Trojaner-Board - Windows Vista: sehr langsamer Computer

Hallo liebes Trojaner-Board,

der Laptop um den es hier geht, ist extrem langsam. Auch wenn nicht mit dem PC gearbeitet wird, sondern er einfach nur an ist, sind CPU und Arbeitsspeicher recht ausgelastet. Liegt unter Anderem bestimmt auch an der Ausstattung und der vollen Festplatte, gerade im TMP-Verzeichnis hat sich üeber die Jahre einiges angehäuft, das nie gelöscht wurde...

MBAM hat nach stundenlanger Laufzeit 263 Funde gemeldet....

Code:

mbam logfile im Anhang, da zu langer Text

frst.txt

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-04-2014

Ran by ETM (administrator) on ETM-PC on 17-04-2014 19:38:24

Running from C:\Users\ETM\Downloads

Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard

Internet Explorer Version 8

Boot Mode: Normal
 

The only official download link for FRST:

Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(Logitech Inc.) c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe

(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe

(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe

(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

(Intel Corporation) C:\Windows\system32\igfxext.exe

(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

(Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

(Sony Corporation) C:\Program Files\sony\ISB Utility\ISBMgr.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

() C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe

(Microsoft Corporation) C:\Windows\system32\conime.exe

(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe

(Logitech Inc.) C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe

(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe

(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe

(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Avira Operations GmbH & Co. KG) C:\program files\avira\antivir desktop\ipmGui.exe

(Microsoft Corporation) C:\Windows\system32\RacAgent.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2007-02-06] (Realtek Semiconductor)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2007-01-12] (Alps Electric Co., Ltd.)

HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [321656 2007-01-22] (Sony Corporation)

HKLM\...\Run: [LogitechCommunicationsManager] => C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [488984 2007-02-08] (Logitech Inc.)

HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [774168 2007-02-08] ()

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [ApnTBMon] => C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)

HKU\.DEFAULT\...\Run: [Picasa Media Detector] => C:\Program Files\Picasa2\PicasaMediaDetector.exe [443968 2008-08-21] (Google Inc.)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe] => C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe [10412000 2012-05-12] (Freemium) <===== ATTENTION

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe] => C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe [10412000 2012-05-12] (Freemium) <===== ATTENTION

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-09-11] (Google Inc.)

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\MountPoints2: H - H:\Autorun.exe

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\MountPoints2: {53644ca2-4332-11df-be58-0013a9c74bdb} - G:\Menu.exe

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\InprocServer32: [Default-pngfilt]  <==== ATTENTION!
 

HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)

HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe] => C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe [10412000 2012-05-12] (Freemium) <===== ATTENTION

HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe] => C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe [10412000 2012-05-12] (Freemium) <===== ATTENTION

HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-09-11] (Google Inc.)

HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: H - H:\Autorun.exe

HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {53644ca2-4332-11df-be58-0013a9c74bdb} - G:\Menu.exe

HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Userinit] [[%%INSTALLTIME%%]]

HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [Shell] [[%%INSTALLTIME%%]]

AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-05-27] (Google)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=7a08ca4f00000000000000197e5205ba

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://partnerpage.google.com/eu.sony.com/de

hxxp://www.club-vaio.com/vbc

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1558164375

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com

URLSearchHook: HKLM - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)

URLSearchHook: HKCU - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

SearchScopes: HKLM - DefaultScope {0A79036B-2B01-77F4-0C04-199346F9F091} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=

SearchScopes: HKLM - {0A79036B-2B01-77F4-0C04-199346F9F091} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=

SearchScopes: HKLM - {47A69BFA-63EF-41C2-B09F-7F84F19B5FDF} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1558164375

SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848

SearchScopes: HKCU - DefaultScope {6DBE9A0E-B85E-4649-8728-6ADADF06D088} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7a08ca4f00000000000000197e5205ba&r=755

SearchScopes: HKCU - {6DBE9A0E-B85E-4649-8728-6ADADF06D088} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=7a08ca4f00000000000000197e5205ba&r=755

SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=44bCJMNFKwHqiBxjf2UU7kibqh4?q={searchTerms}

SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2625848

BHO: DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

BHO: Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)

BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)

BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll (Softonic.com)

BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files\PricePeep\pricepeep.dll (PricePeep)

BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKLM - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

Toolbar: HKLM - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)

Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)

Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll (Softonic.com)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - DVDVideoSoftTB DE Toolbar - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Program Files\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)

Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} hxxp://www.lokalisten.de/iup/ImageUploader4.cab

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default

FF user.js: detected! => C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\user.js

FF Homepage: https://www.google.de/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprjplug;version=1.0.3.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\ETM\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF SearchPlugin: C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\searchplugins\ask-search.xml

FF SearchPlugin: C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\searchplugins\Funmoods.xml

FF SearchPlugin: C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\searchplugins\softonic.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Microsoft .NET Framework Assistant - C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-10-31]

FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext

FF Extension: RealPlayer Browser Record Plugin - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext [2009-11-29]

FF HKLM\...\Firefox\Extensions: [{000a9d1c-beef-4f90-9363-039d445309b8}] - C:\Program Files\Google\Google Gears\Firefox\

FF Extension: Google Gears - C:\Program Files\Google\Google Gears\Firefox\ []
 

Chrome: 

=======

CHR HomePage: hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1558164375

CHR StartupUrls: "hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1558164375"

CHR DefaultSearchKeyword: softonic

CHR DefaultSearchProvider: Search the web (Softonic)

CHR DefaultSearchURL: hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=7a08ca4f00000000000000197e5205ba

CHR DefaultNewTabURL: 

CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.154\pdf.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)

CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)

CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)

CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll (RealNetworks, Inc.)

CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Updater) - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File

CHR Plugin: (Java(TM) Platform SE 7 U9) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

CHR Plugin: (Picasa) - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)

CHR Plugin: (Move Media Player 7) - C:\Users\ETM\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_171.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File

CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2014-03-16]

CHR Extension: (Funmoods Chat) - C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh [2013-03-17]

CHR Extension: (Funmoods) - C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2013-03-17]

CHR Extension: (Softonic Chrome Toolbar) - C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-30]

CHR Extension: (PricePeep) - C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb [2013-03-17]

CHR Extension: (Google Wallet) - C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-16]

CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-24]

CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\ETM\AppData\Local\funmoods.crx [2012-11-11]

CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\ETM\AppData\Local\funmoods-speeddial_sf.crx [2012-11-11]

CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]

CHR HKLM\...\Chrome\Extension: [licjnkifamhpbaefhdpacpmihicfbomb] - C:\Program Files\PricePeep\pricepeep.crx [2012-10-24]

CHR HKCU\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\ETM\AppData\Local\funmoods.crx [2012-11-11]

CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\ETM\AppData\Local\funmoods-speeddial_sf.crx [2012-11-11]
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)

S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-05-27] (Google)

S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [105248 2007-02-06] (Logitech Inc.)

R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)

S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)

S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] ()

S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)

S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)

S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)

S2 SystemStoreService; C:\Program Files\SoftwareUpdater\SystemStore.exe [297984 2014-04-05] ()

S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation)

R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-02-13] (Sony Corporation)

S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation)

S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)

S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)

S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation)

S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)

S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)

S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)

R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation)

R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation)

R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation)

S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-28] (Avira Operations GmbH & Co. KG)

S3 LVcKap; C:\Windows\System32\DRIVERS\LVcKap.sys [1691808 2007-02-06] ()

S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [1964064 2007-02-06] (Logitech Inc.)

R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25632 2007-02-06] ()

S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41504 2007-02-03] (Logitech Inc.)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107736 2014-04-17] (Malwarebytes Corporation)

S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [14240 2007-02-03] (Logitech Inc.)

S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [938272 2007-02-03] (Logitech Inc.)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-09] (Avira GmbH)

R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [807424 2007-02-08] (Texas Instruments)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-17 19:38 - 2014-04-17 19:40 - 00033560 _____ () C:\Users\ETM\Downloads\FRST.txt

2014-04-17 19:36 - 2014-04-17 19:37 - 00000000 ____D () C:\Users\ETM\Downloads\Logfiles

2014-04-17 19:35 - 2014-04-17 19:38 - 00000000 ____D () C:\FRST

2014-04-17 19:34 - 2014-04-17 19:34 - 00380416 _____ () C:\Users\ETM\Downloads\Gmer-19357.exe

2014-04-17 19:33 - 2014-04-17 19:34 - 01146880 _____ (Farbar) C:\Users\ETM\Downloads\FRST.exe

2014-04-17 19:28 - 2014-04-17 19:28 - 00000000 _____ () C:\Users\ETM\defogger_reenable

2014-04-17 18:49 - 2014-04-17 18:58 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-17 18:48 - 2014-04-17 18:48 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-17 18:48 - 2014-04-17 18:48 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-17 18:48 - 2014-04-17 18:48 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-17 18:48 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-17 18:48 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-17 18:48 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-17 18:46 - 2014-04-17 18:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\ETM\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-14 19:39 - 2014-02-23 12:53 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-04-14 19:39 - 2014-02-23 12:52 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-04-14 19:39 - 2014-02-23 12:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-04-14 19:39 - 2014-02-23 12:50 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 06020096 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-04-14 19:39 - 2014-02-23 12:47 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-04-14 19:39 - 2014-02-23 12:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-04-14 19:39 - 2014-02-23 12:46 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-04-14 19:39 - 2014-02-23 12:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll

2014-04-14 19:39 - 2014-02-23 11:12 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-04-14 19:39 - 2014-02-23 09:25 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-04-14 19:39 - 2014-02-23 09:25 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-04-14 19:39 - 2014-02-23 09:23 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-04-14 19:39 - 2014-02-23 09:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-04-14 19:39 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-04 15:21 - 2014-04-04 15:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-04-02 20:30 - 2014-04-02 20:30 - 00276090 _____ () C:\Users\ETM\Downloads\Perso backside (document).jpeg
 

==================== One Month Modified Files and Folders =======
 

2014-04-17 19:40 - 2014-04-17 19:38 - 00033560 _____ () C:\Users\ETM\Downloads\FRST.txt

2014-04-17 19:38 - 2014-04-17 19:35 - 00000000 ____D () C:\FRST

2014-04-17 19:37 - 2014-04-17 19:36 - 00000000 ____D () C:\Users\ETM\Downloads\Logfiles

2014-04-17 19:34 - 2014-04-17 19:34 - 00380416 _____ () C:\Users\ETM\Downloads\Gmer-19357.exe

2014-04-17 19:34 - 2014-04-17 19:33 - 01146880 _____ (Farbar) C:\Users\ETM\Downloads\FRST.exe

2014-04-17 19:28 - 2014-04-17 19:28 - 00000000 _____ () C:\Users\ETM\defogger_reenable

2014-04-17 19:28 - 2008-09-10 18:20 - 00000000 ____D () C:\Users\ETM

2014-04-17 19:18 - 2012-04-16 20:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-17 18:58 - 2014-04-17 18:49 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-17 18:50 - 2009-09-17 17:00 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-04-17 18:48 - 2014-04-17 18:48 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-17 18:48 - 2014-04-17 18:48 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-17 18:48 - 2014-04-17 18:48 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-17 18:47 - 2008-09-10 19:11 - 01200297 _____ () C:\Windows\WindowsUpdate.log

2014-04-17 18:46 - 2014-04-17 18:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\ETM\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-17 18:24 - 2009-09-17 17:00 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-04-17 18:17 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-17 18:17 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-17 18:17 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-16 10:15 - 2006-11-02 15:01 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-04-15 21:34 - 2013-07-22 19:08 - 00000000 ____D () C:\Windows\system32\MRT

