Virenverseuchter Laptop

Simi1961 · 14.11.2014, 14:53

Hallo,liebes Team.

Ich war im August schon mal bei Euch und Ihr habt mir sehr geholfen.Diesmal geht es um den Läppi meiner Freundin.Sie nutzt Ihn und Ihre beiden Kinder auch.Er ist furchtbar langsam und es öffnen sich ständig irgendwelche Seiten,die man garnicht aufruft.Ausserdem hat er vorhin beim Neustart das Laufwerk C automatisch überprüft,da stand was von beschädigte Attribute. Das schreiben ist schon ein Abenteuer,dauert bis die Buchstaben angenommen werden. Es sind 2 Benutzerkonten vorhanden,das von meiner Freundin und das von den Kindern.
Könntet Ihr mir bitte helfen? Ich habe zwar nicht viel Ahnung von Computern,aber meine Freundin hat noch weniger Ahnung als ich.

Danke schon mal.
Gruß Simone

cosinus · 14.11.2014, 15:08

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Simi1961 · 14.11.2014, 16:49

Hallo Cosinus.

Ich habe noch garnichts gemacht.Ich glaube die Kiste hat nicht mal einen Virenscanner.Malwarebytes habe ich auch nicht gefunden,also das Programm.Habe den Läppi heute das erste mal in den Fingern.

Code:

ATTFilter

FRST Logfile:

FRST Logfile:

FRST Logfile:

	Code: 

 ATTFilter

  
	Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-11-2014 02
Ran by tine76 (administrator) on TINE76-VAIO on 14-11-2014 15:23:31
Running from C:\Users\tine76\Downloads
Loaded Profiles: tine76 & Jugendliche (Available profiles: tine76 & Jugendliche)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsProtectManger\wprotectmanager.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(globalUpdate) C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
() C:\Program Files (x86)\LPT\srpts.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
() C:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
() C:\Windows\score.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Users\tine76\AppData\Roaming\VOPackage\VOsrv.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\LPT\srptsl.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
() C:\Users\tine76\AppData\Local\LPT\srptm.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Users\tine76\AppData\Local\fst_de_36\upfst_de_36.exe
(Smartbar) C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Program Files (x86)\AVG Nation toolbar\vprot.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
(Informer Technologies, Inc.) C:\Program Files\Software Informer\softinfo.exe
() C:\Users\tine76\AppData\Local\Smartbar\Application\Lrcnta.exe
(PlusHDv) C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-nova.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Nation toolbar\vprot.exe [2556744 2014-04-27] ()
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [768192 2014-02-28] ()
HKLM-x32\...\Run: [Iminent] => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
HKLM-x32\...\Run: [IminentMessenger] => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\RunOnce: [upfst_de_36.exe] => C:\Users\tine76\AppData\Local\fst_de_36\upfst_de_36.exe [3268600 2014-06-06] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Run: [Software Informer] => C:\Program Files\Software Informer\softinfo.exe [1218560 2014-11-06] (Informer Technologies, Inc.)
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Run: [SSync] => C:\Users\tine76\AppData\Roaming\SSync\SSync.exe [37376 2013-12-09] ()
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Run: [InetStat] => "C:true\Application Data\InetStat\inetstat.exe" /c=6
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.exe [29728 2014-06-16] (Smartbar)
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Run: [SCheck] => C:\Users\tine76\AppData\Roaming\SCheck\SCheck.exe [37376 2013-12-09] ()
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Run: [Snoozer] => C:\Users\tine76\AppData\Roaming\Snz\Snz.exe [1626751 2014-11-07] ()
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Run: [DataMgr] => C:\Users\tine76\AppData\Roaming\DataMgr\DataMgr.exe [168824 2014-03-04] (HTTO Group, Ltd.)
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Run: [Intermediate] => C:\Users\tine76\AppData\Roaming\Intermediate\Intermediate.exe [37376 2013-12-09] ()
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\MountPoints2: {a28a89f0-634d-11e2-a2c5-9439e59a03a6} - E:\Startme.exe
HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Run: [Google Update] => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-25] (Google Inc.)
HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Run: [iLivid] => C:\Users\Jugendliche\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-08] (Bandoo Media Inc.)
HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\Program Files (x86)\SupTab\SearchProtect64.dll [102512 2014-05-08] (Skytech Co., Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => C:\Program Files (x86)\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\lollipop.lnk
ShortcutTarget: lollipop.lnk -> C:\Users\tine76\AppData\Local\Lollipop\Lollipop.exe (No File)
Startup: C:\Users\tine76\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
GroupPolicyUsers\S-1-5-21-1990863777-1001858336-1583621791-1003\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49708;https=127.0.0.1:49708
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gO5mUuqRnHEBbwktsKSX65usQynxcsK80H4pWuy8hTsERibtUcC0QNserob39UydYxzfTacTaJVqAfUbw7DKt6EpBFWQgyIoq6gw9DHgnr32j3h1SnW5GOZ686Tq9gF7TG4,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gO5mUuqRnHEBbwktsKSX65usQynxcsK80H4pWuy8hTsERibtUcC0QNserob39UydYxzfTacTaJVqAfUbw7DKt6EpBFWQgyIoq6gw9DHgnr32j3h1SnW5GOZ686Tq9gF7TG4,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=121529&tt=gc_&babsrc=HP_ss_din2g&mntrId=6662B639E59A03A5
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.fbdownloader.com/?channel=de
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sweet-page.com/?type=hp&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1&q={searchTerms}
URLSearchHook: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1403032146&from=pjr&uid=ST9500325AS_5VELQ5E1XXXX5VELQ5E1&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gO5mUuqRnHEBbwktsKSX65usQynxcsK80H4pWuy8hTsERibtUcC0QNserob39UydYxzfTacTaJVqAfUbw7DKt6EpBFWQgyIoq6gw9DHgnr32j3h1SnW5GOZ686Tq9gF7TG4,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gO5mUuqRnHEBbwktsKSX65usQynxcsK80H4pWuy8hTsERibtUcC0QNserob39UydYxzfTacTaJVqAfUbw7DKt6EpBFWQgyIoq6gw9DHgnr32j3h1SnW5GOZ686Tq9gF7TG4,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=de&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd5gO5mUuqRnHEBbwktsKSX65usQynxcsK80H4pWuy8hTsERibtUcC0QNserob39UydYxzfTacTaJVqAfUbw7DKt6EpBFWQgyIoq6gw9DHgnr32j3h1SnW5GOZ686Tq9gF7TG4,&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fbdownloader.com/search.php?channel=de&q={searchTerms}
BHO: PlusHD-V1.3 -> {11111111-1111-1111-1111-110511831160} -> C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-bho64.dll (PlusHDv)
BHO: videos MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\videos MediaPlay-Air\videos MediaPlay-Air-bho64.dll (enter)
BHO: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll No File
BHO: SmileysWeLoveToolbar -> {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} -> C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader64.dll ()
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PlusHD-V1.3 -> {11111111-1111-1111-1111-110511831160} -> C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-bho.dll (PlusHDv)
BHO-x32: videos MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\videos MediaPlay-Air\videos MediaPlay-Air-bho.dll (enter)
BHO-x32: melondrea -> {16f059cb-3d3f-4ecc-b426-bafa47233676} -> C:\Program Files (x86)\melondrea\melondreabho.dll No File
BHO-x32: Shopping Helper SmartbarEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Simple New Tab Bho -> {5C2DD58F-613F-4580-8AC0-F10D760AF938} -> C:\Users\tine76\AppData\Local\simple_new_tab\simple_new_tab.dll (Temp Company Ltd)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: OfferMosquito -> {82B16A3D-F03E-4565-A532-666B219C9A53} -> C:\Users\tine76\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll (Bebo Media Ltd)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: No Name -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} ->  No File
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmileysWeLoveToolbar -> {E4EF8A64-0A30-48F5-B3FE-5FDA978DA775} -> C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll ()
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM - SmileysWeLove - {CF0F43AB-9C23-4D7B-8040-201B82844854} - C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader64.dll ()
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files (x86)\FileConverter_1.3\prxtbFile.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - SmileysWeLove - {CF0F43AB-9C23-4D7B-8040-201B82844854} - C:\Program Files (x86)\Smileys We Love Toolbar for IE\adxloader.dll ()
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000 -> No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000 -> No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000 -> No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} -  No File
Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003 -> No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003 -> No Name - {78E516EF-11DE-47A1-8364-A99B917EC5EE} -  No File
Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003 -> No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003 -> No Name - {D1121FE0-0145-44C9-AA35-72071AC20A9B} -  No File
Toolbar: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
Hosts: 127.0.0.1			d3oxij66pru1i3.cloudfront.net
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1

