Hallo Forum,

gestern meldete Avast eine Reihe von bedrohlichen Objekten, die ich aber nicht reparieren oder löschen konnte (systemk.dll etc.). Habe nun Malwarebytes durchlaufen lassen und dieses liefert eine sehr lange Liste. Kenne mich nicht so gut aus, was nun zu tun ist. Alles in Quarantäne? Weiß jemand, worum es sich handelt?

Bitte Euch um Hilfe!

Markus

------------------------------------------------------


Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 21.05.2014
Suchlauf-Zeit: 06:37:17
Logdatei: vir.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.20.06
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Fuhrmann

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 283022
Verstrichene Zeit: 11 Std, 51 Min, 36 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 3
PUP.Optional.SystemK.A, C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe, 2988, , [fda94d064b3026109d381b60e1206f91]
PUP.Optional.SystemK.A, C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe, 1108, , [fda94d064b3026109d381b60e1206f91]
PUP.Optional.SystemK.A, C:\Program Files (x86)\Settings Manager\systemk\systemku.exe, 4440, , [2284bd9677043600ddf88cefc041f60a]

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 38
PUP.Optional.SystemK.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SystemkService, , [fda94d064b3026109d381b60e1206f91],
PUP.Optional.SystemK.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A91196222, , [d1d5c98ab6c5999d6372cdae827f7e82],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\Linkey.Linkey, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Linkey.Linkey, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKU\S-1-5-21-2433529201-776013581-942875397-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKU\S-1-5-21-2433529201-776013581-942875397-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{726E90BE-DC22-4965-B215-E0784DC26F47}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{726E90BE-DC22-4965-B215-E0784DC26F47}, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}\INPROCSERVER32, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\CLASSES\APPID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}, , [198d83d05f1c54e21200ff2bd23052ae],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{6A7CD9EC-D8BD-4340-BCD0-77C09A282921}, , [198d83d05f1c54e21200ff2bd23052ae],
PUP.Optional.Linkey.A, HKU\S-1-5-21-2433529201-776013581-942875397-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Linkey, , [881ec88be398f640dfc61082c042e31d],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\LINKEY, , [386e1a391f5c013522862171877baa56],
PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\LINKEY, , [3e68d2817cff96a0adfb7022e61c39c7],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK\General, , [1a8cf75c6a11e056f631335f71913dc3],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK, , [14926ce7bdbe78be49dfc9c9da281be5],
PUP.Optional.Conduit.A, HKU\S-1-5-21-2433529201-776013581-942875397-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CONDUIT\FF, , [acfad97ae69554e250d7803b5ba8bf41],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2433529201-776013581-942875397-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [9a0c351e89f2989e0927b8d616ecb64a],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\SettingsManagerIEHelper.DNSGuard, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\SettingsManagerIEHelper.DNSGuard.1, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SettingsManagerIEHelper.DNSGuard, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SettingsManagerIEHelper.DNSGuard.1, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKU\S-1-5-21-2433529201-776013581-942875397-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{54739D49-AC03-4C57-9264-C5195596B3A1}, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA760BA8-5862-4BC5-9263-4452CBC0B264}, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA760BA8-5862-4BC5-9263-4452CBC0B264}, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Settings Manager, , [a2049eb55d1e9b9be350136706fc28d8],

Registrierungswerte: 3
PUP.Optional.Linkey.A, HKLM\SOFTWARE\LINKEY|ie_jsurl, hxxp://app.linkeyproject.com/popup/IE/background.js, , [386e1a391f5c013522862171877baa56]
PUP.Optional.Linkey.A, HKLM\SOFTWARE\WOW6432NODE\LINKEY|ie_jsurl, hxxp://app.linkeyproject.com/popup/IE/background.js, , [3e68d2817cff96a0adfb7022e61c39c7]
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SYSTEMK|browser, ie ff cr, , [14926ce7bdbe78be49dfc9c9da281be5]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 18
PUP.Optional.SystemK.A, C:\ProgramData\systemk, , [bee831226d0e6dc9a8277b15e61c837d],
PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey, , [881ec88be398f640dfc61082c042e31d],
PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\ChromeExtension, , [881ec88be398f640dfc61082c042e31d],
PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\IEExtension, , [881ec88be398f640dfc61082c042e31d],
PUP.Optional.OpenCandy, C:\Users\Fuhrmann\AppData\Roaming\OpenCandy, , [9d09292a85f61a1c998f690af60cd62a],
PUP.Optional.OpenCandy, C:\Users\Fuhrmann\AppData\Roaming\OpenCandy\86EAD3B6219E49CF91EBB8999BAC147D, , [9d09292a85f61a1c998f690af60cd62a],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\xpi, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\xpi\defaults, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\xpi\defaults\preferences, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE, , [3b6ba3b05f1cbf77e2d1a1d22bd704fc],
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT1703539, , [3b6ba3b05f1cbf77e2d1a1d22bd704fc],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\content, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\content\js, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\skin, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64, , [a2049eb55d1e9b9be350136706fc28d8],

