Trojaner-Board - Pop-Ups und Werbelinks im Firefox

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Pop-Ups und Werbelinks im Firefox (https://www.trojaner-board.de/148927-pop-ups-werbelinks-firefox.html)

Pop-Ups und Werbelinks im Firefox

Hi, bin neu hier und hab bisher keine Erfahrung mit Virenproblemen.
Seit ein paar Tagen werden Internet-Seiten bei mir mit Werbung zugekleistert, auch die Benutzung der Seiten wird damit eingeschränkt (Buttons lassen sich nicht mehr klicken, wegen der Überlagerung), außerdem öffnen sich neue Fenster ohne dass ich was geklickt habe, grün unterlegte Links tauchen im Fließtext auf und führen zu unseriöser Werbung. Außerdem habe ich das Gefühl, dass der Computer deutlich langsamer ist.

Wäre super, wenn mir jemand helfen könnte. Und Achtung: Ich bin Amateur, mit dummen Nachfragen muss gerechnet werden!

Grüße

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01

Ran by Hannes (administrator) on HANNES-VAIO on 30-01-2014 14:02:17

Running from C:\Users\Hannes\Downloads

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

(Dropbox, Inc.) C:\Users\Hannes\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(ALPS) C:\Program Files\Apoint\Apvfb.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

() C:\Program Files\Sony\VAIO Care\VCPerfService.exe

() C:\Program Files\Sony\VAIO Care\listener.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Microsoft Corporation) C:\Windows\System32\vds.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)

HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)

HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1568976 2012-06-20] (Ask)

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe

HKCU\...\Run: [NextLive] - C:\Users\Hannes\AppData\Roaming\newnext.me\nengine.dll [1283584 2013-11-14] (NewNextDotMe)

MountPoints2: {16e443be-73b1-11e2-9450-9439e5b14766} - E:\Startme.exe

Startup: C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Hannes\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://sony.msn.com

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com

URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File

SearchScopes: HKCU - DefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = 

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {31CED18A-BFAD-42D1-B950-91183EC646D6} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=8f2f77ec-8019-4f30-9946-f36eec96364b&apn_sauid=69C23C1A-AD7F-409B-8736-57232FF476D4

SearchScopes: HKCU - {5AF86F4A-6085-4290-A5BF-6530936890D5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}

SearchScopes: HKCU - {9F8DC443-4795-4816-A1C1-76BB32574993} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices

BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File

BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File

BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default

FF user.js: detected! => C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\user.js

FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");

FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)

FF SearchPlugin: C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\searchplugins\askcom.xml

FF SearchPlugin: C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\searchplugins\iminent.xml

FF SearchPlugin: C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\searchplugins\Search_Results.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FTdownloader V6.0 - C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\Extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com [2014-01-06]

FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\Extensions\toolbar@ask.com [2012-08-08]
 

==================== Services (Whitelisted) =================
 

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-30] (Avira Operations GmbH & Co. KG)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros)

S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)

S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)

R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()

R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-01-30 14:02 - 2014-01-30 14:03 - 00017474 _____ C:\Users\Hannes\Downloads\FRST.txt

2014-01-30 14:02 - 2014-01-30 14:02 - 00000000 ____D C:\FRST

2014-01-30 14:01 - 2014-01-30 14:01 - 02079744 _____ (Farbar) C:\Users\Hannes\Downloads\FRST64.exe

2014-01-30 11:33 - 2014-01-30 11:33 - 00000000 ___RD C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-01-23 23:48 - 2014-01-24 22:30 - 00000000 ____D C:\Users\Hannes\Desktop\Mond

2014-01-21 00:14 - 2004-03-16 12:00 - 58828524 _____ C:\Users\Hannes\Desktop\Dazwischen 200114.WAV

2014-01-20 23:38 - 2004-03-16 12:00 - 41875756 _____ C:\Users\Hannes\Desktop\Matilda 200114.WAV