FireFox:
========
FF ProfilePath: C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default
FF NewTab: hxxp://start.iminent.com/?ref=NewTab&appId=42413A10-5C5B-490B-AF47-E651A608B671
FF DefaultSearchEngine: AVG Nation Search
FF DefaultSearchUrl: hxxp://search.fbdownloader.com/search.php?channel=de&q=
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: AVG Nation Search
FF Homepage: hxxp://search.fbdownloader.com/?channel=de
FF Keyword.URL: hxxp://search.fbdownloader.com/search.php?channel=de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\tine76\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: @tools.google.com/Google Update;version=3 -> C:\Users\tine76\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: @tools.google.com/Google Update;version=9 -> C:\Users\tine76\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1000: bebomedia.com/OfferMosquitoIEHelper -> C:\Users\tine76\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll (Bebo Media Ltd)
FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1003: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Jugendliche\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1003: @tools.google.com/Google Update;version=3 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1990863777-1001858336-1583621791-1003: @tools.google.com/Google Update;version=9 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\searchplugins\search.xml
FF SearchPlugin: C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: videos MediaPlay-Air - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com [2014-11-09]
FF Extension: PlusHD-V1.3 - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\ba9147e3-ae8c-4ced-9c9a-240425bd7d8e@6ddffb66-c974-42d7-8752-9e6a4ec073b0.com [2014-06-17]
FF Extension: Delta Toolbar - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\ffxtlbr@delta.com [2013-05-28]
FF Extension: Iminent Toolbar - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\ffxtlbr@iminent.com [2014-03-12]
FF Extension: Quick Start - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\quick_start@gmail.com [2014-06-17]
FF Extension: Snap.Do  - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944} [2014-11-14]
FF Extension: DealPly  Shopping - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{42e0ced7-806f-4983-af54-92bdeefee519} [2013-05-28]
FF Extension: SmileysWeLove: Smileys for use with Facebook, GMail, and more - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\jid1-FB1bBgFMk5H6Wg@jetpack.xpi [2014-06-17]
FF Extension: OfferMosquito - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\om@offermosquito.com.xpi [2014-04-02]
FF Extension: PricePeep - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\pricepeep@getpricepeep.com.xpi [2013-08-30]
FF Extension: Simple New Tab - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\snt@dotlabs.co.xpi [2013-11-13]
FF Extension: Iminent - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\webbooster@iminent.com.xpi [2014-03-12]
FF Extension: melondrea - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{c047df5e-0fda-4055-b5db-a96a8a34a094}.xpi [2014-03-12]
FF Extension: Adblock Plus - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-14]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Nation toolbar\FireFoxExt\17.3.0.49
FF Extension: AVG Nation toolbar - C:\ProgramData\AVG Nation toolbar\FireFoxExt\17.3.0.49 [2014-01-08]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\extensions\quick_start@gmail.com

