12-04 07:38 - 00010074 C:\Windows\IE11main.log 2013-11-22 16:53 - 2013-11-23 12:14 - 00000000 D C:\Program Files\office.tmp 2013-11-22 16:46 - 2013-11-22 16:46 - 00572088 _ (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB(1).exe 2013-11-22 16:41 - 2013-11-22 16:41 - 00572088 (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB.exe 2013-11-22 14:09 - 2013-11-22 14:09 - 00000000 _D C:\ProgramData\McAfee 2013-11-16 13:27 - 2013-11-16 13:27 - 00000000 _D C:\Program Files (x86)\Mozilla Firefox 2013-11-13 20:48 - 2013-10-05 21:25 - 01474048 (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 20:48 - 2013-10-05 20:57 - 01168384 (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 20:48 - 2013-10-04 03:28 - 00190464 (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 20:48 - 2013-10-04 03:25 - 00197120 (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 20:48 - 2013-10-04 03:24 - 01930752 (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 20:48 - 2013-10-04 02:58 - 00152576 (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 20:48 - 2013-10-04 02:56 - 01796096 (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 20:48 - 2013-10-04 02:56 - 00168960 (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 20:48 - 2013-10-03 03:23 - 00404480 (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 20:48 - 2013-10-03 03:00 - 00311808 (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-13 20:48 - 2013-09-28 02:09 - 00497152 (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 20:48 - 2013-09-25 03:26 - 00154560 (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 20:48 - 2013-09-25 03:26 - 00095680 (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 20:48 - 2013-09-25 03:23 - 00135680 (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 20:48 - 2013-09-25 03:23 - 00028672 (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 20:48 - 2013-09-25 03:23 - 00028160 (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 20:48 - 2013-09-25 03:22 - 00340992 (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 20:48 - 2013-09-25 03:21 - 01447936 (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 20:48 - 2013-09-25 03:21 - 00307200 (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 20:48 - 2013-09-25 02:58 - 00096768 (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 20:48 - 2013-09-25 02:57 - 00247808 (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 20:48 - 2013-09-25 02:57 - 00022016 (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 20:48 - 2013-09-25 02:56 - 00220160 (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 20:48 - 2013-09-25 02:03 - 00030720 (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-13 20:48 - 2013-07-04 13:18 - 00458712 (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-13 20:46 - 2013-10-12 03:30 - 00830464 (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 20:46 - 2013-10-12 03:29 - 00859648 (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 20:46 - 2013-10-12 03:29 - 00324096 (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 20:46 - 2013-10-12 03:03 - 00656896 (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 20:46 - 2013-10-12 03:01 - 00216576 (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
==================== One Month Modified Files and Folders =======
2013-12-05 22:33 - 2013-12-05 22:32 - 00010374 C:\Users\Hitzemann\Downloads\FRST.txt 2013-12-05 22:33 - 2013-10-16 14:39 - 00005004 C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Hitzemann-PC-Hitzemann Hitzemann-PC 2013-12-05 22:33 - 2013-09-11 09:38 - 00000884 C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-05 22:31 - 2013-12-05 22:31 - 00000000 D C:\FRST 2013-12-05 22:30 - 2013-12-05 22:30 - 01925140 _ (Farbar) C:\Users\Hitzemann\Downloads\FRST64.exe 2013-12-05 22:19 - 2009-07-14 05:45 - 00016752 H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-05 22:19 - 2009-07-14 05:45 - 00016752 _H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-05 22:16 - 2011-02-23 13:12 - 00696870 C:\Windows\system32\perfh007.dat 2013-12-05 22:16 - 2011-02-23 13:12 - 00148134 C:\Windows\system32\perfc007.dat 2013-12-05 22:16 - 2009-07-14 06:13 - 01612484 C:\Windows\system32\PerfStringBackup.INI 2013-12-05 22:15 - 2013-08-19 07:22 - 01060418 C:\Windows\WindowsUpdate.log 2013-12-05 22:13 - 2013-10-15 10:57 - 00000000 RD C:\Users\Hitzemann\SkyDrive 2013-12-05 22:11 - 2009-07-14 06:08 - 00000006 _H C:\Windows\Tasks\SA.DAT 2013-12-05 22:11 - 2009-07-14 05:51 - 00032113 C:\Windows\setupact.log 2013-12-05 22:05 - 2013-12-05 00:09 - 00000000 D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-05 22:00 - 2013-12-05 01:29 - 00000000 _D C:\AdwCleaner 2013-12-05 21:58 - 2013-12-05 11:28 - 00002040 C:\Users\Hitzemann\Desktop\Rkill.txt 2013-12-05 21:49 - 2013-12-05 14:51 - 00000000 D C:\Users\Hitzemann\Desktop\Alte Firefox-Daten 2013-12-05 20:10 - 2013-12-05 20:10 - 00000763 _ C:\Users\Hitzemann\Desktop\JRT.txt 2013-12-05 13:47 - 2013-12-05 13:47 - 00000000 D C:\Program Files (x86)\ESET 2013-12-05 12:36 - 2013-12-05 12:36 - 00001109 _ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-05 12:12 - 2013-08-14 10:22 - 00000000 HD C:\Program Files (x86)\InstallShield Installation Information 2013-12-05 11:37 - 2013-12-05 11:37 - 00001237 _ C:\Users\Hitzemann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00001213 C:\Users\Hitzemann\Downloads\IObit Uninstaller.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 D C:\Users\Hitzemann\AppData\Roaming\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\ProductData 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\Program Files (x86)\IObit 2013-12-05 11:36 - 2013-12-05 11:36 - 10330944 (IObit) C:\Users\Hitzemann\Downloads\iobituninstaller3-1.0.exe 2013-12-05 10:10 - 2013-12-05 10:10 - 02347384 (ESET) C:\Users\Hitzemann\Downloads\esetsmartinstallerdeu.exe 2013-12-05 10:09 - 2013-12-05 00:04 - 00000000 D C:\Users\Hitzemann\Downloads\rkill 2013-12-05 10:05 - 2013-12-05 10:05 - 01937144 _ (Bleeping Computer, LLC) C:\Users\Hitzemann\Downloads\alwaysuse.exe 2013-12-05 09:58 - 2013-12-05 09:58 - 02753344 (AVAST Software) C:\Users\Hitzemann\Downloads\avast-browser-cleanup90.exe 2013-12-05 01:38 - 2013-12-05 01:38 - 00000000 D C:\Windows\ERUNT 2013-12-05 01:37 - 2013-12-05 01:36 - 01034531 _ (Thisisu) C:\Users\Hitzemann\Downloads\JRT6.0.8.exe 2013-12-05 01:29 - 2013-12-05 01:29 - 01110034 C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe 2013-12-05 01:26 - 2013-12-05 00:08 - 00003196 C:\Windows\System32\Tasks\SuperEasyDriverUpdaterRunAtStartup 2013-12-05 01:22 - 2013-12-05 00:08 - 00000334 C:\Windows\Tasks\SuperEasyDriverUpdaterUPDATES.job 2013-12-05 01:22 - 2010-11-21 04:47 - 00020800 C:\Windows\PFRO.log 2013-12-05 00:28 - 2013-12-05 00:28 - 00001147 C:\Users\Hitzemann\Desktop\Mozilla Firefox.lnk 2013-12-05 00:24 - 2013-12-05 00:24 - 00000000 _D C:\Users\Hitzemann\Downloads\Alte Firefox-Daten 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\Malwarebytes 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\ProgramData\Malwarebytes 2013-12-05 00:08 - 2013-12-05 00:08 - 00003092 _ C:\Windows\System32\Tasks\SuperEasyDriverUpdaterUPDATES 2013-12-05 00:08 - 2013-12-05 00:08 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\SuperEasy Software 2013-12-05 00:07 - 2013-12-05 00:07 - 00614784 _ C:\Users\Hitzemann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2013-12-04 23:27 - 2013-09-11 09:39 - 00000000 D C:\Users\Hitzemann\AppData\Roaming\Skype 2013-12-04 23:27 - 2013-09-11 09:39 - 00000000 _D C:\ProgramData\Skype 2013-12-04 23:26 - 2013-12-04 22:13 - 00000000 _D C:\ProgramData\WPM 2013-12-04 23:19 - 2013-09-11 09:16 - 00000000 _RD C:\Users\Hitzemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-04 22:47 - 2013-12-04 22:47 - 00001912 C:\Windows\epplauncher.mif 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 _D C:\Program Files\Microsoft Security Client 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 _D C:\Program Files (x86)\Microsoft Security Client 2013-12-04 22:41 - 2013-09-17 13:01 - 00000000 _D C:\ProgramData\Avira 2013-12-04 22:37 - 2013-12-04 22:37 - 13697720 _ (Microsoft Corporation) C:\Users\Hitzemann\Downloads\mseinstall.exe 2013-12-04 17:17 - 2009-07-14 04:20 - 00000000 D C:\Windows\rescache 2013-12-04 07:53 - 2009-07-14 04:20 - 00000000 _D C:\Windows\PolicyDefinitions 2013-12-04 07:38 - 2013-12-04 07:28 - 00010074 C:\Windows\IE11main.log 2013-12-04 07:31 - 2013-12-04 07:31 - 23212032 (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 17142784 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 12995584 (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 11220992 (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 05765120 (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 04240384 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02764288 (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02332160 (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02166272 (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01993728 (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01926656 (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01818112 (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01394176 (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01228800 (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01156608 (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01051136 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00942592 (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00940032 (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00817664 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00774144 (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00708608 (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00703488 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00645120 (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00626176 (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00610304 (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00574976 (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00553472 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00548352 (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00523776 (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00454656 (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00453120 (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00440832 (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00413696 (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00367104 (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00337408 (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00296960 (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00263376 (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00247808 (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00244736 (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00243200 (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00238288 (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235520 (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235008 (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00233472 (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00218624 (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00208384 (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00195584 (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00194048 (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00182272 (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00167424 (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00164864 (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00151552 (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00147968 (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00143872 (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00135680 (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00131072 (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00127488 (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00116736 (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00112128 (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00105984 (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00101376 (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00090112 (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00086016 (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00084992 (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083968 (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083456 (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00081408 (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00077312 (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00074240 (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00069632 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00069120 (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00066048 (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00056832 (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00053760 (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00052224 (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00051200 (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048128 (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00040448 (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00036352 (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00034816 (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00033792 (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00032768 (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00030208 (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00024576 (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00013824 (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00012800 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00004096 (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-26 21:40 - 2009-07-14 04:20 - 00000000 _D C:\Windows\system32\NDF 2013-11-23 12:14 - 2013-11-22 16:53 - 00000000 _D C:\Program Files\office.tmp 2013-11-22 16:53 - 2013-10-15 10:46 - 00000000 _D C:\Program Files\Microsoft Office 15 2013-11-22 16:46 - 2013-11-22 16:46 - 00572088 _ (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB(1).exe 2013-11-22 16:41 - 2013-11-22 16:41 - 00572088 (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB.exe 2013-11-22 14:51 - 2013-09-11 09:27 - 00000000 _D C:\Users\Hitzemann\AppData\Local\Adobe 2013-11-22 14:09 - 2013-11-22 14:09 - 00000000 _D C:\ProgramData\McAfee 2013-11-22 14:09 - 2013-09-11 09:38 - 00692616 (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-22 14:09 - 2013-09-11 09:38 - 00071048 (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-22 14:09 - 2013-09-11 09:38 - 00003822 C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-19 11:21 - 2010-11-21 04:27 - 00267936 N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-11-17 16:22 - 2013-09-11 09:35 - 00000000 _D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-16 13:27 - 2013-11-16 13:27 - 00000000 _D C:\Program Files (x86)\Mozilla Firefox 2013-11-14 09:11 - 2013-09-11 10:52 - 00000000 _D C:\Windows\system32\MRT 2013-11-14 09:09 - 2013-09-11 10:52 - 82896128 _ (Microsoft Corporation) C:\Windows\system32\MRT.exe
C:\Users\Hitzemann\AppData\Local\Temp\avgnt.exe C:\Users\Hitzemann\AppData\Local\Temp\BackupSetup.exe C:\Users\Hitzemann\AppData\Local\Temp\OfficeSetup.exe C:\Users\Hitzemann\AppData\Local\Temp\Quarantine.exe C:\Users\Hitzemann\AppData\Local\Temp\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB.exe C:\Users\Hitzemann\AppData\Local\Temp\vcredistx64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-30 13:22
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2013 Ran by Hitzemann at 2013-12-05 22:33:53 Running from C:\Users\Hitzemann\Downloads
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152) Adobe Reader XI (11.0.05) MUI (x32 Version: 11.0.05) BisonCam (x32 Version: ) ChiconyCam (x32 Version: 1.0.47.0819) D3DX10 (x32 Version: 15.4.2368.0902) ESET Online Scanner v3 (x32) Fotogalerie (x32 Version: 16.4.3505.0912) Galería de fotos (x32 Version: 16.4.3505.0912) Galerie de photos (x32 Version: 16.4.3505.0912) Intel PROSet Wireless Intel(R) Management Engine Components (x32 Version: 8.1.0.1252) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 9.17.10.2932) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.2.0.0284) Intel® PROSet/Wireless WiFi-Software (Version: 15.02.0000.1258) Intel® Trusted Connect Service Client (Version: 1.24.388.1) IObit Uninstaller (x32 Version: 3.0.4.922) Junk Mail filter update (x32 Version: 16.4.3505.0912) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1005) Microsoft Security Client (Version: 4.4.0304.0) Microsoft Security Essentials (Version: 4.4.304.0) Microsoft SkyDrive (HKCU Version: 17.0.2015.0811) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Movie Maker (x32 Version: 16.4.3505.0912) Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1) Mozilla Maintenance Service (x32 Version: 25.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRTamd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110amd64 (Version: 16.4.1109.0912) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1005) Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005) Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1005) Photo Common (x32 Version: 16.4.3505.0912) Photo Gallery (x32 Version: 16.4.3505.0912) Platform (x32 Version: 1.39) Realtek Ethernet Controller Driver (x32 Version: 7.58.411.2012) Realtek PCIE Card Reader (x32 Version: 6.2.8400.27024) Synaptics Pointing Device Driver (Version: 15.3.18.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) VIA Plattform-Geräte-Manager (x32 Version: 1.39) WebCam Installer (x32 Version: 4.04) Windows Live (x32 Version: 16.4.3505.0912) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live Family Safety (Version: 16.4.3505.0912) Windows Live Family Safety (x32 Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Mail (x32 Version: 16.4.3505.0912) Windows Live Messenger (x32 Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) Windows Live Writer (x32 Version: 16.4.3505.0912) Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