Dateien: 111
PUP.Optional.SystemK.A, C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe, , [fda94d064b3026109d381b60e1206f91],
PUP.Optional.SystemK.A, C:\Program Files (x86)\Settings Manager\systemk\systemku.exe, , [2284bd9677043600ddf88cefc041f60a],
PUP.Optional.SystemK.A, C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg, , [d1d5c98ab6c5999d6372cdae827f7e82],
PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\IEExtension\iedll64.dll, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\IEExtension\iedll.dll, , [4f57d47fc4b7a591a416c6a4cc35a45c],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\SPStub.exe, , [555160f34536a492fc7d9d7fe819e41c],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\DLG_\requirements\SPIdentifier.exe, , [980eb89b3c3f68ceaf9e14f8fc057987],
PUP.Optional.AztecMedia.A, C:\Users\Fuhrmann\AppData\Local\Temp\nshEB48.tmp\Helper.dll, , [6b3b292ad9a2f4421944d76de123f808],
PUP.Optional.AztecMedia.A, C:\Users\Fuhrmann\AppData\Local\Temp\nshEB48.tmp\Starter.exe, , [71351e352e4dc67063ebb292c53f14ec],
PUP.Optional.AztecMedia.A, C:\Users\Fuhrmann\AppData\Local\Temp\nsnC996.tmp\Helper.dll, , [cfd74e0592e937ffd98455ef956fd729],
PUP.Optional.AztecMedia.A, C:\Users\Fuhrmann\AppData\Local\Temp\nsnC996.tmp\Starter.exe, , [436357fc017a44f2a0ae68dc13f1eb15],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\ctbe.exe, , [00a6124102793cfaa3e289953ac6f709],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\ffLogic.exe, , [3b6b90c36c0f52e479000616ed14ce32],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\ieLogic.exe, , [6e3896bd6e0d4cea42371efe1be6fc04],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\spff.exe, , [7f27054e54277db9b8c1b26ada2731cf],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\statisticsStub.exe, , [297db59e8bf0b87e6c92f115bc45cf31],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\stub.exe, , [b4f2a8ab03784de912ca8995f10fed13],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\is-4NBSR.tmp\IsoBuster_toolbar.exe, , [e5c174df2457e3533171e43a2ad624dc],
PUP.Optional.Softonic.A, C:\Users\Fuhrmann\Downloads\SoftonicDownloader_fuer_tubebox.exe, , [9e08a9aa73088bab659b48d834cd3ec2],
PUP.Optional.Bandoo, C:\Users\Fuhrmann\Downloads\iLividSetupV1.exe, , [3670044f94e745f1c2df23e6758c5ba5],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\Downloads\ExtremeFlashPlayer.exe, , [119558fbb8c32c0a96d12e0f38c827d9],
PUP.Optional.Breitschopp, C:\Users\Fuhrmann\Downloads\tubebox_5.0(1).exe, , [2680d67d483389ad9dae211c25dfd030],
PUP.Optional.Breitschopp, C:\Users\Fuhrmann\Downloads\tubebox_5.0.exe, , [dfc7f55e5229b383af9c7dc04db735cb],
PUP.Optional.SystemK.A, C:\ProgramData\systemk\general.cfg, , [bee831226d0e6dc9a8277b15e61c837d],
PUP.Optional.SystemK.A, C:\ProgramData\systemk\coordinator.cfg, , [bee831226d0e6dc9a8277b15e61c837d],
PUP.Optional.SystemK.A, C:\ProgramData\systemk\S-1-5-21-2433529201-776013581-942875397-1000.cfg, , [bee831226d0e6dc9a8277b15e61c837d],
PUP.Optional.DefaultSearch.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\searchplugins\default-search.xml, , [7135db78b1ca360007171c7669997987],
PUP.Optional.DefaultSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml, , [b6f00251b4c72412da45266c34ceb14f],
PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\log.log, , [881ec88be398f640dfc61082c042e31d],
PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\Helper.dll, , [881ec88be398f640dfc61082c042e31d],
PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\Uninstall.exe, , [881ec88be398f640dfc61082c042e31d],
PUP.Optional.Linkey.A, C:\Program Files (x86)\Linkey\ChromeExtension\ChromeExtension.crx, , [881ec88be398f640dfc61082c042e31d],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\searchplugins\conduit.xml, , [9f07a7ac1d5eda5c40789afa8b77bd43],
PUP.Optional.OpenCandy, C:\Users\Fuhrmann\AppData\Roaming\OpenCandy\86EAD3B6219E49CF91EBB8999BAC147D\2877.ico, , [9d09292a85f61a1c998f690af60cd62a],
PUP.Optional.OpenCandy, C:\Users\Fuhrmann\AppData\Roaming\OpenCandy\86EAD3B6219E49CF91EBB8999BAC147D\AVG923_p1v3.exe, , [9d09292a85f61a1c998f690af60cd62a],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\chromeid.txt, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\conduit.xml, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\CT1703539.xpi, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\setup.ini.txt, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\version.txt, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\xpi\install.rdf, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Local\Temp\ct1703539\xpi\defaults\preferences\defaults.js, , [04a24e0533489d99bce3e291d42e827e],