Chrome: 
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll ()
CHR Plugin: (McAfee SiteAdvisor) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.1_0\McChPlg.dll No File
CHR Plugin: (McAfee SiteAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll No File
CHR Profile: C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DealPly UK) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\hggpkhijoeadmdfmlbdepfbngmhaldci [2013-05-28]
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-05-28]
CHR Extension: (Google Wallet) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-05]
CHR Extension: (PlusHD-V1.3) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjpieepnfhpcpkjklohnpmmmmdhcbmd [2014-11-14]
CHR Extension: (Quick start) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-11-14]
CHR Extension: (DVDVideoSoftTB) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\plmlpkfpkijnlijgalnjaacllnjmoamo [2013-05-28]
CHR Extension: (Simple New Tab) - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmgkeimkiojpjcoiiipekfjaopchhjga [2014-05-15]
CHR HKLM-x32\...\Chrome\Extension: [gnfaiijpfcmdehcgcnnippmnhjjnbllp] - C:\Program Files (x86)\Blingee Plus\blingee_plus_nt.crx []
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - "C:\Program Files (x86)\Iminent\Iminent.crx" []
CHR HKLM-x32\...\Chrome\Extension: [inemjdopipfdlbnbpjjnjkebpknphoba] - C:\Program Files (x86)\Blingee Plus\blingee_plus_si.crx []
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\tine76\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-17]
CHR HKLM-x32\...\Chrome\Extension: [plmlpkfpkijnlijgalnjaacllnjmoamo] - C:\Users\tine76\AppData\Local\CRE\plmlpkfpkijnlijgalnjaacllnjmoamo.crx [2012-08-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
S4 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-02-18] (Just Develop It) <==== ATTENTION
S4 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-03] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-03] (globalUpdate) [File not signed]
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34336 2014-06-16] () <==== ATTENTION
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [210432 2014-02-12] () [File not signed] <==== ATTENTION
R2 scores; C:\Windows\score.exe [4816384 2014-07-30] () [File not signed]
S4 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 VOsrv; C:\Users\tine76\AppData\Roaming\VOPackage\VOsrv.exe [353792 2014-02-25] () [File not signed]
R2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1793536 2014-04-27] (AVG Secure Search) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
R2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [217600 2014-06-06] (Wajam Internet Technologies Inc.) [File not signed] <==== ATTENTION
R2 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [591776 2014-06-12] (Fuyu LIMITED) <==== ATTENTION
S2 WinkHandler; C:\Program Files (x86)\Iminent\WinkHandler.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 15:23 - 2014-11-14 15:24 - 00036469 _____ () C:\Users\tine76\Downloads\FRST.txt
2014-11-14 15:23 - 2014-11-14 15:23 - 00000000 ____D () C:\FRST
2014-11-14 15:22 - 2014-11-14 15:22 - 02116608 _____ (Farbar) C:\Users\tine76\Downloads\FRST64.exe
2014-11-14 14:33 - 2014-11-14 14:33 - 00000000 ____D () C:\Users\tine76\AppData\Local\Macromedia
2014-11-14 14:32 - 2014-11-14 14:37 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-14 14:32 - 2014-11-14 14:32 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-14 14:29 - 2014-11-14 14:29 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Snz
2014-11-14 14:26 - 2014-11-14 14:26 - 00003416 ____N () C:\bootsqm.dat
2014-11-14 14:23 - 2014-11-14 14:23 - 00000000 __SHD () C:\found.001
2014-11-01 18:12 - 2014-11-14 14:28 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-10-25 19:44 - 2014-10-25 19:44 - 00071024 _____ (Premium Installer ) C:\Users\Jugendliche\Downloads\setup (17).exe
2014-10-24 20:28 - 2014-10-24 20:28 - 00071024 _____ (Premium Installer ) C:\Users\Jugendliche\Downloads\setup (16).exe
2014-10-16 10:03 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 10:03 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 10:03 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 10:03 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 10:03 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 10:03 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 10:03 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 10:03 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 10:03 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 10:03 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 10:03 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 10:03 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 10:03 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 10:03 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 10:03 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 10:03 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-16 10:03 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 10:03 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 10:03 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-16 10:03 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 10:03 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-16 10:03 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-16 10:03 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 10:03 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 10:03 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 10:03 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 10:03 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-16 10:03 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 10:03 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-16 10:03 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-16 10:03 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-16 10:03 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 10:03 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 10:03 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-16 10:03 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-16 10:03 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 10:03 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 10:03 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-16 10:03 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 10:03 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-16 10:03 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 10:03 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 10:03 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 10:03 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 10:03 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 10:03 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-16 10:03 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-16 10:03 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 10:03 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 10:03 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-16 10:03 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-16 10:03 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 10:03 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 10:03 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 10:03 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-16 10:03 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 10:03 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 10:03 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-16 10:03 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 10:03 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-16 10:03 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 10:03 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 10:03 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 10:03 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 10:03 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 10:03 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 10:02 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 10:02 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 10:01 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 10:01 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 10:01 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 10:01 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 10:01 - 2014-07-17 03:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 10:01 - 2014-07-17 03:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-16 10:01 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 10:01 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 10:01 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 10:01 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 10:01 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 10:01 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 10:01 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 10:01 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 10:01 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-16 10:01 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-16 10:01 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 10:01 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 10:01 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 10:01 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-14 15:24 - 2014-03-12 09:05 - 07249692 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-11-14 15:24 - 2014-01-27 15:09 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Software Informer
2014-11-14 15:22 - 2011-11-24 16:58 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5B5EFC5C-CFD1-4F85-A4D0-78B4F8EC748B}
2014-11-14 15:21 - 2014-06-17 21:21 - 00001434 _____ () C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-7.job
2014-11-14 14:57 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2014-11-14 14:47 - 2014-01-18 13:24 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA.job
2014-11-14 14:44 - 2014-01-27 15:09 - 00003316 _____ () C:\Windows\System32\Tasks\SoftwareInformerService
2014-11-14 14:43 - 2014-01-27 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Software Informer
2014-11-14 14:43 - 2014-01-27 15:09 - 00000000 ____D () C:\Program Files\Software Informer
2014-11-14 14:43 - 2013-12-07 17:19 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-14 14:39 - 2012-12-06 17:42 - 01734239 _____ () C:\Windows\WindowsUpdate.log
2014-11-14 14:37 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-14 14:37 - 2009-07-14 05:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-14 14:36 - 2014-03-09 21:14 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-11-14 14:35 - 2011-09-03 11:08 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-11-14 14:35 - 2011-09-03 11:08 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-11-14 14:35 - 2009-07-14 06:13 - 01622228 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-14 14:33 - 2014-08-03 09:17 - 00002858 _____ () C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-6.job
2014-11-14 14:32 - 2014-06-17 21:21 - 00000000 ____D () C:\Users\tine76\AppData\Local\fst_de_36
2014-11-14 14:32 - 2013-05-14 21:25 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-14 14:32 - 2011-12-01 23:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-14 14:29 - 2014-05-15 13:18 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\SCheck
2014-11-14 14:29 - 2014-03-12 09:18 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Intermediate
2014-11-14 14:29 - 2014-03-12 09:18 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\DataMgr
2014-11-14 14:28 - 2014-08-03 09:18 - 00003468 _____ () C:\Windows\Tasks\83a38ffb-5908-45a5-bf15-226f462a688f.job
2014-11-14 14:28 - 2014-08-03 09:18 - 00002322 _____ () C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-4.job
2014-11-14 14:28 - 2014-08-03 09:18 - 00002110 _____ () C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-5_user.job
2014-11-14 14:28 - 2014-08-03 09:18 - 00002110 _____ () C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-5.job
2014-11-14 14:28 - 2014-08-03 09:18 - 00001686 _____ () C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-1.job
2014-11-14 14:28 - 2014-08-03 09:18 - 00001420 _____ () C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-2.job
2014-11-14 14:28 - 2014-08-03 09:17 - 00003814 _____ () C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-11.job
2014-11-14 14:28 - 2014-08-03 09:17 - 00002000 _____ () C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-7.job
2014-11-14 14:28 - 2014-08-03 09:16 - 00003132 _____ () C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-3.job
2014-11-14 14:28 - 2014-07-16 19:25 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-11-14 14:28 - 2014-06-17 21:22 - 00002222 _____ () C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-4.job
2014-11-14 14:28 - 2014-06-17 21:22 - 00001490 _____ () C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-1.job
2014-11-14 14:28 - 2014-06-17 21:22 - 00001420 _____ () C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-5.job
2014-11-14 14:28 - 2014-06-17 21:22 - 00001342 _____ () C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-2.job
2014-11-14 14:28 - 2014-06-17 21:21 - 00003796 _____ () C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-11.job
2014-11-14 14:28 - 2014-06-17 21:21 - 00003114 _____ () C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-3.job
2014-11-14 14:28 - 2014-06-17 21:21 - 00001502 _____ () C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-6.job
2014-11-14 14:28 - 2014-06-17 21:21 - 00000900 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-11-14 14:28 - 2014-03-12 09:18 - 00000000 ____D () C:\Users\tine76\AppData\Roaming\Fifth
2014-11-14 14:28 - 2013-12-07 17:19 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-14 14:28 - 2013-11-11 09:14 - 00096678 _____ () C:\Windows\setupact.log
2014-11-14 14:28 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-14 13:36 - 2014-08-15 21:31 - 00184800 _____ () C:\Windows\SysWOW64\XMLOperations.xml
2014-11-14 13:28 - 2014-01-26 17:14 - 00000310 _____ () C:\Windows\Tasks\SaveSense.job
2014-11-14 12:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-11 16:21 - 2013-06-15 19:37 - 00000000 ____D () C:\Users\Jugendliche\AppData\Local\CrashDumps
2014-11-04 14:30 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-01 13:52 - 2014-01-26 17:14 - 00000315 _____ () C:\Users\Jugendliche\AppData\Roaming\WB.CFG
2014-10-31 12:32 - 2014-08-03 09:18 - 00005140 _____ () C:\Windows\System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-5
2014-10-31 12:32 - 2014-08-03 09:17 - 00005820 _____ () C:\Windows\System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-6
2014-10-31 12:31 - 2014-08-03 09:16 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air
2014-10-29 17:15 - 2014-08-19 15:01 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-26 15:42 - 2014-01-18 13:24 - 00004126 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA
2014-10-26 15:42 - 2014-01-18 13:24 - 00003730 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core
2014-10-26 15:42 - 2014-01-18 13:24 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core.job
2014-10-26 15:40 - 2011-11-24 16:56 - 00000000 ____D () C:\Users\tine76
2014-10-24 19:37 - 2009-07-14 05:45 - 00293448 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-24 19:35 - 2014-05-07 06:43 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-24 11:07 - 2013-07-29 10:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-24 10:48 - 2011-11-25 16:10 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-22 17:38 - 2013-12-07 17:19 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-22 17:38 - 2013-12-07 17:19 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\tine76\AppData\Local\Temp\6_Offer_14.exe
C:\Users\tine76\AppData\Local\Temp\BackupSetup.exe
C:\Users\tine76\AppData\Local\Temp\BuenoSearchTB.exe
C:\Users\tine76\AppData\Local\Temp\DM1394395834.exe
C:\Users\tine76\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplbxopp.dll
C:\Users\tine76\AppData\Local\Temp\InstallerLibrary.dll
C:\Users\tine76\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\tine76\AppData\Local\Temp\Mobogenie_INT.exe
C:\Users\tine76\AppData\Local\Temp\ms.exe
C:\Users\tine76\AppData\Local\Temp\nsg2A8.exe
C:\Users\tine76\AppData\Local\Temp\nsgAA94.exe
C:\Users\tine76\AppData\Local\Temp\nsgFE15.exe
C:\Users\tine76\AppData\Local\Temp\nslA66E.exe
C:\Users\tine76\AppData\Local\Temp\nsvA1CB.exe
C:\Users\tine76\AppData\Local\Temp\nsvF8A7.exe
C:\Users\tine76\AppData\Local\Temp\rdm.exe
C:\Users\tine76\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\tine76\AppData\Local\Temp\setup_297.exe
C:\Users\tine76\AppData\Local\Temp\tbDVD0.dll
C:\Users\tine76\AppData\Local\Temp\tmpD217.tmp.exe
C:\Users\tine76\AppData\Local\Temp\uninst1.exe
C:\Users\tine76\AppData\Local\Temp\ValidationScriptLibrary.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-28 18:39

