Windows 8, Virenbefall.

spinweb · 01.01.2015, 22:46

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 01.01.2015
Suchlauf-Zeit: 21:25:41
Logdatei: log 55.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2015.01.01.04
Rootkit Datenbank: v2014.12.30.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: *******

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 382600
Verstrichene Zeit: 23 Min, 6 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 7
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmservice.exe, 1756, Löschen bei Neustart, [e45432c0206938fe62f318b59e6223dd]
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe, 1816, Löschen bei Neustart, [eb4d9c560b7e4aece5728135877ae21e]
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe, 2628, Löschen bei Neustart, [eb4d9c560b7e4aece5728135877ae21e]
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmropn.exe, 4748, Löschen bei Neustart, [ae8ada18aadfb482d67f547934ccef11]
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\smdmfu.exe, 5024, Löschen bei Neustart, [82b63eb44a3fd85ec98e981e34cd916f]
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmropn.exe, 4748, Löschen bei Neustart, [1721d41e008903335fe7124e2cd71fe1]
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmservice.exe, 1756, Löschen bei Neustart, [1721d41e008903335fe7124e2cd71fe1]

Module: 7
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 

Registrierungsschlüssel: 25
Adware.PremierOpinion, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PremierOpinion, In Quarantäne, [e45432c0206938fe62f318b59e6223dd], 
PUP.Optional.SettingsManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SmdmFService, Löschen bei Neustart, [eb4d9c560b7e4aece5728135877ae21e], 
Adware.PremierOpinion, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}, In Quarantäne, [ae8ada18aadfb482d67f547934ccef11], 
PUP.Optional.Linkey.A, HKU\S-1-5-21-3292672608-3251690303-1879834815-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}, In Quarantäne, [9d9b747efb8e072fccdb8f52eb1714ec], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\SmdmF, Löschen bei Neustart, [5cdcb73b2e5b58de734565126a990cf4], 
PUP.Optional.RelevantKnowledge.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mkndcbhcgphcfkkddanakjiepeknbgle, In Quarantäne, [36026290c8c157df8500f78f20e38a76], 
PUP.Optional.SettingsManager.A, HKU\S-1-5-21-3292672608-3251690303-1879834815-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SmdmF, In Quarantäne, [c96f0be79aef87af6a4d8becb64dbd43], 
PUP.Optional.Softonic.A, HKU\S-1-5-21-3292672608-3251690303-1879834815-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Softonic, In Quarantäne, [013711e1f0997cba1a85adb73bc8f20e], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\SettingsManagerIEHelper.DNSGuard, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\SettingsManagerIEHelper.DNSGuard.1, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SettingsManagerIEHelper.DNSGuard, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SettingsManagerIEHelper.DNSGuard.1, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1}, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E1842850-FB16-4471-B327-7343FBAED55C}, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKU\S-1-5-21-3292672608-3251690303-1879834815-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{54739D49-AC03-4C57-9264-C5195596B3A1}, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AA760BA8-5862-4BC5-9263-4452CBC0B264}, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AA760BA8-5862-4BC5-9263-4452CBC0B264}, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{93D511B5-143B-4A99-ABFC-B5B78AD0AE1B}, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Settings Manager, In Quarantäne, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A91196222, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.PremierOpinion.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PremierOpinion, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 

Registrierungswerte: 3
PUP.Optional.OpinionSquare.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}, C:\Program Files (x86)\PremierOpinion\firefox, In Quarantäne, [5bddbc363950d363ffa75c2d9271758b]
PUP.Optional.SettingsManager, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x86, C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll, In Quarantäne, [32064ca6aedb2e0806334635a1628c74]
PUP.Optional.SettingsManager, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x64, C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll, In Quarantäne, [290f27cb2e5b5fd760d97ffc71929868]

Registrierungsdaten: 1
PUP.Optional.DefaultSearch.A, HKU\S-1-5-21-3292672608-3251690303-1879834815-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.default-search.net?sid=476&aid=206&itype=a&ver=15005&tm=569&src=hmp, Gut: (www.google.com), Schlecht: (hxxp://www.default-search.net?sid=476&aid=206&itype=a&ver=15005&tm=569&src=hmp),Ersetzt,[52e6c42ea8e1dc5aceb081f952b3c63a]

Ordner: 47
Adware.PremierOpinion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion, In Quarantäne, [e5535a984c3d102692ec0e16857e9868], 
PUP.Optional.RelevantKnowledge.A, C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle, In Quarantäne, [b97faa488405092dd0a2142c06fdcf31], 
PUP.Optional.RelevantKnowledge.A, C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0, In Quarantäne, [b97faa488405092dd0a2142c06fdcf31], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\x64, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\ProgramData\smdmf, Löschen bei Neustart, [f64201f16f1ab482ebd1b894aa596d93], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion, Löschen bei Neustart, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\components, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\defaults, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\defaults\preferences, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\addon, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\console, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\core, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\events, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\traits, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\dom, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\event, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\lang, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\loader, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\net, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\page-mod, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\platform, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\preferences, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing\window, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\window, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\toolkit, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\dpjs, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\dpjs\data, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\dpjs\lib, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 

Dateien: 210
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmservice.exe, Löschen bei Neustart, [e45432c0206938fe62f318b59e6223dd], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\SmdmFService.exe, Löschen bei Neustart, [eb4d9c560b7e4aece5728135877ae21e], 
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmropn.exe, Löschen bei Neustart, [ae8ada18aadfb482d67f547934ccef11], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\smdmfu.exe, Löschen bei Neustart, [82b63eb44a3fd85ec98e981e34cd916f], 
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmls.dll, In Quarantäne, [a890d9194d3c76c095c008c52bd5c838], 
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmls64.dll, In Quarantäne, [55e3c2304c3d43f3f65fd4f9847c817f], 
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmph.dll, In Quarantäne, [8bade50de0a93600a0b5616c22de03fd], 
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmropn32.exe, In Quarantäne, [1127e111f8917db94213ddf0af51c23e], 
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmropn64.exe, In Quarantäne, [ac8c6f8375146cca9eb7656826da4bb5], 
Adware.PremierOpinion, C:\Program Files (x86)\PremierOpinion\pmxf.dll, In Quarantäne, [3ff96d850a7f78be59fcdcf1649cca36], 
Adware.PremierOpinion, C:\Windows\System32\pmls64.dll, In Quarantäne, [3206e50d2465ba7c6ee7dcf1d52bd030], 
Adware.PremierOpinion, C:\Windows\SysWOW64\pmls.dll, Löschen bei Neustart, [330530c2ee9bfd39cb8a7b52b947b44c], 
PUP.Optional.Linkey.A, C:\Users\*******\AppData\Local\Temp\SettingsManagerSetup.exe, In Quarantäne, [64d401f1ee9b77bfb852ced905fcdc24], 
PUP.Optional.Linkey.A, C:\Windows\Temp\c27e107a\SettingsManagerSetup.exe, In Quarantäne, [b48432c01e6bcd6943c7535447ba9868], 
PUP.Optional.Softonic, C:\Users\*******\Downloads\SoftonicDownloader_fuer_minecraft.exe, In Quarantäne, [ee4aba38e5a495a1822dd58508f88779], 
PUP.Optional.DefaultSearch.A, C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\default-search.xml, In Quarantäne, [df594aa80584033340f4b5e35ca7c53b], 
PUP.Optional.DefaultSearch.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\default-search.xml, In Quarantäne, [1d1bc9293455e45272c377216a991ee2], 
Adware.PremierOpinion, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion\PremierOpinion.lnk, In Quarantäne, [e5535a984c3d102692ec0e16857e9868], 
PUP.Optional.RelevantKnowledge.A, C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\background.js, In Quarantäne, [b97faa488405092dd0a2142c06fdcf31], 
PUP.Optional.RelevantKnowledge.A, C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\contentscript.js, In Quarantäne, [b97faa488405092dd0a2142c06fdcf31], 
PUP.Optional.RelevantKnowledge.A, C:\Users\*******\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle\1.3.337.3_0\manifest.json, In Quarantäne, [b97faa488405092dd0a2142c06fdcf31], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\del_DM_LL_nsbF699.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\favicon.ico, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\Helper.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\Internet Explorer Settings.exe, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\smdmf.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\smdmfbho.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfbho.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\smdmfldr.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\smdmfldr_u.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\smdmfmgrc3.cfg, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\tbicon.exe, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\Uninstall.exe, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\x64\del_DM_LL_nsbF699.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\x64\Internet Explorer Settings.exe, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmf.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfldr.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfldr_u.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\x64\smdmfmgrc3.cfg, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll, Löschen bei Neustart, [3ff916dc2d5c191dc2ca1136e02341bf], 
PUP.Optional.SettingsManager.A, C:\ProgramData\smdmf\coordinator.cfg, In Quarantäne, [f64201f16f1ab482ebd1b894aa596d93], 
PUP.Optional.SettingsManager.A, C:\ProgramData\smdmf\general.cfg, In Quarantäne, [f64201f16f1ab482ebd1b894aa596d93], 
PUP.Optional.SettingsManager.A, C:\ProgramData\smdmf\S-1-5-21-3292672608-3251690303-1879834815-1001.cfg, In Quarantäne, [f64201f16f1ab482ebd1b894aa596d93], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\chrome.manifest, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\install.rdf, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF15.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF.xpt, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF10.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF11.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF12.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF13.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF14.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF16.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF17.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF18.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF19.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF2.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF20.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF21.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF22.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF23.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF24.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF25.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF26.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF27.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF28.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF29.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF30.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF31.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF32.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF33.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF34.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF4.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF5.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF6.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF7.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF8.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\components\SmdmFHlpFF9.dll, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\DnsBHO.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\Error404BHO.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\MainBHO.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\NativeHelper.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\NewTabBHO.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\overlay.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\overlay.xul, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\RelatedSearch.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\RequestPreserver.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\SearchBHO.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.SettingsManager.A, C:\Users\*******\AppData\Roaming\FirefoxToolbar\Settings Manager\smdmf\content\SettingManager.js, In Quarantäne, [8dab5c96682154e23f7eb19b56ad1ce4], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\chrome.manifest, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\install.rdf, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\ncncf.dat, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\nscf.dat, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmcm.crx, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmcm.txt, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmls.dll, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmls64.dll, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmoci.bin, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmph.dll, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmropn.exe, Löschen bei Neustart, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmropn32.exe, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmropn64.exe, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmservice.exe, Löschen bei Neustart, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\pmxf.dll, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\readme.txt, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\components\pmxg.dll, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\bootstrap.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\harness-options.json, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\install.rdf, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\locales.json, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\pmnx.dll, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\defaults\preferences\prefs.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\chrome.manifest, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\base64.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\page-mod.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\self.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\timers.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\url.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\addon\runner.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\console\plain-text.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\console\traceback.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\content-proxy.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\content-worker.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\loader.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\thumbnail.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\content\worker.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\core\heritage.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\core\namespace.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\core\promise.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\api-utils.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\cortex.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\errors.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\events.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\light-traits.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\list.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\memory.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\observer-service.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\traits.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\window-utils.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\events\assembler.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\deprecated\traits\core.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\dom\events.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\event\core.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\event\target.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io\byte-streams.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io\data.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io\file.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\io\text-streams.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\core.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\html.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\loader.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\locale.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\l10n\prefs.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\lang\functional.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\loader\cuddlefish.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\loader\sandbox.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\net\url.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\page-mod\match-pattern.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\platform\xpcom.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\preferences\service.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing\utils.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\private-browsing\window\utils.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\environment.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\events.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\globals.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\runtime.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\unload.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\system\xul-app.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\common.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\events.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\helpers.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\namespace.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\observer.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tab-fennec.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tab-firefox.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tab.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tabs-firefox.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\tabs.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\utils.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\tabs\worker.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\array.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\deprecate.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\list.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\object.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\registry.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\util\uuid.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\window\browser.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\window\namespace.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\window\utils.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\dom.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\fennec.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\firefox.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\loader.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\observer.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\tabs-fennec.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\sdk\windows\tabs-firefox.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\addon-sdk\lib\toolkit\loader.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\dpjs\data\content.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\dpjs\lib\dompilot.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\dpjs\lib\dputil.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.PremierOpinion.A, C:\Program Files (x86)\PremierOpinion\firefox\resources\dpjs\lib\main.js, In Quarantäne, [1721d41e008903335fe7124e2cd71fe1], 
PUP.Optional.DefaultSearch, C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.defaultenginename", "default-search.net");), Ersetzt,[05333cb68dfc79bd3b5fa7168085f808]
PUP.Optional.DefaultSearch, C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.selectedEngine", "default-search.net");), Ersetzt,[0038fef4b7d2a5919efd8d307095c040]
PUP.Optional.DefaultSearch.A, C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.default-search.net?sid=476&aid=206&itype=a&ver=15005&tm=569&src=hmp");), Ersetzt,[11271bd76d1c90a6098f4876e223d12f]
PUP.Optional.DefaultSearch.A, C:\Users\*******\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://www.default-search.net/search?sid=476&aid=206&itype=a&ver=15005&tm=569&src=ds&p=");), Ersetzt,[dc5caf43b5d4bb7b9108813d75907b85]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

PC wird nur für private zwecke genutzt, brauche eure unterstützung

Bootsektor · 01.01.2015, 22:55

Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
Bitte kein Crossposting ( posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
Poste die Logfiles direkt in deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Posten in Code Tags
Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke.
Dazu:

Klicke über dem Antwortfenster auf die Raute #, dann steht dort in eckigen Klammern [] CODE /CODE.
Zwischen den beiden code-Bausteinen fügst Du dann deine Logfiles ein. Also CODE Logfile /CODE
Wenn die Logs zu lang sein sollten, dann teile sie bitte auf und poste sie dann hier in Deinem Thread, notfalls in mehreren Antworten.

