Laptop ultra langsam - keine Browser funktionieren

Jonie · 11.08.2014, 14:37

Hallo,

mein Laptop ist seit kurzem ultra langsam.
Brauch zum Hochfahren eine halbe Ewigkeit.
Wenn er es dann doch mal geschafft hat gehen weder die Browser (obwohl ich eine gute Internetverbindung habe)
noch der Mauszeiger bewegt sich ruckelfrei.

Habe mit PC Beschleuniger schon 1600 Datein gefunden die meinen Laptop verlangsamen.
Habe sie auch bereinigen lassen - hat nichts geholfen!

Warlord711 · 11.08.2014, 14:43

Zitat:

Habe mit PC Beschleuniger schon 1600 Datein gefunden die meinen Laptop verlangsamen.
Habe sie auch bereinigen lassen - hat nichts geholfen!

Bitte mit was ?
Was genau macht das Programm ?

Jonie · 11.08.2014, 15:02

nennt sich PC Beschleunigen / denke von cleverbridge - Programm funktioniert nach dem neu start auch nicht mehr ...

Warlord711 · 11.08.2014, 15:06

Ich kann mir mal nen Log anschauen, aber ich denke mal das PC Beschleunigen hat nur die Notwendigkeit eienr Neuinstallation beschleunigt.

Hinweis: Registry Cleaner

Ich sehe, dass du sogenannte Registry Cleaner installiert hast.
In deinem Fall PC Beschleunigen.

Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab.

Der Grund ist ganz einfach:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler.
Zerstörst du die Registry, zerstörst du Windows.

Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich.

Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über

Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)

zu deinstallieren.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Jonie · 11.08.2014, 17:07

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Nessi (administrator) on NESSI-VAIO on 11-08-2014 18:03:14
Running from C:\Users\Nessi\Desktop
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\003\hmmwwoblzz64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9\SupraSavingsService64.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(PlusHDvb) C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-10.exe
() C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-11.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Facebook Inc.) C:\Users\Nessi\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Smartbar) C:\Users\Nessi\AppData\Local\Smartbar\Application\SnapDo.exe
() C:\Users\Nessi\AppData\Local\LPT\srptm.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
() C:\Users\Nessi\AppData\Local\Smartbar\Application\Lrcnta.exe
() C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3144832091-330051340-2454635059-1001\...\Run: [Facebook Update] => C:\Users\Nessi\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-13] (Facebook Inc.)
HKU\S-1-5-21-3144832091-330051340-2454635059-1001\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-3144832091-330051340-2454635059-1001\...\Run: [PCSpeedUp] => C:\Program Files (x86)\PC Beschleunigen\PCSUNotifier.exe [188680 2012-06-05] ()
HKU\S-1-5-21-3144832091-330051340-2454635059-1001\...\Run: [Browser Infrastructure Helper] => C:\Users\Nessi\AppData\Local\Smartbar\Application\SnapDo.exe [29728 2014-05-29] (Smartbar)
HKU\S-1-5-21-3144832091-330051340-2454635059-1001\...\Run: [LPT System Updater] => C:\Users\Nessi\AppData\Local\LPT\srptm.exe [24608 2014-05-29] ()
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [232896 2014-08-06] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [187328 2014-08-06] (Client Connect LTD)
IFEO\adminutils.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\bluetoothheadsetproxy.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\btitunesplugin.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\btsendto_explorer.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\btstackserver.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\bttray.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\btwhfconfig.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\btwhtmlprint.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\btwieproxy.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\btwuiext.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\btwvdpdefaultsink.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\btwvrui.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\drv64.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\iastorhelp.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\iastoricon.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\iastorui.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\itmservice.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
IFEO\setup.exe: [Debugger] "C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe" /debugexe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BuyOmpq4D_ljBAjIlAgCCAF28ycIb68mGdLWUryp-pyswfGfXNd_w,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BdYdP5sR1pU29u8Hf14A6AauPBbaazz5jn7onvCphhwSFQtPrxkyA,,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BuyOmpq4D_ljBAjIlAgCCAF28ycIb68mGdLWUryp-pyswfGfXNd_w,,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Restore = https://isearch.avg.com/?cid={6148A6FE-78C4-41BB-822E-BD60098F9116}&mid=973aec2139e647d0b8143d1cbf0d62fe-626a5abcc2164af4a85be519cf77d2d1b302fef9&lang=de&ds=od011&pr=sa&d=2012-09-26 15:09:15&v=12.2.5.34&sap=hp
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
URLSearchHook: HKLM-x32 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=f4b6053e-4454-3e01-63c8-e260e59745c3&searchtype=ds&q={searchTerms}&installDate=
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Bundlore&dpid=Bundlore&co=DE&userid=f4b6053e-4454-3e01-63c8-e260e59745c3&searchtype=ds&q={searchTerms}&installDate=
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BuyOmpq4D_ljBAjIlAgCCAF28ycIb68mGdLWUryp-pyswfGfXNd_w,,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BuyOmpq4D_ljBAjIlAgCCAF28ycIb68mGdLWUryp-pyswfGfXNd_w,,&q={searchTerms}
SearchScopes: HKCU - {94062A03-6B42-4C6E-8EC7-E47A8DE13FAC} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=PTF&o=15503&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=LH&apn_dtid=YYYYYYYYDE&apn_uid=CAAAEF90-6F72-455D-9AEE-3263F548314C&apn_sauid=9D7065F6-29D3-4CF6-9131-2AAB1D281345
BHO: HDV1.6 -> {11111111-1111-1111-1111-110511951164} -> C:\Program Files (x86)\HDV1.6\HDV1.6-bho64.dll (PlusHDvb)
BHO: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: 2rs3 -> {10AD2C61-0898-4348-8600-14A342F22AC3} -> C:\Program Files (x86)\SupraSavings\2rs3.dll ()
BHO-x32: HDV1.6 -> {11111111-1111-1111-1111-110511951164} -> C:\Program Files (x86)\HDV1.6\HDV1.6-bho.dll (PlusHDvb)
BHO-x32: No Name -> {30F9B915-B755-4826-820B-08FBA6BD249D} ->  No File
BHO-x32: Snap.DoEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: No Name -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} ->  No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: DVDVideoSoft WebPageAdjuster Class -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3320325&octid=EB_ORIGINAL_CTID&ISID=M018DA983-9ED0-4D64-8B1B-AA2C07C34239&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP2CE2974C-D7F9-4FBD-842D-ED84022B8FBB&SSPV=
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BdYdP5sR1pU29u8Hf14A6AauPBbaazz5jn7onvCphhwSFQtPrxkyA,,
FF Keyword.URL: hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BuyOmpq4D_ljBAjIlAgCCAF28ycIb68mGdLWUryp-pyswfGfXNd_w,,&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Nessi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Plus-HD-V1.6 - C:\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\Extensions\67af2835-79c3-420a-bc70-cd5399c4b726@5c23b6cf-f0cf-4ff9-89af-a3fb89311be5.com [2014-08-11]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-06-23]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-05]