==================== End Of Log ============================
         
 --- --- ---

--- --- ---

--- --- ---

[CODE][CODE]

Code:

ATTFilter


	Code: 

 ATTFilter

  
	Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-11-2014 02
Ran by tine76 at 2014-11-14 15:25:26
Running from C:\Users\tine76\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{8A5F5F0A-BE2D-4763-B764-BF6EFE93A68B}) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.6) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12594 - Systweak Software) <==== ATTENTION
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft Panorama Maker 5 (HKLM-x32\...\{F18046C5-1C4E-4BE1-A3D6-A6F970E2E8E8}) (Version: 5.0.1.71 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.444 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
AVG Nation toolbar (HKLM-x32\...\AVG Nation toolbar) (Version: 18.1.0.443 - InfoSpace)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Birdie Shoot 2 (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Birdie Shoot 2) (Version:  - )
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowserSafeguard with RocketTab (HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\BrowserSafeguard) (Version:  - BrowserSafeguard with RocketTab) <==== ATTENTION
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DealPly (remove only) (HKLM-x32\...\DealPly) (Version: 4.8.6.6 - DealPly Technologies Ltd.) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION
Dropbox (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
DVDVideoSoftTB DE Toolbar (HKLM-x32\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.8.9.0 - DVDVideoSoftTB DE)
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
FileConverter 1.3 Toolbar (HKLM-x32\...\FileConverter_1.3 Toolbar) (Version: 6.9.0.16 - FileConverter 1.3)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Free YouTube to MP3 Converter version 3.11.37.1212 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.37.1212 - DVDVideoSoft Ltd.)
fst_de_36 (HKLM-x32\...\fst_de_36_is1) (Version:  - fst) <==== ATTENTION
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Google Chrome) (Version: 30.0.1599.101 - Google Inc.)
Google Chrome (HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 7.5.3.1 - Iminent) <==== ATTENTION
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{7FCDABCC-1A1E-4D61-909D-BA9495172774}) (Version: 11.0.3.42 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kabel Deutschland Installations-Software (x32 Version: 3.6.0.0 - Kabel Deutschland Vertrieb und Services GmbH) Hidden
Lollipop (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\lollipop) (Version:  - Lollipop Network, S.L.) <==== ATTENTION
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Media Go (HKLM-x32\...\{362AB21A-E2C4-40CE-81C2-8C4D62B0635A}) (Version: 2.4.256 - Sony)
Media Go Video Playback Engine 1.116.109.02030 (HKLM-x32\...\{54215B8A-6212-8DB8-39B4-98EE2BB98BD1}) (Version: 1.116.109.02030 - Sony)
melondrea (HKLM\...\melondrea) (Version: 2014.03.11.234342 - melondrea) <==== ATTENTION
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
Mysearchdial (HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
Mystery of Montezuma (HKLM-x32\...\Mystery of Montezuma/DE-German_is1) (Version:  - City Interactive)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.0.1 - Nikon)
OfferMosquito IE Extension (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\OfferMosquito) (Version: 2.0 - Bebo Media Inc) <==== ATTENTION
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
PepperZip 1.0 (HKLM-x32\...\PepperZip) (Version: 1.0 - PepperWare Co.) <==== ATTENTION
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.14.6.15183 - Sony Computer Entertainment Inc.)
PlusHD-V1.3 (HKLM-x32\...\PlusHD-V1.3) (Version: 1.34.6.10 - PlusHDv)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Qtrax Player (HKLM-x32\...\{89505A66-35F0-4401-B3AD-D077051F8698}) (Version: 01.001.0001 - Qtrax)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
rrsavings (HKLM\...\rrsavings) (Version: 2.0.1 - rrsavings) <==== ATTENTION
SaveSense (HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\SaveSense) (Version: 6.4.0.0 - SaveSense) <==== ATTENTION
SavingsBull (HKLM\...\Level Quality Watcher) (Version: SavingsBull - SavingsBull) <==== ATTENTION
SavingsbullFilter (Version: 1.0.0.0 - SavingsBull Filter) Hidden <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Shopping Helper Smartbar (HKLM-x32\...\{16F8A832-DD84-4271-8B76-ACADE6DB3968}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\{615dd206-11d9-4db4-9f07-0f3815ba4a33}) (Version: 11.82.63.17791 - ReSoft Ltd.) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smileys We Love Toolbar for IE (HKLM-x32\...\{5D57E386-D294-41BA-9146-FADE0C76EB2A}) (Version: 3.0.27 - SqueekyChocolate, LLC) <==== ATTENTION
Software Informer 1.4.1181.0 (HKLM\...\Software Informer_is1) (Version:  - Informer Technologies, Inc.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.6.201305161305 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
suprasavings (HKLM\...\suprasavings) (Version: 2.0.1 - suprasavings) <==== ATTENTION
sweet-page uninstaller (HKLM-x32\...\sweet-page uninstaller) (Version:  - sweet-page) <==== ATTENTION
Torch (HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Torch) (Version: 29.0.0.5516 - Torch Media, Inc) <==== ATTENTION
Update for Zip Opener (HKU\S-1-5-21-1990863777-1001858336-1583621791-1003\...\Digital Sites) (Version:  - Update for Zip Opener) <==== ATTENTION
Update_DealPly (HKU\S-1-5-21-1990863777-1001858336-1583621791-1000\...\Dealply) (Version:  - ) <==== ATTENTION
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Play mit PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-Tastatur  (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.0.08120 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
videos MediaPlay-Air (HKLM-x32\...\videos MediaPlay-Air) (Version: 1.34.7.29 - enter) <==== ATTENTION
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Wajam (HKLM-x32\...\Wajam) (Version: 2.8 (i2.1) - Wajam) <==== ATTENTION
Windows Essentials Media Codec Pack 4.7 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.7 - Media Codec)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WindowsProtectManger20.0.0.401 (HKLM-x32\...\WindowsProtectManger) (Version: 20.0.0.401 - Fuyu LIMITED) <==== ATTENTION
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\tine76\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1990863777-1001858336-1583621791-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Jugendliche\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