Sieht auf den ersten Blick nicht ganz so schlimm aus, aber wir müssen mal schauen.
Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

spinweb · 02.01.2015, 14:19

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-01-2015
Ran by **** at 2015-01-02 14:16:41
Running from C:\Users\****\Downloads\*************\Installers
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACID Music Studio 9.0 (HKLM-x32\...\{7943168F-18A0-11E2-9C81-F04DA23A5C58}) (Version: 9.0.35 - Sony)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Call of Duty Black Ops 2 (HKLM-x32\...\{47D6F3E4-D158-4E47-84C4-0D6452DB2488}_is1) (Version: 1.0 - Treyarch)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.53 - Cliqz.com)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
DVD Architect Studio 5.0 (HKLM-x32\...\{4347F591-C451-11E1-BA36-F04DA23A5C58}) (Version: 5.0.161 - Sony)
EAX4 Unified Redist (HKLM-x32\...\{89661B04-C646-4412-B6D3-5E19F02F1F37}) (Version: 4.001 - Creative Labs)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FLV-Media-Player (HKLM-x32\...\{AB7A5DBA-BC45-489A-B4D2-2E8F8CABB9EA}) (Version: 2.0.3.2532 - HYBRIDWEB.de)
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.2.2.1128 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.41.623 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.41.623 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{BFB6D89E-0BDF-11E2-A35E-F04DA23A5C58}) (Version: 12.0.530 - Sony)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28146 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Securita Scout (HKLM-x32\...\Securita Scout) (Version:  - ) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7A9D3D30-BEEC-11E1-91CF-F04DA23A5C58}) (Version: 10.0.178 - Sony)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote-Tastatur mit PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.0.09210 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11210 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{D7403121-68C2-48BC-874D-048015E60DF0}) (Version: 10.179.66.13636 - Linkury Inc.) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\****\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points  =========================

17-12-2014 18:12:36 Installed Remote Keyboard (BLUETOOTH)
18-12-2014 18:18:54 DirectX wurde installiert
23-12-2014 19:22:29 Steam wird entfernt
01-01-2015 03:36:00 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C42943B-C6E4-41C7-A372-56FB10CEC848} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {1E24FEB4-34B3-4831-890D-568968556902} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {26CA54E4-4323-48B3-A77E-B8D488F5D85C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22] (Google Inc.)
Task: {28632567-8FF2-426B-A74F-B900A117B9DD} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {3B7A0431-E97E-479A-8039-78067BE3276A} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {3BFBB0CE-A043-4563-8280-B96B7BA618D8} - System32\Tasks\{CFE50C8D-7823-4C35-B050-A5B72811FA1D} => pcalua.exe -a C:\Users\****\AppData\Local\SafetySearch\uninstall.exe
Task: {3CE639E2-D62E-471D-9B76-1E7B9E935545} - System32\Tasks\{95C02C15-C9D4-4AA2-A2C1-A09F605D934D} => pcalua.exe -a D:\setup.exe -d D:\
Task: {3FDDB6E9-F041-407D-8D7F-FAF3E8608BAB} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {44E4FC09-D9FF-49D2-9144-48EB1765C27A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22] (Google Inc.)
Task: {45B77B8A-5E3E-4D69-92B0-402C3571B7BE} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {47868FBE-CCA7-4A0A-ADA7-660C56185EF0} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {52E44BC9-D164-48F3-BEED-B89AC2891425} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {58544191-DDC7-413F-926E-76773CD505C5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {594C89A9-A2A4-4980-8B1A-0DCD98098187} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {5AA89CA2-07F0-4979-BC97-DE487B295948} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {64918D2F-E3F9-4708-B2FA-82FD897A33B4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {6AD1A165-1033-465B-8A92-5A0361E038A4} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {6C308F6A-6092-4A48-9E8B-E50359876690} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {77E493DB-BE83-4BE5-B401-F114392839EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {812FD2C2-F87A-410D-9A14-7798901D5AC7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {866D3C34-CBB5-46E6-B03D-2AA6837C1CF4} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {B7B9B1E3-82F1-4CEA-9309-30A7B5099E5A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {C280DD71-0971-4DC6-BAB6-1EB53B7D85C7} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {C567FEE8-3FB5-4066-948F-2E2A34558226} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {D6CD0B8E-6707-4197-86E9-EAD9DCE921E3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {DA4851AF-0EE7-4572-93D1-3EF7BCE3F6FF} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {DBAAB020-6E57-4B3B-8E92-D632EC0B5B49} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {DC995830-BBAF-47D1-A968-F39E3771B105} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {E97BC73F-7676-4DA8-B775-F052AE1345EE} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {ED9D3F09-5C1E-4D88-ADC5-10EB2761C4C5} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {F06A08A8-6F69-418D-AF5F-49FE7573B15A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-17] (Microsoft Corporation)
Task: {F79FA871-057B-433B-87D6-CB286EF328C5} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {F7C8EE1A-39EE-4E29-91A7-4DB7C57DE2DA} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-03-26 23:15 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-11-19 09:21 - 2013-11-19 09:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-07-20 23:14 - 2014-07-20 23:14 - 00374272 _____ () C:\Users\****\AppData\Roaming\BupSystem\sub\default.dll
2013-01-18 01:11 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-12-11 23:22 - 2014-12-11 23:22 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\****\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\StartupApproved\Run: => "MxDock"
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\StartupApproved\Run: => "Steam"

========================= Accounts: ==========================

Administrator (S-1-5-21-3292672608-3251690303-1879834815-500 - Administrator - Disabled)
Gast (S-1-5-21-3292672608-3251690303-1879834815-501 - Limited - Disabled)
**** (S-1-5-21-3292672608-3251690303-1879834815-1001 - Administrator - Enabled) => C:\Users\****

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/02/2015 02:15:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ea8

Startzeit: 01d0268d65027165

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 5883b9db-9281-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 10:23:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1014

Startzeit: 01d0266bca780b3a

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 14299f0b-9261-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 10:20:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.1.0.9140, Zeitstempel: 0x50538abc
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x15b4
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5

Error: (01/02/2015 10:10:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.1.0.9140, Zeitstempel: 0x50538abc
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x15d0
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5

Error: (01/02/2015 04:38:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11c8

Startzeit: 01d0263ccf3b9b68

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: c2b80a05-9230-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 04:08:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f28

Startzeit: 01d026389e55f8e9

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 91d72d09-922c-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 03:38:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d0

Startzeit: 01d026346d70aa6d

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 60f440c3-9228-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 03:08:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b74

Startzeit: 01d026303c8b082b

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 300e9eb6-9224-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 02:53:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1470

Startzeit: 01d0262e241a99c1

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 179e2fe6-9222-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 02:45:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 147c

Startzeit: 01d0262d108eede6

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 041959aa-9221-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (01/02/2015 10:20:56 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (01/02/2015 10:20:26 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (01/02/2015 02:42:30 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (01/02/2015 02:42:00 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (01/01/2015 10:09:01 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (01/01/2015 10:08:30 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (01/01/2015 09:59:18 PM) (Source: DCOM) (EventID: 10010) (User: VAIO)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (01/01/2015 09:59:18 PM) (Source: DCOM) (EventID: 10010) (User: VAIO)
Description: {D63B10C5-BB46-4990-A94F-E40B9D520160}

Error: (01/01/2015 09:58:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/01/2015 09:58:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.


Microsoft Office Sessions:
=========================
Error: (01/02/2015 02:15:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689ea801d0268d650271654294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe5883b9db-9281-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 10:23:59 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689101401d0266bca780b3a4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe14299f0b-9261-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 10:20:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VESUserProxy.exe6.1.0.914050538abcSynCom.DLL6.3.9600.1727853eeb4a3c000013500098f0515b401d0266d58398e79C:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL95e87c72-9260-11e4-bed8-a41731d8d3ca

Error: (01/02/2015 10:10:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: VESUserProxy.exe6.1.0.914050538abcSynCom.DLL6.3.9600.1727853eeb4a3c000013500098f0515d001d0266bee64709aC:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL2c941edc-925f-11e4-bed8-a41731d8d3ca

Error: (01/02/2015 04:38:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2068911c801d0263ccf3b9b684294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exec2b80a05-9230-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 04:08:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689f2801d026389e55f8e94294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe91d72d09-922c-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 03:38:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689d001d026346d70aa6d4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe60f440c3-9228-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 03:08:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689b7401d026303c8b082b4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe300e9eb6-9224-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 02:53:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689147001d0262e241a99c14294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe179e2fe6-9222-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/02/2015 02:45:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20689147c01d0262d108eede64294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe041959aa-9221-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


CodeIntegrity Errors:
===================================
  Date: 2015-01-01 13:51:12.397
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-01 13:51:12.288
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-01 13:50:23.309
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-01 13:50:23.168
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-12-28 20:12:21.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-28 20:12:21.296
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-28 20:10:51.066
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-12-28 20:10:50.941
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-12-27 14:13:16.490
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-27 14:13:16.381
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 35%
Total physical RAM: 3975.27 MB
Available physical RAM: 2583.8 MB
Total Pagefile: 7943.27 MB
Available Pagefile: 6182.47 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:428.44 GB) (Free:318.16 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ED47A296)

Partition: GPT Partition Type.