==================== Restore Points =========================
21-11-2013 10:35:46 Geplanter Prüfpunkt 29-11-2013 13:09:22 Geplanter Prüfpunkt 04-12-2013 06:27:37 Windows Update 04-12-2013 22:26:51 Removed Skype™ 6.11 04-12-2013 22:29:34 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 05-12-2013 10:40:04 IObit Uninstaller restore point 05-12-2013 10:40:32 Configured Hotkey 6.0069 05-12-2013 13:04:52 Windows Modules Installer
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 __A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {3248393E-9AF8-4DD8-B6A9-7427EEBE4CB9} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: {3CD55B8E-CDA4-4E70-A3A8-5919583C500D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Hitzemann-PC-Hitzemann Hitzemann-PC => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-11-22] (Microsoft Corporation) Task: {570207C4-575D-4A1D-87F7-18B45BFB3702} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation) Task: {72229C57-432B-4D13-917B-A882B1CF9305} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-11-22] (Microsoft Corporation) Task: {8DFD6A19-9C72-4765-824B-83313F991416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-22] (Adobe Systems Incorporated) Task: {B3772305-3BFF-4EF5-9115-5C2433E9A509} - System32\Tasks\SuperEasyDriverUpdaterUPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\SuperEasyDriverUpdaterUPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
==================== Loaded Modules (whitelisted) =============
2013-11-22 16:56 - 2013-11-22 16:56 - 08866472 () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-12-10 11:45 - 2012-05-21 03:38 - 00094208 () C:\Windows\System32\IccLibDllx64.dll 2013-08-14 10:27 - 2012-09-12 16:55 - 00078480 () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2013-08-14 10:27 - 2012-09-12 16:55 - 00386192 () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2013-11-16 13:27 - 2013-11-16 13:27 - 03363952 () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-11-22 16:56 - 2013-11-22 16:56 - 00316584 () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2013-11-22 16:56 - 2013-11-22 16:56 - 00359592 () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll 2013-08-14 10:24 - 2012-06-25 03:41 - 01198912 () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-11-22 14:09 - 2013-11-22 14:09 - 16237448 () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32119900152.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Error: (12/05/2013 10:12:01 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 10:01:32 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 08:17:47 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 10:12:01 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 10:01:32 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 08:17:47 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 40% Total physical RAM: 3988.03 MB Available physical RAM: 2386.57 MB Total Pagefile: 7974.24 MB Available Pagefile: 6092.03 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:889.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 07209C32) Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
ich versuche IE in meinem computer zu finden. wenn ich unter "computer durchsuchen" "internet explorer" eingebe, kommt dies hier (was bedeutet das? was soll ich jetzt machen!?):
--- ich habe eine screen shot gemacht, kann ihn hier aber leider nicht einfügen...auf jeden falls es kommen viele program_files und anderes wo internet explorer steht.
| | 11 | No.11 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen befolgt, doch ich habe das Problem, dass bei AVAST eine Fehlermeldung kommt: "die Konfiguration von Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den Programmen auf! HILFE BITTE!!!
Ich kenne mich nicht aus mit computern und schreibe gerade meine Masterarbeit. Ich bin verzweifelt!
Ich lasse den Rkill immer ganz durchlaufen und dann erscheint dieser log:
Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/05/2013 07:48:07 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 12/05/2013 07:48:30 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
Ich habe Adwcleaner aufgemacht, auf "suchen" geclickt und nichts ist erschienen unter "Verknüpfungen" "Registrierungsdatenbank" "Internet Explorer" und "Chrome"... nur unter "Firefox" stand etwas. Ich habe dann "Löschen" geclickt.... danach kam der folgende log (aber als ich Adwcleaner nochmals danachaufmachte und laufen lies war wieder das gleiche unter firefox!!):
# AdwCleaner v3.014 - Bericht erstellt am 05/12/2013 um 19:54:39
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Hitzemann - HITZEMANN-PC
# Gestartet von : C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\pfm6q073.default-1386251473073\prefs.js ]
*************************
Nachdem ich Junkware laufen lassen kommt die meldung "the scan completed successfully" und der folgende log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Hitzemann on 05.12.2013 at 20:03:04,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.12.2013 at 20:10:35,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ich habe den FARBER RECOVERY SCAN gemcaht und alles ist ok gelaufen. dann sind die folgenden 2 logs erschienen:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-12-2013 Ran by Hitzemann (administrator) on HITZEMANN-PC on 05-12-2013 22:32:36 Running from C:\Users\Hitzemann\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhiservice.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Chicony) C:\Program Files (x86)\ChiconyCam\CECAPLF.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin119900152.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin119900_152.exe
==================== Registry (Whitelisted) ==================
HKLM...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2817320 2011-07-28] (Synaptics Incorporated) HKLM...\Run: [CECAPLF] - C:\Program Files (x86)\ChiconyCam\CECAPLF.exe [121456 2011-07-06] (Chicony) HKLM...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] () HKLM...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKCU...\Run: [SkyDrive] - C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136 2013-10-17] (Microsoft Corporation) HKCU...\Runonce: [Uninstall C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64] - C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Hitzemann\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64" HKLM-x32...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-09-12] (VIA) HKLM-x32...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) AppInit_DLLs: [ ] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com/?type=hp&ts=1386191614&from=tugs&uid=WDCXWD10JPVX-22JC3T0_WD-WX91A33K9739K9739 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {6DB99E9C-0BDD-49B3-90C9-53E3A6A53FFE} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS SearchScopes: HKLM-x32 - {6DB99E9C-0BDD-49B3-90C9-53E3A6A53FFE} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MASBJS SearchScopes: HKCU - {6DB99E9C-0BDD-49B3-90C9-53E3A6A53FFE} URL = BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FF ProfilePath: C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\tlnhbjgc.default-1386276559053 FF NewTab: hxxp://www.google.com/firefox FF SearchEngineOrder.1: Google FF SelectedSearchEngine: Google FF Homepage: hxxp://www.google.com/firefox FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64119900152.dll () FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32119900152.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leoendede.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF StartMenuInternet: FIREFOX.EXE - firefox.exe