16-09-2014 10:16:04 Windows Update
23-09-2014 14:13:48 Windows Update
30-09-2014 15:37:32 Windows Update
04-10-2014 09:34:53 Windows Update
07-10-2014 14:49:37 Windows Update
11-10-2014 09:48:09 Windows Update
16-10-2014 08:52:38 Windows Update
21-10-2014 14:14:31 Windows Update
24-10-2014 09:46:55 Windows Update
28-10-2014 15:44:22 Windows Update
14-11-2014 12:58:13 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-05-17 20:00 - 00000867 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1			d3oxij66pru1i3.cloudfront.net

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {00A0C3A8-F255-444B-960F-0B0ABA0A0506} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {01350669-CC76-4C09-8F60-6E37D95E41D9} - System32\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-2 => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-2.exe [2014-06-17] (PlusHDv) <==== ATTENTION
Task: {0553E178-CF55-460F-8CAD-A14018F6A8B7} - System32\Tasks\Sony Corporation\VAIO Personalization Manager\VpmLM Task Music tine76 => C:\Program Files\Sony\VAIO Personalization Manager\VpmLM.exe [2011-02-08] (Sony Corporation)
Task: {0B745F8F-C7CC-4D84-812E-9A0A22D8D2DF} - System32\Tasks\SaveSense => C:\Users\Jugendliche\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {0B86F7DD-C20C-4184-8428-B67E1980457E} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2011-02-23] (Sony Corporation)
Task: {0EB9BD7F-3F68-4B46-9A65-DF3028A65BF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {12673CB7-D87A-4D3C-A683-81426EBF17EC} - System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-2 => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-2.exe [2014-08-03] (enter) <==== ATTENTION
Task: {1772ACCF-C19A-47F5-B895-14E6FCA9A6FA} - System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-3 => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-3.exe [2014-08-03] (enter) <==== ATTENTION
Task: {179191A5-72FB-4888-A710-F867B782F0FA} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {1CC58B94-8C63-45E5-B722-02EABFEFBE65} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-02-28] (Systweak) <==== ATTENTION
Task: {1E1CE89A-FF1E-42ED-9FE6-9C60C718C320} - System32\Tasks\Fifth => C:\Users\tine76\AppData\Roaming\Fifth\Fifth.exe [2014-05-07] () <==== ATTENTION
Task: {29264509-F668-48DF-9A09-AB1DE1306D9D} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {2946D627-63CD-49FD-84B5-FDA21F79F76A} - System32\Tasks\83a38ffb-5908-45a5-bf15-226f462a688f => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-4.exe [2014-08-03] (enter) <==== ATTENTION
Task: {30820A8B-2317-4240-98C8-9D398B53A5F9} - System32\Tasks\{58907B18-0306-4AFB-AEC2-7B096CB49CBB} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.16.60.105/de/abandoninstall?page=tsProgressBar
Task: {401EBAD0-D825-40C9-B165-5674778C0875} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25] (Google Inc.)
Task: {431283F6-23B9-48FD-821F-90E242FF2A97} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {4E09374C-BD7F-41E8-BF37-BB45C1B6F4E7} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {4EA2CB53-97C8-418A-BFA8-66D13490E5D7} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {627E97B5-2A40-4DAB-BEF5-CBBE4DC16282} - System32\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-4 => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-4.exe [2014-06-17] (PlusHDv) <==== ATTENTION
Task: {63C6FB40-FF18-4DF1-86C6-6E0F32A66BD1} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-03] (globalUpdate) <==== ATTENTION
Task: {681A2D8C-1CCD-4BFE-8A23-6617A506BA62} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {6C4CF4A9-4646-45A3-9558-5B049E849B2A} - System32\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-11 => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-11.exe [2014-06-17] (PlusHDv) <==== ATTENTION
Task: {74FB5716-BA35-401F-9404-AB568AD691C9} - System32\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-5 => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-5.exe [2014-06-17] (PlusHDv) <==== ATTENTION
Task: {96C0DDE1-E68E-46C0-B73A-5E75469CFABF} - System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-5 => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-5.exe [2014-08-03] (enter) <==== ATTENTION
Task: {9A7E1A99-AAED-48A3-A3BF-7BEC0224B87A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {9D44DA35-689E-4C5A-9A42-2283BAF47CA4} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {A028EE60-0D40-4198-87FD-A7980DC39C12} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A4C2D76D-6868-42F3-98A2-0B19EF2F4512} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {A4F32AD2-8F6E-4762-9F96-D37F768D12C2} - System32\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-7 => C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-nova.exe [2014-06-17] (PlusHDv) <==== ATTENTION
Task: {C21E1463-4063-4FE0-8F07-88FBED3E4A65} - System32\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-1 => C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-codedownloader.exe [2014-06-17] (PlusHDv) <==== ATTENTION
Task: {C3DBE868-C061-4A52-B113-BA2262D1995D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {C4BFA636-922D-4258-971D-6CCAB7A9944D} - System32\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-3 => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-3.exe [2014-06-17] (PlusHDv) <==== ATTENTION
Task: {C9169936-B1AB-4543-8556-FE276C5A517B} - System32\Tasks\SoftwareInformerService => C:\Program Files\Software Informer\softinfo.exe [2014-11-06] (Informer Technologies, Inc.)
Task: {CCC821C9-7FDD-49C4-A885-F6D39552A3BF} - System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-4 => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-4.exe [2014-08-03] (enter) <==== ATTENTION
Task: {CD4784E0-82A9-499F-9230-62EB4A2A5949} - System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-11 => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-11.exe [2014-08-03] (enter) <==== ATTENTION
Task: {DAFCB11B-A1F4-49DF-BA63-4326E78B4DA8} - System32\Tasks\{BA04E57D-0386-488D-BD1C-55475EB13C58} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.16.60.105/de/abandoninstall?page=tsProgressBar
Task: {DDA57870-1FF9-424D-9B4E-A5A892CDE345} - System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-7 => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-7.exe [2014-08-03] (enter) <==== ATTENTION
Task: {DF15B244-2DF0-4BF9-B2A1-8420E5CF889B} - System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-1 => C:\Program Files (x86)\videos MediaPlay-Air\videos MediaPlay-Air-codedownloader.exe [2014-08-03] (enter) <==== ATTENTION
Task: {E3301374-DD1F-41D6-8C6A-554F73980B0F} - System32\Tasks\{F0DAD20A-F8DC-4BE7-855F-FE019ECD28B8} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.16.60.105/de/abandoninstall?page=tsProgressBar
Task: {E368A6AF-CEC8-4145-93E8-532B2E31B810} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-25] (Google Inc.)
Task: {E4FAA6C4-1A96-4241-91BE-9F12CAE1B75D} - System32\Tasks\SONY\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {E838DE8C-C9F8-40E2-969C-CFBD45EE5884} - System32\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-6 => C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-novainstaller.exe [2014-06-17] (PlusHDv) <==== ATTENTION
Task: {E83E7AAE-8CAF-4E9F-A398-1C6AB443032F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-14] (Adobe Systems Incorporated)
Task: {E86366F7-F623-41AB-9AB0-0C176135988D} - System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-5_user => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-5.exe [2014-08-03] (enter) <==== ATTENTION
Task: {EC14ACB7-01E7-4632-8D75-2907C3334354} - System32\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-6 => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-6.exe [2014-10-06] (FileProperties_CompanyName) <==== ATTENTION
Task: C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-1.job => C:\Program Files (x86)\videos MediaPlay-Air\videos MediaPlay-Air-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-11.job => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-2.job => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-3.job => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-4.job => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-5.job => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-5_user.job => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-6.job => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\827567e6-6c68-472c-9bb8-ed397aa16f65-7.job => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-7.exe+/ReEdPC /hdiaC='videos MediaPlay-Air' /bDjaQPWG=61799 /GshHoh='001673' /nPRSF='verticals-ads,intext,pops,shopping' /kCgjl='0' /hvSbiA=A5DD3312644747D084AE57DFBEF48F8DIE /aVxHCw=6af71fd57bcbc4888c73d8fbd36c0dc3 /QBvboUVo=1_34_07_29 /tNwoNcP=1.34.7.29 /URdcIxKJ=1407053735 /aZUPSsR=hxxp://stats.infogenservice.com /Skaqk=hxxp://errors.infogenservice.com /HLANOpM=hxxp://js.infogenservice.com /hFXuC=ff /fXeeQcRh /CsFWUqs=videos MediaPlay-Air /ytaihaN702fa404-61db-497e-bd43-c47daf7d55e7.dll /bPcJJ994a7f7f-2ad4-41da-8670-0d21e8279bfc.dll /SyidorGA827567e6-6c68-472c-9bb8-ed397aa16f65-64.exe <==== ATTENTION