==================== End Of Log ============================

--- --- ---

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-01-2015
Ran by lilli (administrator) on VAIO on 02-01-2015 14:15:43
Running from C:\Users\lilli\Downloads\Meine Mülltonne\Installers
Loaded Profile: lilli (Available profiles: lilli)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(BUP) C:\Users\lilli\AppData\Roaming\BupSystem\bup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\RunOnce: [Adobe Speed Launcher] => 1420189771
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\Policies\Explorer: [DisallowRun] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49790;https=127.0.0.1:49790
ProxyEnable: [S-1-5-21-3292672608-3251690303-1879834815-1001] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=206&itype=a&ver=15005&tm=569&src=ds&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=206&itype=a&ver=15005&tm=569&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001 -> DefaultScope {4C434161-3A93-4930-9D0E-038FD29EDC43} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001 -> {4C434161-3A93-4930-9D0E-038FD29EDC43} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} URL = hxxp://www.default-search.net/search?sid=476&aid=206&itype=a&ver=15005&tm=569&src=ds&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001 -> {B281959D-0D50-47CB-BD6F-46DCEA47C4B9} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: 1&1 Suche
FF SearchEngineOrder.1: default-search.net
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3292672608-3251690303-1879834815-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF Plugin HKU\S-1-5-21-3292672608-3251690303-1879834815-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\user.js
FF SearchPlugin: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\webde-suche.xml
FF Extension: Securita Scout - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\plug@securitascout.com [2014-07-20]
FF Extension: SparPilot - Gutscheine &amp; mehr... - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\sparpilot@sparpilot.com [2014-12-10]
FF Extension: Cliqz Beta - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\cliqz@cliqz.com.xpi [2014-12-23]
FF Extension: Dict.cc Translation - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\searchdictcc@roughael.xpi [2014-02-06]
FF Extension: Tab Updater - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{55dcbefc-9aee-466f-9c9c-15e792724dd4}.xpi [2014-08-10]
FF Extension: {9d2201b0-125f-4d8f-ab37-93446f702158} - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{9d2201b0-125f-4d8f-ab37-93446f702158}.xpi [2014-07-24]
FF Extension: Adblock Plus - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-03]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-12-11]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-12-22]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
FF HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSearchKeyword: Default -> 42F6E8BE048717FD250B42F9EEA3283CD3B5149BF262C375DA8B14B231469467
CHR DefaultSearchURL: Default -> 66E7675B4F3335AA3CF5CC5A5824ECA1524996BB369F834684DC2B4574DEE592
CHR Profile: C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-17]
CHR Extension: (Google Drive) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-17]
CHR Extension: (Google-Suche) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-17]
CHR Extension: (Amazon-Icon) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-07-22]
CHR Extension: (Securita Scout) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkilfadjoneaheacgmkahfgcjchkpad [2014-07-20]
CHR Extension: (Google Wallet) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-17]
CHR Extension: (Google Mail) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-17]
CHR Extension: (Default-Search) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof [2014-12-22]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\lilli\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-07-20]
CHR HKLM-x32\...\Chrome\Extension: [poimdfnhgefmnkeefbjibbiemlimdnof] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 bupService; C:\Users\lilli\AppData\Roaming\BupSystem\bup.exe [642048 2014-04-14] (BUP) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-08] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-08] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-15] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-01] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-08] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-08] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-08] (McAfee, Inc.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-06-08] ()
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BTATH_VDP; \SystemRoot\system32\drivers\btath_vdp.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-01 22:23 - 2015-01-01 22:23 - 01114624 _____ (Farbar) C:\Users\lilli\Downloads\FRST.exe
2015-01-01 21:22 - 2015-01-01 22:39 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-01 21:22 - 2015-01-01 21:22 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-01 21:22 - 2015-01-01 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-01 21:22 - 2015-01-01 21:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-01 21:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-01 21:22 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-01 21:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-31 15:26 - 2014-12-31 15:26 - 00000000 ____D () C:\Users\lilli\Documents\Movie Studio Platinum 12.0 Projekte
2014-12-28 16:43 - 2014-12-28 16:43 - 01174352 _____ () C:\Users\lilli\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-12-23 01:43 - 2014-12-23 01:43 - 01080608 _____ (Unity Technologies ApS) C:\Users\lilli\Downloads\UnityWebPlayer.exe
2014-12-23 00:29 - 2015-01-02 10:21 - 00000000 ___RD () C:\Users\lilli\OneDrive
2014-12-22 17:43 - 2015-01-01 21:57 - 00000000 ____D () C:\Program Files (x86)\Settings Manager
2014-12-22 17:43 - 2015-01-01 21:54 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\FirefoxToolbar
2014-12-22 16:01 - 2014-12-22 16:01 - 00000000 ____D () C:\Users\lilli\Documents\libraries
2014-12-22 16:00 - 2014-12-22 16:01 - 00000316 _____ () C:\Users\lilli\Documents\launcher_profiles.json
2014-12-22 15:54 - 2014-12-22 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-22 15:54 - 2013-01-18 01:16 - 01034216 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2014-12-22 15:54 - 2013-01-18 01:16 - 00916456 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2014-12-22 15:53 - 2014-12-22 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-22 15:49 - 2014-12-22 16:00 - 00000000 ____D () C:\Users\lilli\Downloads\minecraft cracked launcher
2014-12-22 15:48 - 2014-12-22 15:48 - 01174352 _____ () C:\Users\lilli\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2014-12-22 15:48 - 2014-12-22 15:48 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\Cliqz
2014-12-22 15:48 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2014-12-22 15:48 - 2011-03-25 19:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2014-12-22 15:38 - 2014-12-22 16:01 - 00000000 ____D () C:\Users\lilli\Documents\versions
2014-12-22 15:28 - 2014-12-22 15:30 - 00000000 ____D () C:\Users\lilli\minecraft
2014-12-19 16:36 - 2014-12-22 15:56 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\.minecraft
2014-12-18 18:05 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-12-16 20:53 - 2014-12-16 20:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-12-16 20:53 - 2014-12-16 20:53 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-12-13 05:16 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-13 05:16 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-11 23:47 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 23:47 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 23:46 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 23:46 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 23:37 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 23:37 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 23:37 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 23:37 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 23:37 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 23:37 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 23:37 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 23:37 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 23:35 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 23:35 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 23:35 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 23:35 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 23:35 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 23:35 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 23:35 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 23:35 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 23:35 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 23:35 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 23:35 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 23:35 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 23:35 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 23:35 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 23:35 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 23:35 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 23:35 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 23:35 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 23:35 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 23:35 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 23:35 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 23:35 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 23:35 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 23:35 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 23:35 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 23:35 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 23:34 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 23:34 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 23:34 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 23:34 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 23:34 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 23:34 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 23:34 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 23:34 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 23:34 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 23:34 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 23:34 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 23:34 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 23:34 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 23:22 - 2014-12-11 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 01:55 - 2014-12-16 20:53 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-12-10 01:53 - 2014-12-10 01:55 - 00000000 ____D () C:\Users\lilli\AppData\Local\Adobe
2014-12-03 18:05 - 2014-12-18 18:27 - 00000000 ____D () C:\Neuer Ordner

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-02 14:15 - 2013-12-29 14:32 - 00000000 ____D () C:\FRST
2015-01-02 14:12 - 2014-07-14 19:47 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E224C277-5ECC-4FD1-8C88-6A01FE5D7476}
2015-01-02 14:09 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-02 10:23 - 2013-06-25 22:25 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3292672608-3251690303-1879834815-1001
2015-01-02 04:31 - 2013-07-17 11:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-01 22:10 - 2014-03-18 11:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-01 22:10 - 2014-03-18 10:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-01 22:10 - 2014-03-18 10:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-01 22:07 - 2014-07-07 00:18 - 01529925 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-01 21:58 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-01 21:57 - 2014-07-17 13:07 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-01 21:57 - 2014-03-18 02:50 - 00219798 _____ () C:\WINDOWS\PFRO.log
2015-01-01 21:57 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-01 19:25 - 2013-08-22 15:46 - 00292362 _____ () C:\WINDOWS\setupact.log
2014-12-31 15:26 - 2013-12-19 18:38 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\Sony
2014-12-31 15:26 - 2013-06-25 22:34 - 00000000 ____D () C:\Users\lilli\AppData\Local\Sony
2014-12-29 19:12 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-29 19:06 - 2013-06-25 22:15 - 00000000 ____D () C:\Users\lilli\AppData\Local\Packages
2014-12-28 20:11 - 2014-07-06 23:57 - 00000000 ____D () C:\Users\lilli
2014-12-25 18:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-23 19:23 - 2014-02-08 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-12-23 18:06 - 2014-02-07 11:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 15:54 - 2013-01-18 01:16 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-22 15:53 - 2013-01-18 01:16 - 00320936 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00000000 ____D () C:\Program Files\Java
2014-12-22 15:36 - 2014-03-11 14:00 - 00000000 ____D () C:\Users\lilli\Downloads\Meine Mülltonne
2014-12-18 18:32 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 18:20 - 2013-01-18 01:33 - 00314928 _____ () C:\WINDOWS\DirectX.log
2014-12-17 18:17 - 2014-02-17 17:03 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\iolo
2014-12-17 18:13 - 2014-02-17 17:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2014-12-17 18:13 - 2014-02-17 17:23 - 00000000 ____D () C:\Program Files (x86)\Sony Corporation
2014-12-17 18:13 - 2013-06-30 01:52 - 00000000 ____D () C:\Update
2014-12-17 18:13 - 2013-01-18 01:18 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-12-17 18:13 - 2013-01-18 01:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-17 18:13 - 2013-01-18 00:52 - 00000000 ____D () C:\Program Files\Sony
2014-12-17 18:11 - 2013-08-14 01:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-17 18:07 - 2013-06-27 02:23 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-17 17:33 - 2013-01-18 01:21 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-17 17:32 - 2013-01-18 01:57 - 00000000 ____D () C:\ProgramData\Sony
2014-12-16 16:47 - 2013-07-03 00:15 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\CyberLink
2014-12-12 02:21 - 2013-07-03 00:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-11 23:21 - 2013-01-18 01:41 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 01:54 - 2013-07-17 11:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-10 01:11 - 2014-01-29 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

Some content of TEMP:
====================
C:\Users\lilli\AppData\Local\Temp\amazonicon_v6.exe
C:\Users\lilli\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\lilli\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\lilli\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\lilli\AppData\Local\Temp\foxy_security.exe
C:\Users\lilli\AppData\Local\Temp\mbam-setup-2.0.2.1012.exe
C:\Users\lilli\AppData\Local\Temp\OptimizerPro.exe
C:\Users\lilli\AppData\Local\Temp\sdanircmdc.exe
C:\Users\lilli\AppData\Local\Temp\sdapskill.exe
C:\Users\lilli\AppData\Local\Temp\sdaspwn.exe
C:\Users\lilli\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\lilli\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\lilli\AppData\Local\Temp\SHSetup.exe
C:\Users\lilli\AppData\Local\Temp\WEB.DE_MailCheck_FF_Setup_2.10.1.1735.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-02 04:48

==================== End Of Log ============================

--- --- ---

--- --- ---

Bootsektor · 03.01.2015, 23:02

Hallo,

Schritt 1
Bitte deinstalliere folgende Programme:

Securita Scout
Yahoo Community Smartbar
McAfee Security Scan Plus

Dazu drücke auf:
Windowstaste und X
dann:
Programme und Funktionen --> Programm auswählen --> entfernen

Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus.

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3
Starte noch einmal FRST.

Setze den Haken bei addition.txt und drücke auf Scan.
Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und addition.txt erstellt und auf dem Desktop (oder in dem Verzeichnis in dem FRST liegt) gespeichert.
Poste den Inhalt dieser Logfiles bitte hier in deinen Thread.

spinweb · 07.01.2015, 15:49

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v4.106 - Bericht erstellt am 07/01/2015 um 15:38:15
# Aktualisiert 21/12/2014 von Xplode
# Database : 2015-01-03.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : ***** - VAIO
# Gestartet von : C:\Users\*****\Downloads\AdwCleaner_4.106.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\ParetoLogic
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\Program Files (x86)\Bench
Ordner Gelöscht : C:\Program Files (x86)\Optimizer Pro
Ordner Gelöscht : C:\Program Files (x86)\Settings Manager
Ordner Gelöscht : C:\Users\*****\AppData\Local\Temp\Security Systems
Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\*****\AppData\Local\genienext
Ordner Gelöscht : C:\Users\*****\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\*****\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\FirefoxToolbar
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\ParetoLogic
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\*****\Documents\Mobogenie
Ordner Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\sparpilot@sparpilot.com
Ordner Gelöscht : C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\*****\AppData\Local\Temp\OptimizerPro.exe
Datei Gelöscht : C:\WINDOWS\System32\roboot64.exe
Datei Gelöscht : C:\Users\*****\daemonprocess.txt
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\user.js

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Alle Enthusiastenspiele.lnk
Verknüpfung Desinfiziert : C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}
Schlüssel Gelöscht : HKCU\Software\Fabulous
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\ParetoLogic
Schlüssel Gelöscht : HKCU\Software\Proxy
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Bench
Schlüssel Gelöscht : HKLM\SOFTWARE\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic
Schlüssel Gelöscht : HKLM\SOFTWARE\Proxy
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v34.0.5 (x86 de)

[fo1xyvwa.default\prefs.js] - Zeile gelöscht : user_pref("CT3309350.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
[fo1xyvwa.default\prefs.js] - Zeile gelöscht : user_pref("browser.newtab.url", "chrome://unitedtb/content/newtab/newtab-page.xhtml");
[fo1xyvwa.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.order.1", "default-search.net");
[fo1xyvwa.default\prefs.js] - Zeile gelöscht : user_pref("iminent.adapters", "{\"de.iminent.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"14055997344248[...]
[fo1xyvwa.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"queryStri[...]
[fo1xyvwa.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");

-\\ Google Chrome v39.0.2171.95

[C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=60e09e9a-3d3d-2710-2018-4a70a4824d9a&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=22/12/2013&type=hp1000
[C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=60e09e9a-3d3d-2710-2018-4a70a4824d9a&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=22/12/2013&type=hp1000
[C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://feed.helperbar.com/?publisher=YahooOC&dpid=YahooOC&co=DE&userid=60e09e9a-3d3d-2710-2018-4a70a4824d9a&searchtype=ds&p={searchTerms}&fr=linkury-tb&installDate=22/12/2013&type=hp1000

*************************

AdwCleaner[R0].txt - [10563 octets] - [07/01/2015 15:36:20]
AdwCleaner[S0].txt - [9901 octets] - [07/01/2015 15:38:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9961 octets] ##########

--- --- ---

[/CODE]

FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by ******** at 2015-01-07 15:43:25
Running from C:\Users\********\Downloads\********\Installers\FRST-OlderVersion
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