==================== Services (Whitelisted) =================
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation) R2 jhiservice; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhiservice.exe [165760 2012-07-17] (Intel Corporation) R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2013-12-05] (IObit) R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272688 2012-06-25] () R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-09-17] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-09-10] (VIA Technologies, Inc.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3325232 2012-06-25] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation) S3 cpuz136; \??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-05 22:32 - 2013-12-05 22:33 - 00010374 C:\Users\Hitzemann\Downloads\FRST.txt 2013-12-05 22:31 - 2013-12-05 22:31 - 00000000 D C:\FRST 2013-12-05 22:30 - 2013-12-05 22:30 - 01925140 _ (Farbar) C:\Users\Hitzemann\Downloads\FRST64.exe 2013-12-05 20:10 - 2013-12-05 20:10 - 00000763 C:\Users\Hitzemann\Desktop\JRT.txt 2013-12-05 14:51 - 2013-12-05 21:49 - 00000000 _D C:\Users\Hitzemann\Desktop\Alte Firefox-Daten 2013-12-05 13:47 - 2013-12-05 13:47 - 00000000 _D C:\Program Files (x86)\ESET 2013-12-05 12:36 - 2013-12-05 12:36 - 00001109 C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00001237 C:\Users\Hitzemann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00001213 C:\Users\Hitzemann\Downloads\IObit Uninstaller.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 D C:\Users\Hitzemann\AppData\Roaming\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\ProductData 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\Program Files (x86)\IObit 2013-12-05 11:36 - 2013-12-05 11:36 - 10330944 (IObit) C:\Users\Hitzemann\Downloads\iobituninstaller3-1.0.exe 2013-12-05 11:28 - 2013-12-05 21:58 - 00002040 C:\Users\Hitzemann\Desktop\Rkill.txt 2013-12-05 10:10 - 2013-12-05 10:10 - 02347384 (ESET) C:\Users\Hitzemann\Downloads\esetsmartinstallerdeu.exe 2013-12-05 10:05 - 2013-12-05 10:05 - 01937144 (Bleeping Computer, LLC) C:\Users\Hitzemann\Downloads\alwaysuse.exe 2013-12-05 09:58 - 2013-12-05 09:58 - 02753344 (AVAST Software) C:\Users\Hitzemann\Downloads\avast-browser-cleanup90.exe 2013-12-05 01:38 - 2013-12-05 01:38 - 00000000 D C:\Windows\ERUNT 2013-12-05 01:36 - 2013-12-05 01:37 - 01034531 _ (Thisisu) C:\Users\Hitzemann\Downloads\JRT6.0.8.exe 2013-12-05 01:29 - 2013-12-05 22:00 - 00000000 _D C:\AdwCleaner 2013-12-05 01:29 - 2013-12-05 01:29 - 01110034 _ C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe 2013-12-05 00:28 - 2013-12-05 00:28 - 00001147 C:\Users\Hitzemann\Desktop\Mozilla Firefox.lnk 2013-12-05 00:24 - 2013-12-05 00:24 - 00000000 _D C:\Users\Hitzemann\Downloads\Alte Firefox-Daten 2013-12-05 00:09 - 2013-12-05 22:05 - 00000000 _D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\Malwarebytes 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\ProgramData\Malwarebytes 2013-12-05 00:09 - 2013-04-04 14:50 - 00025928 (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2013-12-05 00:08 - 2013-12-05 01:26 - 00003196 C:\Windows\System32\Tasks\SuperEasyDriverUpdaterRunAtStartup 2013-12-05 00:08 - 2013-12-05 01:22 - 00000334 C:\Windows\Tasks\SuperEasyDriverUpdaterUPDATES.job 2013-12-05 00:08 - 2013-12-05 00:08 - 00003092 C:\Windows\System32\Tasks\SuperEasyDriverUpdaterUPDATES 2013-12-05 00:08 - 2013-12-05 00:08 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\SuperEasy Software 2013-12-05 00:07 - 2013-12-05 00:07 - 00614784 _ C:\Users\Hitzemann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2013-12-05 00:04 - 2013-12-05 10:09 - 00000000 D C:\Users\Hitzemann\Downloads\rkill 2013-12-04 22:47 - 2013-12-04 22:47 - 00001912 _ C:\Windows\epplauncher.mif 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 D C:\Program Files\Microsoft Security Client 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 _D C:\Program Files (x86)\Microsoft Security Client 2013-12-04 22:37 - 2013-12-04 22:37 - 13697720 (Microsoft Corporation) C:\Users\Hitzemann\Downloads\mseinstall.exe 2013-12-04 22:13 - 2013-12-04 23:26 - 00000000 D C:\ProgramData\WPM 2013-12-04 07:38 - 2013-10-14 18:00 - 00028368 _ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE 2013-12-04 07:31 - 2013-12-04 07:31 - 23212032 (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 17142784 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 12995584 (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 11220992 (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 05765120 (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 04240384 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02764288 (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02332160 (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02166272 (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01993728 (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01926656 (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01818112 (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01394176 (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01228800 (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01156608 (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01051136 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00942592 (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00940032 (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00817664 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00774144 (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00708608 (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00703488 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00645120 (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00626176 (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00610304 (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00574976 (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00553472 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00548352 (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00523776 (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00454656 (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00453120 (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00440832 (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00413696 (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00367104 (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00337408 (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00296960 (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00263376 (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00247808 (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00244736 (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00243200 (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00238288 (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235520 (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235008 (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00233472 (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00218624 (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00208384 (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00195584 (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00194048 (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00182272 (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00167424 (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00164864 (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00151552 (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00147968 (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00143872 (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00135680 (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00131072 (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00127488 (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00116736 (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00112128 (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00105984 (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00101376 (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00090112 (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00086016 (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00084992 (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083968 (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083456 (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00081408 (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00077312 (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00074240 (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00069632 