Task: C:\Windows\Tasks\83a38ffb-5908-45a5-bf15-226f462a688f.job => C:\Program Files (x86)\videos MediaPlay-Air\827567e6-6c68-472c-9bb8-ed397aa16f65-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-1.job => C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-11.job => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-2.job => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-3.job => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-4.job => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-5.job => C:\Program Files (x86)\PlusHD-V1.3\cb501045-6fcf-486d-96a1-7f9ed6bb974b-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-6.job => C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-novainstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\cb501045-6fcf-486d-96a1-7f9ed6bb974b-7.job => C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-nova.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 1.5-chromeinstaller.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven 1.5-codedownloader.job => C:\Program Files (x86)\Feven 1.5\Feven 1.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003Core.job => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1990863777-1001858336-1583621791-1003UA.job => C:\Users\Jugendliche\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\JUGEND~1\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-02-18 14:32 - 2014-02-18 14:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-06-16 13:21 - 2014-06-16 13:21 - 00034336 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-02-12 14:16 - 2014-02-12 14:16 - 00210432 _____ () c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
2014-02-02 11:26 - 2014-02-02 11:26 - 00317952 _____ () c:\Program Files\SavingsbullFilter\ProtocolFilters.dll
2013-11-19 00:42 - 2013-11-19 00:42 - 00110080 _____ () c:\Program Files\SavingsbullFilter\nfapi.dll
2014-08-03 09:15 - 2014-07-30 20:45 - 04816384 _____ () C:\Windows\score.exe
2014-02-25 07:29 - 2014-02-25 07:29 - 00353792 _____ () C:\Users\tine76\AppData\Roaming\VOPackage\VOsrv.exe
2014-04-28 13:02 - 2014-04-27 22:49 - 00158536 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
2014-06-16 13:21 - 2014-06-16 13:21 - 00036384 _____ () C:\Program Files (x86)\LPT\srptsl.exe
2014-06-16 13:21 - 2014-06-16 13:21 - 00024608 _____ () C:\Users\tine76\AppData\Local\LPT\srptm.exe
2014-06-17 21:21 - 2014-06-06 09:48 - 03268600 _____ () C:\Users\tine76\AppData\Local\fst_de_36\upfst_de_36.exe
2014-03-09 12:28 - 2014-04-27 22:49 - 02556744 _____ () C:\Program Files (x86)\AVG Nation toolbar\vprot.exe
2014-03-09 21:13 - 2014-02-28 09:07 - 00768192 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2014-02-18 14:38 - 2014-02-18 14:38 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-06-16 13:18 - 2014-06-16 13:18 - 00025120 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-03-09 21:13 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-03-09 21:13 - 2014-02-28 18:29 - 01730928 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-03-09 21:13 - 2012-07-25 12:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2014-06-16 13:21 - 2014-06-16 13:21 - 00044064 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-04-28 13:02 - 2014-04-27 22:49 - 00518472 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll
2014-06-16 13:21 - 2014-06-16 13:21 - 00060960 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-06-16 13:21 - 2014-06-16 13:21 - 00078368 _____ () C:\Users\tine76\AppData\Local\LPT\srpt.dll
2014-06-16 13:21 - 2014-06-16 13:21 - 00044064 _____ () C:\Users\tine76\AppData\Local\LPT\srptc.dll
2014-06-16 13:18 - 2014-06-16 13:18 - 00018976 _____ () C:\Users\tine76\AppData\Local\LPT\Smartbar.Common.dll
2014-06-16 13:21 - 2014-06-16 13:21 - 00060960 _____ () C:\Users\tine76\AppData\Local\LPT\srut.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00067616 _____ () C:\Users\tine76\AppData\Local\LPT\sppsm.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00157216 _____ () C:\Users\tine76\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00028704 _____ () C:\Users\tine76\AppData\Local\LPT\Smartbar.Personalization.Common.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00167456 _____ () C:\Users\tine76\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00047648 _____ () C:\Users\tine76\AppData\Local\LPT\srbu.dll
2014-07-16 19:24 - 2014-07-16 19:24 - 00904704 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00026656 _____ () C:\Users\tine76\AppData\Local\LPT\srpdm.dll
2014-06-16 13:18 - 2014-06-16 13:18 - 00028192 _____ () C:\Users\tine76\AppData\Local\LPT\ProxySettings.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00047136 _____ () C:\Users\tine76\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-06-16 13:18 - 2014-06-16 13:18 - 00054304 _____ () C:\Users\tine76\AppData\Local\LPT\Proxy.Lib.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00029216 _____ () C:\Users\tine76\AppData\Local\LPT\sreu.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00046624 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00071712 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\srau.dll
2013-09-02 13:02 - 2013-09-02 13:02 - 00150560 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 02337824 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00068640 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\spbl.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00157216 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00015904 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\siem.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00067616 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\sppsm.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00698400 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-09-02 13:02 - 2013-09-02 13:02 - 00014368 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-09-02 13:02 - 2013-09-02 13:02 - 00081952 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00028704 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-06-16 13:21 - 2014-06-16 13:21 - 00060960 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\srut.dll
2014-06-16 13:21 - 2014-06-16 13:21 - 00031264 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\srsbs.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00067104 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00032800 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\srom.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00032288 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\smtu.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00040992 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\smta.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00151072 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\smti.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00026144 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\sgml.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00047648 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\srbu.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00063520 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00026656 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\srpdm.dll
2014-06-16 13:18 - 2014-06-16 13:18 - 00045088 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-06-16 13:10 - 2014-06-16 13:10 - 00026656 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00036896 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00194592 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\sgmu.dll
2014-05-12 10:21 - 2014-05-12 10:21 - 00061440 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-06-16 13:20 - 2014-06-16 13:20 - 00257056 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\srns.dll
2014-03-09 21:13 - 2014-02-28 08:55 - 00061952 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-03-09 21:13 - 2014-02-28 08:55 - 00471040 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2013-05-28 17:44 - 2014-06-24 11:27 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-16 13:18 - 2014-06-16 13:18 - 00317984 _____ () C:\Users\tine76\AppData\Local\LPT\Resources\ntdis_32.dll
2014-07-16 19:25 - 2014-06-16 13:16 - 00099872 _____ () C:\Users\tine76\AppData\Roaming\Mozilla\Firefox\Profiles\6rck7b8u.default\extensions\{35035ab5-e92b-7c80-b5b1-23f1b9013944}\components\SmartbarFireFoxRemotePlugin_30.dll
2014-04-28 13:03 - 2014-04-27 22:49 - 00688456 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.1.0\NativeBrowserApi.dll
2014-11-14 14:32 - 2014-11-14 14:32 - 16840880 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll
2014-06-16 13:18 - 2014-06-16 13:18 - 00034848 _____ () C:\Users\tine76\AppData\Local\Smartbar\Application\lrcnt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:03D08225
AlternateDataStreams: C:\ProgramData\TEMP:08D8BB20
AlternateDataStreams: C:\ProgramData\TEMP:10D98D98
AlternateDataStreams: C:\ProgramData\TEMP:1CE87230
AlternateDataStreams: C:\ProgramData\TEMP:22741C1F
AlternateDataStreams: C:\ProgramData\TEMP:2E9900EE
AlternateDataStreams: C:\ProgramData\TEMP:3766E957
AlternateDataStreams: C:\ProgramData\TEMP:393F7B1E
AlternateDataStreams: C:\ProgramData\TEMP:3AD6342E
AlternateDataStreams: C:\ProgramData\TEMP:4C49306C
AlternateDataStreams: C:\ProgramData\TEMP:4E79C4F8
AlternateDataStreams: C:\ProgramData\TEMP:517EFA90
AlternateDataStreams: C:\ProgramData\TEMP:538B96B5
AlternateDataStreams: C:\ProgramData\TEMP:5520ED93
AlternateDataStreams: C:\ProgramData\TEMP:6677D85A
AlternateDataStreams: C:\ProgramData\TEMP:6FD36C4B
AlternateDataStreams: C:\ProgramData\TEMP:7972CF54
AlternateDataStreams: C:\ProgramData\TEMP:883EDFB5
AlternateDataStreams: C:\ProgramData\TEMP:8B51CAAE
AlternateDataStreams: C:\ProgramData\TEMP:8E7F155B
AlternateDataStreams: C:\ProgramData\TEMP:91486201
AlternateDataStreams: C:\ProgramData\TEMP:969C0C96
AlternateDataStreams: C:\ProgramData\TEMP:97995ED4
AlternateDataStreams: C:\ProgramData\TEMP:A4BF246C
AlternateDataStreams: C:\ProgramData\TEMP:A9223B61
AlternateDataStreams: C:\ProgramData\TEMP:B12D1A7D
AlternateDataStreams: C:\ProgramData\TEMP:B36361EE
AlternateDataStreams: C:\ProgramData\TEMP:B6D84F71
AlternateDataStreams: C:\ProgramData\TEMP:D576A536
AlternateDataStreams: C:\ProgramData\TEMP:E1D818F7
AlternateDataStreams: C:\ProgramData\TEMP:E9FAC3AB
AlternateDataStreams: C:\ProgramData\TEMP:EA701346
AlternateDataStreams: C:\ProgramData\TEMP:FECEF728