PUP.Optional.Conduit.A, C:\ProgramData\Conduit\IE\CT1703539\UninstallerUI.exe, , [3b6ba3b05f1cbf77e2d1a1d22bd704fc],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\chrome.manifest, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\install.rdf, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\content\button.css, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\content\overlay.xul, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\content\js\common.js, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\content\js\LinkeyManager.js, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\skin\bright_green_19_19.png, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\skin\default_19_19.png, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\skin\hard_green_19_19.png, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\skin\icon.png, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\skin\icon64.png, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\skin\orange_19_19.png, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\skin\red_19_19.png, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.Linkey.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\extensions\extension@linkeyproject.com\skin\yellow_19_19.png, , [30765bf8fb800a2caa5dbebc1be741bf],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\del_DM_DLL_nsc1984.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\del_DM_EXE_nsc1984.exe, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\del_mg_nsc1984.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\favicon.ico, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\Helper.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\Internet Explorer Settings.exe, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\syskldr.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\syskldr_u.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\systemk.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\systemkbho.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\systemkbho.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\systemkChrome.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\systemkmgrc1.cfg, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\tbicon.exe, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\trz5906.tmp, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\trz6B7E.tmp, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\trz6CB7.tmp, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\trz6CD7.tmp, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\trz6D07.tmp, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\trz6DD3.tmp, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\trzABF3.tmp, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\trzABF4.tmp, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\Uninstall.exe, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\del_DM_LL_nsc1984.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\del_DM_LL_nsi22C8.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\Internet Explorer Settings.exe, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\syskldr.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\syskldr_u.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\systemk\x64\systemk.dll, , [a2049eb55d1e9b9be350136706fc28d8],
PUP.Optional.DefaultSearch.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=318&src=ds&p="), ,[4b5be1726d0eb97d0e3ec8b4df259e62]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.aflt", "babsst"), ,[aff7fe55cbb00432cb9624588c789b65]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.babTrack", "affID=107763"), ,[2086d182562563d36ef398e4fe0620e0]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.bbDpng", 30), ,[1d895bf8a7d4ad891b46225ad82c2ad6]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.dfltLng", "en"), ,[2e78153e9dde7eb80a57e29ab64ed927]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.dfltSrch", true), ,[c9dd3e1597e42a0c055c413bef1551af]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.hmpg", true), ,[3e68fd56017afe387ee34f2dfc0815eb]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.id", "1456237b000000000000002710f26480"), ,[6541ea69ee8d082e5d0403799a6a9c64]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.instlDay", "15246"), ,[6b3b8ec599e2aa8cabb6e399689c0af6]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.instlRef", "sst"), ,[4b5be370eb90092dfc6590ec6a9ab848]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=1456237b000000000000002710f26480&tlver=1.4.35.10&affID=107763"), ,[fda93023d9a2a78f540dbac2c73d6b95]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.lastDP", 30), ,[5a4ccf848deedd59134ef6869272ca36]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.101:43:20"), ,[9214f162bac143f382df5a2255af07f9]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.newTab", true), ,[fcaa5af986f5a88e035e5d1f6c98b24e]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_ss&affID=107763&mntrId=1456237b000000000000002710f26480"), ,[aafc153e84f777bf6cf5e69641c3db25]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"), ,[cbdb470cf4878fa7aeb37c00bf45c33d]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prtnrId", "babylon"), ,[dacc084bfc7f7db9332ea4d852b207f9]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.smplGrp", "none"), ,[f4b2a4afaccf6dc9263bbbc15ba93cc4]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.srcExt", "ss"), ,[b9ed77dc6a11f3434120502c8e7642be]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)"), ,[73331b38e09b3402ed7499e3887c7090]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.tlbrId", "base"), ,[aafc69eaeb90290d0b563b4153b19868]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.vrsn", "1.4.35.10"), ,[f7afbc970a71ec4aa1c0a8d41aeaa35d]
PUP.Optional.Babylon.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.101:43:20"), ,[b2f4aba892e9ba7c273aa2dae51f17e9]
PUP.Optional.Conduit.A, C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1703539&CUI=UN35270952459756389&UM=2&SearchSource=3&q={searchTerms}"), ,[b2f4183b0576a88edaecf4888084f60a]