ACID Music Studio 9.0 (x32 Version: 9.0.35 - Sony)
Adobe Flash Player 16 NPAPI (x32 Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10)  MUI (x32 Version: 11.0.10 - Adobe Systems Incorporated)
Avira Free Antivirus (x32 Version: 14.0.3.338 - Avira)
Cliqz (x32 Version: 0.5.53 - Cliqz.com)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (x32 Version: 9.0.6426.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6426.52 - CyberLink Corp.) Hidden
DVD Architect Studio 5.0 (x32 Version: 5.0.161 - Sony)
EAX4 Unified Redist (x32 Version: 4.001 - Creative Labs)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FLV-Media-Player (x32 Version: 2.0.3.2532 - HYBRIDWEB.de)
Free Studio version 2013 (x32 Version: 6.2.2.1128 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.41.623 (x32 Version: 3.2.41.623 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.17.1127 (x32 Version: 3.12.17.1127 - DVDVideoSoft Ltd.)
Google Chrome (x32 Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3621 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 8 Update 25 (64-bit) (Version: 8.0.250 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.25.18 - Oracle Corporation) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.4.1028 (x32 Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office 365 - de-de (Version: 15.0.4675.1003 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Movie Studio Platinum 12.0 (64-bit) (Version: 12.0.530 - Sony)
Mozilla Firefox 34.0.5 (x86 de) (x32 Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (x32 Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4675.1003 - Microsoft Corporation) Hidden
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
Realtek Card Reader (x32 Version: 6.2.9600.28146 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Revo Uninstaller 1.95 (x32 Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
Sound Forge Audio Studio 10.0 (x32 Version: 10.0.178 - Sony)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Ubisoft Game Launcher (x32 Version: 1.0.0.0 - UBISOFT)
VAIO - Remote-Tastatur (x32 Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote-Tastatur mit PlayStation®3 (x32 Version: 1.2.0.09210 - Sony Corporation)
VAIO - Xperia Link (x32 Version: 1.3.2.07020 - Sony Corporation)
VAIO Care (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care Recovery (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (x32 Version: 4.11.1.11210 - Sony Corporation)
VAIO Control Center (x32 Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 3.0.1.02270 - Sony Corporation)
VAIO Gate Default (x32 Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Image Optimizer (x32 Version: 3.3.00.10220 - Sony Corporation)
VAIO Improvement (x32 Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator (x32 Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (x32 Version: 7.0.1.02280 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200 - Sony Corporation)
VAIO-Support für Übertragungen (x32 Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WEB.DE MailCheck für Mozilla Firefox (x32 Version: 2.10.1.1735 - 1&1 Mail & Media GmbH)
WinRAR 5.01 (32-bit) (x32 Version: 5.01.0 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

==================== Restore Points  =========================

17-12-2014 17:12:36 Installed Remote Keyboard (BLUETOOTH)
18-12-2014 17:18:54 DirectX wurde installiert
23-12-2014 18:22:29 Steam wird entfernt
01-01-2015 02:36:00 Geplanter Prüfpunkt
07-01-2015 14:29:12 Revo Uninstaller's restore point - Yahoo Community Smartbar

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C42943B-C6E4-41C7-A372-56FB10CEC848} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {1E24FEB4-34B3-4831-890D-568968556902} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {26CA54E4-4323-48B3-A77E-B8D488F5D85C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3B7A0431-E97E-479A-8039-78067BE3276A} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {3FDDB6E9-F041-407D-8D7F-FAF3E8608BAB} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {44E4FC09-D9FF-49D2-9144-48EB1765C27A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-22] (Google Inc.)
Task: {45B77B8A-5E3E-4D69-92B0-402C3571B7BE} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {47868FBE-CCA7-4A0A-ADA7-660C56185EF0} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {52E44BC9-D164-48F3-BEED-B89AC2891425} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {58544191-DDC7-413F-926E-76773CD505C5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {594C89A9-A2A4-4980-8B1A-0DCD98098187} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {5AA89CA2-07F0-4979-BC97-DE487B295948} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {64918D2F-E3F9-4708-B2FA-82FD897A33B4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6AD1A165-1033-465B-8A92-5A0361E038A4} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {6C308F6A-6092-4A48-9E8B-E50359876690} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77E493DB-BE83-4BE5-B401-F114392839EB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {812FD2C2-F87A-410D-9A14-7798901D5AC7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {866D3C34-CBB5-46E6-B03D-2AA6837C1CF4} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {938A4380-6468-41D5-9CFB-AB0174210177} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B7B9B1E3-82F1-4CEA-9309-30A7B5099E5A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-11-04] (Microsoft Corporation)
Task: {BEA87C79-8CFB-4C01-A6FC-77DCAB66CC64} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {C280DD71-0971-4DC6-BAB6-1EB53B7D85C7} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-03] (Sony Corporation)
Task: {C567FEE8-3FB5-4066-948F-2E2A34558226} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D24725FB-8898-4993-A04B-AD7E37347451} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D6CD0B8E-6707-4197-86E9-EAD9DCE921E3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DA4851AF-0EE7-4572-93D1-3EF7BCE3F6FF} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {DBAAB020-6E57-4B3B-8E92-D632EC0B5B49} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {DC995830-BBAF-47D1-A968-F39E3771B105} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E97BC73F-7676-4DA8-B775-F052AE1345EE} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {ED9D3F09-5C1E-4D88-ADC5-10EB2761C4C5} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {F06A08A8-6F69-418D-AF5F-49FE7573B15A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-17] (Microsoft Corporation)
Task: {F79FA871-057B-433B-87D6-CB286EF328C5} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {F7C8EE1A-39EE-4E29-91A7-4DB7C57DE2DA} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-11-19 09:21 - 2013-11-19 09:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\********\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (01/07/2015 03:42:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.1.0.9140, Zeitstempel: 0x50538abc
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x6f0
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5

Error: (01/07/2015 03:41:34 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.1.0.9140, Zeitstempel: 0x50538abc
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0xe4
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5

Error: (01/07/2015 03:32:34 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 428

Startzeit: 01d02a860a3cb8dd

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: fdbe86aa-9679-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/07/2015 02:57:38 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: fb0

Startzeit: 01d02a812c2925a4

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 1fb20870-9675-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/07/2015 02:54:00 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.1.0.9140, Zeitstempel: 0x50538abc
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x99c
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5

Error: (01/07/2015 02:53:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.1.0.9140, Zeitstempel: 0x50538abc
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x6bc
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5

Error: (01/07/2015 01:37:39 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1444

Startzeit: 01d02a75fb96f167

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: f02effa4-9669-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (01/07/2015 01:33:54 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.1.0.9140, Zeitstempel: 0x50538abc
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x1378
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5

Error: (01/07/2015 01:33:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: VESUserProxy.exe, Version: 6.1.0.9140, Zeitstempel: 0x50538abc
Name des fehlerhaften Moduls: SynCom.DLL, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000135
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x1270
Startzeit der fehlerhaften Anwendung: 0xVESUserProxy.exe0
Pfad der fehlerhaften Anwendung: VESUserProxy.exe1
Pfad des fehlerhaften Moduls: VESUserProxy.exe2
Berichtskennung: VESUserProxy.exe3
Vollständiger Name des fehlerhaften Pakets: VESUserProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: VESUserProxy.exe5

Error: (01/03/2015 08:05:22 PM) (Source: Application Hang) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 127c

Startzeit: 01d0278783381e85

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 76b97766-937b-11e4-bed8-a41731d8d3ca

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


System errors:
=============
Error: (01/07/2015 03:42:38 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (01/07/2015 03:42:08 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {BC173216-CF59-483B-BC5F-595A7D0466E6}

Error: (01/07/2015 03:40:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/07/2015 03:40:06 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Echtzeit-Scanner erreicht.

Error: (01/07/2015 03:40:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Planer" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/07/2015 03:40:05 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Planer erreicht.

Error: (01/07/2015 03:38:24 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) System Behavior Tracker Collector Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/07/2015 03:38:24 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Energy Server Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/07/2015 03:38:24 PM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/07/2015 03:38:24 PM) (Source: Service Control Manager) (User: )
Description: Dienst "VUAgent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (01/07/2015 03:42:08 PM) (Source: Application Error)(User: )
Description: VESUserProxy.exe6.1.0.914050538abcSynCom.DLL6.3.9600.1727853eeb4a3c000013500098f056f001d02a881cec79deC:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL5a9dc9a4-967b-11e4-bed9-a41731d8d3ca

Error: (01/07/2015 03:41:34 PM) (Source: Application Error)(User: )
Description: VESUserProxy.exe6.1.0.914050538abcSynCom.DLL6.3.9600.1727853eeb4a3c000013500098f05e401d02a8807242113C:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL46a8c498-967b-11e4-bed9-a41731d8d3ca

Error: (01/07/2015 03:32:34 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.2068942801d02a860a3cb8dd4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exefdbe86aa-9679-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/07/2015 02:57:38 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20689fb001d02a812c2925a44294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe1fb20870-9675-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/07/2015 02:54:00 PM) (Source: Application Error)(User: )
Description: VESUserProxy.exe6.1.0.914050538abcSynCom.DLL6.3.9600.1727853eeb4a3c000013500098f0599c01d02a81638c0451C:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLLa13d5411-9674-11e4-bed8-a41731d8d3ca

Error: (01/07/2015 02:53:28 PM) (Source: Application Error)(User: )
Description: VESUserProxy.exe6.1.0.914050538abcSynCom.DLL6.3.9600.1727853eeb4a3c000013500098f056bc01d02a815036cb3fC:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL8e36c969-9674-11e4-bed8-a41731d8d3ca

Error: (01/07/2015 01:37:39 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20689144401d02a75fb96f1674294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exef02effa4-9669-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (01/07/2015 01:33:54 PM) (Source: Application Error)(User: )
Description: VESUserProxy.exe6.1.0.914050538abcSynCom.DLL6.3.9600.1727853eeb4a3c000013500098f05137801d02a763324ff97C:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL70d8b1c7-9669-11e4-bed8-a41731d8d3ca

Error: (01/07/2015 01:33:22 PM) (Source: Application Error)(User: )
Description: VESUserProxy.exe6.1.0.914050538abcSynCom.DLL6.3.9600.1727853eeb4a3c000013500098f05127001d02a761f9b25e8C:\Program Files (x86)\Sony\VAIO Control Center\VESUserProxy.exeSynCom.DLL5da4ae86-9669-11e4-bed8-a41731d8d3ca

Error: (01/03/2015 08:05:22 PM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20689127c01d0278783381e854294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe76b97766-937b-11e4-bed8-a41731d8d3camicrosoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1


CodeIntegrity Errors:
===================================
  Date: 2015-01-01 13:51:12.397
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-01 13:51:12.288
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-01-01 13:50:23.309
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2015-01-01 13:50:23.168
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-12-28 20:12:21.390
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-28 20:12:21.296
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-28 20:10:51.066
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-12-28 20:10:50.941
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.

  Date: 2014-12-27 14:13:16.490
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-12-27 14:13:16.381
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 3975.27 MB
Available physical RAM: 2861.26 MB
Total Pagefile: 7943.27 MB
Available Pagefile: 6797.69 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:428.44 GB) (Free:320.57 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: ED47A296)

Partition: GPT Partition Type
==================== End Of Log ============================

--- --- ---

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01 (ATTENTION: ====> FRST version is 328 days old and could be outdated)
Ran by ******** (administrator) on VAIO on 07-01-2015 15:42:24
Running from C:\Users\********\Downloads\********\Installers\FRST-OlderVersion
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\RunOnce: [Adobe Speed Launcher] - 1420641654
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\Policies\Explorer: [DisallowRun] 1

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKCU - {4C434161-3A93-4930-9D0E-038FD29EDC43} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {B281959D-0D50-47CB-BD6F-46DCEA47C4B9} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default
FF DefaultSearchEngine: 1&1 Suche
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Cliqz Beta - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\cliqz@cliqz.com.xpi [2014-12-23]
FF Extension: Dict.cc Translation - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\searchdictcc@roughael.xpi [2014-02-06]
FF Extension: Tab Updater - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{55dcbefc-9aee-466f-9c9c-15e792724dd4}.xpi [2014-08-10]
FF Extension: {9d2201b0-125f-4d8f-ab37-93446f702158} - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{9d2201b0-125f-4d8f-ab37-93446f702158}.xpi [2014-07-24]
FF Extension: Adblock Plus - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-03]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\********\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-17]
CHR Extension: (Google Drive) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-17]
CHR Extension: (Google Search) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-17]
CHR Extension: (Google Wallet) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-17]
CHR Extension: (Gmail) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-17]
CHR Extension: (Default-Search) - C:\Users\********\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof [2014-12-22]