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00069120 (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00066048 (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00056832 (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00053760 (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00052224 (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00051200 (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048128 (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00040448 (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00036352 (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00034816 (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00033792 (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00032768 (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00030208 (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00024576 (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00013824 (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00012800 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00004096 (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-12-04 07:28 - 2013-12-04 07:38 - 00010074 C:\Windows\IE11main.log 2013-11-22 16:53 - 2013-11-23 12:14 - 00000000 D C:\Program Files\office.tmp 2013-11-22 16:46 - 2013-11-22 16:46 - 00572088 _ (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB(1).exe 2013-11-22 16:41 - 2013-11-22 16:41 - 00572088 (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB.exe 2013-11-22 14:09 - 2013-11-22 14:09 - 00000000 _D C:\ProgramData\McAfee 2013-11-16 13:27 - 2013-11-16 13:27 - 00000000 _D C:\Program Files (x86)\Mozilla Firefox 2013-11-13 20:48 - 2013-10-05 21:25 - 01474048 (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2013-11-13 20:48 - 2013-10-05 20:57 - 01168384 (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2013-11-13 20:48 - 2013-10-04 03:28 - 00190464 (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2013-11-13 20:48 - 2013-10-04 03:25 - 00197120 (Microsoft Corporation) C:\Windows\system32\credui.dll 2013-11-13 20:48 - 2013-10-04 03:24 - 01930752 (Microsoft Corporation) C:\Windows\system32\authui.dll 2013-11-13 20:48 - 2013-10-04 02:58 - 00152576 (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2013-11-13 20:48 - 2013-10-04 02:56 - 01796096 (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2013-11-13 20:48 - 2013-10-04 02:56 - 00168960 (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2013-11-13 20:48 - 2013-10-03 03:23 - 00404480 (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2013-11-13 20:48 - 2013-10-03 03:00 - 00311808 (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2013-11-13 20:48 - 2013-09-28 02:09 - 00497152 (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2013-11-13 20:48 - 2013-09-25 03:26 - 00154560 (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2013-11-13 20:48 - 2013-09-25 03:26 - 00095680 (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2013-11-13 20:48 - 2013-09-25 03:23 - 00135680 (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2013-11-13 20:48 - 2013-09-25 03:23 - 00028672 (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2013-11-13 20:48 - 2013-09-25 03:23 - 00028160 (Microsoft Corporation) C:\Windows\system32\secur32.dll 2013-11-13 20:48 - 2013-09-25 03:22 - 00340992 (Microsoft Corporation) C:\Windows\system32\schannel.dll 2013-11-13 20:48 - 2013-09-25 03:21 - 01447936 (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2013-11-13 20:48 - 2013-09-25 03:21 - 00307200 (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2013-11-13 20:48 - 2013-09-25 02:58 - 00096768 (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2013-11-13 20:48 - 2013-09-25 02:57 - 00247808 (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2013-11-13 20:48 - 2013-09-25 02:57 - 00022016 (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2013-11-13 20:48 - 2013-09-25 02:56 - 00220160 (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2013-11-13 20:48 - 2013-09-25 02:03 - 00030720 (Microsoft Corporation) C:\Windows\system32\lsass.exe 2013-11-13 20:48 - 2013-07-04 13:18 - 00458712 (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2013-11-13 20:46 - 2013-10-12 03:30 - 00830464 (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2013-11-13 20:46 - 2013-10-12 03:29 - 00859648 (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2013-11-13 20:46 - 2013-10-12 03:29 - 00324096 (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2013-11-13 20:46 - 2013-10-12 03:03 - 00656896 (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2013-11-13 20:46 - 2013-10-12 03:01 - 00216576 (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
==================== One Month Modified Files and Folders =======
2013-12-05 22:33 - 2013-12-05 22:32 - 00010374 C:\Users\Hitzemann\Downloads\FRST.txt 2013-12-05 22:33 - 2013-10-16 14:39 - 00005004 C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Hitzemann-PC-Hitzemann Hitzemann-PC 2013-12-05 22:33 - 2013-09-11 09:38 - 00000884 C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-12-05 22:31 - 2013-12-05 22:31 - 00000000 D C:\FRST 2013-12-05 22:30 - 2013-12-05 22:30 - 01925140 _ (Farbar) C:\Users\Hitzemann\Downloads\FRST64.exe 2013-12-05 22:19 - 2009-07-14 05:45 - 00016752 H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2013-12-05 22:19 - 2009-07-14 05:45 - 00016752 _H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2013-12-05 22:16 - 2011-02-23 13:12 - 00696870 C:\Windows\system32\perfh007.dat 2013-12-05 22:16 - 2011-02-23 13:12 - 00148134 C:\Windows\system32\perfc007.dat 2013-12-05 22:16 - 2009-07-14 06:13 - 01612484 C:\Windows\system32\PerfStringBackup.INI 2013-12-05 22:15 - 2013-08-19 07:22 - 01060418 C:\Windows\WindowsUpdate.log 2013-12-05 22:13 - 2013-10-15 10:57 - 00000000 RD C:\Users\Hitzemann\SkyDrive 2013-12-05 22:11 - 2009-07-14 06:08 - 00000006 _H C:\Windows\Tasks\SA.DAT 2013-12-05 22:11 - 2009-07-14 05:51 - 00032113 C:\Windows\setupact.log 2013-12-05 22:05 - 2013-12-05 00:09 - 00000000 D C:\Program Files (x86)\Malwarebytes' Anti-Malware 2013-12-05 22:00 - 2013-12-05 01:29 - 00000000 _D C:\AdwCleaner 2013-12-05 21:58 - 2013-12-05 11:28 - 00002040 C:\Users\Hitzemann\Desktop\Rkill.txt 2013-12-05 21:49 - 2013-12-05 14:51 - 00000000 D C:\Users\Hitzemann\Desktop\Alte Firefox-Daten 2013-12-05 20:10 - 2013-12-05 20:10 - 00000763 _ C:\Users\Hitzemann\Desktop\JRT.txt 2013-12-05 13:47 - 2013-12-05 13:47 - 00000000 D C:\Program Files (x86)\ESET 2013-12-05 12:36 - 2013-12-05 12:36 - 00001109 _ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2013-12-05 12:12 - 2013-08-14 10:22 - 00000000 HD C:\Program Files (x86)\InstallShield Installation Information 2013-12-05 11:37 - 2013-12-05 11:37 - 00001237 _ C:\Users\Hitzemann\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00001213 C:\Users\Hitzemann\Downloads\IObit Uninstaller.lnk 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 D C:\Users\Hitzemann\AppData\Roaming\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\ProductData 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\ProgramData\IObit 2013-12-05 11:37 - 2013-12-05 11:37 - 00000000 _D C:\Program Files (x86)\IObit 2013-12-05 11:36 - 2013-12-05 11:36 - 10330944 (IObit) C:\Users\Hitzemann\Downloads\iobituninstaller3-1.0.exe 2013-12-05 10:10 - 2013-12-05 10:10 - 02347384 (ESET) C:\Users\Hitzemann\Downloads\esetsmartinstallerdeu.exe 2013-12-05 10:09 - 2013-12-05 00:04 - 00000000 D C:\Users\Hitzemann\Downloads\rkill 2013-12-05 10:05 - 2013-12-05 10:05 - 01937144 _ (Bleeping Computer, LLC) C:\Users\Hitzemann\Downloads\alwaysuse.exe 2013-12-05 09:58 - 2013-12-05 09:58 - 02753344 (AVAST Software) C:\Users\Hitzemann\Downloads\avast-browser-cleanup90.exe 2013-12-05 01:38 - 2013-12-05 01:38 - 00000000 D C:\Windows\ERUNT 2013-12-05 01:37 - 2013-12-05 01:36 - 01034531 _ (Thisisu) C:\Users\Hitzemann\Downloads\JRT6.0.8.exe 2013-12-05 01:29 - 2013-12-05 01:29 - 01110034 C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe 2013-12-05 01:26 - 2013-12-05 00:08 - 00003196 C:\Windows\System32\Tasks\SuperEasyDriverUpdaterRunAtStartup 2013-12-05 01:22 - 2013-12-05 00:08 - 00000334 C:\Windows\Tasks\SuperEasyDriverUpdaterUPDATES.job 2013-12-05 01:22 - 2010-11-21 04:47 - 00020800 C:\Windows\PFRO.log 2013-12-05 00:28 - 2013-12-05 00:28 - 00001147 C:\Users\Hitzemann\Desktop\Mozilla Firefox.lnk 2013-12-05 00:24 - 2013-12-05 00:24 - 00000000 _D C:\Users\Hitzemann\Downloads\Alte Firefox-Daten 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\Malwarebytes 2013-12-05 00:09 - 2013-12-05 00:09 - 00000000 _D C:\ProgramData\Malwarebytes 2013-12-05 