2014-01-20 23:21 - 2004-03-16 12:00 - 50222124 _____ C:\Users\Hannes\Desktop\Funkloch 200114.WAV

2014-01-20 18:17 - 2014-01-20 17:42 - 63139737 _____ C:\Users\Hannes\Desktop\KopfhörerrausdasistKlausurrelevant_ep7_A1355CDUCDUK06.aax

2014-01-19 02:20 - 2014-01-18 23:07 - 100486455 _____ C:\Users\Hannes\Desktop\Full Set 18.01.14.m4a

2014-01-15 10:26 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-01-15 10:26 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-01-15 10:26 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-01-08 17:38 - 2014-01-08 17:38 - 00000000 ____D C:\Users\Hannes\Desktop\Rehan Songs

2014-01-06 22:24 - 2014-01-06 22:24 - 00005830 _____ C:\Users\Hannes\Downloads\Re_Kracht-Referat Rezensieren am 10_11.1.zip

2014-01-02 10:27 - 2014-01-02 10:27 - 00436824 _____ C:\Users\Hannes\Downloads\RebeDee-Lace_Pearls_226.exe

2014-01-02 10:27 - 2014-01-02 10:27 - 00000000 ____D C:\Program Files (x86)\FTDownloader.com

2014-01-02 10:11 - 2014-01-30 11:35 - 00000000 ____D C:\Users\Hannes\AppData\Roaming\newnext.me

2014-01-02 10:11 - 2014-01-02 10:19 - 00000000 ____D C:\Users\Hannes\AppData\Local\Mobogenie

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\Documents\Mobogenie

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\AppData\Local\genienext

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\AppData\Local\cache

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\.android

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 _____ C:\Users\Hannes\daemonprocess.txt

2014-01-02 10:10 - 2014-01-02 10:10 - 00000000 ____D C:\Users\Hannes\AppData\Local\BeamriseUninstall

2014-01-02 10:08 - 2014-01-30 11:33 - 00001334 _____ C:\Windows\Tasks\FTdownloader V6.0-updater.job

2014-01-02 10:08 - 2014-01-02 10:28 - 00004364 _____ C:\Windows\System32\Tasks\FTdownloader V6.0-updater

2014-01-02 10:08 - 2014-01-02 10:18 - 00000000 ____D C:\Program Files (x86)\IminentToolbar

2014-01-02 10:07 - 2014-01-30 11:33 - 00002138 _____ C:\Windows\Tasks\FTdownloader V6.0-firefoxinstaller.job

2014-01-02 10:07 - 2014-01-02 10:08 - 00000000 ____D C:\Program Files (x86)\FTdownloader V6.0

2014-01-02 10:07 - 2014-01-02 10:07 - 00442952 _____ C:\Users\Hannes\Downloads\kitchen_2_664.exe

2014-01-02 10:07 - 2014-01-02 10:07 - 00000000 ____D C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com

2014-01-02 10:07 - 2014-01-02 10:07 - 00000000 ____D C:\Users\Hannes\AppData\Local\Cool_Mirage
 

==================== One Month Modified Files and Folders =======
 

2014-01-30 14:03 - 2014-01-30 14:02 - 00017474 _____ C:\Users\Hannes\Downloads\FRST.txt

2014-01-30 14:02 - 2014-01-30 14:02 - 00000000 ____D C:\FRST

2014-01-30 14:01 - 2014-01-30 14:01 - 02079744 _____ (Farbar) C:\Users\Hannes\Downloads\FRST64.exe

2014-01-30 13:32 - 2012-01-16 13:15 - 01969069 _____ C:\Windows\WindowsUpdate.log

2014-01-30 13:20 - 2013-01-19 09:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-01-30 11:41 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-01-30 11:41 - 2009-07-14 05:45 - 00020928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-01-30 11:36 - 2012-01-16 14:35 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{71451E4B-A621-45D6-AF39-4F4B7545F0D6}