2014-04-15 21:02 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-04-14 20:24 - 2012-06-06 20:25 - 00001963 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-04-14 18:26 - 2012-05-10 14:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-04-05 17:43 - 2008-09-11 18:02 - 00000000 ____D () C:\Users\ETM\AppData\Roaming\Skype

2014-04-05 17:42 - 2011-03-21 15:02 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job

2014-04-04 15:21 - 2014-04-04 15:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-04-03 09:51 - 2014-04-17 18:48 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 09:51 - 2014-04-17 18:48 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 09:50 - 2014-04-17 18:48 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-02 20:30 - 2014-04-02 20:30 - 00276090 _____ () C:\Users\ETM\Downloads\Perso backside (document).jpeg

2014-03-31 19:57 - 2006-11-02 12:33 - 01717504 _____ () C:\Windows\system32\PerfStringBackup.INI
 

Files to move or delete:

====================

C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe
 
 

Some content of TEMP:

====================

C:\Users\ETM\AppData\Local\Temp\AskSLib.dll

C:\Users\ETM\AppData\Local\Temp\avgnt.exe

C:\Users\ETM\AppData\Local\Temp\dotNetFx40_Full_setup.exe

C:\Users\ETM\AppData\Local\Temp\FileSystemView.dll

C:\Users\ETM\AppData\Local\Temp\firefoxjre_exe-1.exe

C:\Users\ETM\AppData\Local\Temp\firefoxjre_exe.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate01.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate02.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate03.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate04.exe

C:\Users\ETM\AppData\Local\Temp\gtalkwmp1.dll

C:\Users\ETM\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\SearchWithGoogleUpdate.exe

C:\Users\ETM\AppData\Local\Temp\SkypeSetup.exe

C:\Users\ETM\AppData\Local\Temp\tmp194A.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp1C08.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp2DA5.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp55BD.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp8823.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp8C86.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp9971.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmpB4BD.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmpC12C.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmpF6C.tmp.exe

C:\Users\ETM\AppData\Local\Temp\TubeBox_Setup.exe

C:\Users\ETM\AppData\Local\Temp\_isFE3B.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-17 18:32
 

==================== End Of Log ============================

addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-04-2014

Ran by ETM at 2014-04-17 19:44:23

Running from C:\Users\ETM\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)

Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )

Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)

Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4689 - APN, LLC)

Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )

BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden

Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)

Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)

CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

D1500 (Version: 100.0.206.000 - Ihr Firmenname) Hidden

D1500_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden

DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden

DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

DJ_SF_03_D1500_ProductContext (Version: 100.0.215.000 - Hewlett-Packard) Hidden

DJ_SF_03_D1500_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden

DJ_SF_03_D1500_Software_Min (Version: 100.0.239.000 - Hewlett-Packard) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 1.4.7 - Dropbox, Inc.)

DVDVideoSoftTB DE Toolbar (HKLM\...\DVDVideoSoftTB_DE Toolbar) (Version: 6.9.0.16 - DVDVideoSoftTB DE)

eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

Free System Utilities (HKLM\...\{ee9b54a6-93dd-4070-80ae-743f58319407}) (Version: 1.0.0 - Covus Freemium GmbH)

Free SystemUtilities (Version: 1.0.0 - Covus Freemium GmbH) Hidden

Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)

FUJIFILM FinePixViewer S Ver.2.1 (HKLM\...\{88B32652-CAE0-4909-A463-5840D2689D93}) (Version: 2.1.0.3 - FUJIFILM Corporation)

Funmoods (HKLM\...\funmoods) (Version:  - ) <==== ATTENTION

Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)

Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)

Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Gears (HKLM\...\{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}) (Version: 0.5.3600 - Google)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden

Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)

GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden

HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )

HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)

HP Deskjet D1500 Printer Driver Software 10.0 Rel .3 (HKLM\...\{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}) (Version: 10.0 - HP)

HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)

HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)

HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden

HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)

HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)

HP Update (HKLM\...\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}) (Version: 4.000.007.003 - Hewlett-Packard)

HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden

HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden

Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )

Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)

Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden

Java(TM) 6 Update 27 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)

Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)

LAN-Express AS IEEE 802.11 Wireless LAN (HKLM\...\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}) (Version: 7.1.0.116 - LAN-Express)

Logitech Audio Echo Cancellation Component (Version: 10.51.2027 - Logitech Inc.) Hidden

Logitech QuickCam (HKLM\...\{7D2370AC-D8E6-4996-986A-19824F8A167C}) (Version: 10.51.2029 - Logitech Inc.)

Logitech Video Enumerator (Version: 10.51.2027 - Logitech Inc.) Hidden

Logitech® Camera-Treiber (HKLM\...\QcDrv) (Version:  - )

Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2005 Express Edition (VAIO_VEDB) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden

Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)

Microsoft SQL Server VSS Writer (HKLM\...\{FDE96E86-7780-431C-92F7-679C6A7CEC51}) (Version: 9.00.5000.00 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)

Move Media Player (HKCU\...\Move Media Player) (Version:  - Move Networks)

Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)

MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Müller Foto (HKLM\...\Müller Foto) (Version:  - )

MultiLingua Spanisch (HKLM\...\InstallShield_{6D2EA8F0-8E1A-4EBC-A94F-067C02847335}) (Version: 1.00.0000 - MultiLingua Intensiv)

MultiLingua Spanisch (Version: 1.00.0000 - MultiLingua Intensiv) Hidden

MVision (Version: 10.51.2027 - Logitech Inc.) Hidden

OpenMG Limited Patch 4.7-07-13-24-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )

OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)

OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140 - Sony Corporation) Hidden

OpenOffice.org 3.0 (HKLM\...\{04B45310-A5FE-4425-BFCA-1A6D8920DE74}) (Version: 3.0.9379 - OpenOffice.org)

Picasa 3 (HKLM\...\Picasa 3) (Version: 3.1 - Google, Inc.)

PricePeep (HKLM\...\PricePeep) (Version: 2.1.355.0 - betwikx LLC) <==== ATTENTION

PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden

Qtrax Player (HKCU\...\2912889956.portal.qtrax.com) (Version:  - portal.qtrax.com)

QuickTime (HKLM\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)

RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5350 - Realtek Semiconductor Corp.)

Setting Utility Series (HKLM\...\{59452470-A902-477F-9338-9B88101681BD}) (Version: 2.1.00.13300 - Sony Corporation)

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)

Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden

Softonic toolbar  on IE and Chrome (HKLM\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ATTENTION

SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden

SonicStage 4.3 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)

Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version: 7.1.00.13300 - Sony Corporation)

Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.1.03 - Sony Corporation)

Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden

Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden

TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden

TubeBox (HKLM\...\{c5b74464-3a04-417c-9eee-d0dc7d6af196}) (Version: 4.1.0.0 - Freetec)

TubeBox (Version: 4.1.0.0 - Freetec) Hidden

TuneUp Utilities 2012 (HKLM\...\TuneUp Utilities 2012) (Version: 12.0.3600.73 - TuneUp Software)

TuneUp Utilities 2012 (Version: 12.0.3600.73 - TuneUp Software) Hidden

TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.73 - TuneUp Software) Hidden

UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden

Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

VAIO Aqua Breeze Wallpaper (HKLM\...\{97BCD719-6ECB-458F-97D6-F38D2E07375E}) (Version: 1.0.11.13240 - Sony Corporation)

VAIO Control Center (HKLM\...\{FC37C108-821D-4EDE-8F40-D5B497586805}) (Version: 2.0.00.11060 - Sony Corporation)

VAIO Cozy Orange Wallpaper (HKLM\...\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}) (Version: 1.0.11.13240 - Sony Corporation)

VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.01.02070 - Sony Corporation)

VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 2.0.02.13290 - Sony Corporation)

VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.1.00.14130 - Sony Corporation)

VAIO Hardware Diagnostics (HKLM\...\{A947C2B3-7445-42C4-9063-EE704CACCB22}) (Version:  - )

VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden

VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)

VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version:  - )

VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version:  - Sony Corporation)

VAIO Media Integrated Server 6.0 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version:  - Sony Corporation)

VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)

VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden

VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)

VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version:  - )

VAIO Photo 2007 (HKLM\...\{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}) (Version: 1.0.01.01250 - Sony Corporation)

VAIO Power Management (HKLM\...\{9E319E96-ED8E-4B01-9775-C521A1869A25}) (Version: 2.1.00.14090 - Sony Corporation)

VAIO Tender Green Wallpaper (HKLM\...\{934A3213-1CB6-4264-84A2-EE080C017BCA}) (Version: 1.0.11.10180 - Sony Corporation)

VAIO Update 3 (HKLM\...\{48820099-ED7D-424B-890C-9A82EF00656D}) (Version: 3.0.01.02050 - Sony Corporation)

VAIO Video & Photo  Suite (Version: 1.1.00.13301 - Sony Corporation) Hidden

VAIO Video & Photo Suite (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.1.00.13301 - Sony Corporation)

VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden

VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN)

WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden

Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.113 - InterVideo Inc.)

WinDVD for VAIO (Version: 8.0-B6.113 - InterVideo Inc.) Hidden

Wireless Switch Setting Utility (HKLM\...\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}) (Version: 3.6.00.13120 - Sony Corporation)
 

==================== Restore Points  =========================
 

30-03-2014 10:21:30 Windows Update

05-04-2014 16:07:52 Windows Update

14-04-2014 17:07:52 Windows Update

15-04-2014 18:51:42 Windows Update
 

==================== Hosts content: ==========================
 

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {07201A7E-D836-4981-AB36-1288045ACD96} - System32\Tasks\LaunchMCV => MyClubVaio.vbs

Task: {093CC765-33D4-4880-9562-9A650BE23BA6} - System32\Tasks\MCVRegistrationReminder1 => reminder.exe

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {20D46134-F374-4B32-B02D-1C1647612059} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-15] (Google)

Task: {2DE4BEF1-91C2-4EF1-9C3E-7600E2211549} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {3E48C7CD-1E01-4BDC-87E6-87065831D8E0} - System32\Tasks\MCVRegistrationReminder3 => reminder.exe

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)

Task: {4C68D541-98E7-47DF-B8A9-5B4822ADF612} - System32\Tasks\{5223DC5E-F606-46C6-9008-E6F0B69AE52E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1601

Task: {4D9FBCA5-8561-4BD8-8230-4DC4925A5AC2} - System32\Tasks\MCVRegistrationReminder4 => reminder.exe

Task: {60EB577C-599E-4804-BEB9-0D640D9384BA} - System32\Tasks\MCVSurveyReminder4 => reminder.exe

Task: {641B457B-6004-435B-B551-56EE5E2F6104} - System32\Tasks\MCVSurveyReminder2 => reminder.exe

Task: {679B1572-7C02-45E7-98DE-3654EF991F08} - System32\Tasks\Software Updater Ui => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-12-24] ()

Task: {6F1FE12A-67CD-43B3-B0E7-BC084D32CEC0} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe [2007-02-05] (Sony Corporation)

Task: {704471D4-E980-4A8D-AB60-7A765E6F41E7} - System32\Tasks\MCVSurveyReminder1 => reminder.exe

Task: {7F8E6590-B548-428B-A946-CDB2FF9E7EE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-17] (Google Inc.)