Chrome: 
=======
CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3320325&octid=EB_ORIGINAL_CTID&ISID=M018DA983-9ED0-4D64-8B1B-AA2C07C34239&SearchSource=55&CUI=&UM=5&UP=SP2CE2974C-D7F9-4FBD-842D-ED84022B8FBB&SSPV=&SSPV=
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3320325&octid=EB_ORIGINAL_CTID&ISID=M018DA983-9ED0-4D64-8B1B-AA2C07C34239&SearchSource=55&CUI=&UM=5&UP=SP2CE2974C-D7F9-4FBD-842D-ED84022B8FBB&SSPV=&SSPV="
CHR DefaultSearchKeyword: trovi.com
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-24]
CHR Extension: (Google Drive) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-24]
CHR Extension: (YouTube) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-24]
CHR Extension: (Google-Suche) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-24]
CHR Extension: (HDV1.6) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgielablfighaafogapfgpnlieaajbgk [2014-06-24]
CHR Extension: (Google Wallet) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-24]
CHR Extension: (Google Mail) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-24]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-06-23]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2012-02-28]
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\Web Cake\WebCakeLayers.crx [2012-02-28]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2982336 2014-08-06] (Client Connect LTD)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-24] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-06-24] (globalUpdate) [File not signed]
R2 hmmwwoblzz64; C:\Program Files\003\hmmwwoblzz64.exe [709120 2014-06-24] () [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [252416 2010-05-25] (Sony Corporation) [File not signed]
R2 SupraSavingsService64; C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9\SupraSavingsService64.exe [172544 2014-06-25] () [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1250160 2010-05-31] (Sony Corporation)
S2 vToolbarUpdater15.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-05-21] (AVG Technologies)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-07-17] (NetFilterSDK.com)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 18:03 - 2014-08-11 18:03 - 00028059 _____ () C:\Users\Nessi\Desktop\FRST.txt
2014-08-11 18:03 - 2014-08-11 18:03 - 00000000 ____D () C:\FRST
2014-08-11 18:02 - 2014-08-10 16:02 - 02099712 _____ (Farbar) C:\Users\Nessi\Desktop\FRST64.exe
2014-08-11 03:16 - 2014-08-11 03:16 - 05618120 _____ (Speedchecker Limited ) C:\Users\Nessi\Documents\PCSUUpdate.exe
2014-08-11 01:43 - 2014-08-11 01:43 - 00057128 _____ () C:\Users\Nessi\Documents\PCSU_Update.exe
2014-08-03 21:48 - 2014-08-03 21:48 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-03 21:48 - 2014-08-03 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 21:47 - 2014-08-03 21:48 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 21:47 - 2014-08-03 21:47 - 00000000 ____D () C:\Program Files\iTunes
2014-08-03 21:47 - 2014-08-03 21:47 - 00000000 ____D () C:\Program Files\iPod
2014-08-03 21:37 - 2014-08-03 21:40 - 00000000 ____D () C:\Users\Nessi\Desktop\USB
2014-08-01 17:18 - 2014-08-01 17:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-17 20:20 - 2014-07-17 20:20 - 00046376 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter64.sys
2014-07-15 00:39 - 2014-07-15 00:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-15 00:14 - 2014-07-01 03:56 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-15 00:14 - 2014-07-01 03:50 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 18:03 - 2014-08-11 18:03 - 00028059 _____ () C:\Users\Nessi\Desktop\FRST.txt
2014-08-11 18:03 - 2014-08-11 18:03 - 00000000 ____D () C:\FRST
2014-08-11 18:03 - 2014-06-24 20:58 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-11 18:01 - 2010-11-30 19:06 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-08-11 18:01 - 2010-11-30 19:06 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-08-11 18:01 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-11 17:29 - 2014-06-24 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-11 17:12 - 2014-06-24 20:07 - 00001392 _____ () C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-7.job
2014-08-11 16:18 - 2012-09-26 15:08 - 00000360 _____ () C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2014-08-11 16:02 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-11 16:02 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-11 15:59 - 2011-05-14 18:22 - 01324919 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 15:56 - 2011-05-14 18:28 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDFB1B48-55BE-4646-AD2D-D8E63A0BC56B}
2014-08-11 15:55 - 2014-06-24 20:58 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-11 15:55 - 2014-06-24 20:08 - 00001412 _____ () C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-5.job
2014-08-11 15:55 - 2014-06-24 20:08 - 00001326 _____ () C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-2.job
2014-08-11 15:55 - 2014-06-24 20:08 - 00001232 _____ () C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-10.job
2014-08-11 15:55 - 2014-06-24 20:07 - 00003106 _____ () C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-3.job
2014-08-11 15:55 - 2014-06-24 20:07 - 00002172 _____ () C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-4.job
2014-08-11 15:55 - 2014-06-24 20:07 - 00001460 _____ () C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-1.job
2014-08-11 15:55 - 2014-06-24 20:07 - 00001452 _____ () C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-6.job
2014-08-11 15:55 - 2014-06-24 20:07 - 00000916 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-08-11 15:55 - 2014-06-24 20:07 - 00000566 _____ () C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-11.job
2014-08-11 15:55 - 2013-06-09 22:13 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
2014-08-11 15:55 - 2013-06-03 21:19 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-08-11 15:54 - 2014-06-22 16:56 - 00003149 _____ () C:\Windows\setupact.log
2014-08-11 15:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-11 15:52 - 2011-10-12 18:42 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001UA.job
2014-08-11 15:18 - 2014-06-24 20:06 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-08-11 15:12 - 2014-06-24 21:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-11 03:16 - 2014-08-11 03:16 - 05618120 _____ (Speedchecker Limited ) C:\Users\Nessi\Documents\PCSUUpdate.exe
2014-08-11 03:16 - 2012-09-26 15:08 - 00000000 ____D () C:\Program Files (x86)\PC Beschleunigen
2014-08-11 02:12 - 2014-06-24 20:07 - 00000920 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-08-11 01:43 - 2014-08-11 01:43 - 00057128 _____ () C:\Users\Nessi\Documents\PCSU_Update.exe
2014-08-11 01:27 - 2014-06-24 20:09 - 00000000 ____D () C:\Program Files\suprasavings
2014-08-10 16:02 - 2014-08-11 18:02 - 02099712 _____ (Farbar) C:\Users\Nessi\Desktop\FRST64.exe
2014-08-03 21:48 - 2014-08-03 21:48 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-03 21:48 - 2014-08-03 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 21:48 - 2014-08-03 21:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 21:47 - 2014-08-03 21:47 - 00000000 ____D () C:\Program Files\iTunes
2014-08-03 21:47 - 2014-08-03 21:47 - 00000000 ____D () C:\Program Files\iPod
2014-08-03 21:47 - 2012-03-10 23:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-03 21:40 - 2014-08-03 21:37 - 00000000 ____D () C:\Users\Nessi\Desktop\USB
2014-08-03 21:25 - 2011-10-12 18:42 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001Core.job
2014-08-03 21:24 - 2013-03-18 18:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-03 21:24 - 2013-03-18 18:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-02 03:03 - 2013-03-18 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-01 17:19 - 2014-08-01 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 16:29 - 2014-06-24 20:59 - 00002233 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-01 16:13 - 2014-06-27 12:53 - 00000000 ____D () C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9
2014-07-17 20:20 - 2014-07-17 20:20 - 00046376 _____ (NetFilterSDK.com) C:\Windows\system32\Drivers\netfilter64.sys
2014-07-15 00:39 - 2014-07-15 00:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-15 00:39 - 2013-10-29 21:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-15 00:38 - 2013-08-19 21:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-15 00:36 - 2011-07-17 19:43 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-15 00:29 - 2014-06-24 21:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-15 00:29 - 2014-06-24 21:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-15 00:29 - 2014-06-24 21:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4168.dll


Some content of TEMP:
====================
C:\Users\Nessi\AppData\Local\Temp\SPSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-11 16:17

==================== End Of Log ============================

--- --- ---

--------

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2014 01
Ran by Nessi at 2014-08-11 18:03:52
Running from C:\Users\Nessi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 8.0 (HKLM-x32\...\PremElem80) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 8.0 (x32 Version: 8.0 - Adobe Systems Incorporated) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{687C26DE-9A70-B256-170A-717DFA8B360E}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 15.2.0.5 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Core Implementation (x32 Version: 2010.0209.16.306 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0209.16.306 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0209.16.306 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0209.16.306 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0209.16.306 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0209.16.306 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0209.16.306 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help English (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help French (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help German (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0209.0015.306 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0209.0015.306 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0209.16.306 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0209.16.306 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.06 - Piriform)
Conduit Engine (HKLM-x32\...\conduitEngine) (Version:  - Conduit Ltd.) <==== ATTENTION
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.4.2224 - Evernote Corp.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Free YouTube to MP3 Converter version 3.12.4.622 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.4.622 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HDV1.6 (HKLM-x32\...\HDV1.6) (Version: 1.34.6.10 - PlusHDvb)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ICQ7.5 (HKLM-x32\...\{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}) (Version: 7.5 - ICQ)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Media Gallery (Version: 1.3.0 - Sony Corporation) Hidden
Media Gallery (x32 Version: 1.3.0.06230 - Sony Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Word 2000 (HKLM-x32\...\{00170407-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2816 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
PC Beschleunigen - Vollständige Deinstallation (HKLM\...\PCSU-SL_is1) (Version: 3.1.2 - Speedchecker Limited)
PhotoFiltre (HKCU\...\PhotoFiltre) (Version:  - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.3.00.06040 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6034 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.0.2.06210 - Sony Corporation)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210 - Sony Corporation) Hidden
Remote-Tastatur mit PlayStation 3 (HKLM-x32\...\{65B138AE-F636-4D4C-BA5D-A06E21E47C53}) (Version: 1.0.2.06170 - Sony Corporation)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.20.192 - Client Connect LTD) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartSound Quicktracks for Premiere Elements 8.0 (HKLM-x32\...\InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}) (Version: 3.11.3090 - SmartSound Software Inc)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090 - SmartSound Software Inc) Hidden
Snap.Do (HKLM-x32\...\{D5E50D52-C658-4C16-9722-9F9B057B5F0F}) (Version: 11.74.1.17518 - ReSoft Ltd.) <==== ATTENTION
Snap.Do Engine (HKCU\...\{61ed5cd0-d33d-441e-9ed9-3802a3a34289}) (Version: 11.74.1.17518 - ReSoft Ltd.) <==== ATTENTION
suprasavings (HKLM\...\suprasavings) (Version: 2.0.1 - suprasavings) <==== ATTENTION
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.3.0.06230 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.3.00.06040 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.2.2.07150 - Sony Corporation)
VAIO Care (x32 Version: 6.2.2.07150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.0.06080 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.3.00.06040 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040 - Sony Corporation) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.3.4.2 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.3.4.2 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.2.0.05310 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Downloader (HKLM-x32\...\Video Downloader) (Version: 1.14 - hxxp://www.vgrabber.com)
Video Downloader version 2.0 (HKLM-x32\...\Video Downloader_is1) (Version: 2.0 - )
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ATTENTION
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

29-06-2014 15:22:36 Windows Update
14-07-2014 22:09:20 Windows Update
14-07-2014 22:35:37 Windows Update
01-08-2014 14:15:00 Windows Update
02-08-2014 01:00:22 Windows Update
05-08-2014 18:51:27 Windows Update
10-08-2014 23:31:22 Windows Update
10-08-2014 23:49:40 PC Speed Up Fix
11-08-2014 00:45:45 PC Speed Up Fix

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2014-06-24 20:49 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0013F836-01A9-467F-B6B3-A342A72EA101} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe [2012-06-05] () <==== ATTENTION
Task: {0EC4C227-44C9-41D1-9E0E-EAA9E593DEFD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-15] (Adobe Systems Incorporated)
Task: {1E7737CE-AEB8-4F9A-B897-CA250A6646F6} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-06-08] (Sony Corporation)
Task: {211A1AB6-B66C-47BD-9D9C-60C14A06C0F9} - System32\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-6 => C:\Program Files (x86)\HDV1.6\HDV1.6-novainstaller.exe [2014-06-24] (PlusHDvb)
Task: {236E22C9-56F3-4192-B2A7-9E037A8ABB7F} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {2BD2DEAB-8C32-4B7E-B712-F13BA2795BEB} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {34B3413E-7934-4B89-BAE5-208814938E7F} - System32\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-1 => C:\Program Files (x86)\HDV1.6\HDV1.6-codedownloader.exe [2014-06-24] (PlusHDvb)
Task: {4D0D3FAE-CABA-47CF-AEDF-F15FC16EB50F} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-24] (globalUpdate)
Task: {5BBA911F-4877-4DE5-927C-73DDFF4094C2} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {6232E1E8-48D3-49BA-88BC-0AD5341B2CFE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {65CC7A4B-C877-440E-9A1B-37B591BDD52F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001UA => C:\Users\Nessi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {74E72948-C33A-465D-8BC3-237382635C14} - System32\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-11 => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-11.exe [2014-06-24] ()
Task: {7B434291-7B1A-414A-9BD1-9EA972376B33} - System32\Tasks\VAIO Care Support => C:\Program Files\Sony\VAIO Care\VCSpt.exe [2010-05-26] (Sony Corporation)
Task: {8C67253D-34ED-4344-8BC1-FC71F7A6794A} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {95E0636E-0366-4A70-8894-C862A77760EC} - System32\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-5 => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-5.exe [2014-06-24] (PlusHDvb)
Task: {97672FE1-67CE-4805-B6D7-1BC94C0C6D0B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-24] (Google Inc.)
Task: {9BEB13D0-5C97-42FE-9F70-93CEC6114248} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{333918FB-9DB4-40D2-9F7B-0DA1CA1EEA89}.exe
Task: {A4F2B8EF-EA4B-4182-9C1C-12316C40847D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001Core => C:\Users\Nessi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {A659AF42-CB75-4D79-A039-BE7D8FEF8D88} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {B20DAD6B-2309-4748-8D38-FE7348E45C07} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-06-08] (Sony Corporation)
Task: {B2E31448-DEB0-4998-B864-3D424897D9E8} - System32\Tasks\SONY\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2010-05-31] (Sony Corporation)
Task: {B2E866CD-77E2-456E-92F0-60A90C9F4E3A} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {B5F9D80C-C798-4B9E-9AE7-72447E4FF6D6} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{CB23FE74-4910-420F-89A4-25D6E3FECB60}.exe
Task: {B669A468-D3A9-4384-BA0A-9B3B3C48E0C5} - System32\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-7 => C:\Program Files (x86)\HDV1.6\HDV1.6-nova.exe [2014-06-24] (PlusHDvb)
Task: {B6C136DE-ECA2-4A63-99B7-EDCFCC20C04A} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2010-07-15] (Sony Corporation)
Task: {C7E87A0A-CFE8-4105-BDA2-55E050D7128A} - System32\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-2 => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-2.exe [2014-06-24] (PlusHDvb)
Task: {CEB86C19-845F-4C91-BE7F-153FFCFE529C} - System32\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-10 => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-10.exe [2014-06-24] (PlusHDvb)
Task: {D24D30B9-33E0-41A0-8DC9-B24FA193EDD0} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-24] (globalUpdate)
Task: {D77FDDC1-5A38-4C22-9923-7CF8017B64C9} - System32\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-4 => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-4.exe [2014-06-24] (PlusHDvb)
Task: {DA0F4E7F-716E-44AE-8F52-96988D30219F} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {DB8ADE94-CD0B-43F0-8E64-841AE1B9F353} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-24] (Google Inc.)
Task: {E6E9BA65-FB59-44FA-889F-D2205978446A} - System32\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-3 => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-3.exe [2014-06-24] (PlusHDvb)
Task: C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-1.job => C:\Program Files (x86)\HDV1.6\HDV1.6-codedownloader.exe
Task: C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-10.job => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-10.exe
Task: C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-11.job => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-11.exe
Task: C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-2.job => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-2.exe
Task: C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-3.job => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-3.exe
Task: C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-4.job => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-4.exe
Task: C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-5.job => C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-5.exe
Task: C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-6.job => C:\Program Files (x86)\HDV1.6\HDV1.6-novainstaller.exe
Task: C:\Windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-7.job => C:\Program Files (x86)\HDV1.6\HDV1.6-nova.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{333918FB-9DB4-40D2-9F7B-0DA1CA1EEA89}.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{CB23FE74-4910-420F-89A4-25D6E3FECB60}.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001Core.job => C:\Users\Nessi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001UA.job => C:\Users\Nessi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe

==================== Loaded Modules (whitelisted) =============

2014-06-24 20:09 - 2014-06-24 20:09 - 00709120 _____ () C:\Program Files\003\hmmwwoblzz64.exe
2014-06-25 19:58 - 2014-06-25 19:58 - 00172544 _____ () C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9\SupraSavingsService64.exe
2014-06-12 21:05 - 2014-06-12 21:05 - 00110080 _____ () C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9\nfapi.dll
2014-06-12 21:05 - 2014-06-12 21:05 - 00456192 _____ () C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9\ProtocolFilters.dll
2014-06-24 20:07 - 2014-06-24 20:07 - 00029544 _____ () C:\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-11.exe
2010-11-30 10:19 - 2010-05-31 19:25 - 00056320 _____ () C:\Program Files\Sony\VAIO Update 5\VUAgentPS64.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00024608 _____ () C:\Users\Nessi\AppData\Local\LPT\srptm.exe
2012-11-30 04:06 - 2012-11-30 04:06 - 01263512 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2010-11-30 10:30 - 2010-11-30 10:30 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-05-29 15:28 - 2014-05-29 15:28 - 00025120 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Lrcnta.exe
2012-09-26 15:08 - 2012-06-05 09:39 - 00402184 _____ () C:\Program Files (x86)\PC Beschleunigen\PCSUSD.exe
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-11-30 10:19 - 2010-05-31 20:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-11-30 10:19 - 2010-05-31 20:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00046624 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00071712 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\srau.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00167456 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 02337824 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00068640 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\spbl.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00157216 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00015904 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\siem.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00067616 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\sppsm.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00698400 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00016416 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00080416 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00028704 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00060448 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\srut.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00030752 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\srsbs.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00067104 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00151072 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\smti.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00032800 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\srom.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00032288 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\smtu.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00040992 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\smta.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00047648 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\srbu.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00025632 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\sgml.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00063520 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00026656 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\srpdm.dll
2014-05-29 15:28 - 2014-05-29 15:28 - 00045088 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-05-29 15:26 - 2014-05-29 15:26 - 00026656 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00036896 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00195104 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\sgmu.dll
2014-03-12 19:26 - 2014-03-12 19:26 - 00061440 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00257056 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\srns.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00078368 _____ () C:\Users\Nessi\AppData\Local\LPT\srpt.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00044064 _____ () C:\Users\Nessi\AppData\Local\LPT\srptc.dll
2014-05-29 15:28 - 2014-05-29 15:28 - 00018976 _____ () C:\Users\Nessi\AppData\Local\LPT\Smartbar.Common.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00060448 _____ () C:\Users\Nessi\AppData\Local\LPT\srut.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00067616 _____ () C:\Users\Nessi\AppData\Local\LPT\sppsm.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00157216 _____ () C:\Users\Nessi\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00028704 _____ () C:\Users\Nessi\AppData\Local\LPT\Smartbar.Personalization.Common.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00167456 _____ () C:\Users\Nessi\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00047648 _____ () C:\Users\Nessi\AppData\Local\LPT\srbu.dll
2013-06-19 08:31 - 2013-06-19 08:31 - 00911432 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00026656 _____ () C:\Users\Nessi\AppData\Local\LPT\srpdm.dll
2014-05-29 15:28 - 2014-05-29 15:28 - 00028192 _____ () C:\Users\Nessi\AppData\Local\LPT\ProxySettings.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00047136 _____ () C:\Users\Nessi\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-05-29 15:28 - 2014-05-29 15:28 - 00054304 _____ () C:\Users\Nessi\AppData\Local\LPT\Proxy.Lib.dll
2014-05-29 15:29 - 2014-05-29 15:29 - 00029216 _____ () C:\Users\Nessi\AppData\Local\LPT\sreu.dll
2012-11-30 04:07 - 2012-11-30 04:07 - 00100248 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-05-29 15:28 - 2014-05-29 15:28 - 00034848 _____ () C:\Users\Nessi\AppData\Local\Smartbar\Application\lrcnt.dll
2012-09-26 15:08 - 2012-01-16 22:06 - 00577621 _____ () C:\Program Files (x86)\PC Beschleunigen\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/11/2014 03:58:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: coreclr.dll, Version: 5.1.30514.0, Zeitstempel: 0x5372ff6c
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x0017c54a
ID des fehlerhaften Prozesses: 0x17d0
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3

Error: (08/11/2014 03:51:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: coreclr.dll, Version: 5.1.30514.0, Zeitstempel: 0x5372ff6c
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x002a233a
ID des fehlerhaften Prozesses: 0x7ec
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3

Error: (08/11/2014 03:45:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: coreclr.dll, Version: 5.1.30514.0, Zeitstempel: 0x5372ff6c
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x000499d0
ID des fehlerhaften Prozesses: 0xc98
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3

Error: (08/11/2014 03:45:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: coreclr.dll, Version: 5.1.30514.0, Zeitstempel: 0x5372ff6c
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x002a233a
ID des fehlerhaften Prozesses: 0x1198
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3

Error: (08/11/2014 03:44:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: sllauncher.exe, Version: 5.1.30514.0, Zeitstempel: 0x537302ce
Name des fehlerhaften Moduls: coreclr.dll, Version: 5.1.30514.0, Zeitstempel: 0x5372ff6c
Ausnahmecode: 0xc00000fd
Fehleroffset: 0x002a233a
ID des fehlerhaften Prozesses: 0xdd0
Startzeit der fehlerhaften Anwendung: 0xsllauncher.exe0
Pfad der fehlerhaften Anwendung: sllauncher.exe1
Pfad des fehlerhaften Moduls: sllauncher.exe2
Berichtskennung: sllauncher.exe3

Error: (08/11/2014 01:33:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 36.0.1985.125 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1574

Startzeit: 01cfb4f1de717f61

Endzeit: 8

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID:

Error: (08/11/2014 01:17:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16768, Zeitstempel: 0x4d688122
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915, Zeitstempel: 0x4ec4b137
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000053874
ID des fehlerhaften Prozesses: 0xd70
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (08/02/2014 03:00:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32094148

Error: (08/02/2014 03:00:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32094148

Error: (08/02/2014 03:00:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (08/11/2014 03:54:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/11/2014 03:12:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/11/2014 01:20:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/11/2014 01:16:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/05/2014 08:40:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/03/2014 09:50:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/03/2014 09:25:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (08/03/2014 09:25:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎02.‎08.‎2014 um 03:04:29 unerwartet heruntergefahren.

Error: (08/01/2014 04:17:29 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "VAIO Care Performance Service" wurde nicht richtig gestartet.

Error: (08/01/2014 04:13:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "vToolbarUpdater15.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (08/11/2014 03:58:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sllauncher.exe5.1.30514.0537302cecoreclr.dll5.1.30514.05372ff6cc00000fd0017c54a17d001cfb56c5cbd8227C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exec:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\coreclr.dlla3e869ff-215f-11e4-8369-ec55f9e98b0d

Error: (08/11/2014 03:51:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sllauncher.exe5.1.30514.0537302cecoreclr.dll5.1.30514.05372ff6cc00000fd002a233a7ec01cfb56b5ab0ebe0C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exec:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\coreclr.dll9c3951d2-215e-11e4-8380-ec55f9e98b0d

Error: (08/11/2014 03:45:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sllauncher.exe5.1.30514.0537302cecoreclr.dll5.1.30514.05372ff6cc00000fd000499d0c9801cfb56a8d030533C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exec:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\coreclr.dlld0084751-215d-11e4-8380-ec55f9e98b0d

Error: (08/11/2014 03:45:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sllauncher.exe5.1.30514.0537302cecoreclr.dll5.1.30514.05372ff6cc00000fd002a233a119801cfb56a80cb350bC:\Program Files (x86)\Microsoft Silverlight\sllauncher.exec:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\coreclr.dllc09d9dca-215d-11e4-8380-ec55f9e98b0d

Error: (08/11/2014 03:44:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: sllauncher.exe5.1.30514.0537302cecoreclr.dll5.1.30514.05372ff6cc00000fd002a233add001cfb56a52e0ea02C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exec:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\coreclr.dlla478386d-215d-11e4-8380-ec55f9e98b0d

Error: (08/11/2014 01:33:16 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe36.0.1985.125157401cfb4f1de717f618C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Error: (08/11/2014 01:17:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7600.167684d688122ntdll.dll6.1.7600.169154ec4b137c00000050000000000053874d7001cfb4f12b3a2570C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll72487cc5-20e4-11e4-a899-ec55f9e98b0d

Error: (08/02/2014 03:00:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32094148