2014-01-30 11:35 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\AppData\Roaming\newnext.me

2014-01-30 11:35 - 2012-04-18 19:43 - 00000000 ____D C:\Users\Hannes\Desktop\Uni

2014-01-30 11:35 - 2012-01-31 14:30 - 00000000 ___RD C:\Users\Hannes\Dropbox

2014-01-30 11:35 - 2012-01-31 14:28 - 00000000 ____D C:\Users\Hannes\AppData\Roaming\Dropbox

2014-01-30 11:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF

2014-01-30 11:33 - 2014-01-30 11:33 - 00000000 ___RD C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-01-30 11:33 - 2014-01-02 10:08 - 00001334 _____ C:\Windows\Tasks\FTdownloader V6.0-updater.job

2014-01-30 11:33 - 2014-01-02 10:07 - 00002138 _____ C:\Windows\Tasks\FTdownloader V6.0-firefoxinstaller.job

2014-01-30 11:33 - 2011-09-06 04:40 - 00000000 ____D C:\ProgramData\NVIDIA

2014-01-30 11:33 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2014-01-30 11:33 - 2009-07-14 05:51 - 00137084 _____ C:\Windows\setupact.log

2014-01-29 22:34 - 2012-01-16 14:26 - 00000000 ____D C:\Users\Hannes

2014-01-29 22:33 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration

2014-01-28 14:28 - 2013-12-04 21:59 - 00000000 ____D C:\Users\Hannes\AppData\Roaming\Audacity

2014-01-28 14:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat

2014-01-24 22:30 - 2014-01-23 23:48 - 00000000 ____D C:\Users\Hannes\Desktop\Mond

2014-01-23 23:50 - 2011-09-06 14:17 - 00697534 _____ C:\Windows\system32\perfh007.dat

2014-01-23 23:50 - 2011-09-06 14:17 - 00148540 _____ C:\Windows\system32\perfc007.dat

2014-01-23 23:50 - 2009-07-14 06:13 - 01614892 _____ C:\Windows\system32\PerfStringBackup.INI

2014-01-21 12:46 - 2012-01-16 14:30 - 00000000 ____D C:\Users\Hannes\Documents\Bluetooth Folder

2014-01-20 17:42 - 2014-01-20 18:17 - 63139737 _____ C:\Users\Hannes\Desktop\KopfhörerrausdasistKlausurrelevant_ep7_A1355CDUCDUK06.aax

2014-01-19 18:32 - 2012-05-17 18:03 - 00000000 ____D C:\Users\Hannes\AppData\Local\CrashDumps

2014-01-18 23:07 - 2014-01-19 02:20 - 100486455 _____ C:\Users\Hannes\Desktop\Full Set 18.01.14.m4a

2014-01-16 11:10 - 2012-01-31 14:30 - 00001023 _____ C:\Users\Hannes\Desktop\Dropbox.lnk

2014-01-16 11:10 - 2012-01-31 14:29 - 00000000 ____D C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-01-16 11:10 - 2012-01-16 14:29 - 00000000 ___RD C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-01-16 11:07 - 2009-07-14 05:45 - 00442320 _____ C:\Windows\system32\FNTCACHE.DAT

2014-01-16 00:02 - 2009-07-14 03:34 - 00000499 _____ C:\Windows\win.ini

2014-01-16 00:01 - 2013-08-14 23:00 - 00000000 ____D C:\Windows\system32\MRT

2014-01-15 23:59 - 2012-01-30 18:30 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-01-08 17:38 - 2014-01-08 17:38 - 00000000 ____D C:\Users\Hannes\Desktop\Rehan Songs

2014-01-06 22:24 - 2014-01-06 22:24 - 00005830 _____ C:\Users\Hannes\Downloads\Re_Kracht-Referat Rezensieren am 10_11.1.zip