Physische Sektoren: 0
(No malicious items detected)


(end)

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST.txt


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by Fuhrmann (administrator) on RECHENKNECHT on 21-05-2014 07:18:41
Running from C:\Users\Fuhrmann\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
() C:\Program Files (x86)\Freetec\SystemStore\Freemium.SelfUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe
() C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(VirtuaWin) C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Aztec Media Inc) C:\Program Files (x86)\Settings Manager\systemk\systemku.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
() C:\Program Files (x86)\VirtuaWin\modules\WinList.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(TeX Users Group) C:\Program Files (x86)\TeXworks\TeXworks.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-06-21] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-14] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4297136 2012-10-31] (AVAST Software)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [37296 2012-01-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [RIS2PostReboot] => C:\Program Files (x86)\LEGO MINDSTORMS\RIS 2.0\LaunchRIS2.exe [212992 2001-05-30] (LEGO MINDSTORMS)
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2013-03-21] (Microsoft Corporation)
HKU\S-1-5-21-2433529201-776013581-942875397-1000\...\Run: [MediaGet2] => C:\Users\Fuhrmann\AppData\Local\MediaGet2\mediaget.exe --minimized
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VirtuaWin.lnk
ShortcutTarget: VirtuaWin.lnk -> C:\Program Files (x86)\VirtuaWin\VirtuaWin.exe (VirtuaWin)
Startup: C:\Users\Fuhrmann\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll [664592 2014-05-18] ()
HKLM\...\AppCertDlls: [x86] -> c:\program files (x86)\settings manager\systemk\sysapcrt.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.default-search.net?sid=476&aid=122&itype=a&ver=12692&tm=318&src=hmp
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=318&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {ED93950F-A813-456B-A5DA-88D94BC37F6B} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=318&src=ds&p={searchTerms}
SearchScopes: HKCU - DefaultScope {ED93950F-A813-456B-A5DA-88D94BC37F6B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1703539&CUI=UN30917053161040218&UM=2
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=107763&mntrId=1456237b000000000000002710f26480
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {6A99D9E2-C296-457C-810A-4A62C58DA819} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {6DC5748F-DFE6-4E32-87EE-29E515031B16} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {78E02547-0EC4-4A82-8C75-2D5C2AC9FB2D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=12717415-0E0E-4B46-888A-160A3B8D3B0E&apn_sauid=39A8DD0A-852D-452F-A114-44F18703E2AD
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=318&src=ds&p={searchTerms}
SearchScopes: HKCU - {9E8FA017-80AC-4F81-BFB3-CEFEBA431DFF} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {ED93950F-A813-456B-A5DA-88D94BC37F6B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1703539&CUI=UN30917053161040218&UM=2
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\PROGRA~2\Linkey\IEEXTE~1\iedll64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Linkey - {4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} - C:\PROGRA~2\Linkey\IEEXTE~1\iedll.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default
FF user.js: detected! => C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\user.js
FF DefaultSearchEngine: default-search.net
FF SearchEngineOrder.1: default-search.net
FF SelectedSearchEngine: default-search.net
FF Homepage: hxxp://www.google.de
FF Keyword.URL: hxxp://www.default-search.net/search?sid=476&aid=122&itype=a&ver=12692&tm=318&src=ds&p=
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1)%20%7B%20return%20'PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\default-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Linkey for Firefox - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\extension@linkeyproject.com [2014-04-15]
FF Extension: Form History Control - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\formhistory@yahoo.com [2014-02-09]
FF Extension: NetVideoHunter - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\netvideohunter@netvideohunter.com [2013-12-09]
FF Extension: YouTube Unblocker - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\youtubeunblocker@unblocker.yt [2014-01-23]
FF Extension: Settings Manager - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\{19D73812-1701-1B61-CBA2-12A70C87A0B0} [2014-04-15]
FF Extension: Hide My Ass Proxy Extension - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\extension@hidemyass.com.xpi [2012-06-07]
FF Extension: GrabMyBooks - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\info@grabMyBooks.com.xpi [2013-11-14]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-09-30]
FF Extension: DownThemAll! - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2012-04-04]
FF Extension: {eeef18f0-b5d3-4222-a049-ee4cd945c1a4} - C:\Users\Fuhrmann\AppData\Roaming\Mozilla\Firefox\Profiles\6jan9tz3.default\Extensions\{eeef18f0-b5d3-4222-a049-ee4cd945c1a4}.xpi [2013-11-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! WebRep - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-08-11]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808 2012-10-31] (AVAST Software)
S3 BrlAPI; C:\cygwin\bin\cygrunsrv.exe [68096 2008-03-18] ()
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-05-31] (Freemake)
R2 FreemiumSelfUpdateService; C:\Program Files (x86)\Freetec\SystemStore\Freemium.SelfUpdate.exe [5686272 2012-09-26] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [252416 2010-05-25] (Sony Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 SystemkService; C:\Program Files (x86)\Settings Manager\systemk\SystemkService.exe [3543056 2014-05-18] (Aztec Media Inc)
R2 SystemStore; C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe [14848 2012-04-24] ()
S2 SystemStoreService; C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe [175616 2014-05-19] ()
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1250160 2010-05-31] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [25232 2012-10-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [71600 2012-10-31] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [54072 2012-10-15] (AVAST Software)
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [984144 2012-10-31] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [370288 2012-10-31] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [59728 2012-10-31] (AVAST Software)
R1 F06DEFF2-5B9C-490D-910F-35D3A91196222; C:\Program Files (x86)\Settings Manager\systemk\x64\systemkmgrc1.cfg [36240 2014-05-18] (Aztec Media Inc)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-20] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-21 07:18 - 2014-05-21 07:18 - 00025436 _____ () C:\Users\Fuhrmann\Downloads\FRST.txt
2014-05-21 07:18 - 2014-05-21 07:18 - 00000000 ____D () C:\FRST
2014-05-21 07:14 - 2014-05-21 07:14 - 02067456 _____ (Farbar) C:\Users\Fuhrmann\Downloads\FRST64.exe
2014-05-21 07:13 - 2014-05-21 07:13 - 01056768 _____ (Farbar) C:\Users\Fuhrmann\Downloads\FRST.exe
2014-05-20 17:57 - 2014-05-20 18:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 17:52 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-20 17:52 - 2014-05-20 17:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-20 17:52 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-20 17:52 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-20 16:24 - 2014-05-20 16:27 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Fuhrmann\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-19 13:21 - 2014-05-19 13:21 - 00000000 ____D () C:\Program Files (x86)\SoftwareUpdater
2014-05-18 23:46 - 2014-05-21 07:18 - 00000000 ____D () C:\ProgramData\systemk
2014-05-10 14:40 - 2014-05-10 14:54 - 100476324 _____ () C:\Users\Fuhrmann\Downloads\Beethoven - 7th Symphony (Complete) ✔.mp4
2014-05-10 11:51 - 2014-05-10 12:11 - 133672584 _____ () C:\Users\Fuhrmann\Downloads\Franz Schubert - Winterreise.mp4
2014-05-10 11:51 - 2014-05-10 11:51 - 00233776 _____ () C:\Users\Fuhrmann\Downloads\ExtremeFlashPlayer.exe
2014-05-09 23:20 - 2014-05-09 23:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-04 21:29 - 2014-05-09 20:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird

==================== One Month Modified Files and Folders =======

2014-05-21 07:18 - 2014-05-21 07:18 - 00025436 _____ () C:\Users\Fuhrmann\Downloads\FRST.txt
2014-05-21 07:18 - 2014-05-21 07:18 - 00000000 ____D () C:\FRST
2014-05-21 07:18 - 2014-05-18 23:46 - 00000000 ____D () C:\ProgramData\systemk
2014-05-21 07:14 - 2014-05-21 07:14 - 02067456 _____ (Farbar) C:\Users\Fuhrmann\Downloads\FRST64.exe
2014-05-21 07:13 - 2014-05-21 07:13 - 01056768 _____ (Farbar) C:\Users\Fuhrmann\Downloads\FRST.exe
2014-05-21 07:03 - 2011-05-29 17:55 - 01690060 _____ () C:\Windows\WindowsUpdate.log
2014-05-21 06:58 - 2012-05-15 23:24 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-21 06:41 - 2011-08-11 19:34 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-21 06:37 - 2011-09-15 15:10 - 00000000 ____D () C:\Users\Fuhrmann\Privat
2014-05-21 00:41 - 2011-08-11 19:34 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-20 18:45 - 2014-05-20 17:57 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 17:52 - 2014-05-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-20 17:52 - 2014-05-20 17:52 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-20 17:52 - 2012-02-06 23:30 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-20 17:52 - 2011-08-11 17:01 - 00000000 ____D () C:\Users\Fuhrmann\AppData\Roaming\Malwarebytes
2014-05-20 17:52 - 2011-08-11 17:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-20 17:41 - 2011-05-29 16:37 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8F926813-7ABF-4008-83BB-B62309C269E1}
2014-05-20 16:27 - 2014-05-20 16:24 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Fuhrmann\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-20 07:19 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-20 07:19 - 2009-07-14 06:45 - 00009888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-19 13:21 - 2014-05-19 13:21 - 00000000 ____D () C:\Program Files (x86)\SoftwareUpdater
2014-05-19 12:35 - 2011-05-29 18:50 - 00762396 _____ () C:\Windows\system32\perfh007.dat
2014-05-19 12:35 - 2011-05-29 18:50 - 00172750 _____ () C:\Windows\system32\perfc007.dat
2014-05-19 12:35 - 2009-07-14 07:13 - 01796622 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-19 12:29 - 2013-11-07 19:08 - 00010586 _____ () C:\Windows\PFRO.log
2014-05-19 12:29 - 2013-11-05 16:48 - 00007896 _____ () C:\Windows\setupact.log
2014-05-19 12:29 - 2012-04-27 12:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-19 12:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-16 02:06 - 2011-11-11 11:21 - 00000000 ____D () C:\Users\Fuhrmann\Literatur
2014-05-14 15:00 - 2012-05-15 23:24 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-14 15:00 - 2012-04-19 20:07 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-14 15:00 - 2011-11-30 13:16 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-10 14:54 - 2014-05-10 14:40 - 100476324 _____ () C:\Users\Fuhrmann\Downloads\Beethoven - 7th Symphony (Complete) ✔.mp4
2014-05-10 12:11 - 2014-05-10 11:51 - 133672584 _____ () C:\Users\Fuhrmann\Downloads\Franz Schubert - Winterreise.mp4
2014-05-10 11:51 - 2014-05-10 11:51 - 00233776 _____ () C:\Users\Fuhrmann\Downloads\ExtremeFlashPlayer.exe
2014-05-10 00:36 - 2011-08-11 19:34 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-05-10 00:36 - 2011-08-11 19:34 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-05-09 23:20 - 2014-05-09 23:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 20:32 - 2014-05-04 21:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 20:29 - 2011-08-09 21:56 - 00000000 ____D () C:\Users\Fuhrmann\myStuff
2014-04-27 21:01 - 2011-11-12 19:25 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-04-21 22:10 - 2013-01-20 12:11 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