Error: (08/02/2014 03:00:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32094148

Error: (08/02/2014 03:00:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


==================== Memory info =========================== 

Percentage of memory in use: 45%
Total physical RAM: 3950.1 MB
Available physical RAM: 2144.21 MB
Total Pagefile: 7898.33 MB
Available Pagefile: 5936.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.29 GB) (Free:336.51 GB) NTFS
Drive e: (JONIE) (Removable) (Total:29.8 GB) (Free:12.6 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 87349D5A)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 30 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Warlord711 · 11.08.2014, 18:22

Schritt 1
Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Schritt 2
Adware & Co. deinstallieren

Lade Dir bitte von hier Revo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:

diesen Zusatz haben:
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

Jonie · 11.08.2014, 19:50

Code:

ATTFilter

ComboFix 14-08-06.02 - Nessi 11.08.2014  19:40:33.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3950.2202 [GMT 2:00]
ausgef¸hrt von:: e:\vanessa\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Lˆschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\SearchProtect
c:\program files (x86)\SearchProtect\EULA.txt
c:\program files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
c:\program files (x86)\SearchProtect\Main\bin\SPTool.dll
c:\program files (x86)\SearchProtect\Main\bin\uninstall.exe
c:\program files (x86)\SearchProtect\Main\rep\SystemRepository.dat
c:\program files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll
c:\program files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
c:\program files (x86)\SearchProtect\UI\bin\cltmngui.exe
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\hez.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\v.png
c:\program files (x86)\SearchProtect\UI\dialogs\Images\x.png
c:\program files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\main.js
c:\program files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.css
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.html
c:\program files (x86)\SearchProtect\UI\dialogs\protection\protection.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
c:\program files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.css
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.html
c:\program files (x86)\SearchProtect\UI\dialogs\settings\settings.js
c:\program files (x86)\SearchProtect\UI\dialogs\style.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
c:\program files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
c:\users\Public\AlexaNSISPlugin.4168.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_globalUpdate
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-07-11 bis 2014-08-11  ))))))))))))))))))))))))))))))
.
.
2014-08-11 16:03 . 2014-08-11 16:04	--------	d-----w-	C:\FRST
2014-08-10 23:31 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3B8B0AD2-98D0-4D30-B8EB-9D8AB82F4ECE}\mpengine.dll
2014-08-05 18:52 . 2014-07-02 03:09	10924376	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-03 19:47 . 2014-08-03 19:48	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 19:47 . 2014-08-03 19:47	--------	d-----w-	c:\program files\iTunes
2014-08-03 19:47 . 2014-08-03 19:47	--------	d-----w-	c:\program files\iPod
2014-08-03 19:36 . 2014-05-03 12:29	1031560	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{72189ACE-D52A-4A64-8D39-877BF6954280}\gapaengine.dll
2014-07-17 18:20 . 2014-07-17 18:20	46376	----a-w-	c:\windows\system32\drivers\netfilter64.sys
2014-07-14 22:39 . 2014-07-14 22:39	--------	d-s---w-	c:\windows\system32\CompatTel
2014-07-14 22:14 . 2014-07-01 01:56	516096	----a-w-	c:\windows\system32\aepdu.dll
2014-07-14 22:14 . 2014-07-01 01:50	424448	----a-w-	c:\windows\system32\aeinv.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-06 08:07 . 2014-08-06 08:07	232896	----a-w-	c:\windows\apppatch\AppPatch64\SPVCLdr64.dll
2014-07-14 22:36 . 2011-07-17 17:43	96441528	----a-w-	c:\windows\system32\MRT.exe
2014-07-14 22:29 . 2014-06-24 19:04	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-14 22:29 . 2014-06-24 19:04	699056	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-07-29 10:54 . 2013-07-29 10:54	51992	----a-w-	c:\program files (x86)\WDesktop.Updater.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Eintr‰ge & legitime Standardeintr‰ge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}]
2014-03-21 10:58	91104	----a-w-	c:\program files (x86)\SupraSavings\2rs3.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110511951164}]
2014-06-24 18:07	515944	----a-w-	c:\program files (x86)\HDV1.6\HDV1.6-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}]
2009-11-25 10:47	297808	----a-w-	c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-06-23 11:03	279560	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PCSpeedUp"="c:\program files (x86)\PC Beschleunigen\PCSUNotifier.exe" [2012-06-05 188680]
"Browser Infrastructure Helper"="c:\users\Nessi\AppData\Local\Smartbar\Application\SnapDo.exe" [2014-05-29 29728]
"LPT System Updater"="c:\users\Nessi\AppData\Local\LPT\srptm.exe" [2014-05-29 24608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2010-05-31 673136]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-09 98304]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-06-01 600928]
"AppleSyncNotifier"="c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-09-27 59240]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-9 1128224]
Microsoft Office.lnk - c:\program files (x86)\Microsoft Office\Office\OSA9.EXE -b -l [1999-2-17 65588]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
2;2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 CltMngSvc;Search Protect Service;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe;c:\progra~2\SearchProtect\Main\bin\CltMngSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 vToolbarUpdater15.2.0;vToolbarUpdater15.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe [x]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [x]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
R3 SPPD;SPPD;c:\windows\system32\drivers\SPPD.sys;c:\windows\SYSNATIVE\drivers\SPPD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe;c:\program files\Sony\VAIO Update 5\VUAgent.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 netfilter64;netfilter64;c:\windows\system32\drivers\netfilter64.sys;c:\windows\SYSNATIVE\drivers\netfilter64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 hmmwwoblzz64;hmmwwoblzz64;c:\program files\003\hmmwwoblzz64.exe run options=01100010030000000000000000000000 sourceguid=6DAF2CD5-832E-48EB-8678-2B122163A2D9;c:\program files\003\hmmwwoblzz64.exe run options=01100010030000000000000000000000 sourceguid=6DAF2CD5-832E-48EB-8678-2B122163A2D9 [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys [x]
S2 SupraSavingsService64;SupraSavingsService64;c:\program files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9\SupraSavingsService64.exe;c:\program files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9\SupraSavingsService64.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-08-01 14:14	1104200	----a-w-	c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-08-11 c:\windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-1.job
- c:\program files (x86)\HDV1.6\HDV1.6-codedownloader.exe [2014-06-24 18:08]
.
2014-08-11 c:\windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-10.job
- c:\program files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-10.exe [2014-06-24 18:08]
.
2014-08-11 c:\windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-11.job
- c:\program files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-11.exe [2014-06-24 18:07]
.
2014-08-11 c:\windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-2.job
- c:\program files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-2.exe [2014-06-24 18:08]
.
2014-08-11 c:\windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-3.job
- c:\program files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-3.exe [2014-06-24 18:07]
.
2014-08-11 c:\windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-4.job
- c:\program files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-4.exe [2014-06-24 18:07]
.
2014-08-11 c:\windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-5.job
- c:\program files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-5.exe [2014-06-24 18:08]
.
2014-08-11 c:\windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-6.job
- c:\program files (x86)\HDV1.6\HDV1.6-novainstaller.exe [2014-06-24 18:07]
.
2014-08-11 c:\windows\Tasks\7c32686b-d6da-4fab-9566-ba72f68e86a0-7.job
- c:\program files (x86)\HDV1.6\HDV1.6-nova.exe [2014-06-24 18:07]
.
2014-08-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-24 22:29]
.
2014-08-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001Core.job
- c:\users\Nessi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-12 16:47]
.
2014-08-11 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001UA.job
- c:\users\Nessi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-10-12 16:47]
.
2014-08-11 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-24 18:07]
.
2014-08-11 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-06-24 18:07]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-24 18:58]
.
2014-08-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-06-24 18:58]
.
2014-08-11 c:\windows\Tasks\PC SpeedUp Service Deactivator.job
- c:\program files (x86)\PC Beschleunigen\PCSUSD.exe [2012-09-26 07:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-06-23 11:03	339464	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-05-31 10775584]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-05-31 2040352]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
.
------- Zus‰tzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BdYdP5sR1pU29u8Hf14A6AauPBbaazz5jn7onvCphhwSFQtPrxkyA,,
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BuyOmpq4D_ljBAjIlAgCCAF28ycIb68mGdLWUryp-pyswfGfXNd_w,,&q={searchTerms}
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.178.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - 
FF - ProfilePath - c:\users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BdYdP5sR1pU29u8Hf14A6AauPBbaazz5jn7onvCphhwSFQtPrxkyA,,
FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BuyOmpq4D_ljBAjIlAgCCAF28ycIb68mGdLWUryp-pyswfGfXNd_w,,&q=
.
- - - - Entfernte verwaiste Registrierungseintr‰ge - - - -
.
BHO-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)
BHO-{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file)
Wow6432Node-HKCU-Run-MobileDocuments - c:\program files (x86)\Common Files\Apple\Internet Services\ubd.exe
WebBrowser-{872B5B88-9DB5-4310-BDD0-AC189557E5F5} - (no file)
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-Amazon Browser Bar - c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.Uninstall.exe
AddRemove-conduitEngine - c:\progra~2\CONDUI~1\ConduitEngineUninstall.exe
AddRemove-SearchProtect - c:\progra~2\SearchProtect\Main\bin\uninstall.exe
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=2000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
c:\program files\Sony\VAIO Care\VCSpt.exe
c:\windows\SysWOW64\RunDll32.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-08-11  19:55:06 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-08-11 17:55
.
Vor Suchlauf: 14 Verzeichnis(se), 361.420.926.976 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 360.895.492.096 Bytes frei
.
- - End Of File - - 149B24AB8D0DC96472842B2405510FA2

Code:

ATTFilter

# AdwCleaner v3.304 - Bericht erstellt am 11/08/2014 um 20:11:41
# Aktualisiert 08/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Nessi - NESSI-VAIO
# Gestartet von : C:\Users\Nessi\Desktop\adwcleaner_3.304.exe
# Option : Lˆschen

***** [ Dienste ] *****

[#] Dienst Gelˆscht : CltMngSvc
[#] Dienst Gelˆscht : globalUpdatem
Dienst Gelˆscht : hmmwwoblzz64
Dienst Gelˆscht : netfilter64
Dienst Gelˆscht : SupraSavingsService64
[#] Dienst Gelˆscht : vToolbarUpdater15.2.0