Task: {8C51A1BD-1529-4561-9CA0-9C1E9588A5FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)

Task: {96890063-E126-4194-ABB7-E3F7ADB789EA} - System32\Tasks\MCVSurveyReminder3 => reminder.exe

Task: {AAE5A31D-691C-4F4C-A1BC-25BAB304F1A2} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {AF79E16A-9937-460E-82B8-929679BA725A} - System32\Tasks\SONY\WSSU\WSSU => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2007-01-11] (Sony Corporation)

Task: {C29059F7-D5DA-4182-B758-9FC802C748D3} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {C8A6761D-5F31-4B87-BD04-9657A12F8303} - System32\Tasks\{CE7EA633-1851-4B0E-ABEA-79BE0C486F92} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1601

Task: {D084EFE7-6790-4800-A050-5A3164ADA0D5} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()

Task: {E8C22B72-7128-4279-8054-BF8E5CCEA47E} - System32\Tasks\MCVRegistrationReminder2 => reminder.exe

Task: {EF0456A7-3707-4ABB-9035-2D405082ADAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-17] (Google Inc.)

Task: {F1BF6377-0CD8-4782-AFCF-4E623D88BCF2} - System32\Tasks\Software Updater => C:\Program Files\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-12-24] ()

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\User_Feed_Synchronization-{CDACD1E6-389A-44F2-AA68-8C52B44D16E1}.job => C:\Windows\system32\msfeedssync.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-08-09 18:24 - 2013-08-09 17:55 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll

2007-02-26 18:01 - 2007-02-13 16:19 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll

2007-02-26 18:01 - 2007-02-13 16:19 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll

2009-09-24 19:43 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll

2007-02-26 21:02 - 2007-01-24 11:04 - 00061440 _____ () C:\Windows\system32\igfxTMM.dll

2013-05-08 15:51 - 2013-05-08 15:51 - 00019056 _____ () C:\Program Files\Adobe\Reader 9.0\Reader\viewerps.dll

2007-02-26 21:02 - 2007-01-24 11:02 - 00077824 _____ () C:\Windows\system32\hccutils.DLL

2007-02-26 21:02 - 2007-01-24 11:02 - 00077824 _____ () C:\Windows\System32\hccutils.DLL

2007-02-08 01:13 - 2007-02-08 01:13 - 00022040 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\LCMServerPS.dll

2007-02-08 01:13 - 2007-02-08 01:13 - 00774168 _____ () C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

2007-02-08 01:18 - 2007-02-08 01:18 - 01123864 _____ () C:\Program Files\Logitech\QuickCam10\LAppRes.dll

2014-04-04 15:21 - 2014-04-04 15:21 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

2014-03-12 12:17 - 2014-03-12 12:17 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\Services: gusvc => 2

MSCONFIG\Services: hpqcxs08 => 3

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Exif Launcher S.lnk => C:\Windows\pss\Exif Launcher S.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^ETM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk => C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
 

==================== Faulty Device Manager Devices =============
 

Name: Microsoft Tun-Miniportadapter #2

Description: Microsoft Tun-Miniportadapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunmp

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (04/16/2014 08:33:19 AM) (Source: EventSystem) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 

Error: (04/15/2014 08:47:36 PM) (Source: Application Error) (User: )

Description: Fehlerhafte Anwendung VAIOUpdt.exe, Version 3.0.1.2020, Zeitstempel 0x45c2cf48, fehlerhaftes Modul MFC71U.DLL, Version 7.10.3077.0, Zeitstempel 0x3e77fc29, Ausnahmecode 0xc0000005, Fehleroffset 0x00024274,

Prozess-ID 0xc40, Anwendungsstartzeit VAIOUpdt.exe0.
 

Error: (04/14/2014 06:55:17 PM) (Source: Windows Search Service) (User: )

Description: Eintrag <C:\USERS\ETM\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\EF58LNTW.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
 

Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
 

Error: (04/02/2014 10:31:58 PM) (Source: Application Error) (User: )

Description: Fehlerhafte Anwendung firefox.exe, Version 27.0.1.5156, Zeitstempel 0x52fc0faa, fehlerhaftes Modul xul.dll, Version 27.0.1.5156, Zeitstempel 0x52fc0f79, Ausnahmecode 0xc0000005, Fehleroffset 0x001560c7,

Prozess-ID 0x1408, Anwendungsstartzeit firefox.exe0.
 

Error: (03/31/2014 08:10:24 PM) (Source: Application Error) (User: )

Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18704, Zeitstempel 0x5065ccb6, Ausnahmecode 0xc0000005, Fehleroffset 0x000495fd,

Prozess-ID 0x818, Anwendungsstartzeit Explorer.EXE0.
 

Error: (03/27/2014 07:44:25 PM) (Source: Microsoft-Windows-CAPI2) (User: )

Description: 

Details:

Could not query the status of the EventSystem service.
 

System Error:

Der Computer wird heruntergefahren.
 

Error: (03/27/2014 07:43:51 PM) (Source: EventSystem) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 

Error: (03/22/2014 07:53:11 PM) (Source: Windows Search Service) (User: )

Description: Eintrag <C:\USERS\ETM\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\EF58LNTW.DEFAULT\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
 

Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
 

Error: (03/22/2014 07:53:11 PM) (Source: Windows Search Service) (User: )

Description: Eintrag <C:\USERS\ETM\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\EF58LNTW.DEFAULT\SAFEBROWSING-BACKUP> in der Hash-Zuordnung kann nicht aktualisiert werden.
 

Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
 

Error: (03/16/2014 10:24:36 PM) (Source: Windows Search Service) (User: )

Description: Eintrag <C:\USERS\ETM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\PEPPER DATA\SHOCKWAVE FLASH\WRITABLEROOT\#SHAREDOBJECTS\ERQR8L7F\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MPSNARE.IESNARE.COM\SETTINGS.SOL> in der Hash-Zuordnung kann nicht aktualisiert werden.
 

Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
 
 

System errors:

=============

Error: (04/17/2014 06:18:41 PM) (Source: Service Control Manager) (User: )

Description: Parallel port driver%%1058
 

Error: (04/16/2014 08:43:56 AM) (Source: Service Control Manager) (User: )

Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86
 

Error: (04/16/2014 08:36:41 AM) (Source: Service Control Manager) (User: )

Description: System Store%%1053
 

Error: (04/16/2014 08:36:41 AM) (Source: Service Control Manager) (User: )

Description: 30000System Store
 

Error: (04/16/2014 08:36:41 AM) (Source: Service Control Manager) (User: )

Description: Parallel port driver%%1058
 

Error: (04/16/2014 08:33:37 AM) (Source: Service Control Manager) (User: )

Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068
 

Error: (04/16/2014 08:33:37 AM) (Source: Service Control Manager) (User: )

Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068
 

Error: (04/16/2014 08:33:37 AM) (Source: Service Control Manager) (User: )

Description: AFD

avipbb

avkmgr

DfsC

DMICall

NetBIOS

netbt

nsiproxy

PSched

RasAcd

rdbss

Smb

spldr

ssmdrv

tdx

Wanarpv6
 

Error: (04/16/2014 08:33:37 AM) (Source: Service Control Manager) (User: )

Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068
 

Error: (04/16/2014 08:33:37 AM) (Source: Service Control Manager) (User: )

Description: VAIO Entertainment File Import ServiceVAIO Entertainment Database Service%%1068
 
 

Microsoft Office Sessions:

=========================

Error: (04/16/2014 08:33:19 AM) (Source: EventSystem)(User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 

Error: (04/15/2014 08:47:36 PM) (Source: Application Error)(User: )

Description: VAIOUpdt.exe3.0.1.202045c2cf48MFC71U.DLL7.10.3077.03e77fc29c000000500024274c4001cf58d8d9b28d46
 

Error: (04/14/2014 06:55:17 PM) (Source: Windows Search Service)(User: )

Description: Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

C:\USERS\ETM\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\EF58LNTW.DEFAULT\SAFEBROWSING-TO_DELETE
 

Error: (04/02/2014 10:31:58 PM) (Source: Application Error)(User: )

Description: firefox.exe27.0.1.515652fc0faaxul.dll27.0.1.515652fc0f79c0000005001560c7140801cf4e9ebd29eba8
 

Error: (03/31/2014 08:10:24 PM) (Source: Application Error)(User: )

Description: Explorer.EXE6.0.6002.1800549e01da5kernel32.dll6.0.6002.187045065ccb6c0000005000495fd81801cf4d09942dd5bc
 

Error: (03/27/2014 07:44:25 PM) (Source: Microsoft-Windows-CAPI2)(User: )

Description: 

Details:

Could not query the status of the EventSystem service.
 

System Error:

Der Computer wird heruntergefahren.
 

Error: (03/27/2014 07:43:51 PM) (Source: EventSystem)(User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c
 

Error: (03/22/2014 07:53:11 PM) (Source: Windows Search Service)(User: )

Description: Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

C:\USERS\ETM\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\EF58LNTW.DEFAULT\SAFEBROWSING-TO_DELETE
 

Error: (03/22/2014 07:53:11 PM) (Source: Windows Search Service)(User: )

Description: Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

C:\USERS\ETM\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\EF58LNTW.DEFAULT\SAFEBROWSING-BACKUP
 

Error: (03/16/2014 10:24:36 PM) (Source: Windows Search Service)(User: )

Description: Kontext:  Anwendung, SystemIndex Katalog
 
 

Details:

        Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

C:\USERS\ETM\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\PEPPER DATA\SHOCKWAVE FLASH\WRITABLEROOT\#SHAREDOBJECTS\ERQR8L7F\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#MPSNARE.IESNARE.COM\SETTINGS.SOL
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-04-17 19:43:44.315

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-17 19:43:43.591

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-17 19:43:42.856

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-17 19:43:42.126

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-17 19:43:41.416

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-17 19:43:40.698

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-17 19:43:39.949

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-17 19:43:39.241

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-17 19:43:37.911

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-17 19:43:37.174

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 89%

Total physical RAM: 1013.45 MB

Available physical RAM: 103.54 MB

Total Pagefile: 2295.22 MB

Available Pagefile: 404.96 MB

Total Virtual: 2047.88 MB

Available Virtual: 1896.07 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:83.85 GB) (Free:6.55 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93 GB) (Disk ID: 0A508B38)

Partition 1: (Not Active) - (Size=9 GB) - (Type=27)

Partition 2: (Active) - (Size=84 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

GMER ist abgestürzt mit Bluescren, im abgesicherten Modus kam keine Meldung.

Vielen Dank schon mal im Vorraus! :)
Barbara

habe mit revo die drei sachen deinstalliert. mbam hat danach noch was gefunden, allerdings nicht mehr ganz so viel wie am anfang. habe auf "Quarantäne" gedrückt.