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: 24x7HelpSvc => 2
MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BrowserProtect => 2
MSCONFIG\Services: DCDhcpService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: SampleCollector => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 2
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: Sony PC Companion => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: uCamMonitor => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VCFw => 2
MSCONFIG\Services: VcmIAlzMgr => 2
MSCONFIG\Services: VcmINSMgr => 2
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VSNService => 2
MSCONFIG\Services: VUAgent => 3
MSCONFIG\Services: WajamUpdater => 2
MSCONFIG\startupreg: Google Update => "C:\Users\tine76\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-1990863777-1001858336-1583621791-500 - Administrator - Disabled)
Gast (S-1-5-21-1990863777-1001858336-1583621791-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1990863777-1001858336-1583621791-1002 - Limited - Enabled)
Jugendliche (S-1-5-21-1990863777-1001858336-1583621791-1003 - Limited - Enabled) => C:\Users\Jugendliche
tine76 (S-1-5-21-1990863777-1001858336-1583621791-1000 - Administrator - Enabled) => C:\Users\tine76

==================== Faulty Device Manager Devices =============

Name: Bluetooth-Peripheriegerät
Description: Bluetooth-Peripheriegerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/14/2014 02:44:42 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (11/14/2014 02:31:34 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (11/14/2014 02:31:03 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (11/14/2014 02:29:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (11/14/2014 02:31:14 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 48.

Error: (11/14/2014 02:31:11 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 48.

Error: (11/14/2014 02:31:10 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 48.

Error: (11/14/2014 02:30:54 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 48.

Error: (11/14/2014 02:30:44 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 48.

Error: (11/14/2014 02:30:11 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 48.

Error: (11/14/2014 02:30:07 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 48.

Error: (11/14/2014 02:28:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinkHandler" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/14/2014 00:30:18 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (11/11/2014 10:47:09 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.


Microsoft Office Sessions:
=========================
Error: (11/14/2014 02:44:42 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Error: HTTP-Status 404: Die angeforderte URL ist auf diesem Server nicht vorhanden.
 ErrorCode: 14007(0x36b7).

Error: (11/14/2014 02:31:34 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (11/14/2014 02:31:03 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (11/14/2014 02:29:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Pentium(R) CPU B950 @ 2.10GHz
Percentage of memory in use: 76%
Total physical RAM: 4043.86 MB
Available physical RAM: 965.06 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 4233.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.78 GB) (Free:372.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1F222542)
Partition 1: (Not Active) - (Size=13.9 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Simi1961 · 14.11.2014, 18:24

Code:

ATTFilter


	Code: 

 ATTFilter

  
	 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 14.11.2014 17:14:40, SYSTEM, TINE76-VAIO, Protection, Malware Protection, Starting, 
Protection, 14.11.2014 17:14:40, SYSTEM, TINE76-VAIO, Protection, Malware Protection, Started, 
Protection, 14.11.2014 17:14:40, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, Starting, 
Update, 14.11.2014 17:14:50, SYSTEM, TINE76-VAIO, Manual, Rootkit Database, 2014.9.18.1, 2014.11.12.1, 
Update, 14.11.2014 17:14:54, SYSTEM, TINE76-VAIO, Manual, Malware Database, 2014.9.19.5, 2014.11.14.6, 
Protection, 14.11.2014 17:14:54, SYSTEM, TINE76-VAIO, Protection, Refresh, Starting, 
Protection, 14.11.2014 17:14:55, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, Started, 
Protection, 14.11.2014 17:14:55, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, Stopping, 
Protection, 14.11.2014 17:14:55, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, Stopped, 
Protection, 14.11.2014 17:15:00, SYSTEM, TINE76-VAIO, Protection, Refresh, Success, 
Protection, 14.11.2014 17:15:00, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, Starting, 
Protection, 14.11.2014 17:15:01, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, Started, 
Detection, 14.11.2014 17:15:05, SYSTEM, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, Quarantine, [3c723ffc7a02e254af9cd6c932cfb14f]
Detection, 14.11.2014 17:15:09, SYSTEM, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, Quarantine, [f2bc46f5cdaf76c052f9128df50c1ce4]
Detection, 14.11.2014 17:20:01, tine76, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, c:\program files (x86)\suptab\searchprotect32.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [3c723ffc7a02e254af9cd6c932cfb14f]
Detection, 14.11.2014 17:21:01, SYSTEM, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.PlusHD.A, C:\Program Files (x86)\PlusHD-V1.3\PlusHD-V1.3-nova.exe, Quarantine, [208e320987f57bbb58cbf1270300b64a]
Detection, 14.11.2014 17:25:01, tine76, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, c:\program files (x86)\suptab\searchprotect32.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [3c723ffc7a02e254af9cd6c932cfb14f]
Detection, 14.11.2014 17:30:01, tine76, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, c:\program files (x86)\suptab\searchprotect32.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [3c723ffc7a02e254af9cd6c932cfb14f]
Detection, 14.11.2014 17:35:01, tine76, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, c:\program files (x86)\suptab\searchprotect32.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [3c723ffc7a02e254af9cd6c932cfb14f]
Detection, 14.11.2014 17:37:03, SYSTEM, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, c:\program files (x86)\suptab\searchprotect64.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [f2bc46f5cdaf76c052f9128df50c1ce4]
Detection, 14.11.2014 17:40:01, SYSTEM, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.VeriStaff, C:\Users\tine76\AppData\Local\Smartbar\Application\Lrcnta.exe, Quarantine, [0f9fab904e2e47efa9ac3e1f887827d9]
Detection, 14.11.2014 17:43:00, SYSTEM, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, c:\program files (x86)\suptab\searchprotect32.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [3c723ffc7a02e254af9cd6c932cfb14f]
Detection, 14.11.2014 17:45:44, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62607, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:45:44, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62607, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:46:14, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62610, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:46:14, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62612, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:46:45, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62614, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:46:46, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62616, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:47:17, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62618, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:47:17, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62620, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:47:46, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62622, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:47:47, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62624, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:48:14, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62626, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:48:44, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62630, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:49:14, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62632, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:49:44, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62634, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:49:46, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62636, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:50:14, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62638, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:50:44, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62641, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:51:15, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62645, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:51:16, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62647, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:51:16, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62649, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:51:46, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62651, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:52:17, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62653, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:52:47, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62659, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:53:34, SYSTEM, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, c:\program files (x86)\suptab\searchprotect64.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [f2bc46f5cdaf76c052f9128df50c1ce4]
Detection, 14.11.2014 17:53:34, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62661, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:53:46, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62665, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:54:17, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62667, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:54:47, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62670, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:55:18, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62675, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:55:22, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62677, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:55:46, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62679, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:56:16, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62683, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:56:16, SYSTEM, TINE76-VAIO, Protection, Malicious Website Protection, IP, 70.186.131.193, api.melondrea.net, 62684, Outbound, C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe, 
Detection, 14.11.2014 17:56:18, SYSTEM, TINE76-VAIO, Protection, Malware Protection, File, PUP.Optional.Skytech.A, c:\program files (x86)\suptab\searchprotect64.dll, Quarantine Failed, 2, Das System kann die angegebene Datei nicht finden.  , [f2bc46f5cdaf76c052f9128df50c1ce4]