Files to move or delete:
====================
C:\Users\Fuhrmann\TubeBox_Setup352_improved.exe


Some content of TEMP:
====================
C:\Users\Fuhrmann\AppData\Local\Temp\SettingsManagerSetup.exe
C:\Users\Fuhrmann\AppData\Local\Temp\SPStub.exe
C:\Users\Fuhrmann\AppData\Local\Temp\tbIsoB.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-19 12:59

==================== End Of Log ============================
         

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Addition.txt

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by Fuhrmann at 2014-05-21 07:19:17
Running from C:\Users\Fuhrmann\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe PDF iFilter 9 for 64-bit platforms (HKLM\...\{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}) (Version: 9.0.0 - Adobe)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.5.0 - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 7.0.1474.0 - AVAST Software)
BestPractice (remove only) (HKLM-x32\...\BestPractice) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4478 - CDBurnerXP)
Codecs for Windows 7 Pack 4.0.5 (HKLM-x32\...\Codecs for Windows 7 Pack) (Version: 4.0.5 - Codecs for Windows 7 Pack)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation)
Easy-wGet (HKLM-x32\...\{32D4D027-17C9-432F-B6DD-3ADB8B00EAC9}) (Version: 3.00.0000 - Wirth IT Design)
ElsterFormular (HKLM-x32\...\ElsterFormular 13.2.0.8623p) (Version: 13.2.0.8623p - Landesfinanzdirektion Thüringen)
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.4.2224 - Evernote Corp.)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
FreeCAD 0.12 (HKLM-x32\...\{81ABC4A0-DE63-11DE-8A39-0800200C9A66}) (Version: 0.12.5284 - Juergen Riegel (FreeCAD@juergen-riegel.net))
Freemake Video Converter Version 3.0.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.0.2 - Ellora Assets Corporation)
Frink (HKCU\...\Frink) (Version:  - Alan Eliasen)
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Google Books Downloader version 2.0 (HKLM-x32\...\{216729B6-014A-F413-814F-F17F74FBA113}_is1) (Version: 2.0 - GBOOKSDOWNLOADER.COM)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) 6 Update 32 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Linkey (HKCU\...\Linkey) (Version: 0.0.0.431 - Aztec Media Inc) <==== ATTENTION
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20125.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6010.0727 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (HKLM\...\{88387B3B-B110-392F-B919-1A15B48F21D4}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (HKLM-x32\...\{370187B9-6964-38D0-851F-6C4898B0C2B1}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 Express - DEU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK .NET Framework Tools (30514) (Version: 7.1.30514 - Microsoft) Hidden
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Redistributable Components for Application Verifier (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Redistributable Components for Common Tools (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Redistributable Components for Windows Debugging Tools (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Samples (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Intellisense and Reference Assemblies (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK MSHelp (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Controller Editor (Version: 1.1.1.189 - Native Instruments) Hidden
Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version:  - Native Instruments)
Native Instruments Guitar Rig 4 (Version: 4.0.7.960 - Native Instruments) Hidden
Native Instruments Rig Kontrol 3 Driver (HKLM-x32\...\Native Instruments Rig Kontrol 3 Driver) (Version:  - Native Instruments)
Native Instruments Rig Kontrol 3 Driver (Version: 2.0.10.001 - Native Instruments) Hidden
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Service Center (Version: 2.2.0.367 - Native Instruments) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5903 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.4.1 - Frank Heindörfer, Philip Chinery)
pdfsam (HKLM-x32\...\pdfsam) (Version: 2.2.1 - )
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.3.00.06040 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.1 - Renesas Electronics Corporation) Hidden
Robotics Invention System 2.0 (HKLM-x32\...\{6689F8F7-6C62-11D4-9F45-00C04F60D4F1}) (Version:  - )
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Settings Manager (HKLM-x32\...\Settings Manager) (Version: 5.0.0.12302 - Aztec Media Inc) <==== ATTENTION
Skype™ 6.6 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.6.106 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
TeXworks 0.4.4 (HKLM-x32\...\{41DA4817-4D2A-4D83-AD02-6A2D95DC8DCB}_is1) (Version:  - TeX Users Group)
TubeBox (HKLM-x32\...\{58a26b11-1507-4461-bb28-9c2be3a0dff1}) (Version: 1.0.0.0 - Freetec)
TubeBox (x32 Version: 4.0.0.0 - Freetec) Hidden
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.2.2.07150 - Sony Corporation)
VAIO Care (x32 Version: 6.2.2.07150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.0.06080 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.2.0.05310 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
Vim 7.3 (self-installing) (HKLM\...\Vim 7.3) (Version:  - )
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
VirtuaWin v4.4 (HKLM-x32\...\VirtuaWin_is1) (Version:  - )
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version:  - )
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows SDK IntellisenseNFX (x32 Version: 7.1.30514 - Microsoft) Hidden
WinHTTrack Website Copier 3.47-27 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.47.27 - HTTrack)
WinRAR 4.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Restore Points  =========================