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 18.04.2014

Suchlauf-Zeit: 15:58:42

Logdatei: mbam_neu.txt

Administrator: Ja
 

Version: 2.00.1.1004

Malware Datenbank: v2014.04.18.03

Rootkit Datenbank: v2014.03.27.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Chameleon: Deaktiviert
 

Betriebssystem: Windows Vista Service Pack 2

CPU: x86

Dateisystem: NTFS

Benutzer: ETM
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 265561

Verstrichene Zeit: 1 Std, 50 Min, 43 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Aktiviert

Shuriken: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(No malicious items detected)
 

Module: 0

(No malicious items detected)
 

Registrierungsschlüssel: 18

PUP.Optional.Softonic.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, , [46bafc045aa6629e628dec289969718f], 

PUP.Optional.Softonic.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}, , [46bafc045aa6629e628dec289969718f], 

PUP.Optional.FunMoods.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}, , [78887b8588787789e545f23444be6a96], 

PUP.Optional.FunMoods.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}, , [78887b8588787789e545f23444be6a96], 

PUP.Optional.Funmoods.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}, , [56aa1de3ca36a85837432720c53dbc44], 

PUP.Optional.Funmoods.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}, , [56aa1de3ca36a85837432720c53dbc44], 

PUP.Optional.Softonic.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, , [3dc30df343bd5ea2ad43f71d7290f709], 

PUP.Optional.Softonic.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E87806B5-E908-45FD-AF5E-957D83E58E68}, , [3dc30df343bd5ea2ad43f71d7290f709], 

PUP.Optional.PricePeep.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, , [b64ab54bce320ff1cfc5a7a3c33f6997], 

PUP.Optional.PricePeep.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}, , [b64ab54bce320ff1cfc5a7a3c33f6997], 

PUP.Optional.Funmoods.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}, , [ac5437c907f9bd432f4955f2936f22de], 

PUP.Funmoods, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh, , [29d7c53bef111be5aaf91d6be41ec040], 

PUP.Optional.FunMoods.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cjpglkicenollcignonpgiafdgfeehoj, , [49b77b85f8088e721df0a9cbb64d09f7], 

PUP.Optional.Softonic.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\softonicToolbar, , [e51b05fb0ef2e31dff8ee88717eb15eb], 

PUP.Optional.PriceGong.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [7a8641bf6b954eb28ad54f29c240c23e], 

PUP.Funmoods, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bbjciahceamgodcoidkjpchnokgfpphh, , [e818c43c7987f40cbfe3f5935ea48e72], 

PUP.Optional.FunMoods.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\cjpglkicenollcignonpgiafdgfeehoj, , [58a8a858916f07f9d23c2252be45c739], 

PUP.Optional.InstallCore.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [f80856aa4bb5e51b242d3b59fb080ff1], 
 

Registrierungswerte: 1

PUP.Optional.InstallCore.A, HKU\S-1-5-21-1036232907-8535079-2463951213-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 1I1F1U1U1N1T1I1T2U0StF1P, , [f80856aa4bb5e51b242d3b59fb080ff1]
 

Registrierungsdaten: 1

PUP.FunMoods, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1558164375, Gut: (hxxp://www.google.com), Schlecht: (hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1558164375),,[be4252ae2ad65aa6859a46d97f85659b]
 

Ordner: 18

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\LocalLow\Funmoods, , [04fccb358080cd3369d17de0768c42be], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\LocalLow\Funmoods\Funmoods, , [04fccb358080cd3369d17de0768c42be], 

PUP.Optional.OpenCandy, C:\Users\ETM\AppData\Roaming\OpenCandy, , [8f71da265fa1699722fc79e543bf639d], 

PUP.Optional.OpenCandy, C:\Users\ETM\AppData\Roaming\OpenCandy\D27549FB5358409091AD567D8A291358, , [8f71da265fa1699722fc79e543bf639d], 

PUP.Optional.OpenCandy, C:\Users\ETM\AppData\Roaming\OpenCandy\D9C1A6C47E834331937D13D906B48C51, , [8f71da265fa1699722fc79e543bf639d], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2269050, , [f0103cc4f50bb050fe98ed718e7411ef], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2625848, , [a75943bd946c669ab2e4ca9489792cd4], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2625848\xpi, , [a75943bd946c669ab2e4ca9489792cd4], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\img, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\style, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Temp\mt_ffx\Softonic, , [28d801ff4eb2827e26d3f17492708c74], 
 

Dateien: 108

PUP.Optional.OpenCandy.A, C:\Users\ETM\AppData\Roaming\OpenCandy\D27549FB5358409091AD567D8A291358\LatestDLMgr.exe, , [9769916f3bc5db25c7497f9b04fd28d8], 

PUP.Optional.OpenCandy.A, C:\Users\ETM\AppData\Roaming\OpenCandy\D27549FB5358409091AD567D8A291358\OpenCandyU1Dlm.dll, , [b64aa15fef114fb1f31d40dad52c5aa6], 

PUP.Optional.OpenCandy.A, C:\Users\ETM\AppData\Roaming\OpenCandy\D9C1A6C47E834331937D13D906B48C51\Setupsft_chr_p1v7.exe, , [8779eb1538c840c00afed6454cb8ca36], 

PUP.Optional.Koyote.A, C:\$Recycle.Bin\S-1-5-21-1036232907-8535079-2463951213-1003\$R6DZNE0.exe, , [9769ca36f709649c21b21822d0314eb2], 

PUP.Optional.PricePeep.A, C:\Users\ETM\AppData\Local\Temp\is2036075176\PricePeepInstaller.exe, , [a25e60a0b34d22de2d901127a859748c], 

PUP.Optional.Yontoo.A, C:\Users\ETM\AppData\Local\Temp\is2036075176\yontoo-c2.exe, , [0af6ca36b34df0104ab431ef52aebb45], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2269050\statisticsStub.exe, , [f010c33d4db3af515380bb46679a8c74], 

PUP.Optional.Conduit, C:\Users\ETM\AppData\Local\Temp\ct2625848\ieLogic.exe, , [56aaaa56fc0410f08dee7ab57b851ee2], 

PUP.Optional.BundleInstaller, C:\Users\ETM\Downloads\Setup.exe, , [b05026da0cf48f7166e9a88d728fa15f], 

PUP.Optional.RegCleanerPro, C:\Users\ETM\Downloads\rcpsetup_matomy_my176681(1).exe, , [976942be8a763cc47c34dd28bc4503fd], 

PUP.Optional.RegCleanPro, C:\Users\ETM\Downloads\rcpsetupmarm1_marm10de_monsa.exe, , [33cde41cfd039a665b2ec66eb64ada26], 

PUP.Optional.RegCleanerPro, C:\Users\ETM\Downloads\rcpsetup_matomy_my176681.exe, , [16ea48b8867ac13fbbf5e124f30ed729], 

PUP.Optional.Conduit, C:\Users\ETM\AppData\Local\Conduit\CT2625848\DVDVideoSoftTB_DEAutoUpdateHelper.exe, , [41bf29d7fd03e11f9ddd1718ca3656aa], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\searchplugins\softonic.xml, , [966a837d60a04bb51475abc43ac87d83], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\searchplugins\Funmoods.xml, , [d9279c642dd3d22ed1402350946ebc44], 

PUP.Funmoods, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage, , [be42b54b2cd4bb458c12c2c63bc70af6], 

PUP.Funmoods, C:\Users\ETM\AppData\Local\funmoods.crx, , [bb457987b14fec14029e4c3c986a9a66], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\funmoods-speeddial_sf.crx, , [d62a2ad6b14fee12b554caaa5ca7946c], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage, , [ce326799e31df60a8d7e5e168281a55b], 

PUP.Optional.OpenCandy, C:\Users\ETM\AppData\Roaming\OpenCandy\D27549FB5358409091AD567D8A291358\3130.ico, , [8f71da265fa1699722fc79e543bf639d], 

PUP.Optional.OpenCandy, C:\Users\ETM\AppData\Roaming\OpenCandy\D27549FB5358409091AD567D8A291358\TuneUpUtilities2012_de-DE-p2v0.exe, , [8f71da265fa1699722fc79e543bf639d], 

PUP.Optional.OpenCandy, C:\Users\ETM\AppData\Roaming\OpenCandy\D27549FB5358409091AD567D8A291358\TuneUpUtilities2012_de-DE.exe, , [8f71da265fa1699722fc79e543bf639d], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2269050\ffLogic.exe, , [f0103cc4f50bb050fe98ed718e7411ef], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2269050\ieLogic.exe, , [f0103cc4f50bb050fe98ed718e7411ef], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2625848\CT2625848.xpi, , [a75943bd946c669ab2e4ca9489792cd4], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2625848\ffLogic.exe, , [a75943bd946c669ab2e4ca9489792cd4], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2625848\statisticsStub.exe, , [a75943bd946c669ab2e4ca9489792cd4], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2625848\version.txt, , [a75943bd946c669ab2e4ca9489792cd4], 

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Local\Temp\ct2625848\xpi\install.rdf, , [a75943bd946c669ab2e4ca9489792cd4], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\appprepend.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\background.html, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\browserevents.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\configuration.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\consts.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\diagnostics.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\format.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\framenotifier.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\jigsawapi.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\jquery-1.4.4.min.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\main.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\manifest.json, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\request.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\script.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\stats.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.HDStreamer, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.10_0\storage.js, , [ae526c94639d20e0ab5295cb9b676d93], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\background.html, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\bg.html, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\dropdown.html, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\manifest.json, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\img\128.png, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\img\16.png, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\img\32.png, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\img\48.png, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\img\64.png, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\img\ajax-loader.gif, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\img\Thumbs.db, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js\bg.js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js\chapi.js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js\dropdown.js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js\easyXDM.min.js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js\FMLoader.js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js\greetingmoods.js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js\jquery-1.8.3.min.js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js\json2.min.js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\js\rp.min.js, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh\2.0.1_0\style\funmoods_chrome_1.0.1.css, , [ce32de2205fbca3636af67fbe0225ca4], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\appCntrl.js, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.html, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\bg.js, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\chMntz.dll, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CrmAdpt.dll, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\ct.js, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\CTB.dll, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\dpk.js, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.htm, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\hprtkMsg.js, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\json2.min.js, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\logo.png, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\manifest.json, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0\pref.json, , [53ada7595ba5c838d522402500028f71], 

PUP.Optional.FunMoods.A, C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (        "homepage" : "hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1558164375",), ,[2fd13fc1f40c4db3450f60f3659f768a]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.admin", false);), ,[8f71ab55718f2ed2ecdec38f52b2827e]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.aflt", "OC");), ,[3ec21ee207f9ea16c00a173b996b31cf]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");), ,[ad53f60a20e01ce439915ff33acaa45c]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.autoRvrt", "false");), ,[27d91ee2a9575da3d9f191c17f85c739]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dfltLng", "de");), ,[b749b74935cb926ec1094909ae56a45c]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dfltSrch", true);), ,[5fa13cc40af604fcd8f22929b84ce61a]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.dnsErr", true);), ,[d32da55bdc24e719f8d2a9a96f95aa56]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.excTlbr", false);), ,[a25ee917f808ad534e7c75dd39cb6a96]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.ffxUnstlRst", false);), ,[6b9516ea5ba5c43c51798dc5689c12ee]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpg", true);), ,[cf3123ddd32d857b8743e76bc440b44c]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=7a08ca4f00000000000000197e5205ba");), ,[14ec0ef22fd1b14fb5159ab835cf3ac6]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.id", "7a08ca4f00000000000000197e5205ba");), ,[946c4eb223dd32ce83474c06d43043bd]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.instlDay", "16038");), ,[ca3605fbec149f6100caed655fa5bd43]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.instlRef", "MOY00621");), ,[ae5280809a66d42c903a5ef49b69946c]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.newTab", true);), ,[ec14b64a4ab6dc24d4f65df539cbfa06]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=7a08ca4f00000000000000197e5205ba");), ,[4db30000e21edd23c505d77bda2a4eb2]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.prdct", "Softonic");), ,[e21ea0603cc4d12fe2e84909a65eac54]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.prtnrId", "softonic");), ,[a45c2ad66799728e7b4f9eb40301ea16]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.rvrt", "false");), ,[c8389070cd3351af26a491c1df259e62]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.smplGrp", "none");), ,[649ce51b1ae63ac6c505ea68e02408f8]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");), ,[867a40c0ed13956bac1e61f1da2aa858]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.tlbrId", "opencandy2013");), ,[57a95fa1827eb64a8f3b79d9a4608977]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=7a08ca4f00000000000000197e5205ba&q=");), ,[7b85a85836ca47b96f5b9cb6758f05fb]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsn", "1.8.21.14");), ,[b24ea65a778953adaa205af89a6afa06]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsnTs", "1.8.21.1423:09:17");), ,[26da59a7ae52a65aab1f02503fc5758b]

PUP.Optional.Softonic.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.Softonic.vrsni", "1.8.21.14");), ,[d62a6799e51b629edeecfa58d034fe02]