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-08] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-08] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
U2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-15] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-13] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-01] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-08] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-08] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-08] (McAfee, Inc.)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-06-08] ()
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-07-07] (Microsoft Corporation)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BTATH_VDP; \SystemRoot\system32\drivers\btath_vdp.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2015-01-07 15:36 - 2015-01-07 15:38 - 00000000 ____D () C:\AdwCleaner
2015-01-07 15:35 - 2015-01-07 15:35 - 02173952 _____ () C:\Users\********\Downloads\AdwCleaner_4.106.exe
2015-01-07 15:28 - 2015-01-07 15:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\********\Downloads\revosetup95.exe
2015-01-07 15:28 - 2015-01-07 15:28 - 00001284 _____ () C:\Users\********\Desktop\Revo Uninstaller.lnk
2015-01-07 15:28 - 2015-01-07 15:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-01 22:23 - 2015-01-01 22:23 - 01114624 _____ (Farbar) C:\Users\********\Downloads\FRST.exe
2015-01-01 21:22 - 2015-01-01 22:39 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-01 21:22 - 2015-01-01 21:22 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-01 21:22 - 2015-01-01 21:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-01 21:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-01 21:22 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-01 21:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-31 15:26 - 2014-12-31 15:26 - 00000000 ____D () C:\Users\********\Documents\Movie Studio Platinum 12.0 Projekte
2014-12-28 16:43 - 2014-12-28 16:43 - 01174352 _____ () C:\Users\********\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-12-23 01:43 - 2014-12-23 01:43 - 01080608 _____ (Unity Technologies ApS) C:\Users\********\Downloads\UnityWebPlayer.exe
2014-12-23 00:29 - 2015-01-07 15:40 - 00000000 ___RD () C:\Users\********\OneDrive
2014-12-22 16:01 - 2014-12-22 16:01 - 00000000 ____D () C:\Users\********\Documents\libraries
2014-12-22 16:00 - 2014-12-22 16:01 - 00000316 _____ () C:\Users\********\Documents\launcher_profiles.json
2014-12-22 15:54 - 2013-01-18 01:16 - 01034216 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2014-12-22 15:54 - 2013-01-18 01:16 - 00916456 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2014-12-22 15:53 - 2014-12-22 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-22 15:49 - 2014-12-22 16:00 - 00000000 ____D () C:\Users\********\Downloads\minecraft cracked launcher
2014-12-22 15:48 - 2014-12-22 15:48 - 01174352 _____ () C:\Users\********\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2014-12-22 15:48 - 2014-12-22 15:48 - 00000000 ____D () C:\Users\********\AppData\Roaming\Cliqz
2014-12-22 15:48 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2014-12-22 15:48 - 2011-03-25 19:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2014-12-22 15:38 - 2014-12-22 16:01 - 00000000 ____D () C:\Users\********\Documents\versions
2014-12-22 15:28 - 2014-12-22 15:30 - 00000000 ____D () C:\Users\********\minecraft
2014-12-19 16:36 - 2014-12-22 15:56 - 00000000 ____D () C:\Users\********\AppData\Roaming\.minecraft
2014-12-18 18:05 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-12-13 05:16 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-13 05:16 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-11 23:47 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 23:47 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 23:46 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 23:46 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 23:37 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 23:37 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 23:37 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 23:37 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 23:37 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 23:37 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 23:37 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 23:37 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 23:35 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 23:35 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 23:35 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 23:35 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 23:35 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 23:35 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 23:35 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 23:35 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 23:35 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 23:35 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 23:35 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 23:35 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 23:35 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 23:35 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 23:35 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 23:35 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 23:35 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 23:35 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 23:35 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 23:35 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 23:35 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 23:35 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 23:35 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 23:35 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 23:35 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 23:35 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 23:34 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 23:34 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 23:34 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 23:34 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 23:34 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 23:34 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 23:34 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 23:34 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 23:34 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 23:34 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 23:34 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 23:34 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 23:34 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 23:22 - 2014-12-11 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 01:53 - 2014-12-10 01:55 - 00000000 ____D () C:\Users\********\AppData\Local\Adobe

==================== One Month Modified Files and Folders =======

2015-01-07 15:42 - 2013-12-29 14:32 - 00000000 ____D () C:\FRST
2015-01-07 15:40 - 2014-12-23 00:29 - 00000000 ___RD () C:\Users\********\OneDrive
2015-01-07 15:40 - 2014-07-07 00:18 - 01635075 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-07 15:40 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-07 15:39 - 2014-03-18 02:50 - 00220818 _____ () C:\WINDOWS\PFRO.log
2015-01-07 15:39 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-07 15:38 - 2015-01-07 15:36 - 00000000 ____D () C:\AdwCleaner
2015-01-07 15:38 - 2014-07-06 23:57 - 00000000 ____D () C:\Users\********
2015-01-07 15:38 - 2013-12-22 13:46 - 00001095 _____ () C:\Users\********\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-07 15:35 - 2015-01-07 15:35 - 02173952 _____ () C:\Users\********\Downloads\AdwCleaner_4.106.exe
2015-01-07 15:34 - 2014-02-08 21:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2015-01-07 15:34 - 2013-06-25 22:25 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3292672608-3251690303-1879834815-1001
2015-01-07 15:31 - 2013-07-17 11:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-07 15:28 - 2015-01-07 15:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\********\Downloads\revosetup95.exe
2015-01-07 15:28 - 2015-01-07 15:28 - 00001284 _____ () C:\Users\********\Desktop\Revo Uninstaller.lnk
2015-01-07 15:28 - 2015-01-07 15:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-07 15:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-07 13:36 - 2014-07-14 19:47 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E224C277-5ECC-4FD1-8C88-6A01FE5D7476}
2015-01-02 23:16 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-02 23:16 - 2013-06-25 22:15 - 00000000 ____D () C:\Users\********\AppData\Local\Packages
2015-01-01 22:39 - 2015-01-01 21:22 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-01 22:23 - 2015-01-01 22:23 - 01114624 _____ (Farbar) C:\Users\********\Downloads\FRST.exe
2015-01-01 22:10 - 2014-03-18 11:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-01 22:10 - 2014-03-18 10:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-01 22:10 - 2014-03-18 10:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-01 21:57 - 2014-07-17 13:07 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-01 21:22 - 2015-01-01 21:22 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-01 21:22 - 2015-01-01 21:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-01 19:25 - 2013-08-22 15:46 - 00292362 _____ () C:\WINDOWS\setupact.log
2014-12-31 15:26 - 2014-12-31 15:26 - 00000000 ____D () C:\Users\********\Documents\Movie Studio Platinum 12.0 Projekte
2014-12-31 15:26 - 2013-12-19 18:38 - 00000000 ____D () C:\Users\********\AppData\Roaming\Sony
2014-12-31 15:26 - 2013-06-25 22:34 - 00000000 ____D () C:\Users\********\AppData\Local\Sony
2014-12-28 16:43 - 2014-12-28 16:43 - 01174352 _____ () C:\Users\********\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-12-25 18:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-23 18:06 - 2014-02-07 11:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-23 01:43 - 2014-12-23 01:43 - 01080608 _____ (Unity Technologies ApS) C:\Users\********\Downloads\UnityWebPlayer.exe
2014-12-22 16:01 - 2014-12-22 16:01 - 00000000 ____D () C:\Users\********\Documents\libraries
2014-12-22 16:01 - 2014-12-22 16:00 - 00000316 _____ () C:\Users\********\Documents\launcher_profiles.json
2014-12-22 16:01 - 2014-12-22 15:38 - 00000000 ____D () C:\Users\********\Documents\versions
2014-12-22 16:00 - 2014-12-22 15:49 - 00000000 ____D () C:\Users\********\Downloads\minecraft cracked launcher
2014-12-22 15:56 - 2014-12-19 16:36 - 00000000 ____D () C:\Users\********\AppData\Roaming\.minecraft
2014-12-22 15:54 - 2013-01-18 01:16 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-22 15:53 - 2014-12-22 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-22 15:53 - 2013-01-18 01:16 - 00320936 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00000000 ____D () C:\Program Files\Java
2014-12-22 15:48 - 2014-12-22 15:48 - 01174352 _____ () C:\Users\********\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2014-12-22 15:48 - 2014-12-22 15:48 - 00000000 ____D () C:\Users\********\AppData\Roaming\Cliqz
2014-12-22 15:36 - 2014-03-11 14:00 - 00000000 ____D () C:\Users\********\Downloads\********
2014-12-22 15:30 - 2014-12-22 15:28 - 00000000 ____D () C:\Users\********\minecraft
2014-12-18 18:27 - 2014-12-03 18:05 - 00000000 ____D () C:\Neuer Ordner
2014-12-18 18:20 - 2013-01-18 01:33 - 00314928 _____ () C:\WINDOWS\DirectX.log
2014-12-17 18:17 - 2014-02-17 17:03 - 00000000 ____D () C:\Users\********\AppData\Roaming\iolo
2014-12-17 18:13 - 2014-02-17 17:23 - 00000000 ____D () C:\Program Files (x86)\Sony Corporation
2014-12-17 18:13 - 2013-06-30 01:52 - 00000000 ____D () C:\Update
2014-12-17 18:13 - 2013-01-18 01:18 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-12-17 18:13 - 2013-01-18 01:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-17 18:13 - 2013-01-18 00:52 - 00000000 ____D () C:\Program Files\Sony
2014-12-17 18:11 - 2013-08-14 01:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-17 18:07 - 2013-06-27 02:23 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-17 17:33 - 2013-01-18 01:21 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-17 17:32 - 2013-01-18 01:57 - 00000000 ____D () C:\ProgramData\Sony
2014-12-16 16:47 - 2013-07-03 00:15 - 00000000 ____D () C:\Users\********\AppData\Roaming\CyberLink
2014-12-12 02:21 - 2013-07-03 00:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-11 23:23 - 2014-12-11 23:22 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 01:55 - 2014-12-10 01:53 - 00000000 ____D () C:\Users\********\AppData\Local\Adobe
2014-12-10 01:54 - 2013-07-17 11:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater

Some content of TEMP:
====================
C:\Users\********\AppData\Local\Temp\amazonicon_v6.exe
C:\Users\********\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\********\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\********\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\********\AppData\Local\Temp\foxy_security.exe
C:\Users\********\AppData\Local\Temp\mbam-setup-2.0.2.1012.exe
C:\Users\********\AppData\Local\Temp\Quarantine.exe
C:\Users\********\AppData\Local\Temp\sdanircmdc.exe
C:\Users\********\AppData\Local\Temp\sdapskill.exe
C:\Users\********\AppData\Local\Temp\sdaspwn.exe
C:\Users\********\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\********\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\********\AppData\Local\Temp\SHSetup.exe
C:\Users\********\AppData\Local\Temp\sqlite3.dll
C:\Users\********\AppData\Local\Temp\WEB.DE_MailCheck_FF_Setup_2.10.1.1735.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe
[2014-03-18 11:11] - [2014-03-18 11:11] - 0562176 ____A (Microsoft Corporation) 306EB21E5B480AE9065EA55AC8C35936

C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2014-09-14 20:25] - [2014-08-23 08:48] - 2374784 ____A (Microsoft Corporation) ACDBE1ED38167C8B01B8F63161BB2CEA

C:\Windows\SysWOW64\explorer.exe
[2014-09-14 20:25] - [2014-08-23 08:13] - 2084520 ____A (Microsoft Corporation) 195822ACCDAA2B4815DD01BAFC335595

C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe
[2014-07-07 00:36] - [2014-07-07 00:36] - 0407016 ____A (Microsoft Corporation) 067CB90C277DB4A737D5DEABA3055972

C:\Windows\System32\User32.dll
[2014-11-13 15:15] - [2014-09-22 05:38] - 1519488 ____A (Microsoft Corporation) F0A117D19873FCDF801F082F33BFBB6C

C:\Windows\SysWOW64\User32.dll
[2014-11-13 15:15] - [2014-09-19 01:16] - 1346048 ____A (Microsoft Corporation) 5F333FDBF392850373C89BDA31EBEC1B

C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll
[2014-03-18 11:11] - [2014-03-18 11:11] - 0753664 ____A (Microsoft Corporation) 81979817943D830BF24571B7C1B28A1A

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys
[2014-09-14 20:23] - [2014-06-19 03:13] - 0310080 ___AC (Microsoft Corporation) 64CA2B4A49A8EAF495E435623ECCE7DB



LastRegBack: 2015-01-02 04:48

==================== End Of Log ============================

--- --- ---

--- --- ---

Bootsektor · 07.01.2015, 23:50

Hallo,

sehr schön.

Hast du denn nun noch Probleme?