2014-01-04 23:28 - 2012-01-16 23:15 - 00000000 ____D C:\Users\Hannes\Desktop\Kartell und Sonstiges

2014-01-02 12:57 - 2010-11-21 04:47 - 00320398 _____ C:\Windows\PFRO.log

2014-01-02 10:28 - 2014-01-02 10:08 - 00004364 _____ C:\Windows\System32\Tasks\FTdownloader V6.0-updater

2014-01-02 10:27 - 2014-01-02 10:27 - 00436824 _____ C:\Users\Hannes\Downloads\RebeDee-Lace_Pearls_226.exe

2014-01-02 10:27 - 2014-01-02 10:27 - 00000000 ____D C:\Program Files (x86)\FTDownloader.com

2014-01-02 10:19 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\AppData\Local\Mobogenie

2014-01-02 10:18 - 2014-01-02 10:08 - 00000000 ____D C:\Program Files (x86)\IminentToolbar

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\Documents\Mobogenie

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\AppData\Local\genienext

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\AppData\Local\cache

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D C:\Users\Hannes\.android

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 _____ C:\Users\Hannes\daemonprocess.txt

2014-01-02 10:10 - 2014-01-02 10:10 - 00000000 ____D C:\Users\Hannes\AppData\Local\BeamriseUninstall

2014-01-02 10:08 - 2014-01-02 10:07 - 00000000 ____D C:\Program Files (x86)\FTdownloader V6.0

2014-01-02 10:07 - 2014-01-02 10:07 - 00442952 _____ C:\Users\Hannes\Downloads\kitchen_2_664.exe

2014-01-02 10:07 - 2014-01-02 10:07 - 00000000 ____D C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com

2014-01-02 10:07 - 2014-01-02 10:07 - 00000000 ____D C:\Users\Hannes\AppData\Local\Cool_Mirage
 

Some content of TEMP:

====================

C:\Users\Hannes\AppData\Local\Temp\AskSLib.dll

C:\Users\Hannes\AppData\Local\Temp\avgnt.exe

C:\Users\Hannes\AppData\Local\Temp\htmlayout.dll

C:\Users\Hannes\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Hannes\AppData\Local\Temp\uninstall5131777.exe

C:\Users\Hannes\AppData\Local\Temp\uninstall5144335.exe

C:\Users\Hannes\AppData\Local\Temp\uninstall5867774.exe

C:\Users\Hannes\AppData\Local\Temp\uninstall5876105.exe

C:\Users\Hannes\AppData\Local\Temp\WZCPlugin_VISTA.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-01-19 02:41
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2014 01

Ran by Hannes at 2014-01-30 14:03:26

Running from C:\Users\Hannes\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.)

Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)

Adobe Reader X (10.1.8) MUI (x32 Version: 10.1.8 - Adobe Systems Incorporated)

Alps Pointing-device for VAIO (Version:  - ALPS ELECTRIC CO., LTD.)

Amazon MP3-Downloader 1.0.17 (x32 Version: 1.0.17 - Amazon Services LLC)

ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.142 - ArcSoft)

ArcSoft WebCam Companion 4 (x32 Version: 4.0.21.392 - ArcSoft)

Ask Toolbar (x32 Version: 1.15.4.0 - Ask.com) <==== ATTENTION

Atheros WiFi Driver Installation (x32 Version: 3.0 - Atheros)

Audacity 2.0.5 (x32 Version: 2.0.5 - Audacity Team)

Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)

Avira SearchFree Toolbar plus Web Protection Updater (HKCU Version: 1.3.0.23930 - Ask.com)

Bing Bar (x32 Version: 7.0.610.0 - Microsoft Corporation)

Bluetooth Win7 Suite (64) (Version: 7.3.0.100 - Atheros Communications)

CDBurnerXP (x32 Version: 4.5.0.3717 - CDBurnerXP)

Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000 - Microsoft Corporation)

Conexant HD Audio (Version: 8.54.0.53 - Conexant)

Control ActiveX Windows Live Mesh pentru conexiuni la distanță (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Corel WinDVD (x32 Version: 10.0.5.800 - Corel Inc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version:  - Microsoft)

Dropbox (HKCU Version: 2.4.11 - Dropbox, Inc.)