PUP.Optional.Conduit.A, C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js, Gut: (), Schlecht: (user_pref("CT2625848.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=");), ,[03fd28d877896799c06f371c8480fd03]
 

Physische Sektoren: 0

(No malicious items detected)
 
 

(end)

adwCleaner

Code:

# AdwCleaner v3.023 - Bericht erstellt am 18/04/2014 um 16:11:54

# Aktualisiert 01/04/2014 von Xplode

# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)

# Benutzername : ETM - ETM-PC

# Gestartet von : C:\Users\ETM\Downloads\Logfiles\adwcleaner.exe

# Option : Löschen
 

***** [ Dienste ] *****
 

[#] Dienst Gelöscht : SystemStoreService
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\Program Files\Conduit

Ordner Gelöscht : C:\Program Files\SoftwareUpdater

Ordner Gelöscht : C:\Program Files\DVDVideoSoftTB_DE

Ordner Gelöscht : C:\Program Files\Common Files\DVDVideoSoft\TB

Ordner Gelöscht : C:\Users\ETM\AppData\Local\Conduit

Ordner Gelöscht : C:\Users\ETM\AppData\Local\SoftwareUpdater

Ordner Gelöscht : C:\Users\ETM\AppData\LocalLow\Conduit

Ordner Gelöscht : C:\Users\ETM\AppData\LocalLow\Funmoods

Ordner Gelöscht : C:\Users\ETM\AppData\LocalLow\PriceGong

Ordner Gelöscht : C:\Users\ETM\AppData\LocalLow\Softonic

Ordner Gelöscht : C:\Users\ETM\AppData\LocalLow\DVDVideoSoftTB_DE

Ordner Gelöscht : C:\Users\ETM\AppData\Roaming\dvdvideosoftiehelpers

Ordner Gelöscht : C:\Users\ETM\AppData\Roaming\OpenCandy

Ordner Gelöscht : C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\Smartbar

Ordner Gelöscht : C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Ordner Gelöscht : C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Ordner Gelöscht : C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf

Ordner Gelöscht : C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb

Datei Gelöscht : C:\END

Datei Gelöscht : C:\Users\ETM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk

Datei Gelöscht : C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\searchplugins\ask-search.xml

Datei Gelöscht : C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\user.js

Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui

Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{679B1572-7C02-45E7-98DE-3654EF991F08}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{679B1572-7C02-45E7-98DE-3654EF991F08}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F1BF6377-0CD8-4782-AFCF-4E623D88BCF2}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{20D46134-F374-4B32-B02D-1C1647612059}

[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F1BF6377-0CD8-4782-AFCF-4E623D88BCF2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BCA2A68A-51C5-4467-92D0-27997DFF4C92}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80F204A5-7CC2-4295-8E59-AE115D7B52ED}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB_DE

Schlüssel Gelöscht : HKLM\Software\Conduit

Schlüssel Gelöscht : HKLM\Software\Description

Schlüssel Gelöscht : HKLM\Software\DVDVideoSoftTB_DE

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB_DE Toolbar
 

***** [ Browser ] *****
 

-\\ Internet Explorer v8.0.6001.19518
 

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 

-\\ Mozilla Firefox v28.0 (de)
 

[ Datei : C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\prefs.js ]
 

Zeile gelöscht : user_pref("CT2625848.1000082.isPlayDisplay", "true");

Zeile gelöscht : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");

Zeile gelöscht : user_pref("CT2625848.129857693303065208.APP_WIN_FEATURES", "resizable=0,hscroll=0,vscroll=0,titlebar=1,closebutton=1,saveresizedsize=0,openposition=alignment:(B;L),savelocation=0,closeonexternalclick=[...]

Zeile gelöscht : user_pref("CT2625848.2625848a129894023611240511000000paramsGK1", "{\"updateReqTime\":1345131711558,\"updateRespTime\":1345131714179,\"data\":{\"settings\":{\"icon\":\"hxxp://storage.conduit.com/48/262[...]

Zeile gelöscht : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.Facebook_Mode", "2");

Zeile gelöscht : user_pref("CT2625848.Facebook_User_Locale", "de");

Zeile gelöscht : user_pref("CT2625848.FirstTime", "true");

Zeile gelöscht : user_pref("CT2625848.FirstTimeFF3", "true");

Zeile gelöscht : user_pref("CT2625848.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=");

Zeile gelöscht : user_pref("CT2625848.UserID", "UN99099583112967732");

Zeile gelöscht : user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");

Zeile gelöscht : user_pref("CT2625848.autoDisableScopes", -1);

Zeile gelöscht : user_pref("CT2625848.browser.search.defaultthis.engineName", true);

Zeile gelöscht : user_pref("CT2625848.defaultSearch", "true");

Zeile gelöscht : user_pref("CT2625848.embeddedsData", "[{\"appId\":\"129181467799155027\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]

Zeile gelöscht : user_pref("CT2625848.enableAlerts", "false");

Zeile gelöscht : user_pref("CT2625848.enableSearchFromAddressBar", "true");

Zeile gelöscht : user_pref("CT2625848.firstTimeDialogOpened", "true");

Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundError", "true");

Zeile gelöscht : user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");

Zeile gelöscht : user_pref("CT2625848.fixUrls", true);

Zeile gelöscht : user_pref("CT2625848.installId", "ConduitNSISIntegration");

Zeile gelöscht : user_pref("CT2625848.installType", "ConduitNSISIntegration");

Zeile gelöscht : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.isNewTabEnabled", true);

Zeile gelöscht : user_pref("CT2625848.isPerformedSmartBarTransition", "true");

Zeile gelöscht : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");

Zeile gelöscht : user_pref("CT2625848.keyword", true);

Zeile gelöscht : user_pref("CT2625848.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_SEARCH_TERM\":\"ittle girl\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://DVDVideoSoftTB[...]

Zeile gelöscht : user_pref("CT2625848.openThankYouPage", "false");

Zeile gelöscht : user_pref("CT2625848.openUninstallPage", "true");

Zeile gelöscht : user_pref("CT2625848.search.searchAppId", "129181467799155027");

Zeile gelöscht : user_pref("CT2625848.search.searchCount", "0");

Zeile gelöscht : user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");

Zeile gelöscht : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2625848\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDVideoSoftTBDE.OurToolbar.com//xpi\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDVideoSoftTB DE\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1344977047199");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appTracking_lastUpdate", "1344976935790");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1345131701433");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1344005230395");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_login_10.10.20.14_lastUpdate", "1345131587211");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_optimizer_lastUpdate", "1345131709802");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1344005228643");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1345131590455");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1345131590420");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1344005228201");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1345131701241");

Zeile gelöscht : user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1345131605938");

Zeile gelöscht : user_pref("CT2625848.settingsINI", true);

Zeile gelöscht : user_pref("CT2625848.shouldFirstTimeDialog", "false");

Zeile gelöscht : user_pref("CT2625848.smartbar.CTID", "CT2625848");

Zeile gelöscht : user_pref("CT2625848.smartbar.Uninstall", "0");

Zeile gelöscht : user_pref("CT2625848.smartbar.homepage", true);

Zeile gelöscht : user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE ");

Zeile gelöscht : user_pref("CT2625848.toolbarBornServerTime", "3-8-2012");

Zeile gelöscht : user_pref("CT2625848.toolbarCurrentServerTime", "16-8-2012");

Zeile gelöscht : user_pref("CT2625848.toolbarDisabled", "true");

Zeile gelöscht : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2625848&SearchSource=13");

Zeile gelöscht : user_pref("Smartbar.ConduitSearchEngineList", "DVDVideoSoftTB DE Customized Web Search");

Zeile gelöscht : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2625848&SearchSource=2&q=");

Zeile gelöscht : user_pref("Smartbar.keywordURLSelectedCTID", "CT2625848");

Zeile gelöscht : user_pref("extensions.APN_TB.first-previous-keyword-url", "hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtF[...]

Zeile gelöscht : user_pref("extensions.AVIRA-V7.AUC_clientCache", "{\"AUC_CACHE\":{\"ask.com\":{\"c\":[1],\"ttl\":1398237101},\"facebook.com\":{\"c\":[1],\"ttl\":1398357964},\"jimdo.com\":{\"c\":[1],\"ttl\":1376734531[...]

Zeile gelöscht : user_pref("extensions.AVIRA-V7.apn.tldcache", "{\"date\":1395503958892,\"domainList\":[\"ac\",\"com.ac\",\"edu.ac\",\"gov.ac\",\"net.ac\",\"mil.ac\",\"org.ac\",\"ad\",\"nom.ad\",\"ae\",\"co.ae\",\"net[...]

Zeile gelöscht : user_pref("extensions.AVIRA-V7.previous-keyword-url", "\"hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtA[...]

Zeile gelöscht : user_pref("extensions.Softonic.admin", false);

Zeile gelöscht : user_pref("extensions.Softonic.aflt", "OC");

Zeile gelöscht : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");

Zeile gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");

Zeile gelöscht : user_pref("extensions.Softonic.dfltLng", "de");

Zeile gelöscht : user_pref("extensions.Softonic.dfltSrch", true);

Zeile gelöscht : user_pref("extensions.Softonic.dnsErr", true);

Zeile gelöscht : user_pref("extensions.Softonic.excTlbr", false);

Zeile gelöscht : user_pref("extensions.Softonic.ffxUnstlRst", false);

Zeile gelöscht : user_pref("extensions.Softonic.hmpg", true);

Zeile gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=13&cc=&mi=7a08ca4f00000000000000197e5205ba");

Zeile gelöscht : user_pref("extensions.Softonic.id", "7a08ca4f00000000000000197e5205ba");

Zeile gelöscht : user_pref("extensions.Softonic.instlDay", "16038");

Zeile gelöscht : user_pref("extensions.Softonic.instlRef", "MOY00621");

Zeile gelöscht : user_pref("extensions.Softonic.newTab", true);

Zeile gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00621/tb_v1/?SearchSource=15&cc=&mi=7a08ca4f00000000000000197e5205ba");

Zeile gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");

Zeile gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");

Zeile gelöscht : user_pref("extensions.Softonic.rvrt", "false");

Zeile gelöscht : user_pref("extensions.Softonic.smplGrp", "none");

Zeile gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");

Zeile gelöscht : user_pref("extensions.Softonic.tlbrId", "opencandy2013");

Zeile gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=1&cc=&mi=7a08ca4f00000000000000197e5205ba&q=");

Zeile gelöscht : user_pref("extensions.Softonic.vrsn", "1.8.21.14");

Zeile gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.8.21.1423:09:17");

Zeile gelöscht : user_pref("extensions.Softonic.vrsni", "1.8.21.14");

Zeile gelöscht : user_pref("extensions.funmoods.aflt", "ironpub");

Zeile gelöscht : user_pref("extensions.funmoods.autoRvrt", false);

Zeile gelöscht : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");

Zeile gelöscht : user_pref("extensions.funmoods.cntry", "DE");

Zeile gelöscht : user_pref("extensions.funmoods.cv", "cv5");

Zeile gelöscht : user_pref("extensions.funmoods.dfltLng", "");

Zeile gelöscht : user_pref("extensions.funmoods.dfltSrch", true);

Zeile gelöscht : user_pref("extensions.funmoods.dfltlng", "en");

Zeile gelöscht : user_pref("extensions.funmoods.dfltsrch", true);

Zeile gelöscht : user_pref("extensions.funmoods.dnsErr", true);

Zeile gelöscht : user_pref("extensions.funmoods.envrmnt", "production");

Zeile gelöscht : user_pref("extensions.funmoods.excTlbr", false);

Zeile gelöscht : user_pref("extensions.funmoods.hdrMd5", "FFCE1344F33963BE587471FE4B3D56EC");

Zeile gelöscht : user_pref("extensions.funmoods.hmpg", true);

Zeile gelöscht : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1558164[...]