***** [ Dateien / Ordner ] *****

Ordner Gelˆscht : C:\ProgramData\AVG Secure Search
Ordner Gelˆscht : C:\ProgramData\Babylon
Ordner Gelˆscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelˆscht : C:\ProgramData\Partner
Ordner Gelˆscht : C:\ProgramData\Tarma Installer
Ordner Gelˆscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video downloader
Ordner Gelˆscht : C:\Program Files (x86)\Amazon\ABB
Ordner Gelˆscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelˆscht : C:\Program Files (x86)\Bench
Ordner Gelˆscht : C:\Program Files (x86)\globalUpdate
Ordner Gelˆscht : C:\Program Files (x86)\HDV1.6
Ordner Gelˆscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelˆscht : C:\Program Files (x86)\SupraSavings
Ordner Gelˆscht : C:\Program Files (x86)\vGrabber-software
Ordner Gelˆscht : C:\Program Files (x86)\Video downloader
Ordner Gelˆscht : C:\Program Files\003
Ordner Gelˆscht : C:\Program Files\SupraSavings
Ordner Gelˆscht : C:\Users\Nessi\AppData\Local\AVG Secure Search
Ordner Gelˆscht : C:\Users\Nessi\AppData\Local\Babylon
Ordner Gelˆscht : C:\Users\Nessi\AppData\Local\globalUpdate
Ordner Gelˆscht : C:\Users\Nessi\AppData\Local\SearchProtect
Ordner Gelˆscht : C:\Users\Nessi\AppData\LocalLow\AVG Secure Search
Ordner Gelˆscht : C:\Users\Nessi\AppData\LocalLow\Conduit
Ordner Gelˆscht : C:\Users\Nessi\AppData\LocalLow\ConduitEngine
Ordner Gelˆscht : C:\Users\Nessi\AppData\LocalLow\DVDVideoSoftTB
Ordner Gelˆscht : C:\Users\Nessi\AppData\LocalLow\PriceGong
Ordner Gelˆscht : C:\Users\Nessi\AppData\Roaming\Babylon
Ordner Gelˆscht : C:\Users\Nessi\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelˆscht : C:\Users\Nessi\AppData\Roaming\OpenCandy
Ordner Gelˆscht : C:\Users\Nessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video downloader
Ordner Gelˆscht : C:\Users\Nessi\Documents\PCSpeedUp
Ordner Gelˆscht : C:\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\Extensions\67af2835-79c3-420a-bc70-cd5399c4b726@5c23b6cf-f0cf-4ff9-89af-a3fb89311be5.com
Ordner Gelˆscht : C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgielablfighaafogapfgpnlieaajbgk
Datei Gelˆscht : C:\Program Files (x86)\WDesktop.Updater.exe
Datei Gelˆscht : C:\Windows\System32\drivers\netfilter64.sys
Datei Gelˆscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
Datei Gelˆscht : C:\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\searchplugins\trovi-search.xml
Datei Gelˆscht : C:\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\searchplugins\Web Search.xml
Datei Gelˆscht : C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
Datei Gelˆscht : C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
Datei Gelˆscht : C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelˆscht : C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gelˆscht : C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage
Datei Gelˆscht : C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.livelyrics00.live-lyrics.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelˆscht : globalUpdateUpdateTaskMachineCore
Task Gelˆscht : globalUpdateUpdateTaskMachineUA
Task Gelˆscht : PC SpeedUp Service Deactivator
Task Gelˆscht : 7c32686b-d6da-4fab-9566-ba72f68e86a0-1
Task Gelˆscht : 7c32686b-d6da-4fab-9566-ba72f68e86a0-10
Task Gelˆscht : 7c32686b-d6da-4fab-9566-ba72f68e86a0-11
Task Gelˆscht : 7c32686b-d6da-4fab-9566-ba72f68e86a0-2
Task Gelˆscht : 7c32686b-d6da-4fab-9566-ba72f68e86a0-3
Task Gelˆscht : 7c32686b-d6da-4fab-9566-ba72f68e86a0-4
Task Gelˆscht : 7c32686b-d6da-4fab-9566-ba72f68e86a0-5
Task Gelˆscht : 7c32686b-d6da-4fab-9566-ba72f68e86a0-6
Task Gelˆscht : 7c32686b-d6da-4fab-9566-ba72f68e86a0-7

***** [ Verkn¸pfungen ] *****

Verkn¸pfung Desinfiziert : C:\Users\Nessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelˆscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh
Schl¸ssel Gelˆscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Schl¸ssel Gelˆscht : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Schl¸ssel Gelˆscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Prod.cap
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CrossriderApp0059564.BHO
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CrossriderApp0059564.Sandbox
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CrossriderApp0059564.Sandbox.1
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511951164}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952264}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955564}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956664}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511951164}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511951164}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schl¸ssel Gelˆscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelˆscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522952264}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555955564}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566956664}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Wert Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schl¸ssel Gelˆscht : HKCU\Software\distromatic
Schl¸ssel Gelˆscht : HKCU\Software\GlobalUpdate
Schl¸ssel Gelˆscht : HKCU\Software\InstalledBrowserExtensions
Schl¸ssel Gelˆscht : HKCU\Software\SmartBar
Schl¸ssel Gelˆscht : HKCU\Software\suprasavings
Schl¸ssel Gelˆscht : HKCU\Software\AppDataLow\Toolbar
Schl¸ssel Gelˆscht : HKCU\Software\AppDataLow\Software\HDV1.6
Schl¸ssel Gelˆscht : HKCU\Software\AppDataLow\Software\PriceGong
Schl¸ssel Gelˆscht : HKCU\Software\AppDataLow\Software\Supra Savings
Schl¸ssel Gelˆscht : HKCU\Software\AppDataLow\Software\suprasavings
Schl¸ssel Gelˆscht : HKLM\Software\Conduit
Schl¸ssel Gelˆscht : HKLM\Software\Deal Boat
Schl¸ssel Gelˆscht : HKLM\Software\DeviceVM
Schl¸ssel Gelˆscht : HKLM\Software\GlobalUpdate
Schl¸ssel Gelˆscht : HKLM\Software\HDV1.6
Schl¸ssel Gelˆscht : HKLM\Software\ICQ\ICQToolbar
Schl¸ssel Gelˆscht : HKLM\Software\InstalledBrowserExtensions
Schl¸ssel Gelˆscht : HKLM\Software\suprasavings
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E6B105B8-1F65-4428-9397-1DFD8A03B94D}
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Bar
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HDV1.6
Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video downloader
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\coupon downloader
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\DeviceVM
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Supra Savings
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\suprasavings
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\suprasavings

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.17267

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\prefs.js ]

Zeile gelˆscht : user_pref("browser.newtab.url", "hxxp://www.trovi.com/?gd=&ctid=CT3320325&octid=EB_ORIGINAL_CTID&ISID=M018DA983-9ED0-4D64-8B1B-AA2C07C34239&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP2CE2974C-D7F9-4FB[...]
Zeile gelˆscht : user_pref("browser.search.defaultenginename", "Web Search");
Zeile gelˆscht : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gelˆscht : user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BdYdP5sR1p[...]
Zeile gelˆscht : user_pref("extensions.a67af283579c3420abc70cd5399c4b7265c23b6cff0cf4ff989afa3fb89311be5com59564.59564.cookie.previous_page.value", "%22hxxp%3A//www.snap.do/uninstall.html%22");
Zeile gelˆscht : user_pref("extensions.a67af283579c3420abc70cd5399c4b7265c23b6cff0cf4ff989afa3fb89311be5com59564.59564.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelˆscht : user_pref("extensions.crossrider.bic", "146cf5809125ea023fca30b7c4902e49");
Zeile gelˆscht : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEc7Ie-grAKBlic9jLBdJ2XDhIs1wwmYQ-gAumnyw2P4_mTXzi3xpbZQOhDxVRDb50BuyOmpq4D_ljBAjIlAgCCAF[...]

-\\ Google Chrome v36.0.1985.125

[ Datei : C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelˆscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320325&octid=EB_ORIGINAL_CTID&ISID=M018DA983-9ED0-4D64-8B1B-AA2C07C34239&SearchSource=58&CUI=&UM=5&UP=SP2CE2974C-D7F9-4FBD-842D-ED84022B8FBB&q={searchTerms}&SSPV=&SSPV=
Gelˆscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3320325&octid=EB_ORIGINAL_CTID&ISID=M018DA983-9ED0-4D64-8B1B-AA2C07C34239&SearchSource=58&CUI=&UM=5&UP=SP2CE2974C-D7F9-4FBD-842D-ED84022B8FBB&q={searchTerms}&SSPV=&SSPV=
Gelˆscht [Startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3320325&octid=EB_ORIGINAL_CTID&ISID=M018DA983-9ED0-4D64-8B1B-AA2C07C34239&SearchSource=55&CUI=&UM=5&UP=SP2CE2974C-D7F9-4FBD-842D-ED84022B8FBB&SSPV=&SSPV=
Gelˆscht [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3320325&octid=EB_ORIGINAL_CTID&ISID=M018DA983-9ED0-4D64-8B1B-AA2C07C34239&SearchSource=55&CUI=&UM=5&UP=SP2CE2974C-D7F9-4FBD-842D-ED84022B8FBB&SSPV=&SSPV=
Gelˆscht [Extension] : jgielablfighaafogapfgpnlieaajbgk