22-04-2014 10:06:02 Windows Update
03-05-2014 00:36:15 Geplanter Prüfpunkt
03-05-2014 00:42:54 Windows Update
06-05-2014 08:08:12 Windows Update
10-05-2014 01:45:44 Windows Update
15-05-2014 08:51:35 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {051DED3A-FC4B-42A8-A8EC-79275B9B4E69} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {18172AE3-3635-47F3-838C-00010FF7E157} - System32\Tasks\VAIO Care Support => C:\Program Files\Sony\VAIO Care\VCSpt.exe [2010-05-26] (Sony Corporation)
Task: {2A67EB70-A674-4383-9976-EC420858E637} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-06-08] (Sony Corporation)
Task: {3A1EACEB-23D0-407D-82F6-C7C4DA22C6C0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {426AD7CF-51BD-4603-BC01-5F6F0FD38140} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {49B4BA11-189F-4607-BF52-0E422F005D25} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {588D82A9-36A0-41A5-8DD6-C977E8985C4A} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {7173530D-870D-4B2A-B2D4-E8C2DBC1EA73} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2012-10-31] (AVAST Software)
Task: {95E2792E-2B22-4A64-BDD6-05959BBA4144} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-07-26] (Sony Corporation)
Task: {9840E276-88CC-41DD-9AEE-88BED2DD344F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {99278878-99DC-44B2-9191-E0AC58B4D8A0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-11] (Google Inc.)
Task: {A20C0B6B-A761-4023-A334-8DCA5262CF59} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-06-08] (Sony Corporation)
Task: {B2299867-E734-4C12-9B66-6DCA56F6E132} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-05-31] (Sony Corporation)
Task: {B446802D-E517-46F1-90B7-72DA09E4A34F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-08-11] (Google Inc.)
Task: {BF01B045-F595-4166-8755-C4DE6FEA31BA} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {C4930957-3BE6-4EF5-AE85-B2C04F9E3321} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {DE876B02-752C-438E-88AF-295E16D510D7} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2010-07-15] (Sony Corporation)
Task: {F2E50378-9980-41AE-AB74-0AC0E0E0857A} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-04 20:25 - 2014-05-18 11:50 - 00664592 ____N () C:\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll
2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-09-26 18:59 - 2012-09-26 18:59 - 05686272 _____ () C:\Program Files (x86)\Freetec\SystemStore\Freemium.SelfUpdate.exe
2012-04-24 14:21 - 2012-04-24 14:21 - 00014848 ____N () C:\Program Files (x86)\Freemium\SystemStore\Freemium.SystemStore.WindowsService.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-01-20 21:48 - 2012-10-10 00:32 - 00014848 _____ () C:\Program Files (x86)\VirtuaWin\modules\WinList.exe
2011-05-29 18:03 - 2010-05-31 18:25 - 00056320 _____ () C:\Program Files\Sony\VAIO Update 5\VUAgentPS64.dll
2014-05-21 03:10 - 2014-05-20 22:33 - 02292736 _____ () C:\Program Files\AVAST Software\Avast\defs\14052001\algo.dll
2011-05-29 18:03 - 2010-05-31 19:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2011-05-29 18:03 - 2010-05-31 19:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-04-16 18:50 - 2013-04-16 18:50 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\08728765635aacd4d72274ad5daf0f33\IsdiInterop.ni.dll
2010-10-11 22:03 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-01-17 16:19 - 2011-10-21 08:26 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-05-04 21:29 - 2014-05-04 21:29 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-05-04 21:29 - 2014-05-04 21:29 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-05-04 21:29 - 2014-05-04 21:29 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-05-09 23:20 - 2014-05-09 23:20 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-14 15:00 - 2014-05-14 15:00 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/20/2014 04:14:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16470, Zeitstempel: 0x510c8801
Name des fehlerhaften Moduls: iedll.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5343fd42
Ausnahmecode: 0xc000041d
Fehleroffset: 0x5e8355b0
ID des fehlerhaften Prozesses: 0x3e80
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (05/20/2014 04:14:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16470, Zeitstempel: 0x510c8801
Name des fehlerhaften Moduls: iedll.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5343fd42
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5e8355b0
ID des fehlerhaften Prozesses: 0x3e80
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (05/20/2014 04:13:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16470, Zeitstempel: 0x510c8801
Name des fehlerhaften Moduls: iedll.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5343fd42
Ausnahmecode: 0xc000041d
Fehleroffset: 0x5e8d55b0
ID des fehlerhaften Prozesses: 0x3d88
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (05/20/2014 04:13:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16470, Zeitstempel: 0x510c8801
Name des fehlerhaften Moduls: iedll.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5343fd42
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5e8d55b0
ID des fehlerhaften Prozesses: 0x3d88
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (05/20/2014 04:07:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16470, Zeitstempel: 0x510c8801
Name des fehlerhaften Moduls: sqmapi.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4549bdf0
Ausnahmecode: 0xc000041d
Fehleroffset: 0x5e2255b0
ID des fehlerhaften Prozesses: 0x3ba0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (05/20/2014 04:07:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16470, Zeitstempel: 0x510c8801
Name des fehlerhaften Moduls: sqmapi.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4549bdf0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5e2255b0
ID des fehlerhaften Prozesses: 0x3ba0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (05/20/2014 00:32:17 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/19/2014 01:01:21 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/17/2014 00:16:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/15/2014 08:54:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16470, Zeitstempel: 0x510c8801
Name des fehlerhaften Moduls: iedll.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5343fd42
Ausnahmecode: 0xc000041d
Fehleroffset: 0x603855b0
ID des fehlerhaften Prozesses: 0xad0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3


System errors:
=============
Error: (05/20/2014 10:28:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SampleCollector erreicht.