Zeile gelöscht : user_pref("extensions.funmoods.hrdid", "00197E5205BACA4F");

Zeile gelöscht : user_pref("extensions.funmoods.id", "00197E5205BACA4F");

Zeile gelöscht : user_pref("extensions.funmoods.instlDay", "15655");

Zeile gelöscht : user_pref("extensions.funmoods.instlRef", "ironpub");

Zeile gelöscht : user_pref("extensions.funmoods.instlday", "15655");

Zeile gelöscht : user_pref("extensions.funmoods.instlref", "ironpub");

Zeile gelöscht : user_pref("extensions.funmoods.isdcmntcmplt", true);

Zeile gelöscht : user_pref("extensions.funmoods.keywordurl", "");

Zeile gelöscht : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2210:11:2");

Zeile gelöscht : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");

Zeile gelöscht : user_pref("extensions.funmoods.newTab", true);

Zeile gelöscht : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=15581[...]

Zeile gelöscht : user_pref("extensions.funmoods.newtab", true);

Zeile gelöscht : user_pref("extensions.funmoods.newtaburl", "hxxp://searchfunmoods.com/?f=2&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=15581[...]

Zeile gelöscht : user_pref("extensions.funmoods.prdct", "funmoods");

Zeile gelöscht : user_pref("extensions.funmoods.prtnrId", "funmoods");

Zeile gelöscht : user_pref("extensions.funmoods.prtnrid", "funmoods");

Zeile gelöscht : user_pref("extensions.funmoods.savedVrsnTs", "1");

Zeile gelöscht : user_pref("extensions.funmoods.sg", "none");

Zeile gelöscht : user_pref("extensions.funmoods.smplGrp", "none");

Zeile gelöscht : user_pref("extensions.funmoods.smplgrp", "none");

Zeile gelöscht : user_pref("extensions.funmoods.srch", "");

Zeile gelöscht : user_pref("extensions.funmoods.srchPrvdr", "Search");

Zeile gelöscht : user_pref("extensions.funmoods.srchprvdr", "Search");

Zeile gelöscht : user_pref("extensions.funmoods.tlbrId", "base");

Zeile gelöscht : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=155[...]

Zeile gelöscht : user_pref("extensions.funmoods.tlbrid", "base");

Zeile gelöscht : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://searchfunmoods.com/?f=3&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=155[...]

Zeile gelöscht : user_pref("extensions.funmoods.vrsn", "1.5.23.22");

Zeile gelöscht : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2210:11:2");

Zeile gelöscht : user_pref("extensions.funmoods.vrsni", "1.5.23.22");

Zeile gelöscht : user_pref("extensions.funmoods.vrsnts", "1.5.23.2210:11:2");

Zeile gelöscht : user_pref("extensions.funmoods.xpestat\\xpereportdata", "18-11-2012");

Zeile gelöscht : user_pref("extensions.funmoods_i.newTab", true);

Zeile gelöscht : user_pref("extensions.funmoods_i.smplGrp", "none");

Zeile gelöscht : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2210:11:2");
 

-\\ Google Chrome v34.0.1847.116
 

[ Datei : C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 

Gelöscht : search_url

Gelöscht : keyword
 

*************************
 

AdwCleaner[R0].txt - [21000 octets] - [18/04/2014 16:03:03]

AdwCleaner[S0].txt - [20786 octets] - [18/04/2014 16:11:54]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20847 octets] ##########

jrt.txt

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows Vista (TM) Home Premium x86

Ran by ETM on 18.04.2014 at 16:47:58,66

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{6DBE9A0E-B85E-4649-8728-6ADADF06D088}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{47A69BFA-63EF-41C2-B09F-7F84F19B5FDF}
 
 
 

~~~ Files
 

Successfully deleted: [File] "C:\Users\ETM\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\ProgramData\apn"
 
 
 

~~~ FireFox
 

Successfully deleted: [File] C:\Users\ETM\AppData\Roaming\mozilla\firefox\profiles\ef58lntw.default\extensions\toolbar_avira-v7@apn.ask.com.xpi

Successfully deleted the following from C:\Users\ETM\AppData\Roaming\mozilla\firefox\profiles\ef58lntw.default\prefs.js
 

user_pref("extensions.AVIRA-V7.com.avira.dnt.rules", "\"{\\\"Version\\\":39,\\\"Companies\\\":[{\\\"company\\\":\\\"Google Inc\\\",\\\"rules\\\":[{\\\"name\\\":\\\"Google Anal

user_pref("extensions.AVIRA-V7.domain", "\"avira.search.ask.com\"");

user_pref("extensions.AVIRA-V7.hpr_ff", "\"hxxp://avira.search.ask.com/?tpid=AVIRA-V7&o=APN11074&pf=&trgb=ALL&p2=%5EB0Q%5EYYYYYY%5EYY%5EDE&gct=hp&apn_ptnrs=%5EB0Q&apn_dtid=%5E

Emptied folder: C:\Users\ETM\AppData\Roaming\mozilla\firefox\profiles\ef58lntw.default\minidumps [197 files]
 