Schritt 1
Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 2
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

spinweb · 08.01.2015, 20:50

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1c8feb4e69df1a4780f65b174e353b23
# engine=21872
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-01-08 06:30:40
# local_time=2015-01-08 07:30:40 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777214 100 86 26956883 48456612 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 94904 11046159 0 0
# scanned=208777
# found=15
# cleaned=0
# scan_time=7348
sh=9967ACE5E7ABFF96DCBD8A6355FA26A8D813DA14 ft=1 fh=75b10d9be875e123 vn="Variante von Win32/Adware.SpeedingUpMyPC.T.gen Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\lilli\AppData\Local\Temp\OptimizerPro.exe.vir"
sh=F1629C7712E7AABD70DA970828F173AC654898EF ft=1 fh=249d9ad52d4d0a26 vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\lilli\AppData\Local\Temp\Security Systems\Setup.exe.vir"
sh=1051181D6A4E6B06FF83BFD5BAD844647E2B6450 ft=1 fh=a1ff9876a0d9750c vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\WINDOWS\System32\roboot64.exe.vir"
sh=E3D9389D8746D1847AA4A6AF248D2EA76B797E93 ft=1 fh=0a55342cdda5f9ee vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\Users\lilli\AppData\Local\Temp\foxy_security.exe"
sh=E3D9389D8746D1847AA4A6AF248D2EA76B797E93 ft=1 fh=0a55342cdda5f9ee vn="Variante von Win32/Adware.Synatix.A Anwendung" ac=I fn="C:\Users\lilli\AppData\Local\Temp\2c3f58eb53411028bee59d7bce3aff52\foxy_security.exe"
sh=FB3F7E2BF56F5EA06763303CDAA0E962E975E063 ft=1 fh=c0dea5299389dc4e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\lilli\AppData\Local\Temp\DMR\dmr_72.exe"
sh=9DAA7C60C8EBCA18BB54107B1C32D666F5341D36 ft=1 fh=9a035789a933e634 vn="Variante von Win32/AdWare.NaviPromo.AZ Anwendung" ac=I fn="C:\Users\lilli\AppData\Local\Temp\n2563\FabulousInstaller.exe"
sh=01E530CFF771B3736766D51413153BF653C1D045 ft=1 fh=703f9826874db652 vn="Win32/Toolbar.SearchSuite.T evtl. unerwünschte Anwendung" ac=I fn="C:\Users\lilli\AppData\Local\Temp\nsu9A8A.tmp\Starter.exe"
sh=5F97E522FC00479C8BFCEC799DF1E34664CC5A58 ft=1 fh=ee5631b7e3727828 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\lilli\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe"
sh=E748478F08556C928F5FC0DEA2D03BE2ED3BF594 ft=1 fh=e366108209263f40 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\lilli\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=32FE2BE13686206D66950195124C16F3F4A77FD4 ft=1 fh=1b5e613fbd4afc01 vn="Win32/WinloadSDA.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\lilli\Downloads\Meine Mülltonne\Malwarebytes-Anti-Malware-lnstall.exe"
sh=2A2B0D1BDF59D203AEDCCF60E0ED1EDF12EFE52F ft=1 fh=b58b6ff5e352b598 vn="Win32/SmartFileAdvisor.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\lilli\Downloads\Meine Mülltonne\hfdo\Alcohol 120% 2.0.2 Build 5830 Retail\Alcohol120_retail_2.0.2.5830.exe"
sh=45FD973B3C449586C098BA9C2E2656D599B59F56 ft=1 fh=8df7d9b43a99a85f vn="Variante von MSIL/RiskWare.HackAV.C Anwendung" ac=I fn="C:\Users\lilli\Downloads\Meine Mülltonne\hfdo\Bitdefender.Internet.Security.2013.Build.16.16.0.x64.GERMAN\liQeNSoft Activator\liQeNSoft_Bitdefender_Activator_2.0BETA3.exe"
sh=941CAFA306784A0EDA0961F67B9C884A84EE5082 ft=1 fh=c71c0011c9fe2c53 vn="Variante von Win32/TrojanDownloader.VB.QNP Trojaner" ac=I fn="C:\Users\lilli\Downloads\Meine Mülltonne\uT downloads\AP CC v14.2,CS6\Adobe Photoshop CS6 13.0.1 Extended Final Multilanguage\Adobe Photoshop CS6 13.0.1 Extended Final Multilanguage.exe"
sh=8E11576A2D99F0900DF7B767B216F3813170EB97 ft=1 fh=103cd6974b4c4f5b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by ***** (administrator) on VAIO on 08-01-2015 20:48:53
Running from C:\Users\*****\Downloads
Loaded Profile: ***** (Available profiles: *****)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\RunOnce: [Adobe Speed Launcher] => 1420734290
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\Policies\Explorer: [DisallowRun] 1
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49790;https=127.0.0.1:49790
ProxyEnable: [S-1-5-21-3292672608-3251690303-1879834815-1001] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001 -> {4C434161-3A93-4930-9D0E-038FD29EDC43} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001 -> {B281959D-0D50-47CB-BD6F-46DCEA47C4B9} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default
FF DefaultSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3292672608-3251690303-1879834815-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF Plugin HKU\S-1-5-21-3292672608-3251690303-1879834815-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\webde-suche.xml
FF Extension: Cliqz Beta - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\cliqz@cliqz.com.xpi [2014-12-23]
FF Extension: Dict.cc Translation - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\searchdictcc@roughael.xpi [2014-02-06]
FF Extension: Tab Updater - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{55dcbefc-9aee-466f-9c9c-15e792724dd4}.xpi [2014-08-10]
FF Extension: {9d2201b0-125f-4d8f-ab37-93446f702158} - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{9d2201b0-125f-4d8f-ab37-93446f702158}.xpi [2014-07-24]
FF Extension: Adblock Plus - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-03]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-12-11]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSearchKeyword: Default -> 42F6E8BE048717FD250B42F9EEA3283CD3B5149BF262C375DA8B14B231469467
CHR DefaultSearchURL: Default -> 66E7675B4F3335AA3CF5CC5A5824ECA1524996BB369F834684DC2B4574DEE592
CHR Profile: C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-17]
CHR Extension: (Google Drive) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-17]
CHR Extension: (Google-Suche) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-17]
CHR Extension: (Google Wallet) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-17]
CHR Extension: (Google Mail) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-17]
CHR Extension: (Default-Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof [2014-12-22]
CHR HKLM-x32\...\Chrome\Extension: [poimdfnhgefmnkeefbjibbiemlimdnof] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-08] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-08] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-15] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-01] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-08] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-08] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-08] (McAfee, Inc.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-06-08] ()
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BTATH_VDP; \SystemRoot\system32\drivers\btath_vdp.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 20:48 - 2015-01-08 20:48 - 02124288 _____ (Farbar) C:\Users\*****\Downloads\FRST64.exe
2015-01-08 20:48 - 2015-01-08 20:48 - 00017621 _____ () C:\Users\*****\Downloads\FRST.txt
2015-01-08 15:45 - 2015-01-08 15:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-08 15:44 - 2015-01-08 15:44 - 02347384 _____ (ESET) C:\Users\*****\Downloads\esetsmartinstaller_deu.exe
2015-01-07 15:46 - 2015-01-07 15:46 - 00000000 ____D () C:\Users\*****\Desktop\logs aktuell
2015-01-07 15:36 - 2015-01-07 15:38 - 00000000 ____D () C:\AdwCleaner
2015-01-07 15:35 - 2015-01-07 15:35 - 02173952 _____ () C:\Users\*****\Downloads\AdwCleaner_4.106.exe
2015-01-07 15:28 - 2015-01-07 15:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\*****\Downloads\revosetup95.exe
2015-01-07 15:28 - 2015-01-07 15:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-01 22:23 - 2015-01-01 22:23 - 01114624 _____ (Farbar) C:\Users\*****\Downloads\FRST.exe
2015-01-01 21:22 - 2015-01-01 22:39 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-01 21:22 - 2015-01-01 21:22 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-01 21:22 - 2015-01-01 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-01 21:22 - 2015-01-01 21:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-01 21:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-01 21:22 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-01 21:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-31 15:26 - 2014-12-31 15:26 - 00000000 ____D () C:\Users\*****\Documents\Movie Studio Platinum 12.0 Projekte
2014-12-28 16:43 - 2014-12-28 16:43 - 01174352 _____ () C:\Users\*****\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2014-12-23 01:43 - 2014-12-23 01:43 - 01080608 _____ (Unity Technologies ApS) C:\Users\*****\Downloads\UnityWebPlayer.exe
2014-12-23 00:29 - 2015-01-08 17:26 - 00000000 ____D () C:\Users\*****\OneDrive
2014-12-22 16:01 - 2014-12-22 16:01 - 00000000 ____D () C:\Users\*****\Documents\libraries
2014-12-22 16:00 - 2014-12-22 16:01 - 00000316 _____ () C:\Users\*****\Documents\launcher_profiles.json
2014-12-22 15:54 - 2014-12-22 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-22 15:54 - 2013-01-18 01:16 - 01034216 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2014-12-22 15:54 - 2013-01-18 01:16 - 00916456 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2014-12-22 15:53 - 2014-12-22 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-22 15:49 - 2014-12-22 16:00 - 00000000 ____D () C:\Users\*****\Downloads\minecraft cracked launcher
2014-12-22 15:48 - 2014-12-22 15:48 - 01174352 _____ () C:\Users\*****\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
2014-12-22 15:48 - 2014-12-22 15:48 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Cliqz
2014-12-22 15:48 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2014-12-22 15:48 - 2011-03-25 19:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2014-12-22 15:38 - 2014-12-22 16:01 - 00000000 ____D () C:\Users\*****\Documents\versions
2014-12-22 15:28 - 2014-12-22 15:30 - 00000000 ____D () C:\Users\*****\minecraft
2014-12-19 16:36 - 2014-12-22 15:56 - 00000000 ____D () C:\Users\*****\AppData\Roaming\.minecraft
2014-12-18 18:05 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2014-12-13 05:16 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-13 05:16 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-11 23:47 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-11 23:47 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-11 23:46 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-11 23:46 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-11 23:37 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-11 23:37 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-11 23:37 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-11 23:37 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-11 23:37 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-11 23:37 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-11 23:37 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-11 23:37 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-11 23:35 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-11 23:35 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-11 23:35 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-11 23:35 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-11 23:35 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-11 23:35 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-11 23:35 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-11 23:35 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-11 23:35 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-11 23:35 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-11 23:35 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-11 23:35 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-11 23:35 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-11 23:35 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-11 23:35 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-11 23:35 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-11 23:35 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-11 23:35 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-11 23:35 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-11 23:35 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-11 23:35 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-11 23:35 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-11 23:35 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-11 23:35 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-11 23:35 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-11 23:35 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-11 23:34 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-11 23:34 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-11 23:34 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-11 23:34 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-11 23:34 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-11 23:34 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-11 23:34 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-11 23:34 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-11 23:34 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-11 23:34 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-11 23:34 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-11 23:34 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-11 23:34 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-11 23:22 - 2014-12-11 23:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 01:53 - 2014-12-10 01:55 - 00000000 ____D () C:\Users\*****\AppData\Local\Adobe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 20:49 - 2013-12-29 14:32 - 00000000 ____D () C:\FRST
2015-01-08 20:31 - 2013-07-17 11:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-08 20:25 - 2014-07-07 00:18 - 01869041 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-08 20:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-08 20:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-08 19:31 - 2013-06-25 22:25 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3292672608-3251690303-1879834815-1001
2015-01-08 17:30 - 2014-03-18 11:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-08 17:30 - 2014-03-18 10:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-08 17:30 - 2014-03-18 10:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-08 17:24 - 2014-07-06 23:57 - 00000000 ____D () C:\Users\*****
2015-01-08 17:23 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-08 16:12 - 2014-07-14 19:47 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E224C277-5ECC-4FD1-8C88-6A01FE5D7476}
2015-01-07 15:39 - 2014-03-18 02:50 - 00220818 _____ () C:\WINDOWS\PFRO.log
2015-01-07 15:39 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-07 15:38 - 2013-12-22 13:46 - 00001095 _____ () C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-07 15:38 - 2013-01-18 02:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-07 15:34 - 2014-02-08 21:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2015-01-02 23:16 - 2013-06-25 22:15 - 00000000 ____D () C:\Users\*****\AppData\Local\Packages
2015-01-01 21:57 - 2014-07-17 13:07 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-01 19:25 - 2013-08-22 15:46 - 00292362 _____ () C:\WINDOWS\setupact.log
2014-12-31 15:26 - 2013-12-19 18:38 - 00000000 ____D () C:\Users\*****\AppData\Roaming\Sony
2014-12-31 15:26 - 2013-06-25 22:34 - 00000000 ____D () C:\Users\*****\AppData\Local\Sony
2014-12-31 12:14 - 2013-06-29 00:25 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-12-25 18:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-23 19:23 - 2014-02-08 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-12-23 18:06 - 2014-02-07 11:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 15:54 - 2013-01-18 01:16 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-22 15:53 - 2013-01-18 01:16 - 00320936 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00000000 ____D () C:\Program Files\Java
2014-12-22 15:36 - 2014-03-11 14:00 - 00000000 ____D () C:\Users\*****\Downloads\*************
2014-12-18 18:32 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 18:27 - 2014-12-03 18:05 - 00000000 ____D () C:\Neuer Ordner
2014-12-18 18:20 - 2013-01-18 01:33 - 00314928 _____ () C:\WINDOWS\DirectX.log
2014-12-17 18:17 - 2014-02-17 17:03 - 00000000 ____D () C:\Users\*****\AppData\Roaming\iolo
2014-12-17 18:13 - 2014-02-17 17:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2014-12-17 18:13 - 2014-02-17 17:23 - 00000000 ____D () C:\Program Files (x86)\Sony Corporation
2014-12-17 18:13 - 2013-06-30 01:52 - 00000000 ____D () C:\Update
2014-12-17 18:13 - 2013-01-18 01:18 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-12-17 18:13 - 2013-01-18 01:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-17 18:13 - 2013-01-18 00:52 - 00000000 ____D () C:\Program Files\Sony
2014-12-17 18:11 - 2013-08-14 01:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-17 18:07 - 2013-06-27 02:23 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-17 17:33 - 2013-01-18 01:21 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-17 17:32 - 2013-01-18 01:57 - 00000000 ____D () C:\ProgramData\Sony
2014-12-16 16:47 - 2013-07-03 00:15 - 00000000 ____D () C:\Users\*****\AppData\Roaming\CyberLink
2014-12-12 02:21 - 2013-07-03 00:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-12 02:05 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-11 23:21 - 2013-01-18 01:41 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-10 01:54 - 2013-07-17 11:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-10 01:11 - 2014-01-29 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

Some content of TEMP:
====================
C:\Users\*****\AppData\Local\Temp\amazonicon_v6.exe
C:\Users\*****\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\*****\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\*****\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\*****\AppData\Local\Temp\foxy_security.exe
C:\Users\*****\AppData\Local\Temp\mbam-setup-2.0.2.1012.exe
C:\Users\*****\AppData\Local\Temp\Quarantine.exe
C:\Users\*****\AppData\Local\Temp\sdanircmdc.exe
C:\Users\*****\AppData\Local\Temp\sdapskill.exe
C:\Users\*****\AppData\Local\Temp\sdaspwn.exe
C:\Users\*****\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\*****\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\*****\AppData\Local\Temp\SHSetup.exe
C:\Users\*****\AppData\Local\Temp\sqlite3.dll
C:\Users\*****\AppData\Local\Temp\WEB.DE_MailCheck_FF_Setup_2.10.1.1735.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-08 19:31

==================== End Of Log ============================

--- --- ---

--- --- ---

Bootsektor · 09.01.2015, 01:27

Hallo,

Zitat:

Hast du denn nun noch Probleme?

beantworte bitte noch meine Frage.

spinweb · 09.01.2015, 22:20

Oh achso. Also ich merke keine beeinträchtigungen beim surfen oder anderes.
Bei Eset wurden noch 15 viren gefunden. Probleme sonst keine.