FileZilla Client 3.6.0.2 (x32 Version: 3.6.0.2 - FileZilla Project)

Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Free Audio Converter version 5.0.4.1228 (x32 Version:  - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.12.12.827 (x32 Version: 3.12.12.827 - DVDVideoSoft Ltd.)

FTDownloader (x32 Version: 2.1 Build 26473 - FTDownloader.com) <==== ATTENTION

FTdownloader V6.0 (x32 Version: 1.31.153.0 - installdaddy) <==== ATTENTION

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Intel(R) Control Center (x32 Version: 1.2.1.1007 - Intel Corporation)

Intel(R) Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)

Intel(R) Rapid Storage Technology (x32 Version: 10.0.0.1046 - Intel Corporation)

Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden

Java(TM) 6 Update 22 (64-bit) (Version: 6.0.220 - Oracle)

Java(TM) 6 Update 22 (x32 Version: 6.0.220 - Oracle)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

K-Lite Mega Codec Pack 9.2.0 (x32 Version: 9.2.0 - )

Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Access 2003 Runtime (x32 Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Edition 2003 (x32 Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Starter 2010 - Deutsch (x32 Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft PowerPoint Viewer (x32 Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)

Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)

NVIDIA 3D Vision Treiber 268.31 (Version: 268.31 - NVIDIA Corporation)

NVIDIA Grafiktreiber 268.31 (Version: 268.31 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.2.22.1 (Version: 1.2.22.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.10.0514 (Version: 9.10.0514 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6831 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 268.31 (Version: 268.31 - NVIDIA Corporation) Hidden

Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (x32 Version: 15.4.5722.2 - Microsoft Corporation)

PDFCreator (x32 Version: 1.5.0 - Frank Heindörfer, Philip Chinery)

PMB (x32 Version: 5.5.02.12220 - Sony Corporation)

PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden

PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden

PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden

PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Realtek PCIE Card Reader (x32 Version: 6.1.7600.77 - Realtek Semiconductor Corp.)

Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden

Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden

Scribus 1.4.0 (x32 Version: 1.4.0 - The Scribus Team)

SecureW2 EAP Suite 1.1.3 for Windows (x32 Version:  - )

Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden

Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)

Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden

SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden

SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)

Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version:  - Microsoft)

Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version:  - Microsoft)

Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (x32 Version: 15.4.5722.2 - Microsoft Corporation)

VAIO - Media Gallery (x32 Version: 1.5.0.16020 - Sony Corporation)

VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation)

VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation)

VAIO - Remote Play mit PlayStation®3 (x32 Version: 1.1.0.15070 - Sony Corporation)

VAIO - Remote-Tastatur  (x32 Version: 1.0.1.03020 - Sony Corporation)

VAIO Care (Version: 8.1.0.10120 - Sony Corporation)

VAIO Control Center (x32 Version: 4.5.0.03040 - Sony Corporation)

VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation)

VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden

VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation)

VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden

VAIO Event Service (x32 Version: 5.5.0.03040 - Sony Corporation)

VAIO Gate (x32 Version: 2.4.2.02200 - Sony Corporation)

VAIO Gate Default (x32 Version: 2.4.0.03240 - Sony Corporation)

VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden

VAIO Hero Screensaver - Summer 2011 Screensaver (x32 Version:  - )

VAIO Improvement (x32 Version: 1.0.0.14150 - Sony Corporation)

VAIO Improvement Validation (Version: 1.0.4.01190 - Sony Corporation)

VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation)

VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden

VAIO Sample Contents (x32 Version: 1.4.2.09010 - Sony Corporation)

VAIO Smart Network (x32 Version: 3.8.1.08270 - Sony Corporation)