 
 

~~~ Chrome
 

Successfully deleted: [Folder] C:\Users\ETM\appdata\local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh

Successfully deleted: [Folder] C:\Users\ETM\appdata\local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh

Successfully deleted: [Folder] C:\Users\ETM\appdata\local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\aaaaacalgebmfelllfiaoknifldpngjh
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 18.04.2014 at 16:56:18,86

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und ein mal frst.txt

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-04-2014

Ran by ETM (administrator) on ETM-PC on 18-04-2014 17:00:38

Running from C:\Users\ETM\Downloads\Logfiles

Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard

Internet Explorer Version 8

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(Logitech Inc.) c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(APN LLC.) C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe

(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe

(Intel Corporation) C:\Windows\system32\igfxext.exe

(Intel Corporation) C:\Windows\system32\igfxsrvc.exe

(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe

(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.23.9\GoogleCrashHandler.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

(Sony Corporation) C:\Program Files\sony\ISB Utility\ISBMgr.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe

() C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(APN) C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe

(Microsoft Corporation) C:\Windows\ehome\ehtray.exe

(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe

(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe

(Logitech Inc.) C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe

(Microsoft Corporation) C:\Windows\system32\conime.exe

(Microsoft Corporation) C:\Windows\system32\taskmgr.exe

(Avira Operations GmbH & Co. KG) C:\program files\avira\antivir desktop\ipmGui.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4317184 2007-02-06] (Realtek Semiconductor)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2007-01-12] (Alps Electric Co., Ltd.)

HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [321656 2007-01-22] (Sony Corporation)

HKLM\...\Run: [LogitechCommunicationsManager] => C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe [488984 2007-02-08] (Logitech Inc.)

HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\QuickCam10\QuickCam10.exe [774168 2007-02-08] ()

HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll (Sony Corporation)

HKU\.DEFAULT\...\Run: [Picasa Media Detector] => C:\Program Files\Picasa2\PicasaMediaDetector.exe [443968 2008-08-21] (Google Inc.)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe] => C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe [10412000 2012-05-12] (Freemium) <===== ATTENTION

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe] => C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe [10412000 2012-05-12] (Freemium) <===== ATTENTION

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-09-11] (Google Inc.)

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\MountPoints2: H - H:\Autorun.exe

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\MountPoints2: {53644ca2-4332-11df-be58-0013a9c74bdb} - G:\Menu.exe

HKU\S-1-5-21-1036232907-8535079-2463951213-1003\...\InprocServer32: [Default-pngfilt]  <==== ATTENTION!
 

AppInit_DLLs: C:\PROGRA~1\Google\GO333C~1\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2011-05-27] (Google)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://partnerpage.google.com/eu.sony.com/de

hxxp://www.club-vaio.com/vbc

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.club-vaio.com

URLSearchHook: HKCU - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKLM - {0A79036B-2B01-77F4-0C04-199346F9F091} URL = hxxp://www.google.de/search?hl=de&q={searchTerms}&meta=

BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)

BHO: No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)

BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google BAE\BAE.dll (Your Company Name)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)

BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Toolbar: HKLM - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} hxxp://www.lokalisten.de/iup/ImageUploader4.cab

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Winsock: Catalog9 01 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 02 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 03 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 04 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 05 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 06 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 07 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 08 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Winsock: Catalog9 19 C:\Program Files\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default

FF Homepage: https://www.google.de/

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @google.com/npPicasa2,version=2.0.0 - C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)

FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)

FF Plugin: @real.com/nppl3260;version=6.0.12.450 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprjplug;version=1.0.3.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\ETM\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: Microsoft .NET Framework Assistant - C:\Users\ETM\AppData\Roaming\Mozilla\Firefox\Profiles\ef58lntw.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-10-31]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []

FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext

FF Extension: RealPlayer Browser Record Plugin - C:\Program Files\Real\RealPlayer\browserrecord\firefox\ext [2009-11-29]

FF HKLM\...\Firefox\Extensions: [{000a9d1c-beef-4f90-9363-039d445309b8}] - C:\Program Files\Google\Google Gears\Firefox\

FF Extension: Google Gears - C:\Program Files\Google\Google Gears\Firefox\ []
 

Chrome: 

=======

CHR StartupUrls: "hxxp://searchfunmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtDtCzyyB0EyDtBtDyD0B0A0C0AyE0FtN0D0Tzu0CtAtCyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1558164375"

CHR DefaultSearchProvider: Search the web (Softonic)

CHR DefaultSearchURL: hxxp://www.google.com

CHR DefaultNewTabURL: 

CHR Extension: (Google Wallet) - C:\Users\ETM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-16]
 

========================== Services (Whitelisted) =================
 

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)

S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2011-05-27] (Google)

S2 LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [105248 2007-02-06] (Logitech Inc.)

R2 MSSQL$VAIO_VEDB; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)

S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)

S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AvLib\PACSPTISVR.exe [57344 2006-12-14] ()

S3 SonicStage Back-End Service; C:\Program Files\Common Files\Sony Shared\AvLib\SsBeSvc.exe [112184 2007-01-24] (Sony Corporation)

S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AvLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)

S3 SSScsiSV; C:\Program Files\Common Files\Sony Shared\AvLib\SSScsiSV.exe [75320 2007-01-24] (Sony Corporation)

S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-01-10] (Sony Corporation)

R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [182392 2007-02-13] (Sony Corporation)

S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\VMISrv.exe [2523136 2007-01-16] (Sony Corporation)

S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)

S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)

S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\sony\VAIO Media Integrated Server\Platform\VmGateway.exe [491520 2007-01-08] (Sony Corporation)

S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation)

S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-01-08] (Sony Corporation)

S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-01-16] (Sony Corporation)

R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2006-11-28] (Sony Corporation)

R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [172032 2006-11-28] (Sony Corporation)

R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [135168 2006-11-28] (Sony Corporation)

S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [X]
 

==================== Drivers (Whitelisted) ====================
 

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-18] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-18] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-28] (Avira Operations GmbH & Co. KG)

S3 LVcKap; C:\Windows\System32\DRIVERS\LVcKap.sys [1691808 2007-02-06] ()

S3 LVMVDrv; C:\Windows\System32\DRIVERS\LVMVDrv.sys [1964064 2007-02-06] (Logitech Inc.)

R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25632 2007-02-06] ()

S3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41504 2007-02-03] (Logitech Inc.)

R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [107736 2014-04-18] (Malwarebytes Corporation)

S3 pepifilter; C:\Windows\System32\DRIVERS\lv302af.sys [14240 2007-02-03] (Logitech Inc.)

S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [938272 2007-02-03] (Logitech Inc.)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-08-09] (Avira GmbH)

R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [807424 2007-02-08] (Texas Instruments)

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-04-18 16:56 - 2014-04-18 16:56 - 00002837 _____ () C:\Users\ETM\Desktop\JRT.txt

2014-04-18 16:47 - 2014-04-18 16:47 - 00000000 ____D () C:\Windows\ERUNT

2014-04-18 16:02 - 2014-04-18 16:24 - 00000000 ____D () C:\AdwCleaner

2014-04-18 12:54 - 2014-04-18 12:54 - 00001057 _____ () C:\Users\ETM\Desktop\Revo Uninstaller.lnk

2014-04-18 12:54 - 2014-04-18 12:54 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-04-18 00:08 - 2014-04-18 00:08 - 00104960 _____ (GMER) C:\uwldapow.sys

2014-04-18 00:04 - 2014-04-18 00:04 - 132811481 _____ () C:\Windows\MEMORY.DMP

2014-04-18 00:04 - 2014-04-18 00:04 - 00142656 _____ () C:\Windows\Minidump\Mini041814-01.dmp

2014-04-18 00:04 - 2014-04-18 00:04 - 00000000 ____D () C:\Windows\Minidump

2014-04-17 19:36 - 2014-04-18 17:00 - 00000000 ____D () C:\Users\ETM\Downloads\Logfiles

2014-04-17 19:35 - 2014-04-18 17:00 - 00000000 ____D () C:\FRST

2014-04-17 19:28 - 2014-04-17 19:28 - 00000000 _____ () C:\Users\ETM\defogger_reenable

2014-04-17 18:49 - 2014-04-18 14:07 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-17 18:48 - 2014-04-17 18:48 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-17 18:48 - 2014-04-17 18:48 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-17 18:48 - 2014-04-17 18:48 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-17 18:48 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-17 18:48 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-17 18:48 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-17 18:46 - 2014-04-17 18:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\ETM\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-14 19:39 - 2014-02-23 12:53 - 00916992 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-04-14 19:39 - 2014-02-23 12:52 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-04-14 19:39 - 2014-02-23 12:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-04-14 19:39 - 2014-02-23 12:50 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 06020096 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 00630272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 00611840 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-04-14 19:39 - 2014-02-23 12:48 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-04-14 19:39 - 2014-02-23 12:47 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll

2014-04-14 19:39 - 2014-02-23 12:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 11111424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 02005504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 01469440 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-04-14 19:39 - 2014-02-23 12:46 - 00387584 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-04-14 19:39 - 2014-02-23 12:46 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-04-14 19:39 - 2014-02-23 12:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll

2014-04-14 19:39 - 2014-02-23 11:12 - 00385024 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2014-04-14 19:39 - 2014-02-23 09:25 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-04-14 19:39 - 2014-02-23 09:25 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-04-14 19:39 - 2014-02-23 09:23 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-04-14 19:39 - 2014-02-23 09:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-04-14 19:39 - 2014-02-06 03:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2014-04-04 15:21 - 2014-04-04 15:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-04-02 20:30 - 2014-04-02 20:30 - 00276090 _____ () C:\Users\ETM\Downloads\Perso backside (document).jpeg
 

==================== One Month Modified Files and Folders =======
 

2014-04-18 17:00 - 2014-04-17 19:36 - 00000000 ____D () C:\Users\ETM\Downloads\Logfiles

2014-04-18 17:00 - 2014-04-17 19:35 - 00000000 ____D () C:\FRST

2014-04-18 16:56 - 2014-04-18 16:56 - 00002837 _____ () C:\Users\ETM\Desktop\JRT.txt

2014-04-18 16:47 - 2014-04-18 16:47 - 00000000 ____D () C:\Windows\ERUNT

2014-04-18 16:44 - 2008-09-10 19:11 - 01260950 _____ () C:\Windows\WindowsUpdate.log

2014-04-18 16:35 - 2008-09-11 18:02 - 00000000 ____D () C:\Users\ETM\AppData\Roaming\Skype

2014-04-18 16:32 - 2009-09-17 17:00 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-04-18 16:31 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-04-18 16:31 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-04-18 16:31 - 2006-11-02 14:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-04-18 16:30 - 2007-02-26 18:30 - 00215828 _____ () C:\Windows\PFRO.log

2014-04-18 16:29 - 2006-11-02 15:01 - 00032582 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-04-18 16:24 - 2014-04-18 16:02 - 00000000 ____D () C:\AdwCleaner

2014-04-18 16:17 - 2012-04-16 20:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-04-18 16:12 - 2012-08-03 16:43 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft

2014-04-18 15:48 - 2009-09-17 17:00 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-04-18 14:36 - 2011-03-21 15:02 - 00001052 _____ () C:\Windows\Tasks\Google Software Updater.job

2014-04-18 14:07 - 2014-04-17 18:49 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-04-18 12:54 - 2014-04-18 12:54 - 00001057 _____ () C:\Users\ETM\Desktop\Revo Uninstaller.lnk

2014-04-18 12:54 - 2014-04-18 12:54 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-04-18 12:54 - 2008-09-10 18:20 - 00000000 ____D () C:\Users\ETM

2014-04-18 00:24 - 2014-03-05 21:33 - 00001356 _____ () C:\Users\ETM\AppData\Local\d3d9caps.dat

2014-04-18 00:08 - 2014-04-18 00:08 - 00104960 _____ (GMER) C:\uwldapow.sys

2014-04-18 00:04 - 2014-04-18 00:04 - 132811481 _____ () C:\Windows\MEMORY.DMP

2014-04-18 00:04 - 2014-04-18 00:04 - 00142656 _____ () C:\Windows\Minidump\Mini041814-01.dmp

2014-04-18 00:04 - 2014-04-18 00:04 - 00000000 ____D () C:\Windows\Minidump

2014-04-17 23:14 - 2008-09-11 18:15 - 00063488 _____ () C:\Users\ETM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-04-17 19:28 - 2014-04-17 19:28 - 00000000 _____ () C:\Users\ETM\defogger_reenable

2014-04-17 18:48 - 2014-04-17 18:48 - 00000899 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-04-17 18:48 - 2014-04-17 18:48 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-04-17 18:48 - 2014-04-17 18:48 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-04-17 18:46 - 2014-04-17 18:46 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\ETM\Downloads\mbam-setup-2.0.1.1004.exe

2014-04-15 21:34 - 2013-07-22 19:08 - 00000000 ____D () C:\Windows\system32\MRT

2014-04-15 21:02 - 2006-11-02 12:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-04-14 20:24 - 2012-06-06 20:25 - 00001963 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-04-14 18:26 - 2012-05-10 14:56 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-04-04 15:21 - 2014-04-04 15:21 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-04-03 09:51 - 2014-04-17 18:48 - 00073432 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-04-03 09:51 - 2014-04-17 18:48 - 00051416 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-04-03 09:50 - 2014-04-17 18:48 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-04-02 20:30 - 2014-04-02 20:30 - 00276090 _____ () C:\Users\ETM\Downloads\Perso backside (document).jpeg

2014-03-31 19:57 - 2006-11-02 12:33 - 01717504 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-03-31 09:35 - 2009-10-02 23:17 - 00231584 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 

Files to move or delete:

====================

C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe
 
 

Some content of TEMP:

====================

C:\Users\ETM\AppData\Local\Temp\48701uninstall.exe

C:\Users\ETM\AppData\Local\Temp\AskSLib.dll