*************************

AdwCleaner[R0].txt - [27920 octets] - [11/08/2014 20:10:54]
AdwCleaner[S0].txt - [25500 octets] - [11/08/2014 20:11:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25561 octets] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Nessi on 11.08.2014 at 20:14:44,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{94062A03-6B42-4C6E-8EC7-E47A8DE13FAC}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Nessi\appdata\locallow\boost_interprocess"



~~~ FireFox

Emptied folder: C:\Users\Nessi\AppData\Roaming\mozilla\firefox\profiles\e5m9653j.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.08.2014 at 20:21:09,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 11.08.2014 20:23:20, SYSTEM, NESSI-VAIO, Protection, Malware Protection, Starting, 
Protection, 11.08.2014 20:23:20, SYSTEM, NESSI-VAIO, Protection, Malware Protection, Started, 
Protection, 11.08.2014 20:23:20, SYSTEM, NESSI-VAIO, Protection, Malicious Website Protection, Starting, 
Update, 11.08.2014 20:23:24, SYSTEM, NESSI-VAIO, Manual, Rootkit Database, 2014.2.20.1, 2014.8.4.1, 
Update, 11.08.2014 20:23:29, SYSTEM, NESSI-VAIO, Manual, Malware Database, 2014.3.4.9, 2014.8.11.6, 
Protection, 11.08.2014 20:23:31, SYSTEM, NESSI-VAIO, Protection, Refresh, Starting, 
Protection, 11.08.2014 20:23:40, SYSTEM, NESSI-VAIO, Protection, Malicious Website Protection, Started, 
Protection, 11.08.2014 20:23:40, SYSTEM, NESSI-VAIO, Protection, Malicious Website Protection, Stopping, 
Protection, 11.08.2014 20:23:40, SYSTEM, NESSI-VAIO, Protection, Malicious Website Protection, Stopped, 
Protection, 11.08.2014 20:23:44, SYSTEM, NESSI-VAIO, Protection, Refresh, Success, 
Protection, 11.08.2014 20:23:44, SYSTEM, NESSI-VAIO, Protection, Malicious Website Protection, Starting, 
Protection, 11.08.2014 20:23:44, SYSTEM, NESSI-VAIO, Protection, Malicious Website Protection, Started, 
Protection, 11.08.2014 20:37:56, SYSTEM, NESSI-VAIO, Protection, Malware Protection, Starting, 
Protection, 11.08.2014 20:37:56, SYSTEM, NESSI-VAIO, Protection, Malware Protection, Started, 
Protection, 11.08.2014 20:37:56, SYSTEM, NESSI-VAIO, Protection, Malicious Website Protection, Starting, 
Protection, 11.08.2014 20:38:33, SYSTEM, NESSI-VAIO, Protection, Malicious Website Protection, Started, 

(end)

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Nessi (administrator) on NESSI-VAIO on 11-08-2014 20:41:50
Running from E:\
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSpt.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [AppleSyncNotifier] => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Nessi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-05]

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: trovi.com
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-24]
CHR Extension: (Google Drive) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-24]
CHR Extension: (YouTube) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-24]
CHR Extension: (Google-Suche) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-24]
CHR Extension: (Google Wallet) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-24]
CHR Extension: (Google Mail) - C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-24]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [252416 2010-05-25] (Sony Corporation) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1250160 2010-05-31] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-05-21] (AVG Technologies)
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [10326784 2010-06-24] (Intel Corporation) [File not signed]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [271872 2010-06-24] (Intel(R) Corporation) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 20:23 - 2014-08-11 20:39 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-11 20:23 - 2014-08-11 20:23 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-11 20:23 - 2014-08-11 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-11 20:22 - 2014-08-11 20:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-11 20:22 - 2014-08-11 20:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-11 20:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-11 20:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-11 20:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-11 20:21 - 2014-08-11 20:21 - 00001091 _____ () C:\Users\Nessi\Desktop\JRT.txt
2014-08-11 20:14 - 2014-08-11 20:14 - 00000000 ____D () C:\Windows\ERUNT
2014-08-11 20:11 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-11 20:10 - 2014-08-11 20:11 - 00000000 ____D () C:\AdwCleaner
2014-08-11 20:10 - 2014-08-11 19:32 - 01366203 _____ () C:\Users\Nessi\Desktop\adwcleaner_3.304.exe
2014-08-11 20:06 - 2014-08-11 20:06 - 00001160 _____ () C:\Users\Nessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-11 19:57 - 2014-08-11 19:57 - 00001264 _____ () C:\Users\Nessi\Desktop\Revo Uninstaller.lnk
2014-08-11 19:57 - 2014-08-11 19:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-11 19:55 - 2014-08-11 19:55 - 00026492 _____ () C:\ComboFix.txt
2014-08-11 19:38 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-11 19:38 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-11 19:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-11 19:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-11 19:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-11 19:38 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-11 19:38 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-11 19:38 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-11 19:35 - 2014-08-11 19:55 - 00000000 ____D () C:\Qoobox
2014-08-11 19:35 - 2014-08-11 19:53 - 00000000 ____D () C:\Windows\erdnt
2014-08-11 18:03 - 2014-08-11 20:41 - 00000000 ____D () C:\FRST
2014-08-11 18:03 - 2014-08-11 18:04 - 00054556 _____ () C:\Users\Nessi\Desktop\Addition.txt
2014-08-11 18:03 - 2014-08-11 18:04 - 00037382 _____ () C:\Users\Nessi\Desktop\FRST.txt
2014-08-11 18:02 - 2014-08-10 16:02 - 02099712 _____ (Farbar) C:\Users\Nessi\Desktop\FRST64.exe
2014-08-11 03:16 - 2014-08-11 03:16 - 05618120 _____ (Speedchecker Limited ) C:\Users\Nessi\Documents\PCSUUpdate.exe
2014-08-11 01:43 - 2014-08-11 01:43 - 00057128 _____ () C:\Users\Nessi\Documents\PCSU_Update.exe
2014-08-03 21:48 - 2014-08-03 21:48 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-03 21:48 - 2014-08-03 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 21:47 - 2014-08-03 21:48 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 21:47 - 2014-08-03 21:47 - 00000000 ____D () C:\Program Files\iTunes
2014-08-03 21:47 - 2014-08-03 21:47 - 00000000 ____D () C:\Program Files\iPod
2014-08-03 21:37 - 2014-08-03 21:40 - 00000000 ____D () C:\Users\Nessi\Desktop\USB
2014-08-01 17:18 - 2014-08-01 17:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-15 00:39 - 2014-07-15 00:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-15 00:14 - 2014-07-01 03:56 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-15 00:14 - 2014-07-01 03:50 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 20:41 - 2014-08-11 18:03 - 00000000 ____D () C:\FRST
2014-08-11 20:40 - 2011-05-14 18:28 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDFB1B48-55BE-4646-AD2D-D8E63A0BC56B}
2014-08-11 20:39 - 2014-08-11 20:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-11 20:37 - 2014-06-24 21:25 - 00027632 _____ () C:\Windows\PFRO.log
2014-08-11 20:37 - 2014-06-24 20:58 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-11 20:37 - 2014-06-22 16:56 - 00003317 _____ () C:\Windows\setupact.log
2014-08-11 20:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-11 20:36 - 2011-05-14 18:22 - 01341868 _____ () C:\Windows\WindowsUpdate.log
2014-08-11 20:35 - 2010-11-30 10:49 - 00000000 ____D () C:\Temp
2014-08-11 20:29 - 2014-06-24 21:04 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-11 20:23 - 2014-08-11 20:23 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-11 20:23 - 2014-08-11 20:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-08-11 20:23 - 2014-08-11 20:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-08-11 20:22 - 2014-08-11 20:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-11 20:21 - 2014-08-11 20:21 - 00001091 _____ () C:\Users\Nessi\Desktop\JRT.txt
2014-08-11 20:20 - 2010-11-30 19:06 - 00654400 _____ () C:\Windows\system32\perfh007.dat
2014-08-11 20:20 - 2010-11-30 19:06 - 00130240 _____ () C:\Windows\system32\perfc007.dat
2014-08-11 20:20 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-11 20:20 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-11 20:20 - 2009-07-14 06:45 - 00013664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-11 20:14 - 2014-08-11 20:14 - 00000000 ____D () C:\Windows\ERUNT
2014-08-11 20:11 - 2014-08-11 20:10 - 00000000 ____D () C:\AdwCleaner
2014-08-11 20:11 - 2014-06-12 14:42 - 00001079 _____ () C:\Users\Nessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-08-11 20:06 - 2014-08-11 20:06 - 00001160 _____ () C:\Users\Nessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-11 20:03 - 2014-06-24 20:58 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-11 19:57 - 2014-08-11 19:57 - 00001264 _____ () C:\Users\Nessi\Desktop\Revo Uninstaller.lnk
2014-08-11 19:57 - 2014-08-11 19:57 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-08-11 19:55 - 2014-08-11 19:55 - 00026492 _____ () C:\ComboFix.txt
2014-08-11 19:55 - 2014-08-11 19:35 - 00000000 ____D () C:\Qoobox
2014-08-11 19:55 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-11 19:53 - 2014-08-11 19:35 - 00000000 ____D () C:\Windows\erdnt
2014-08-11 19:50 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-11 19:48 - 2009-07-14 04:34 - 76021760 _____ () C:\Windows\system32\config\software.bak
2014-08-11 19:48 - 2009-07-14 04:34 - 22282240 _____ () C:\Windows\system32\config\system.bak
2014-08-11 19:48 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-08-11 19:48 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-08-11 19:48 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\default.bak
2014-08-11 19:32 - 2014-08-11 20:10 - 01366203 _____ () C:\Users\Nessi\Desktop\adwcleaner_3.304.exe
2014-08-11 18:52 - 2011-10-12 18:42 - 00001138 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001UA.job
2014-08-11 18:52 - 2011-10-12 18:42 - 00001116 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3144832091-330051340-2454635059-1001Core.job
2014-08-11 18:04 - 2014-08-11 18:03 - 00054556 _____ () C:\Users\Nessi\Desktop\Addition.txt
2014-08-11 18:04 - 2014-08-11 18:03 - 00037382 _____ () C:\Users\Nessi\Desktop\FRST.txt
2014-08-11 15:12 - 2014-06-24 21:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-11 03:16 - 2014-08-11 03:16 - 05618120 _____ (Speedchecker Limited ) C:\Users\Nessi\Documents\PCSUUpdate.exe