00:08 - 2013-12-05 00:08 - 00003092 _ C:\Windows\System32\Tasks\SuperEasyDriverUpdaterUPDATES 2013-12-05 00:08 - 2013-12-05 00:08 - 00000000 _D C:\Users\Hitzemann\AppData\Roaming\SuperEasy Software 2013-12-05 00:07 - 2013-12-05 00:07 - 00614784 _ C:\Users\Hitzemann\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe 2013-12-04 23:27 - 2013-09-11 09:39 - 00000000 D C:\Users\Hitzemann\AppData\Roaming\Skype 2013-12-04 23:27 - 2013-09-11 09:39 - 00000000 _D C:\ProgramData\Skype 2013-12-04 23:26 - 2013-12-04 22:13 - 00000000 _D C:\ProgramData\WPM 2013-12-04 23:19 - 2013-09-11 09:16 - 00000000 _RD C:\Users\Hitzemann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-12-04 22:47 - 2013-12-04 22:47 - 00001912 C:\Windows\epplauncher.mif 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 _D C:\Program Files\Microsoft Security Client 2013-12-04 22:47 - 2013-12-04 22:47 - 00000000 _D C:\Program Files (x86)\Microsoft Security Client 2013-12-04 22:41 - 2013-09-17 13:01 - 00000000 _D C:\ProgramData\Avira 2013-12-04 22:37 - 2013-12-04 22:37 - 13697720 _ (Microsoft Corporation) C:\Users\Hitzemann\Downloads\mseinstall.exe 2013-12-04 17:17 - 2009-07-14 04:20 - 00000000 D C:\Windows\rescache 2013-12-04 07:53 - 2009-07-14 04:20 - 00000000 _D C:\Windows\PolicyDefinitions 2013-12-04 07:38 - 2013-12-04 07:28 - 00010074 C:\Windows\IE11main.log 2013-12-04 07:31 - 2013-12-04 07:31 - 23212032 (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 17142784 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 12995584 (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 11220992 (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 05765120 (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 04240384 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02764288 (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02724864 (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-12-04 07:31 - 2013-12-04 07:31 - 02332160 (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 02166272 (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01993728 (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01926656 (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-12-04 07:31 - 2013-12-04 07:31 - 01818112 (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01394176 (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01228800 (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01156608 (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 01051136 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00942592 (Microsoft Corporation) C:\Windows\system32\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00940032 (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00817664 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00774144 (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00708608 (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00703488 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00645120 (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00626176 (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00616104 (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat 2013-12-04 07:31 - 2013-12-04 07:31 - 00610304 (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00574976 (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00553472 (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00548352 (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00523776 (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00454656 (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00453120 (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00440832 (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00413696 (Microsoft Corporation) C:\Windows\system32\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00367104 (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00337408 (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2013-12-04 07:31 - 2013-12-04 07:31 - 00296960 (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00263376 (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00247808 (Microsoft Corporation) C:\Windows\system32\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00244736 (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00243200 (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00238288 (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235520 (Microsoft Corporation) C:\Windows\system32\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00235008 (Microsoft Corporation) C:\Windows\system32\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00233472 (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00218624 (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00208384 (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00195584 (Microsoft Corporation) C:\Windows\system32\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00194048 (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00182272 (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00167424 (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00164864 (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00151552 (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00147968 (Microsoft Corporation) C:\Windows\system32\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00143872 (Microsoft Corporation) C:\Windows\system32\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00139264 (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00135680 (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00131072 (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00127488 (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00116736 (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00112128 (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00111616 (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00105984 (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00101376 (Microsoft Corporation) C:\Windows\system32\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00090112 (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00086016 (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00084992 (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083968 (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00083456 (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00081408 (Microsoft Corporation) C:\Windows\system32\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00077312 (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00074240 (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00069632 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00069120 (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00066048 (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2013-12-04 07:31 - 2013-12-04 07:31 - 00062464 (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00061952 (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00056832 (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00053760 (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00052224 (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00051200 (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\mshtmler.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048640 (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00048128 (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00043008 (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00040448 (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00036352 (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00034816 (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00033792 (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00032768 (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00030208 (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00024576 (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2013-12-04 07:31 - 2013-12-04 07:31 - 00013824 (Microsoft Corporation) C:\Windows\system32\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00013312 (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00012800 (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2013-12-04 07:31 - 2013-12-04 07:31 - 00004096 (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2013-11-26 21:40 - 2009-07-14 04:20 - 00000000 _D C:\Windows\system32\NDF 2013-11-23 12:14 - 2013-11-22 16:53 - 00000000 _D C:\Program Files\office.tmp 2013-11-22 16:53 - 2013-10-15 10:46 - 00000000 _D C:\Program Files\Microsoft Office 15 2013-11-22 16:46 - 2013-11-22 16:46 - 00572088 _ (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB(1).exe 2013-11-22 16:41 - 2013-11-22 16:41 - 00572088 (Microsoft Corporation) C:\Users\Hitzemann\Downloads\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB.exe 2013-11-22 14:51 - 2013-09-11 09:27 - 00000000 _D C:\Users\Hitzemann\AppData\Local\Adobe 2013-11-22 14:09 - 2013-11-22 14:09 - 00000000 _D C:\ProgramData\McAfee 2013-11-22 14:09 - 2013-09-11 09:38 - 00692616 (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-11-22 14:09 - 2013-09-11 09:38 - 00071048 (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-11-22 14:09 - 2013-09-11 09:38 - 00003822 C:\Windows\System32\Tasks\Adobe Flash Player Updater 2013-11-19 11:21 - 2010-11-21 04:27 - 00267936 N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2013-11-17 16:22 - 2013-09-11 09:35 - 00000000 _D C:\Program Files (x86)\Mozilla Maintenance Service 2013-11-16 13:27 - 2013-11-16 13:27 - 00000000 _D C:\Program Files (x86)\Mozilla Firefox 2013-11-14 09:11 - 2013-09-11 10:52 - 00000000 _D C:\Windows\system32\MRT 2013-11-14 09:09 - 2013-09-11 10:52 - 82896128 _ (Microsoft Corporation) C:\Windows\system32\MRT.exe