Bootsektor · 10.01.2015, 23:45

Hallo,

gut, dann sollten wir den Proxy noch rausnehmen. Bitte drauf achten die Sternchen zu ersetzen.

Was ist das denn?

Zitat:

C:\Users\lilli\Downloads\Meine Mülltonne\hfdo\Bitdefender.Internet.Security.2013.Build.16.16.0.x64.GERMAN\liQeNSoft Activator\liQeNSoft_Bitdefender_Activator_2.0BETA3.exe

Schritt 1

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49790;https=127.0.0.1:49790
ProxyEnable: [S-1-5-21-3292672608-3251690303-1879834815-1001] => Internet Explorer proxy is enabled.
FF Extension: Tab Updater - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{55dcbefc-9aee-466f-9c9c-15e792724dd4}.xpi [2014-08-10]
FF Extension: {9d2201b0-125f-4d8f-ab37-93446f702158} - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{9d2201b0-125f-4d8f-ab37-93446f702158}.xpi [2014-07-24]
CHR Extension: (Default-Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof [2014-12-22]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Users\*****\AppData\Local\Temp\SHSetup.exe
C:\Users\lilli\AppData\Local\Temp\foxy_security.exe
C:\Users\lilli\AppData\Local\Temp\2c3f58eb53411028bee59d7bce3aff52\foxy_security.exe
C:\Users\lilli\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\lilli\AppData\Local\Temp\n2563\FabulousInstaller.exe
C:\Users\lilli\AppData\Local\Temp\nsu9A8A.tmp\Starter.exe
C:\Users\lilli\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
C:\Users\lilli\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
C:\Users\lilli\Downloads\Meine Mülltonne\Malwarebytes-Anti-Malware-lnstall.exe
C:\Users\lilli\Downloads\Meine Mülltonne\hfdo\Alcohol 120% 2.0.2 Build 5830 Retail\Alcohol120_retail_2.0.2.5830.exe
C:\Users\lilli\Downloads\Meine Mülltonne\hfdo\Bitdefender.Internet.Security.2013.Build.16.16.0.x64.GERMAN\liQeNSoft Activator\liQeNSoft_Bitdefender_Activator_2.0BETA3.exe
C:\Users\lilli\Downloads\Meine Mülltonne\uT downloads\AP CC v14.2,CS6\Adobe Photoshop CS6 13.0.1 Extended Final Multilanguage\Adobe Photoshop CS6 13.0.1 Extended Final Multilanguage.exe
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Starte noch einmal FRST.

Ändere keine der Voreinstellungen und drücke auf Scan.
Wenn der Scan abgeschlossen ist, wird ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.

spinweb · 14.01.2015, 15:48

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by lilli at 2015-01-14 15:45:15 Run:1
Running from C:\Users\lilli\Downloads
Loaded Profile: lilli (Available profiles: lilli)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
ProxyEnable: [HKLM-x32] => ProxyEnable is set.
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49790;https=127.0.0.1:49790
ProxyEnable: [S-1-5-21-3292672608-3251690303-1879834815-1001] => Internet Explorer proxy is enabled.
FF Extension: Tab Updater - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{55dcbefc-9aee-466f-9c9c-15e792724dd4}.xpi [2014-08-10]
FF Extension: {9d2201b0-125f-4d8f-ab37-93446f702158} - C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{9d2201b0-125f-4d8f-ab37-93446f702158}.xpi [2014-07-24]
CHR Extension: (Default-Search) - C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof [2014-12-22]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Users\*****\AppData\Local\Temp\SHSetup.exe
C:\Users\lilli\AppData\Local\Temp\foxy_security.exe
C:\Users\lilli\AppData\Local\Temp\2c3f58eb53411028bee59d7bce3aff52\foxy_security.exe
C:\Users\lilli\AppData\Local\Temp\DMR\dmr_72.exe
C:\Users\lilli\AppData\Local\Temp\n2563\FabulousInstaller.exe
C:\Users\lilli\AppData\Local\Temp\nsu9A8A.tmp\Starter.exe
C:\Users\lilli\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe
C:\Users\lilli\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
C:\Users\lilli\Downloads\Meine Mülltonne\Malwarebytes-Anti-Malware-lnstall.exe
C:\Users\lilli\Downloads\Meine Mülltonne\hfdo\Alcohol 120% 2.0.2 Build 5830 Retail\Alcohol120_retail_2.0.2.5830.exe
C:\Users\lilli\Downloads\Meine Mülltonne\hfdo\Bitdefender.Internet.Security.2013.Build.16.16.0.x64.GERMAN\liQeNSoft Activator\liQeNSoft_Bitdefender_Activator_2.0BETA3.exe
C:\Users\lilli\Downloads\Meine Mülltonne\uT downloads\AP CC v14.2,CS6\Adobe Photoshop CS6 13.0.1 Extended Final Multilanguage\Adobe Photoshop CS6 13.0.1 Extended Final Multilanguage.exe
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
         
*****************

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully.
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value deleted successfully.
C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{55dcbefc-9aee-466f-9c9c-15e792724dd4}.xpi not found.
C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{9d2201b0-125f-4d8f-ab37-93446f702158}.xpi not found.
C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof directory not found.
esgiguard => Service deleted successfully.
"C:\Users\*****\AppData\Local\Temp\SHSetup.exe" => File/Directory not found.
C:\Users\lilli\AppData\Local\Temp\foxy_security.exe => Moved successfully.
C:\Users\lilli\AppData\Local\Temp\2c3f58eb53411028bee59d7bce3aff52\foxy_security.exe => Moved successfully.
C:\Users\lilli\AppData\Local\Temp\DMR\dmr_72.exe => Moved successfully.
C:\Users\lilli\AppData\Local\Temp\n2563\FabulousInstaller.exe => Moved successfully.
C:\Users\lilli\AppData\Local\Temp\nsu9A8A.tmp\Starter.exe => Moved successfully.
C:\Users\lilli\Downloads\Java Runtime Environment 64 Bit - CHIP-Installer.exe => Moved successfully.
C:\Users\lilli\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe => Moved successfully.
C:\Users\lilli\Downloads\Meine Mülltonne\Malwarebytes-Anti-Malware-lnstall.exe => Moved successfully.
C:\Users\lilli\Downloads\Meine Mülltonne\hfdo\Alcohol 120% 2.0.2 Build 5830 Retail\Alcohol120_retail_2.0.2.5830.exe => Moved successfully.
C:\Users\lilli\Downloads\Meine Mülltonne\hfdo\Bitdefender.Internet.Security.2013.Build.16.16.0.x64.GERMAN\liQeNSoft Activator\liQeNSoft_Bitdefender_Activator_2.0BETA3.exe => Moved successfully.
C:\Users\lilli\Downloads\Meine Mülltonne\uT downloads\AP CC v14.2,CS6\Adobe Photoshop CS6 13.0.1 Extended Final Multilanguage\Adobe Photoshop CS6 13.0.1 Extended Final Multilanguage.exe => Moved successfully.
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll => Moved successfully.

==== End of Fixlog 15:45:18 ====

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by lilli (administrator) on VAIO on 14-01-2015 15:45:53
Running from C:\Users\lilli\Downloads
Loaded Profile: lilli (Available profiles: lilli)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\RunOnce: [Adobe Speed Launcher] => 1421246366
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\Policies\Explorer: [DisallowRun] 1
BootExecute: autocheck autochk * 

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001 -> {4C434161-3A93-4930-9D0E-038FD29EDC43} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKU\S-1-5-21-3292672608-3251690303-1879834815-1001 -> {B281959D-0D50-47CB-BD6F-46DCEA47C4B9} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default
FF DefaultSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3292672608-3251690303-1879834815-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF Plugin HKU\S-1-5-21-3292672608-3251690303-1879834815-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\searchplugins\webde-suche.xml
FF Extension: Cliqz Beta - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\cliqz@cliqz.com.xpi [2014-12-23]
FF Extension: Dict.cc Translation - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\searchdictcc@roughael.xpi [2014-02-06]
FF Extension: Tab Updater - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{55dcbefc-9aee-466f-9c9c-15e792724dd4}.xpi [2014-08-10]
FF Extension: {9d2201b0-125f-4d8f-ab37-93446f702158} - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{9d2201b0-125f-4d8f-ab37-93446f702158}.xpi [2014-07-24]
FF Extension: Adblock Plus - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-03]
FF Extension: UITBAutoInstaller - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2014-12-11]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKU\S-1-5-21-3292672608-3251690303-1879834815-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\lilli\AppData\Roaming\Mozilla\Firefox\Profiles\fo1xyvwa.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSearchKeyword: Default -> 42F6E8BE048717FD250B42F9EEA3283CD3B5149BF262C375DA8B14B231469467
CHR DefaultSearchURL: Default -> 66E7675B4F3335AA3CF5CC5A5824ECA1524996BB369F834684DC2B4574DEE592
CHR Profile: C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-17]
CHR Extension: (Google Drive) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-12-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-07]
CHR Extension: (YouTube) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-12-17]
CHR Extension: (Google-Suche) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-12-17]
CHR Extension: (Google Wallet) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-17]
CHR Extension: (Google Mail) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-12-17]
CHR Extension: (Default-Search) - C:\Users\lilli\AppData\Local\Google\Chrome\User Data\Default\Extensions\poimdfnhgefmnkeefbjibbiemlimdnof [2014-12-22]
CHR HKLM-x32\...\Chrome\Extension: [poimdfnhgefmnkeefbjibbiemlimdnof] - No Path