2014-08-11 03:16 - 2012-09-26 15:08 - 00000000 ____D () C:\Program Files (x86)\PC Beschleunigen
2014-08-11 01:43 - 2014-08-11 01:43 - 00057128 _____ () C:\Users\Nessi\Documents\PCSU_Update.exe
2014-08-10 16:02 - 2014-08-11 18:02 - 02099712 _____ (Farbar) C:\Users\Nessi\Desktop\FRST64.exe
2014-08-03 21:48 - 2014-08-03 21:48 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-03 21:48 - 2014-08-03 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-03 21:48 - 2014-08-03 21:47 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-03 21:47 - 2014-08-03 21:47 - 00000000 ____D () C:\Program Files\iTunes
2014-08-03 21:47 - 2014-08-03 21:47 - 00000000 ____D () C:\Program Files\iPod
2014-08-03 21:47 - 2012-03-10 23:48 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-03 21:40 - 2014-08-03 21:37 - 00000000 ____D () C:\Users\Nessi\Desktop\USB
2014-08-03 21:24 - 2013-03-18 18:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-03 21:24 - 2013-03-18 18:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-02 03:03 - 2013-03-18 18:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-01 17:19 - 2014-08-01 17:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 16:29 - 2014-06-24 20:59 - 00002233 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-01 16:13 - 2014-06-27 12:53 - 00000000 ____D () C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9
2014-07-15 00:39 - 2014-07-15 00:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-15 00:39 - 2013-10-29 21:06 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-15 00:38 - 2013-08-19 21:12 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-15 00:36 - 2011-07-17 19:43 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-15 00:29 - 2014-06-24 21:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-15 00:29 - 2014-06-24 21:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-15 00:29 - 2014-06-24 21:04 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\Nessi\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-11 16:17

==================== End Of Log ============================

--- --- ---

Warlord711 · 11.08.2014, 20:04

Schau bitte das du das richtige Malwarebytes Log postet, ich benötige das Log vom Suchlauf

Jonie · 11.08.2014, 20:19

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 11.08.2014
Suchlauf-Zeit: 20:23:54
Logdatei: MAILWƒ.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.08.11.06
Rootkit Datenbank: v2014.08.04.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bˆsartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Nessi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 313518
Verstrichene Zeit: 9 Min, 55 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschl¸ssel: 4
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, In Quarant‰ne, [a5ad467f314a95a164a09844ae54ff01], 
PUP.Optional.CouponDownloader.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Coupon Downloader, In Quarant‰ne, [b49e24a19be0ba7c3fd125cbe41e17e9], 
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HDV1.6, In Quarant‰ne, [eb6762630576ee485a0bb82aa75b8e72], 
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, In Quarant‰ne, [3f13edd84d2e44f2b0a7f601966cd32d], 

Registrierungswerte: 1
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, In Quarant‰ne, [a5ad467f314a95a164a09844ae54ff01]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 3
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgielablfighaafogapfgpnlieaajbgk, In Quarant‰ne, [db7744810a715dd972b55e6d51b1ba46], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk, In Quarant‰ne, [450db411512afc3abf6910bbe51dd030], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jgielablfighaafogapfgpnlieaajbgk_0, In Quarant‰ne, [3c16566f740767cf1b0e02c95ca69c64], 

Dateien: 35
PUP.Optional.AdPeak.A, C:\Temp\InstallFilter64.msi, In Quarant‰ne, [232f51742b50f1454c4a2e0ffb0559a7], 
PUP.Optional.SupraSavings.A, C:\Temp\t.msi, In Quarant‰ne, [4d052a9b4b30a98d1da301ab0afa14ec], 
PUP.Optional.DomaIQ, C:\Users\Nessi\Downloads\Java (1).exe, In Quarant‰ne, [381af5d0b4c7cd69a5a944ffbc44d62a], 
PUP.Optional.DomaIQ, C:\Users\Nessi\Downloads\Java.exe, In Quarant‰ne, [6de501c4304bd66022ee63f8d9287789], 
PUP.Optional.OptimumInstaller.A, C:\Users\Nessi\Downloads\Skype_Setup(1).exe, In Quarant‰ne, [272bf2d3443791a5204b391fb34e8f71], 
PUP.Optional.OptimumInstaller.A, C:\Users\Nessi\Downloads\Skype_Setup.exe, In Quarant‰ne, [2a28ebdaed8ec571fa71f3653fc2b848], 
PUP.Optional.Bundlore, C:\Users\Nessi\Downloads\video_downloader (1).exe, In Quarant‰ne, [81d1ffc6116a71c5c143d13f7c8523dd], 
PUP.Optional.Bundlore, C:\Users\Nessi\Downloads\video_downloader (2).exe, In Quarant‰ne, [163c794c5229b185db29d33d60a1eb15], 
PUP.Optional.Bundlore, C:\Users\Nessi\Downloads\video_downloader (3).exe, In Quarant‰ne, [a2b032936615e84e28dc70a034cd5aa6], 
PUP.Optional.Bundlore, C:\Users\Nessi\Downloads\video_downloader.exe, In Quarant‰ne, [98ba23a2e3984de9f60ef21edc256997], 
PUP.Optional.Breitschopp, C:\Users\Nessi\Downloads\DLG_chrome_browser_de-DE.exe, In Quarant‰ne, [6ce6695c5b2091a5a5697a3128dc0df3], 
PUP.Optional.DomaIQ, C:\Users\Nessi\Downloads\Player Setup.exe, In Quarant‰ne, [e86a8045d4a746f08bc3182be61af40c], 
PUP.Optional.Domalq, C:\Users\Nessi\Downloads\Player_Setup(1).exe, In Quarant‰ne, [77db3d881a6150e6947161ec3bc951af], 
PUP.Optional.Domalq, C:\Users\Nessi\Downloads\Player_Setup.exe, In Quarant‰ne, [2a280abb63188caa9e674c019c680bf5], 
PUP.Optional.OutBrowse, C:\Users\Nessi\Downloads\setup(1).exe, In Quarant‰ne, [3f138e37fe7d4ee8c73e0080d62b936d], 
PUP.Optional.OutBrowse, C:\Users\Nessi\Downloads\setup.exe, In Quarant‰ne, [3b176b5a2a5190a6788dfb8526dbed13], 
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, In Quarant‰ne, [be9422a3ef8cd066b276c6d11fe2946c], 
PUP.Optional.SupraSavings.A, C:\Windows\Installer\1bdb03.msi, In Quarant‰ne, [5101893c8fecc86e0db30f9d778df10f], 
PUP.Optional.SupraSavings.A, C:\Windows\Installer\1bdb07.msi, In Quarant‰ne, [e86a448173083afca719a10b41c3ad53], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jgielablfighaafogapfgpnlieaajbgk_0.localstorage, In Quarant‰ne, [0250685d4e2dd4627f188162b0526e92], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jgielablfighaafogapfgpnlieaajbgk_0.localstorage-journal, In Quarant‰ne, [e0725471b0cbdd594c4b1cc7d929fa06], 
PUP.Optional.SelectNGo.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage, In Quarant‰ne, [88ca695cff7c5cda6c78965451b15da3], 
PUP.Optional.SelectNGo.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal, In Quarant‰ne, [074ba71efe7d93a3687c6981dd2524dc], 
PUP.Optional.Trovi.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trovi.com_0.localstorage, In Quarant‰ne, [460c794c4f2c3ef812f523ca00023bc5], 
PUP.Optional.Trovi.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trovi.com_0.localstorage-journal, In Quarant‰ne, [c38f675e4b30b28447c09d5003ffe21e], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk\000016.ldb, In Quarant‰ne, [450db411512afc3abf6910bbe51dd030], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk\000018.ldb, In Quarant‰ne, [450db411512afc3abf6910bbe51dd030], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk\000019.log, In Quarant‰ne, [450db411512afc3abf6910bbe51dd030], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk\CURRENT, In Quarant‰ne, [450db411512afc3abf6910bbe51dd030], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk\LOCK, In Quarant‰ne, [450db411512afc3abf6910bbe51dd030], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk\LOG, In Quarant‰ne, [450db411512afc3abf6910bbe51dd030], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk\LOG.old, In Quarant‰ne, [450db411512afc3abf6910bbe51dd030], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgielablfighaafogapfgpnlieaajbgk\MANIFEST-000017, In Quarant‰ne, [450db411512afc3abf6910bbe51dd030], 
PUP.Optional.CrossRider.A, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jgielablfighaafogapfgpnlieaajbgk_0\1, In Quarant‰ne, [3c16566f740767cf1b0e02c95ca69c64], 
PUP.Optional.Conduit, C:\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\preferences, Gut: (), Schlecht: (		"suggest_url": "hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",), Ersetzt,[272be4e1017a6fc7576752a835cf05fb]

Physische Sektoren: 0
(No malicious items detected)


(end)

Warlord711 · 12.08.2014, 08:10

Mal ne Frage, wenn du Programme aus dem Internet herunterlädst, von welchen Seiten bitteschön ? Das sind ja Unmengen von AdWare in Setups für Skype,Java usw.

Versteh mich nicht falsch, aber ich will natürlich auch vermeiden, das du in 3 Tagen wieder hier ein Thema aufmachen musst.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Jonie · 12.08.2014, 16:07

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-08-2014 01
Ran by Nessi at 2014-08-12 14:31:09 Run:1
Running from C:\Users\Nessi\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
         

*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a3801e95a602914e9e74e80321a18ef4
# engine=19617
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-08-12 02:57:07
# local_time=2014-08-12 04:57:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT 
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 10997370 102036637 0 0
# scanned=269398
# found=68
# cleaned=0
# scan_time=6277
sh=B98C851D46F6F34607DEC601FF82469DA350D9EC ft=1 fh=95a049650cc65f75 vn="Variante von Win64/Adware.Adpeak.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\003\hmmwwoblzz64.exe.vir"
sh=5FECED14BEB27EE323DD4F161917A72A54F92422 ft=1 fh=e19c1e3a606d2037 vn="Variante von MSIL/WebCake.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WDesktop.Updater.exe.vir"
sh=BAE90A619891D5B3EC368EB3C8D9B070EDF83105 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\360-59564.crx.vir"
sh=A1A9AE9DD098F3EA9034D564570B0A77499937E7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\59564.crx.vir"
sh=C75BAEF544EE223294B9B6D7ED7431D97AA88552 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\59564.xpi.vir"
sh=06735682AF4349E3675F08E80B18704652A0AABB ft=1 fh=1c567cf2527dc66b vn="Variante von Win32/Toolbar.CrossRider.AG evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-10.exe.vir"
sh=ECE36820BAE7AB20E3211A8E4E88A66DE3E25087 ft=1 fh=d67b3f7d3e9d825f vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-2.exe.vir"
sh=9076F1BAF1E47E5A3154340477079305FADA428D ft=1 fh=ca0d9923500adac8 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-3.exe.vir"
sh=34855CC20517706F5F5AAC42DC1472597E996AD8 ft=1 fh=271eca62c4f736e2 vn="Variante von Win32/Toolbar.CrossRider.AK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-4.exe.vir"