C:\Users\Hitzemann\AppData\Local\Temp\avgnt.exe C:\Users\Hitzemann\AppData\Local\Temp\BackupSetup.exe C:\Users\Hitzemann\AppData\Local\Temp\OfficeSetup.exe C:\Users\Hitzemann\AppData\Local\Temp\Quarantine.exe C:\Users\Hitzemann\AppData\Local\Temp\Setup.X86.en-USO365HomePremRetail3988f60f-37dd-4228-bb6a-8e34fdb6e0cdTXDB.exe C:\Users\Hitzemann\AppData\Local\Temp\vcredistx64.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-30 13:22
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-12-2013 Ran by Hitzemann at 2013-12-05 22:33:53 Running from C:\Users\Hitzemann\Downloads
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152) Adobe Reader XI (11.0.05) MUI (x32 Version: 11.0.05) BisonCam (x32 Version: ) ChiconyCam (x32 Version: 1.0.47.0819) D3DX10 (x32 Version: 15.4.2368.0902) ESET Online Scanner v3 (x32) Fotogalerie (x32 Version: 16.4.3505.0912) Galería de fotos (x32 Version: 16.4.3505.0912) Galerie de photos (x32 Version: 16.4.3505.0912) Intel PROSet Wireless Intel(R) Management Engine Components (x32 Version: 8.1.0.1252) Intel(R) OpenCL CPU Runtime (x32) Intel(R) Processor Graphics (x32 Version: 9.17.10.2932) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.2.0.0284) Intel® PROSet/Wireless WiFi-Software (Version: 15.02.0000.1258) Intel® Trusted Connect Service Client (Version: 1.24.388.1) IObit Uninstaller (x32 Version: 3.0.4.922) Junk Mail filter update (x32 Version: 16.4.3505.0912) Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300) Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319) Microsoft .NET Framework 4 Extended (Version: 4.0.30319) Microsoft Application Error Reporting (Version: 12.0.6015.5000) Microsoft Office 365 Home Premium - en-us (Version: 15.0.4551.1005) Microsoft Security Client (Version: 4.4.0304.0) Microsoft Security Essentials (Version: 4.4.304.0) Microsoft SkyDrive (HKCU Version: 17.0.2015.0811) Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219) Movie Maker (x32 Version: 16.4.3505.0912) Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1) Mozilla Maintenance Service (x32 Version: 25.0.1) MSVCRT (x32 Version: 15.4.2862.0708) MSVCRTamd64 (x32 Version: 15.4.2862.0708) MSVCRT110 (x32 Version: 16.4.1108.0727) MSVCRT110amd64 (Version: 16.4.1109.0912) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1005) Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1005) Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1005) Photo Common (x32 Version: 16.4.3505.0912) Photo Gallery (x32 Version: 16.4.3505.0912) Platform (x32 Version: 1.39) Realtek Ethernet Controller Driver (x32 Version: 7.58.411.2012) Realtek PCIE Card Reader (x32 Version: 6.2.8400.27024) Synaptics Pointing Device Driver (Version: 15.3.18.0) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3) Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3) VIA Plattform-Geräte-Manager (x32 Version: 1.39) WebCam Installer (x32 Version: 4.04) Windows Live (x32 Version: 16.4.3505.0912) Windows Live Communications Platform (x32 Version: 16.4.3505.0912) Windows Live Essentials (x32 Version: 16.4.3505.0912) Windows Live Family Safety (Version: 16.4.3505.0912) Windows Live Family Safety (x32 Version: 16.4.3505.0912) Windows Live ID Sign-in Assistant (Version: 7.250.4311.0) Windows Live Installer (x32 Version: 16.4.3505.0912) Windows Live Mail (x32 Version: 16.4.3505.0912) Windows Live Messenger (x32 Version: 16.4.3505.0912) Windows Live MIME IFilter (Version: 16.4.3505.0912) Windows Live Photo Common (x32 Version: 16.4.3505.0912) Windows Live PIMT Platform (x32 Version: 16.4.3505.0912) Windows Live SOXE (x32 Version: 16.4.3505.0912) Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912) Windows Live UX Platform (x32 Version: 16.4.3505.0912) Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912) Windows Live Writer (x32 Version: 16.4.3505.0912) Windows Live Writer Resources (x32 Version: 16.4.3505.0912)
==================== Restore Points =========================
21-11-2013 10:35:46 Geplanter Prüfpunkt 29-11-2013 13:09:22 Geplanter Prüfpunkt 04-12-2013 06:27:37 Windows Update 04-12-2013 22:26:51 Removed Skype™ 6.11 04-12-2013 22:29:34 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 05-12-2013 10:40:04 IObit Uninstaller restore point 05-12-2013 10:40:32 Configured Hotkey 6.0069 05-12-2013 13:04:52 Windows Modules Installer
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 __A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {3248393E-9AF8-4DD8-B6A9-7427EEBE4CB9} - System32\Tasks\SuperEasyDriverUpdaterRunAtStartup => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: {3CD55B8E-CDA4-4E70-A3A8-5919583C500D} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Hitzemann-PC-Hitzemann Hitzemann-PC => C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE [2013-11-22] (Microsoft Corporation) Task: {570207C4-575D-4A1D-87F7-18B45BFB3702} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-09-17] (Microsoft Corporation) Task: {72229C57-432B-4D13-917B-A882B1CF9305} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-11-22] (Microsoft Corporation) Task: {8DFD6A19-9C72-4765-824B-83313F991416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-22] (Adobe Systems Incorporated) Task: {B3772305-3BFF-4EF5-9115-5C2433E9A509} - System32\Tasks\SuperEasyDriverUpdaterUPDATES => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\SuperEasyDriverUpdaterUPDATES.job => C:\Program Files (x86)\SuperEasy Software\Driver Updater\supereasydu.exe
==================== Loaded Modules (whitelisted) =============
2013-11-22 16:56 - 2013-11-22 16:56 - 08866472 () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-12-10 11:45 - 2012-05-21 03:38 - 00094208 () C:\Windows\System32\IccLibDllx64.dll 2013-08-14 10:27 - 2012-09-12 16:55 - 00078480 () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll 2013-08-14 10:27 - 2012-09-12 16:55 - 00386192 () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll 2013-11-16 13:27 - 2013-11-16 13:27 - 03363952 () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-11-22 16:56 - 2013-11-22 16:56 - 00316584 () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2013-11-22 16:56 - 2013-11-22 16:56 - 00359592 () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll 2013-08-14 10:24 - 2012-06-25 03:41 - 01198912 () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-11-22 14:09 - 2013-11-22 14:09 - 16237448 () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32119900152.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Error: (12/05/2013 10:12:01 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 10:01:32 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 08:17:47 PM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 10:12:01 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 10:01:32 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2013 08:17:47 PM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM _InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 40% Total physical RAM: 3988.03 MB Available physical RAM: 2386.57 MB Total Pagefile: 7974.24 MB Available Pagefile: 6092.03 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.51 GB) (Free:889.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 07209C32) Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================
ich versuche IE in meinem computer zu finden. wenn ich unter "computer durchsuchen" "internet explorer" eingebe, kommt dies hier (was bedeutet das? was soll ich jetzt machen!?):
--- ich habe eine screen shot gemacht, kann ihn hier aber leider nicht einfügen...auf jeden falls es kommen viele program_files und anderes wo internet explorer steht.