Error: (05/20/2014 07:04:12 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SampleCollector erreicht.

Error: (05/20/2014 07:03:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SampleCollector erreicht.

Error: (05/19/2014 01:22:49 PM) (Source: VDS Basic Provider) (EventID: 1) (User: )
Description: Unerwarteter Fehler. Fehlercode: 490@01010004

Error: (05/18/2014 11:47:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "F06DEFF2-5B9C-490D-910F-35D3A91196222" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (05/18/2014 11:47:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Systemk Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (05/12/2014 08:56:38 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst PMBDeviceInfoProvider erreicht.

Error: (05/12/2014 02:23:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Volumeschattenkopie" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/12/2014 02:23:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Volumeschattenkopie erreicht.

Error: (05/12/2014 02:23:22 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053VSS{E579AB5F-1CC4-44B4-BED9-DE0991FF0623}


Microsoft Office Sessions:
=========================
Error: (05/20/2014 04:14:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16470510c8801iedll.dll_unloaded0.0.0.05343fd42c000041d5e8355b03e8001cf7435bee35b87C:\Program Files (x86)\Internet Explorer\iexplore.exeiedll.dll0a135397-e029-11e3-a2c1-544249f51912

Error: (05/20/2014 04:14:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16470510c8801iedll.dll_unloaded0.0.0.05343fd42c00000055e8355b03e8001cf7435bee35b87C:\Program Files (x86)\Internet Explorer\iexplore.exeiedll.dll08c523d2-e029-11e3-a2c1-544249f51912

Error: (05/20/2014 04:13:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16470510c8801iedll.dll_unloaded0.0.0.05343fd42c000041d5e8d55b03d8801cf7434db2cdae5C:\Program Files (x86)\Internet Explorer\iexplore.exeiedll.dllf7c9a98a-e028-11e3-a2c1-544249f51912

Error: (05/20/2014 04:13:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16470510c8801iedll.dll_unloaded0.0.0.05343fd42c00000055e8d55b03d8801cf7434db2cdae5C:\Program Files (x86)\Internet Explorer\iexplore.exeiedll.dllf634abbc-e028-11e3-a2c1-544249f51912

Error: (05/20/2014 04:07:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16470510c8801sqmapi.dll_unloaded0.0.0.04549bdf0c000041d5e2255b03ba001cf74334612aac4C:\Program Files (x86)\Internet Explorer\iexplore.exesqmapi.dll11fa7a3d-e028-11e3-a2c1-544249f51912

Error: (05/20/2014 04:07:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16470510c8801sqmapi.dll_unloaded0.0.0.04549bdf0c00000055e2255b03ba001cf74334612aac4C:\Program Files (x86)\Internet Explorer\iexplore.exesqmapi.dll0ea946fe-e028-11e3-a2c1-544249f51912

Error: (05/20/2014 00:32:17 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/19/2014 01:01:21 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/17/2014 00:16:50 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/15/2014 08:54:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe9.0.8112.16470510c8801iedll.dll_unloaded0.0.0.05343fd42c000041d603855b0ad001cf7069a66675bfC:\Program Files (x86)\Internet Explorer\iexplore.exeiedll.dll60e8ca6a-dc62-11e3-ba2b-544249f51912


==================== Memory info =========================== 

Percentage of memory in use: 52%
Total physical RAM: 6124.93 MB
Available physical RAM: 2930.2 MB
Total Pagefile: 14319.12 MB
Available Pagefile: 9744.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.82 GB) (Free:163.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 2FDD4036)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Also Malwarebytes Anti-Malware postet gerade alle paar Minuten irgendwelche verdächtigen Programme, die ich unter unter Quarantäne stelle:

sysapcrt.dll
jedll.dll

etc.

Was ist das?

Als Hersteller der infizierten DLLs wird genannt:

PUP.Optional.Linkey.A
PUP.Optional.SystemK.A
etc

Hat jemand einen Hinweis?

Adware & Co. deinstallieren

• Lade Dir bitte von hier Revo Uninstaller herunter.
• Installiere und starte das Programm.
• Suche im Uninstallerfeld nach den Programmen, die unter:
  
  diesen Zusatz haben:
  
• Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
• Wähle anschließend den Modus "Moderat" aus.
  
• Reste löschen:
  Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:



Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

• WICHTIG: Speichere Combofix auf deinem Desktop.
• Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
• Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
• Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
• Wenn Combofix fertig ist, wird es ein Logfile erstellen.
• Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.