sh=4DFD5AC03143DFBCDC7EFF8DCCB0E45AADBFF750 ft=1 fh=9d5679f2c66e0c41 vn="Variante von Win32/Toolbar.CrossRider.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0-5.exe.vir"
sh=A1A9AE9DD098F3EA9034D564570B0A77499937E7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\7c32686b-d6da-4fab-9566-ba72f68e86a0.crx.vir"
sh=B94FCD7F3C348DEF1399F589D2DB59E1C9C61E1F ft=1 fh=6870ed799c5711b4 vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\HDV1.6-bg.exe.vir"
sh=361694C7E97D72EB682E8C74706EB07A48BF7395 ft=1 fh=b5b8cd223b4732c8 vn="Variante von Win32/Toolbar.CrossRider.AF evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\HDV1.6-bho.dll.vir"
sh=F32E933E4ECA639D97F80B8FDCBCE42B5A42A95F ft=1 fh=1b23ff0cdc4ff222 vn="Variante von Win64/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\HDV1.6-bho64.dll.vir"
sh=53DDF7B3BF97665714535FCC434C24A7969CAD0F ft=1 fh=45f51e5d79e43c40 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\HDV1.6-codedownloader.exe.vir"
sh=386035C75DFB208E0E208556BE0337AD094F7CA8 ft=1 fh=0f5b6aa9ed086e27 vn="Variante von Win32/Toolbar.CrossRider.AI evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\HDV1.6-nova.dll.vir"
sh=D14B2CEF27D5FD3A04B84FC217647A97F6B6CEDB ft=1 fh=e1c289e2dd48e978 vn="Variante von Win32/Toolbar.CrossRider.AE evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\HDV1.6-nova.exe.vir"
sh=53DDF7B3BF97665714535FCC434C24A7969CAD0F ft=1 fh=45f51e5d79e43c40 vn="Variante von Win32/Toolbar.CrossRider.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HDV1.6\HDV1.6-novainstaller.exe.vir"
sh=277184DA3C9EA2978F906C19295EFB5C5B05312D ft=1 fh=e64c526704b4d97f vn="Variante von Win32/AdWare.Adpeak.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupraSavings\2rs3.dll.vir"
sh=DA5FB3EC9626A14CF284F51DEFDBC040D14854DC ft=1 fh=3ccc85b63cb510cb vn="Variante von Win32/AdWare.Adpeak.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupraSavings\CustomActionInstall.vir"
sh=F1BF41B871B373DA5582856271D7A35AF9C3D059 ft=1 fh=cecd9d37647e9ccd vn="Variante von Win32/AdWare.Adpeak.I Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupraSavings\CustomActionUninstall.vir"
sh=529F1CB730B133C2264E3451DCCC7DEEB179C135 ft=1 fh=2c963b952ca2f278 vn="möglicherweise Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll.vir"
sh=7A2589020E1532105EA0B3845BAEDA0271AA2F42 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgielablfighaafogapfgpnlieaajbgk\1.26.34_0\extensionData\plugins\91.js.vir"
sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\LocalLow\ConduitEngine\ConduitEngine.dll.vir"
sh=57CD8DEAF43DF3A2F4703E5219A69935B119D0DB ft=1 fh=311781f1ea21501f vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\LocalLow\DVDVideoSoftTB\tbDVDV.dll.vir"
sh=2E1B7C43065B37D868D13C78AFC08B6955BE63AD ft=1 fh=d8370df7613a73e4 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\LocalLow\DVDVideoSoftTB\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.0\bin\PriceGongIE.dll.vir"
sh=9D7E00EC736140394D5885417303D94D44553A41 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\Extensions\67af2835-79c3-420a-bc70-cd5399c4b726@5c23b6cf-f0cf-4ff9-89af-a3fb89311be5.com\extensionData\plugins\194.js.vir"
sh=73D5AD55EDE0A6095A475607EAFB9BA1CA336D2C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Roaming\Mozilla\Firefox\Profiles\e5m9653j.default\Extensions\67af2835-79c3-420a-bc70-cd5399c4b726@5c23b6cf-f0cf-4ff9-89af-a3fb89311be5.com\extensionData\plugins\91.js.vir"
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Roaming\OpenCandy\4365132654C84D74BB29584AFFFD6EBE\OCBrowserHelper_1.0.3.85.dll.vir"
sh=7FC2F2E084B53A24C632CF8FC32532F90FB9291C ft=1 fh=c1cd8cb2a512194b vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Roaming\OpenCandy\73A7D6C5024545EDA6F388BC0F137FD7\AVG_Toolbar_CB_ALL_p2v0.exe.vir"
sh=A4F319312C51671C3A95C478B1006769263996A9 ft=1 fh=886ae4ceae92d42e vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Roaming\OpenCandy\73A7D6C5024545EDA6F388BC0F137FD7\OCBrowserHelper_1.0.3.85.dll.vir"
sh=F57ED6018EE6E814BD8C8EEA74039AA6AEC709EB ft=1 fh=d9d232a100287749 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Roaming\OpenCandy\76D2C4F40EF749E6BAA09B504DD8D733\LatestDLMgr.exe.vir"
sh=E9C2205B9080833744AFB005AD8B135DF6797683 ft=1 fh=4432f897b3140eb0 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Roaming\OpenCandy\77DF2D64504947239B9BE0DECC402CA4\PCSU_SL_3.1.2.exe.vir"
sh=829D808C091045F45C513A6E4AB17055A52A9320 ft=1 fh=282fb76e1825b814 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Roaming\OpenCandy\BF363270BD62430DA58226B7D0EF11E4\DeltaTB.exe.vir"
sh=6AA5FAD110322E0B502FB784DDDE2677842707F8 ft=1 fh=7eac28b77e17143b vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Nessi\AppData\Roaming\OpenCandy\BF363270BD62430DA58226B7D0EF11E4\OCBrowserHelper_1.0.6.125.exe.vir"
sh=268979BC94F89E29C10C925824C49D5C9B5B1C09 ft=1 fh=029569cfdc034e29 vn="Variante von Win64/Adware.Adpeak.F Anwendung" ac=I fn="C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9\hmhfslexky64.exe"
sh=ED3AE0C892B53C95BD9BDE74AEE8396D41B3AF87 ft=1 fh=be30934dd2f4fafd vn="Variante von Win64/Adware.Adpeak.F Anwendung" ac=I fn="C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9\SupraSavingsService64.exe"
sh=D1D84E78302885295C3EC173CF25B20794123E7F ft=1 fh=62ab64a2f36b7f02 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\ICQ7.5\upgrade\2dcd1d63cb45e6613582211c3d5f4b23"
sh=44B1CB2BCCE1BD052FBE05907F4451E1752BC085 ft=1 fh=4ff293b6f57e565a vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Program Files (x86)\ICQ7.5\upgrade\53e83dd5315bfb1f928441c9b4618b68"
sh=064680D54E8FBA2D06E2A5E35060BB16B3636C3B ft=1 fh=4ae2a46f410a297c vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe.vir"
sh=E6BF88B3390FEA12DB1F6F150800B531FEDADB01 ft=1 fh=4a10605500753c35 vn="möglicherweise Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll.vir"
sh=40B63087012BF7DA70AE82BD473BCCFDD93BF8F5 ft=1 fh=027554fe6efee6bd vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe.vir"
sh=584265F2BA0B47696184876335BAF6E175C81BEF ft=1 fh=2f2b206b1a22bc74 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe.vir"
sh=2D9A7EAF0637343E63C8622AA99C16E817A0F204 ft=1 fh=79672f4490f328fb vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe.vir"
sh=6CDD189837D5C70B6F11EC1467DFC06B5B1DAB56 ft=1 fh=8d9f8b9dd40f9b55 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll.vir"
sh=295FC6612C9C97760937DF651A963A44C99CD0C0 ft=1 fh=aaec07ed4cd90b5d vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll.vir"
sh=1281BC2E05EBA5C4AEA26227C68ABBBF6ED9A2BC ft=1 fh=78661b0bb1b930fe vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll.vir"
sh=2510D5FD078002C413DAA2B68FEBA3E9AC8BDE80 ft=1 fh=b3c45eb818ca1528 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll.vir"
sh=E18E67AF494118B8B73EC4EC2269E89AA9C18237 ft=1 fh=d7d3a79201d8389a vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe.vir"
sh=1E474FC753992B98C16A55CD7249DDF7E50B2D58 ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nessi\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\application.xap"
sh=1CCD91D77872F5FCD2F595423DE5008665D97084 ft=1 fh=235f9da24e93466a vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nessi\Documents\PCSUUpdate.exe"
sh=E816EC8FBE393A5EDDE843934661AD6B36CC5F77 ft=1 fh=d222da47d4bdff40 vn="Variante von Win32/InstallCore.OK evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nessi\Downloads\FlvPlayerSetup.exe"
sh=27AE3D98CE51C73156D7018023C3D24236DF55EE ft=1 fh=6f7595b0590227a8 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter(1).exe"
sh=7CFAF7221B7932D38B8C6FECDF7ACCC53D3EA193 ft=1 fh=2de9f51c2c405c06 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter(2).exe"
sh=9CDD87BC95DEA954665CB7F22579E04FC360077A ft=1 fh=9319ecaed0a22c9b vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter(3).exe"
sh=846D95D63EDE9508EFC7CEEE1D145D7CE62988C3 ft=1 fh=ec23a4ae3310ce50 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter.exe"
sh=63C07F52802B59710924F75C01DCFEFFA338E063 ft=1 fh=43a6f6e7aec8b73c vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter105.exe"
sh=6520C30E957C3308BFE4CD32DA8F33F60B3E9EFC ft=1 fh=05bf3b3e0eba4b75 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Users\Nessi\Downloads\pf-setup-en-652.exe"
sh=73D5AD55EDE0A6095A475607EAFB9BA1CA336D2C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DSO8F38L\91[1].js"
sh=57D3783E0AB8762D8B4D9AA3F600128A957D944B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FFNM2OS4\91[1].js"
sh=336F3BCB48ECB1F5B206A8B1BCBD184D6AA9E8B4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZ1AMBXL\91[1].js"
sh=DCD71590392DD1D56DF84B892830CBF9ADD2DA7C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZ1AMBXL\91[2].js"
sh=73D5AD55EDE0A6095A475607EAFB9BA1CA336D2C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZ1AMBXL\91[3].js"
sh=73D5AD55EDE0A6095A475607EAFB9BA1CA336D2C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DSO8F38L\91[1].js"
sh=57D3783E0AB8762D8B4D9AA3F600128A957D944B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FFNM2OS4\91[1].js"
sh=336F3BCB48ECB1F5B206A8B1BCBD184D6AA9E8B4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZ1AMBXL\91[1].js"
sh=DCD71590392DD1D56DF84B892830CBF9ADD2DA7C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZ1AMBXL\91[2].js"
sh=73D5AD55EDE0A6095A475607EAFB9BA1CA336D2C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XZ1AMBXL\91[3].js"

Warlord711 · 12.08.2014, 17:24

Ok noch Reste entfernen und SecurityCheck:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

"C:\Program Files (x86)\6DAF2CD5-832E-48EB-8678-2B122163A2D9
"C:\Program Files (x86)\ICQ7.5\upgrade\2dcd1d63cb45e6613582211c3d5f4b23"
"C:\Program Files (x86)\ICQ7.5\upgrade\53e83dd5315bfb1f928441c9b4618b68"
"C:\Users\Nessi\Documents\PCSUUpdate.exe"
"C:\Users\Nessi\Downloads\FlvPlayerSetup.exe"
"C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter(1).exe"
"C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter(2).exe"
"C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter(3).exe"
"C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter.exe"
"C:\Users\Nessi\Downloads\FreeYouTubeToMP3Converter105.exe"
"C:\Users\Nessi\Downloads\pf-setup-en-652.exe"
EmptyTemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

11.08.2014, 20:04	#8
Warlord711 /// TB-Ausbilder	Laptop ultra langsam - keine Browser funktionieren Schau bitte das du das richtige Malwarebytes Log postet, ich benötige das Log vom Suchlauf __________________ Lerne, zurück zu schlagen und unterstütze uns! TB Akademie \| Spende \| Lob & Kritik

Laptop ultra langsam - keine Browser funktionieren

Log-Analyse und Auswertung: Laptop ultra langsam - keine Browser funktionieren