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-08-08] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-08-08] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-19] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-15] (Avira Operations GmbH & Co. KG)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-01] (Malwarebytes Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179664 2013-08-08] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [310224 2013-08-08] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519064 2013-08-08] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [776168 2013-08-08] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343568 2013-08-08] (McAfee, Inc.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-06-08] ()
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BTATH_VDP; \SystemRoot\system32\drivers\btath_vdp.sys [X]
S3 SmbDrvI; \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-08 20:48 - 2015-01-14 15:45 - 00017121 _____ () C:\Users\lilli\Downloads\FRST.txt
2015-01-08 20:48 - 2015-01-08 20:48 - 02124288 _____ (Farbar) C:\Users\lilli\Downloads\FRST64.exe
2015-01-08 15:45 - 2015-01-08 15:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-08 15:44 - 2015-01-08 15:44 - 02347384 _____ (ESET) C:\Users\lilli\Downloads\esetsmartinstaller_deu.exe
2015-01-07 15:46 - 2015-01-14 15:42 - 00000000 ____D () C:\Users\lilli\Desktop\logs aktuell
2015-01-07 15:36 - 2015-01-07 15:38 - 00000000 ____D () C:\AdwCleaner
2015-01-07 15:35 - 2015-01-07 15:35 - 02173952 _____ () C:\Users\lilli\Downloads\AdwCleaner_4.106.exe
2015-01-07 15:28 - 2015-01-07 15:28 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\lilli\Downloads\revosetup95.exe
2015-01-07 15:28 - 2015-01-07 15:28 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-01-01 22:23 - 2015-01-01 22:23 - 01114624 _____ (Farbar) C:\Users\lilli\Downloads\FRST.exe
2015-01-01 21:22 - 2015-01-01 22:39 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-01-01 21:22 - 2015-01-01 21:22 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-01-01 21:22 - 2015-01-01 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-01-01 21:22 - 2015-01-01 21:22 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-01-01 21:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-01-01 21:22 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-01-01 21:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-31 15:26 - 2014-12-31 15:26 - 00000000 ____D () C:\Users\lilli\Documents\Movie Studio Platinum 12.0 Projekte
2014-12-23 01:43 - 2014-12-23 01:43 - 01080608 _____ (Unity Technologies ApS) C:\Users\lilli\Downloads\UnityWebPlayer.exe
2014-12-23 00:29 - 2015-01-14 15:42 - 00000000 ___RD () C:\Users\lilli\OneDrive
2014-12-22 16:01 - 2014-12-22 16:01 - 00000000 ____D () C:\Users\lilli\Documents\libraries
2014-12-22 16:00 - 2014-12-22 16:01 - 00000316 _____ () C:\Users\lilli\Documents\launcher_profiles.json
2014-12-22 15:54 - 2014-12-22 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-22 15:54 - 2013-01-18 01:16 - 01034216 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2014-12-22 15:54 - 2013-01-18 01:16 - 00916456 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2014-12-22 15:53 - 2014-12-22 15:53 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-22 15:49 - 2014-12-22 16:00 - 00000000 ____D () C:\Users\lilli\Downloads\minecraft cracked launcher
2014-12-22 15:48 - 2014-12-22 15:48 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\Cliqz
2014-12-22 15:48 - 2011-05-13 11:16 - 00493056 _____ ( datenhaus GmbH) C:\WINDOWS\SysWOW64\dhRichClient3.dll
2014-12-22 15:48 - 2011-03-25 19:42 - 00338432 _____ () C:\WINDOWS\SysWOW64\sqlite36_engine.dll
2014-12-22 15:38 - 2014-12-22 16:01 - 00000000 ____D () C:\Users\lilli\Documents\versions
2014-12-22 15:28 - 2014-12-22 15:30 - 00000000 ____D () C:\Users\lilli\minecraft
2014-12-19 16:36 - 2014-12-22 15:56 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\.minecraft
2014-12-18 18:05 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2014-12-18 18:05 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2014-12-18 18:05 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-14 15:45 - 2014-03-11 14:00 - 00000000 ____D () C:\Users\lilli\Downloads\Meine Mülltonne
2015-01-14 15:45 - 2013-12-29 14:32 - 00000000 ____D () C:\FRST
2015-01-14 15:39 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-14 14:37 - 2014-07-07 00:18 - 01539621 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-13 20:31 - 2013-07-17 11:41 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-01-13 20:12 - 2013-06-25 22:25 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3292672608-3251690303-1879834815-1001
2015-01-13 19:31 - 2013-07-17 11:41 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-01-13 18:34 - 2014-07-14 19:47 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E224C277-5ECC-4FD1-8C88-6A01FE5D7476}
2015-01-13 11:26 - 2014-03-18 11:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-13 11:26 - 2014-03-18 10:25 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2015-01-13 11:26 - 2014-03-18 10:25 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2015-01-12 21:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-01-12 13:55 - 2014-12-03 18:05 - 00000000 ____D () C:\Neuer Ordner
2015-01-10 17:26 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-01-08 17:24 - 2014-07-06 23:57 - 00000000 ____D () C:\Users\lilli
2015-01-08 17:23 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-07 15:39 - 2014-03-18 02:50 - 00220818 _____ () C:\WINDOWS\PFRO.log
2015-01-07 15:39 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-07 15:38 - 2013-12-22 13:46 - 00001095 _____ () C:\Users\lilli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-01-07 15:38 - 2013-01-18 02:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-07 15:34 - 2014-02-08 21:47 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2015-01-02 23:16 - 2013-06-25 22:15 - 00000000 ____D () C:\Users\lilli\AppData\Local\Packages
2015-01-01 21:57 - 2014-07-17 13:07 - 00000000 ____D () C:\WINDOWS\Minidump
2015-01-01 19:25 - 2013-08-22 15:46 - 00292362 _____ () C:\WINDOWS\setupact.log
2014-12-31 15:26 - 2013-12-19 18:38 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\Sony
2014-12-31 15:26 - 2013-06-25 22:34 - 00000000 ____D () C:\Users\lilli\AppData\Local\Sony
2014-12-31 12:14 - 2013-06-29 00:25 - 00298120 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-12-25 18:08 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-23 19:23 - 2014-02-08 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-12-23 18:06 - 2014-02-07 11:40 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-12-22 15:54 - 2013-01-18 01:16 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-22 15:53 - 2013-01-18 01:16 - 00320936 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-12-22 15:53 - 2013-01-18 01:16 - 00000000 ____D () C:\Program Files\Java
2014-12-18 18:32 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-18 18:20 - 2013-01-18 01:33 - 00314928 _____ () C:\WINDOWS\DirectX.log
2014-12-17 18:17 - 2014-02-17 17:03 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\iolo
2014-12-17 18:13 - 2014-02-17 17:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2014-12-17 18:13 - 2014-02-17 17:23 - 00000000 ____D () C:\Program Files (x86)\Sony Corporation
2014-12-17 18:13 - 2013-06-30 01:52 - 00000000 ____D () C:\Update
2014-12-17 18:13 - 2013-01-18 01:18 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-12-17 18:13 - 2013-01-18 01:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-17 18:13 - 2013-01-18 00:52 - 00000000 ____D () C:\Program Files\Sony
2014-12-17 18:11 - 2013-08-14 01:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-17 18:07 - 2013-06-27 02:23 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-17 17:33 - 2013-01-18 01:21 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-12-17 17:32 - 2013-01-18 01:57 - 00000000 ____D () C:\ProgramData\Sony
2014-12-16 16:47 - 2013-07-03 00:15 - 00000000 ____D () C:\Users\lilli\AppData\Roaming\CyberLink

Some content of TEMP:
====================
C:\Users\lilli\AppData\Local\Temp\amazonicon_v6.exe
C:\Users\lilli\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\lilli\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\lilli\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\lilli\AppData\Local\Temp\mbam-setup-2.0.2.1012.exe
C:\Users\lilli\AppData\Local\Temp\Quarantine.exe
C:\Users\lilli\AppData\Local\Temp\sdanircmdc.exe
C:\Users\lilli\AppData\Local\Temp\sdapskill.exe
C:\Users\lilli\AppData\Local\Temp\sdaspwn.exe
C:\Users\lilli\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\lilli\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\lilli\AppData\Local\Temp\SHSetup.exe
C:\Users\lilli\AppData\Local\Temp\sqlite3.dll
C:\Users\lilli\AppData\Local\Temp\WEB.DE_MailCheck_FF_Setup_2.10.1.1735.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-08 19:31

==================== End Of Log ============================

--- --- ---

--- --- ---

Bootsektor · 16.01.2015, 00:42

Hallo,

bitte das

Zitat:

C:\Users\lilli\AppData\Local\Temp\SHSetup.exe

noch löschen und Avira gerne auch

OK
So wie ich es sehe, haben wir damit alles Schadhafte entfernt. Deine Logs sind sauber.
Abschließend räumen wir noch etwas auf und dann bekommst du noch etwas Lesestoff von mir.

Schritt 1

Falls Du Malwarebytes-Antimalware und den ESET-Onlinescan nicht mehr benötigst, kannst Du beide Programme einfach über die Programmdeinstallation deinstallieren.
Ich empfehle Dir aber zumindest Malwarebytes zu behalten, und damit einmal die Woche einen Kontrollscan zu machen.

Schritt 2
Downloade dir bitte delfix auf deinen Desktop.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
DelFix entfernt u. a. alle verwendeten Programme und löscht sich abschließend selbst.

Falls nach Delfix noch Programme aus unserer Bereinigung vorhanden sein sollten, kannst du diese nun bedenkenlos löschen.

Nun zum Schluss noch ein paar Tipps zur Absicherung deines Systems.

Ändere regelmäßig alle deine Passwörter, jetzt, nach der Bereinigung ist ein idealer Zeitpunkt dafür

verwende für jede Anwendung und jeden Account ein anderes Passwort
ändere regelmäßig dein Passwort, vor allem bei Onlinebanking oder deinem Emailpostfach ist dieses sehr wichtig
speichere keine Passwörter auf deinem PC, gib diese nicht an dritte weiter
ein sicheres Passwort besteht aus mindestens 8 Zeichen und beinhaltet Groß- und Kleinbuchstaben, Zahlen, und Sonderzeichen
benutze keine Zahlen- oder Buchstabenkombinationen, ( zB 12345678, qwertzui) auch keine Zahlen oder Buchstabenmuster
verwende keine Passwörter die einen Bezug zu dir, deinem Wohnort, Familienmitglied oder Haustier (Geburtsdatum, Postleitzahl, Adresse, Name) haben

Aktualität des Systems
Es ist extrem wichtig, dass sowohl dein System als auch die darauf installierte sicherheitsrelevante Software (Flash Player, PDF-Reader und besonders Java, sofern vorhanden) aktuell sind.

Bitte überprüfe, ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.

Java

Java ist eine große Sicherheitslücke auf deinem System, es werden immer wieder neue Schwachstellen entdeckt, die ausgenutzt werden um Rechner zu infizieren.
Sofern du Java nicht zwingend benötigst, solltest du es komplett deinstallieren.

Windows XP
Gehe auf:
Start --> Systemsteuerung --> Software --> Javaversionen auswählen --> entfernen
Windows Vista
Gehe auf:
Start --> Systemsteuerung -- > Programme --> Programme deinstallieren --> Javaversionen suchen --> entfernen
Windows 7
Dazu gehe auf:
den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen
Windows 8
Dazu drücke auf:
Windowstaste und X
dann:
Programme und Funktionen -->Javaversionen auswählen --> entfernen

Falls du Java doch unbedingt benötigst, dann sorge dafür, dass Java automatisch updated.
Dazu:

öffne Java
klicke auf den Reiter Update
klicke auf: Benachrichtung ausgeben: Vor dem Download setze den Haken bei Automatisch nach Updates suchen
klicke auf Erweitert
ändere das Intervall mindestens auf wöchentlich

und schalte das Browser-Plugin aus.
Hier findest du eine Anleitung dazu.

Antivirensoftware

Gehe sicher immer eine Antiviren Software installiert zu haben und halte diese unbedingt aktuell.

Zusätzlicher Schutz

MalwareBytes Anti-Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On-Demand Scantool welches viele aktuelle Malware erkennt und auch entfernt.
Aktualisiere das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der Internet Explorer, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf einen Banner um diesen zu AdBlockPlus hinzuzufügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Systemleistung
Lösche regelmäßig deine temporären Dateien. Ich empfehle hierzu die Datenträgerbereinigung von Windows.
Windows Vista

Klicke unten links auf das Vistasymbol
Gehe auf Programme -> Zubehör -> Systemprogramme -> Datenträgerbereinigung
Wähle nun Dateien von allen Benutzern des Computers aus und bestätige mit OK
Setze den Haken bei den zu löschenden Dateien zusätzlich bei Temporäre Dateien
Bestätige mit OK
Bestätige dass du die Dateien unwiderruflich löschen möchtest

Windows 7

Gehe auf das Windowsstartsymbol
Gebe im Suchfeld Datenträgerrereinigung ein
Setze den Haken zusätzlich bei Temporäre Dateien
Bestätige mit OK

Windows 8

Rechtsklicke in die untere linke Ecke deines Bildschirms
Klicke auf Suchen
Klicke auf Einstellungen
Gebe im Suchfeld Datenträgerbereinigung ein
Klicke in den Einstellungen auf der linken Seite nun auf Speicherplatz durch Löschen nicht erforderlicher Dateien freigeben
Setze den Haken zusätzlich bei Temporäre Dateien
Bestätige mit OK
Bestätige dass du die Dateien unwiderruflich löschen möchtest

Halte dich fern von jeglichen Registry Cleanern.
Diese schaden deinem System mehr als dass sie es schneller machen.

Verhaltensregeln zum sichereren Surfen

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Achte besonders bei der Installation von Programmen darauf, ob sich weitere Software mitinstallieren möchte, wähle wo immer es geht die benutzerdefinierte Installation und wähle alles ab, was nichts mit dem Programm zu tun hat, welches du dir installieren möchtest.

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind.

Falls Du Lob oder Kritik abgeben möchtest, kannst Du das sehr gerne hier tun.

Wenn Du etwas für das Forum und unsere Arbeit spenden möchtest, so kannst Du das hier tun.

spinweb · 16.01.2015, 14:22

Ist jetzt alles erledigt. Ich hab keine Frage mehr. Wollte mich für die Bereinigung der Vireninfektion bedanken. Also vielen dank an dich Bootsektor(sandra)

und auch dankeschön an Trojanerboard für die Unterstützung und danke für die Programme.

Bootsektor · 19.01.2015, 22:41

Hallo spinweb,

vielen Dank für Deine Rückmeldung. Alles Gute für Dich

Somit ist dieses Thema erledigt, falls du noch Fragen haben solltest oder es Probleme gibt, so schicke mir bitte eine PN

Jeder andere bitte hier klicken und einen eigenen Thread erstellen

Windows 8, Virenbefall.

Plagegeister aller Art und deren Bekämpfung: Windows 8, Virenbefall.