C:\Users\ETM\AppData\Local\Temp\avgnt.exe

C:\Users\ETM\AppData\Local\Temp\dotNetFx40_Full_setup.exe

C:\Users\ETM\AppData\Local\Temp\FileSystemView.dll

C:\Users\ETM\AppData\Local\Temp\firefoxjre_exe-1.exe

C:\Users\ETM\AppData\Local\Temp\firefoxjre_exe.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate01.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate02.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate03.exe

C:\Users\ETM\AppData\Local\Temp\FlashPlayerUpdate04.exe

C:\Users\ETM\AppData\Local\Temp\gtalkwmp1.dll

C:\Users\ETM\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe

C:\Users\ETM\AppData\Local\Temp\Quarantine.exe

C:\Users\ETM\AppData\Local\Temp\SearchWithGoogleUpdate.exe

C:\Users\ETM\AppData\Local\Temp\SkypeSetup.exe

C:\Users\ETM\AppData\Local\Temp\tmp194A.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp1C08.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp2D28.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp2DA5.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp55BD.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp73B9.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp8823.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp8C86.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmp9971.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmpB4BD.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmpC12C.tmp.exe

C:\Users\ETM\AppData\Local\Temp\tmpF6C.tmp.exe

C:\Users\ETM\AppData\Local\Temp\TubeBox_Setup.exe

C:\Users\ETM\AppData\Local\Temp\_isFE3B.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-04-18 16:51
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

und addition.txt

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-04-2014

Ran by ETM at 2014-04-18 17:01:35

Running from C:\Users\ETM\Downloads\Logfiles

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)

Adobe Reader 9.5.5 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)

Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )

Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)

Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4689 - APN, LLC)

Browser Address Error Redirector (HKLM\...\{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version:  - )

BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden

Click to DVD 2.0.05 Menu Data (HKLM\...\{9E407618-D9CD-4F39-9490-9ED45294073D}) (Version: 2.0.05 - Sony Corporation)

Click to DVD 2.6.00 (HKLM\...\{E809063C-51A3-4269-8984-D1EB742F2151}) (Version: 2.6.00 - Sony Corporation)

CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

D1500 (Version: 100.0.206.000 - Ihr Firmenname) Hidden

D1500_Help (Version: 100.0.206.000 - Hewlett-Packard) Hidden

DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden

DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

DJ_SF_03_D1500_ProductContext (Version: 100.0.215.000 - Hewlett-Packard) Hidden

DJ_SF_03_D1500_Software (Version: 100.0.206.000 - Hewlett-Packard) Hidden

DJ_SF_03_D1500_Software_Min (Version: 100.0.239.000 - Hewlett-Packard) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 1.4.7 - Dropbox, Inc.)

eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden

Free System Utilities (HKLM\...\{ee9b54a6-93dd-4070-80ae-743f58319407}) (Version: 1.0.0 - Covus Freemium GmbH)

Free SystemUtilities (Version: 1.0.0 - Covus Freemium GmbH) Hidden

Free YouTube to MP3 Converter version 3.12.17.1127 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.17.1127 - DVDVideoSoft Ltd.)

FUJIFILM FinePixViewer S Ver.2.1 (HKLM\...\{88B32652-CAE0-4909-A463-5840D2689D93}) (Version: 2.1.0.3 - FUJIFILM Corporation)

Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)

Google Desktop (HKLM\...\Google Desktop) (Version: 5.9.1005.12335 - Google)

Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Gears (HKLM\...\{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}) (Version: 0.5.3600 - Google)

Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden

Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)

GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden

HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version:  - )

HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)

HP Deskjet D1500 Printer Driver Software 10.0 Rel .3 (HKLM\...\{0CE5F45E-F6CC-4638-B0DD-BB7F6EF56713}) (Version: 10.0 - HP)

HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)

HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)

HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden

HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)

HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)

HP Update (HKLM\...\{11B83AD3-7A46-4C2E-A568-9505981D4C6F}) (Version: 4.000.007.003 - Hewlett-Packard)

HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden

HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden

Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )

Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)

Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden

Java(TM) 6 Update 27 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)

Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)

LAN-Express AS IEEE 802.11 Wireless LAN (HKLM\...\{FCCB0B43-7A6D-49A4-A5B3-B10F592F4EB6}) (Version: 7.1.0.116 - LAN-Express)

Logitech Audio Echo Cancellation Component (Version: 10.51.2027 - Logitech Inc.) Hidden

Logitech QuickCam (HKLM\...\{7D2370AC-D8E6-4996-986A-19824F8A167C}) (Version: 10.51.2029 - Logitech Inc.)

Logitech Video Enumerator (Version: 10.51.2027 - Logitech Inc.) Hidden

Logitech® Camera-Treiber (HKLM\...\QcDrv) (Version:  - )

Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)

MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)

Microsoft SQL Server 2005 Express Edition (VAIO_VEDB) (Version: 9.4.5000.00 - Microsoft Corporation) Hidden

Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)

Microsoft SQL Server VSS Writer (HKLM\...\{FDE96E86-7780-431C-92F7-679C6A7CEC51}) (Version: 9.00.5000.00 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation)

Move Media Player (HKCU\...\Move Media Player) (Version:  - Move Networks)

Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)

MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Müller Foto (HKLM\...\Müller Foto) (Version:  - )

MultiLingua Spanisch (HKLM\...\InstallShield_{6D2EA8F0-8E1A-4EBC-A94F-067C02847335}) (Version: 1.00.0000 - MultiLingua Intensiv)

MultiLingua Spanisch (Version: 1.00.0000 - MultiLingua Intensiv) Hidden

MVision (Version: 10.51.2027 - Logitech Inc.) Hidden

OpenMG Limited Patch 4.7-07-13-24-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version:  - )

OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)

OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140 - Sony Corporation) Hidden

OpenOffice.org 3.0 (HKLM\...\{04B45310-A5FE-4425-BFCA-1A6D8920DE74}) (Version: 3.0.9379 - OpenOffice.org)

Picasa 3 (HKLM\...\Picasa 3) (Version: 3.1 - Google, Inc.)

PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden

Qtrax Player (HKCU\...\2912889956.portal.qtrax.com) (Version:  - portal.qtrax.com)

QuickTime (HKLM\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)

RealPlayer (HKLM\...\RealPlayer 12.0) (Version:  - RealNetworks)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5350 - Realtek Semiconductor Corp.)

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Setting Utility Series (HKLM\...\{59452470-A902-477F-9338-9B88101681BD}) (Version: 2.1.00.13300 - Sony Corporation)

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)

Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden

SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden

SonicStage 4.3 (HKLM\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation)

Sony Utilities DLL (HKLM\...\{EF3D45BB-2260-4008-88EA-492E7744A9DF}) (Version: 7.1.00.13300 - Sony Corporation)

Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.1.03 - Sony Corporation)

Status (Version: 100.0.175.000 - Hewlett-Packard) Hidden

Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden

TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden

TubeBox (HKLM\...\{c5b74464-3a04-417c-9eee-d0dc7d6af196}) (Version: 4.1.0.0 - Freetec)

TubeBox (Version: 4.1.0.0 - Freetec) Hidden

TuneUp Utilities 2012 (HKLM\...\TuneUp Utilities 2012) (Version: 12.0.3600.73 - TuneUp Software)

TuneUp Utilities 2012 (Version: 12.0.3600.73 - TuneUp Software) Hidden

TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.73 - TuneUp Software) Hidden

UnloadSupport (Version: 10.0.0 - Hewlett-Packard) Hidden

Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

VAIO Aqua Breeze Wallpaper (HKLM\...\{97BCD719-6ECB-458F-97D6-F38D2E07375E}) (Version: 1.0.11.13240 - Sony Corporation)

VAIO Control Center (HKLM\...\{FC37C108-821D-4EDE-8F40-D5B497586805}) (Version: 2.0.00.11060 - Sony Corporation)

VAIO Cozy Orange Wallpaper (HKLM\...\{2A2FF7F5-6F0E-4A5D-A881-39365E718BD6}) (Version: 1.0.11.13240 - Sony Corporation)

VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.01.02070 - Sony Corporation)

VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 2.0.02.13290 - Sony Corporation)

VAIO Event Service (HKLM\...\{F0D85ADD-DD61-4B43-87A0-6DA52A211A8B}) (Version: 3.1.00.14130 - Sony Corporation)

VAIO Hardware Diagnostics (HKLM\...\{A947C2B3-7445-42C4-9063-EE704CACCB22}) (Version:  - )

VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden

VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)

VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version:  - )

VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version:  - Sony Corporation)

VAIO Media Integrated Server 6.0 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version:  - Sony Corporation)

VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)

VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden

VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)

VAIO Original Screen Saver (HKLM\...\{1BEF9285-5530-426B-A5F1-5836B95C7EB1}) (Version:  - )

VAIO Photo 2007 (HKLM\...\{5E343EF6-D27C-4CFC-9FAE-9AAFB541BCEE}) (Version: 1.0.01.01250 - Sony Corporation)

VAIO Power Management (HKLM\...\{9E319E96-ED8E-4B01-9775-C521A1869A25}) (Version: 2.1.00.14090 - Sony Corporation)

VAIO Tender Green Wallpaper (HKLM\...\{934A3213-1CB6-4264-84A2-EE080C017BCA}) (Version: 1.0.11.10180 - Sony Corporation)

VAIO Update 3 (HKLM\...\{48820099-ED7D-424B-890C-9A82EF00656D}) (Version: 3.0.01.02050 - Sony Corporation)

VAIO Video & Photo  Suite (Version: 1.1.00.13301 - Sony Corporation) Hidden

VAIO Video & Photo Suite (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.1.00.13301 - Sony Corporation)

VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden

VLC media player 1.1.10 (HKLM\...\VLC media player) (Version: 1.1.10 - VideoLAN)

WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden

Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.113 - InterVideo Inc.)

WinDVD for VAIO (Version: 8.0-B6.113 - InterVideo Inc.) Hidden

Wireless Switch Setting Utility (HKLM\...\{2A0F3EF9-68EE-49E9-A05B-ED5B82DF63E5}) (Version: 3.6.00.13120 - Sony Corporation)
 

==================== Restore Points  =========================
 

15-04-2014 18:51:42 Windows Update

17-04-2014 23:27:02 Geplanter Prüfpunkt

18-04-2014 10:57:04 Revo Uninstaller's restore point - Funmoods

18-04-2014 11:17:37 Revo Uninstaller's restore point - PricePeep

18-04-2014 11:49:39 Revo Uninstaller's restore point - Softonic toolbar  on IE and Chrome
 

==================== Hosts content: ==========================
 

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {07201A7E-D836-4981-AB36-1288045ACD96} - System32\Tasks\LaunchMCV => MyClubVaio.vbs

Task: {093CC765-33D4-4880-9562-9A650BE23BA6} - System32\Tasks\MCVRegistrationReminder1 => reminder.exe

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {2DE4BEF1-91C2-4EF1-9C3E-7600E2211549} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {3E48C7CD-1E01-4BDC-87E6-87065831D8E0} - System32\Tasks\MCVRegistrationReminder3 => reminder.exe

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)

Task: {4C68D541-98E7-47DF-B8A9-5B4822ADF612} - System32\Tasks\{5223DC5E-F606-46C6-9008-E6F0B69AE52E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1601

Task: {4D9FBCA5-8561-4BD8-8230-4DC4925A5AC2} - System32\Tasks\MCVRegistrationReminder4 => reminder.exe

Task: {60EB577C-599E-4804-BEB9-0D640D9384BA} - System32\Tasks\MCVSurveyReminder4 => reminder.exe

Task: {641B457B-6004-435B-B551-56EE5E2F6104} - System32\Tasks\MCVSurveyReminder2 => reminder.exe

Task: {6F1FE12A-67CD-43B3-B0E7-BC084D32CEC0} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe [2007-02-05] (Sony Corporation)

Task: {704471D4-E980-4A8D-AB60-7A765E6F41E7} - System32\Tasks\MCVSurveyReminder1 => reminder.exe

Task: {7F8E6590-B548-428B-A946-CDB2FF9E7EE5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-17] (Google Inc.)

Task: {82079DF2-2DED-4D61-A21E-C538D8FDB814} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)

Task: {8C51A1BD-1529-4561-9CA0-9C1E9588A5FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)

Task: {96890063-E126-4194-ABB7-E3F7ADB789EA} - System32\Tasks\MCVSurveyReminder3 => reminder.exe

Task: {AAE5A31D-691C-4F4C-A1BC-25BAB304F1A2} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {AF79E16A-9937-460E-82B8-929679BA725A} - System32\Tasks\SONY\WSSU\WSSU => C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe [2007-01-11] (Sony Corporation)

Task: {C29059F7-D5DA-4182-B758-9FC802C748D3} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {C8A6761D-5F31-4B87-BD04-9657A12F8303} - System32\Tasks\{CE7EA633-1851-4B0E-ABEA-79BE0C486F92} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1601

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()

Task: {E8C22B72-7128-4279-8054-BF8E5CCEA47E} - System32\Tasks\MCVRegistrationReminder2 => reminder.exe

Task: {EF0456A7-3707-4ABB-9035-2D405082ADAE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-17] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\User_Feed_Synchronization-{CDACD1E6-389A-44F2-AA68-8C52B44D16E1}.job => C:\Windows\system32\msfeedssync.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-08-09 18:24 - 2013-08-09 17:55 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll

2007-02-26 18:01 - 2007-02-13 16:19 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll

2007-02-26 18:01 - 2007-02-13 16:19 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll

2009-09-24 19:43 - 2009-04-11 08:28 - 00368640 _____ () C:\Windows\system32\msjetoledb40.dll

2007-02-26 21:02 - 2007-01-24 11:04 - 00061440 _____ () C:\Windows\system32\igfxTMM.dll

2007-02-26 21:02 - 2007-01-24 11:02 - 00077824 _____ () C:\Windows\System32\hccutils.DLL

2007-02-08 01:13 - 2007-02-08 01:13 - 00022040 _____ () C:\Program Files\Common Files\LogiShrd\LComMgr\LCMServerPS.dll

2007-02-08 01:13 - 2007-02-08 01:13 - 00774168 _____ () C:\Program Files\Logitech\QuickCam10\QuickCam10.exe

2007-02-08 01:18 - 2007-02-08 01:18 - 01123864 _____ () C:\Program Files\Logitech\QuickCam10\LAppRes.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\Services: gusvc => 2

MSCONFIG\Services: hpqcxs08 => 3

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Exif Launcher S.lnk => C:\Windows\pss\Exif Launcher S.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^ETM^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk => C:\Windows\pss\OpenOffice.org 3.0.lnk.Startup

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

MSCONFIG\startupreg: hpqSRMon => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime

MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
 

==================== Faulty Device Manager Devices =============
 

Name: Microsoft Tun-Miniportadapter #2

Description: Microsoft Tun-Miniportadapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunmp

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================
 

System errors:

=============
 

Microsoft Office Sessions:

=========================
 

CodeIntegrity Errors:

===================================

  Date: 2014-04-18 17:01:26.438

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-18 17:01:26.044

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-18 17:01:25.652

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-18 17:01:25.255

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-18 17:01:24.861

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-18 17:01:24.469

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-18 17:01:24.078

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-18 17:01:23.691

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-18 17:01:22.990

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-04-18 17:01:22.599

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 79%

Total physical RAM: 1013.45 MB

Available physical RAM: 211.13 MB

Total Pagefile: 2293.22 MB

Available Pagefile: 1076.21 MB

Total Virtual: 2047.88 MB

Available Virtual: 1911.97 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:83.85 GB) (Free:6.46 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 93 GB) (Disk ID: 0A508B38)

Partition 1: (Not Active) - (Size=9 GB) - (Type=27)

Partition 2: (Active) - (Size=84 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

ich habe ESET auch noch drüber laufen lassen, das hat nichts gefunden.