(end)

cosinus · 14.11.2014, 22:19

Bitte das richtige Log von Malwarebytes posten, also das Suchlauf-Protokoll

Simi1961 · 14.11.2014, 23:59

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 14.11.2014
Suchlauf-Zeit: 23:31:15
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.14.10
Rootkit Datenbank: v2014.11.12.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Aktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: tine76

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 379731
Verstrichene Zeit: 25 Min, 7 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 2
PUP.Optional.Iminent.A, C:\Users\tine76\AppData\Roaming\mozilla\firefox\Profiles\6rck7b8u.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://start.iminent.com/?ref=NewTab&appId=42413A10-5C5B-490B-AF47-E651A608B671");), Ersetzt,[b732c971f3892e08618b344a9372e51b]
PUP.Optional.CrossRider.A, C:\Users\tine76\AppData\Roaming\mozilla\firefox\Profiles\6rck7b8u.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "146ab82c5059a0318126684ce75f7175");), Ersetzt,[34b55ae049331f17cc5afb84cc39e61a]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

cosinus · 15.11.2014, 00:26

Mehr wurde nicht gefunden? Bitte alle Logs mit Funden posten.

Simi1961 · 15.11.2014, 00:33

Doch,jede Menge,sind in Quarantäne,ich stelle sie gerade wieder her und versuche die Daten dann zu schicken.Dauert halt weil der Läppi ne Weile braucht. Ich schreibe jetzt von meinem Laptop aus.

cosinus · 15.11.2014, 00:46

Du sollst doch nur alle Suchlauf-Protokolle von MBAM mit Funden posten, niemand schreibt was von aus der Q wiederherstellen

Simi1961 · 15.11.2014, 00:53

Ich kann das erste Suchlaufprotokoll aber nicht posten.Da ist nichts drin.Und da ist ja komischerweisse auch die Schaltfläche nicht da das ich es exportieren kann um es auf dem Desktop abzuspeichern als Textdatei. ???

cosinus · 15.11.2014, 01:26

Unter Verlauf => Anwendungsprotokolle

Suchlauf-Protokoll anklicken, links unten ist ein exportieren Button

Simi1961 · 15.11.2014, 11:00

Nein Cosinus,der ist eben in dem Fall nicht da.Was soll ich jetzt tun?Es macht mir zwar das Suchlaufprotokoll auf,aber der ist kein Button.Nicht bei dem von 17.00 Uhr nochwas.Ich habe nur den neueren von 23.30 Uhr.An das alte Suchlaufprotokoll komme ich nicht ran wegen den Daten.Ich habe keinen Plan mehr.

Hilft das weiter? Anders bekomme ich es nicht hin.

Hallo Cosinus,

Der Button ist da,habe Ihn nicht gesehen wegen der Taskleiste.Hab die Leiste nun verschoben.Doch leider komme ich trotzdem an den Button nicht ran.Kann das Protokoll auch nicht verkleinern.Ich hoffe Du kannst wenigstens mit dem Foto was anfangen.
Ganz unten,was leider nicht zu sehen ist,steht nur noch;

PUP: Kennzeichnung
PUM:Kennzeichnung
Bei Betriebssystem,CPU usw. steht garnichts drin.
Bis dann.
Gruß Simone

cosinus · 15.11.2014, 23:23

Dein Bildschirmauflösung ist zu niedrig und/oder die Darstellung der Schriften zu groß. Unsere Tools sind auf solcher Sonderlocken nicht ausgelegt. Stell es bitte auch Standardwerte zurück, dann siehst du auch den Button den ich meinte.

Simi1961 · 16.11.2014, 09:17

Das ist alles was ich exportieren konnte.Mehr ist in dem Suchlaufprotokoll nicht drin.

Code:

ATTFilter


	Code: 

 ATTFilter

  
	 Malwarebytes Anti-Malware 
www.malwarebytes.org

cosinus · 16.11.2014, 17:34

Ok, so kommen wir nicht weiter...

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

14.11.2014, 22:19	#5
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virenverseuchter Laptop Bitte das richtige Log von Malwarebytes posten, also das Suchlauf-Protokoll __________________ Logfiles bitte immer in CODE-Tags posten

15.11.2014, 00:26	#7
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virenverseuchter Laptop Mehr wurde nicht gefunden? Bitte alle Logs mit Funden posten. __________________ Logfiles bitte immer in CODE-Tags posten

15.11.2014, 00:46	#9
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virenverseuchter Laptop Du sollst doch nur alle Suchlauf-Protokolle von MBAM mit Funden posten, niemand schreibt was von aus der Q wiederherstellen __________________ Logfiles bitte immer in CODE-Tags posten

15.11.2014, 01:26	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virenverseuchter Laptop Unter Verlauf => Anwendungsprotokolle Suchlauf-Protokoll anklicken, links unten ist ein exportieren Button __________________ Logfiles bitte immer in CODE-Tags posten

15.11.2014, 23:23	#13
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Virenverseuchter Laptop Dein Bildschirmauflösung ist zu niedrig und/oder die Darstellung der Schriften zu groß. Unsere Tools sind auf solcher Sonderlocken nicht ausgelegt. Stell es bitte auch Standardwerte zurück, dann siehst du auch den Button den ich meinte. __________________ Logfiles bitte immer in CODE-Tags posten

Virenverseuchter Laptop

Log-Analyse und Auswertung: Virenverseuchter Laptop