hier ist der log nachdem ich malwarebytes nochmal hab laufen lassen (64 infizierte objekte wurden gefunden!!):
Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org
Datenbank Version: v2013.12.05.08
Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Hitzemann :: HITZEMANN-PC [Administrator]
Schutz: Aktiviert
05.12.2013 23:38:32 mbam-log-2013-12-05 (23-38-32).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 304140 Laufzeit: 1 Stunde(n), 47 Sekunde(n)
Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 7 C:\Users\Hitzemann\AppData\Local\Temp\DM\bin (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\exe (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\Qone8 (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\Quickshare (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\Re-Markit (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 57 C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\base.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\dosearches.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\jquery.min.js (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\position1A.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\position2A.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\position2B.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\position2C.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\position3A.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\position3B.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\position3C.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\position3D.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\position4A.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\quickshare.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\remarkit.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\style.css (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\bgapp.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\boton.jpg (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\botonxl.jpg (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\bullet-short.gif (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\bullet-shortw.gif (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\bullet.gif (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\butpause.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\butplay.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\check-close.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\check.jpg (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\check.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\cross.jpg (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\hide.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\less.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\logo-win.jpg (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\more.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\percentage-bg.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\progress.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\progresssmall.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\progresssmall_bg.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\quickshare-logo.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\quickshare-logo2.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\screen-geaudioconverter.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\screen-gevideoconverter.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\screen-ifish.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\screen-miul.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\screen-olivebrowser.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\screen-printpdf.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\screen-vafmusic.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\screen-vafplayer.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\screen-zipper.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\css\images\show.png (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\exe\box.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\exe\close.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\exe\finish.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\exe\group.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\exe\instalando.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\exe\options.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\exe\welcome.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\Qone8\info.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\Quickshare\info.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Hitzemann\AppData\Local\Temp\DM\bin\Re-Markit\info.html (PUP.Optional.BundleInstaller.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
| | 12 | No.12 Revision |
Ich schaffe es nicht nation zoom loszuwerden!! HILFE!! ich habe die anleitungen befolgt, doch ich habe das Problem, dass bei AVAST eine Fehlermeldung kommt: "die Konfiguration von Microsoft Internet Explorer konnte nicht aktualisiert werden. bitte schließen sie ihren Browser und wiederholen sie diesen befehl". ich habe den Browser aber nicht auf! ich habe ihn noch nie benützt! ich benütze nur firefox. ich finde IE auch nicht in den programmen die ich deinstallieren könnte unter systemsteuerung. wie kann ich IE finden und deinstallieren? auch IObit uninstaller listet IE nicht unter den Programmen auf! HILFE BITTE!!!
Ich kenne mich nicht aus mit computern und schreibe gerade meine Masterarbeit. Ich bin verzweifelt!
Ich lasse den Rkill immer ganz durchlaufen und dann erscheint dieser log:
Rkill 2.6.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/05/2013 07:48:07 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* No issues found.
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 12/05/2013 07:48:30 PM
Execution time: 0 hours(s), 0 minute(s), and 23 seconds(s)
Ich habe Adwcleaner aufgemacht, auf "suchen" geclickt und nichts ist erschienen unter "Verknüpfungen" "Registrierungsdatenbank" "Internet Explorer" und "Chrome"... nur unter "Firefox" stand etwas. Ich habe dann "Löschen" geclickt.... danach kam der folgende log (aber als ich Adwcleaner nochmals danachaufmachte und laufen lies war wieder das gleiche unter firefox!!):
# AdwCleaner v3.014 - Bericht erstellt am 05/12/2013 um 19:54:39
# Updated 01/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Hitzemann - HITZEMANN-PC
# Gestartet von : C:\Users\Hitzemann\Downloads\AdwCleaner-3.014.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Hitzemann\AppData\Roaming\Mozilla\Firefox\Profiles\pfm6q073.default-1386251473073\prefs.js ]
*************************
Nachdem ich Junkware laufen lassen kommt die meldung "the scan completed successfully" und der folgende log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Hitzemann on 05.12.2013 at 20:03:04,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.12.2013 at 20:10:35,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ich habe den FARBER RECOVERY SCAN gemcaht und alles ist ok gelaufen. dann sind die folgenden 2 logs erschienen:
HKLM...\Run:
ich versuche IE in meinem computer zu finden. wenn ich unter "computer durchsuchen" "internet explorer" eingebe, kommt dies hier (was bedeutet das? was soll ich jetzt machen!?):
--- ich habe eine screen shot gemacht, kann ihn hier aber leider nicht einfügen...auf jeden falls es kommen viele program_files und anderes wo internet explorer steht.
hier ist der log nachdem ich malwarebytes nochmal hab laufen lassen (64 infizierte objekte wurden gefunden!!):
(Ende)