VAIO Update (x32 Version: 6.3.0.08010 - Sony Corporation)

VAIO-Handbuch (x32 Version: 2.0.0.02250 - Sony Corporation)

VAIO-Support für Übertragungen (x32 Version: 1.4.0.14230 - Sony Corporation)

VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VESx64 (Version: 1.0.0 - Sony Corporation) Hidden

VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden

VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VIx64 (Version: 1.0.0 - Sony Corporation) Hidden

VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden

VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden

VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden

VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)

Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden

Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX-objekt til fjernforbindelser (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Meshin etäyhteyksien ActiveX-komponentti (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden

Windows Live Messenger (x32 Version: 15.4.3502.0922 - Корпорація Майкрософт) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinRAR 4.01 (64-Bit) (Version: 4.01.0 - win.rar GmbH)

Youtube Downloader HD v. 2.9.5 (x32 Version:  - YoutubeDownloaderHD.com)

Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Елемент керування Windows Live Mesh ActiveX для віддалених підключень (x32 Version: 15.4.5722.2 - Microsoft Corporation)

Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Элемент управления Windows Live Mesh ActiveX для удаленных подключений (x32 Version: 15.4.5722.2 - Microsoft Corporation)
 

==================== Restore Points  =========================
 

15-01-2014 22:58:45 Windows Update

21-01-2014 09:14:50 Windows Update

24-01-2014 10:54:58 Windows Update

28-01-2014 12:17:52 Windows Update

28-01-2014 13:23:44 Wiederherstellungsvorgang

28-01-2014 13:37:07 Windows Update

29-01-2014 21:29:28 Wiederherstellungsvorgang

29-01-2014 21:40:12 Windows Update
 

==================== Hosts content: ==========================
 

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {2B509FD7-2DB0-4B29-989F-8B626AF5BD8E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient

Task: {2EDF2DA7-9169-4D67-AB95-53D236DF6529} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)

Task: {32528F0C-399C-447F-A775-B97D86FC5087} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)

Task: {32AD61E3-3553-4029-9EE3-EB65D93CB5ED} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION

Task: {480431EC-72ED-4680-984B-9EF1CF9612FC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {53D1344C-B51E-4241-85C4-63580B4E544F} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {589E6E68-1124-43DD-9971-05D75303A168} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)

Task: {60362483-EDBF-4A9A-A1AB-8C9A526A1928} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)

Task: {7CA9122D-47CE-41E6-966B-534756D596F7} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)

Task: {849E6CC0-2E26-42ED-BCB1-8587CAB45549} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {8539748D-48B1-432F-BBDC-013C79E71247} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2012-06-20] ()

Task: {8DAEFA0F-6220-4B11-B4F9-2D52EAD557A9} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {9627DAB4-10BD-4C0C-A407-BF25EA5BB74B} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)

Task: {968A3056-5E63-4481-ADBE-64C43ADA6DDC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)

Task: {ADE04496-F2ED-40BF-B774-3D7A3625110C} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {C7031AF8-F284-46A1-ADCF-8B0064EEA751} - System32\Tasks\FTdownloader V6.0-firefoxinstaller => C:\Program Files (x86)\FTdownloader V6.0\FTdownloader V6.0-firefoxinstaller.exe [2014-01-02] (installdaddy) <==== ATTENTION

Task: {CBC8E284-2EDA-4754-B5AF-CEED642E215D} - System32\Tasks\FTdownloader V6.0-updater => C:\Program Files (x86)\FTdownloader V6.0\FTdownloader V6.0-updater.exe [2014-01-02] (installdaddy) <==== ATTENTION

Task: {E30273D9-0F8A-49E4-BDE9-73E8FA2A1D1D} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)

Task: {F5A1D460-DAE5-441F-8025-EE610E8B4F5D} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\FTdownloader V6.0-firefoxinstaller.job => C:\Program Files (x86)\FTdownloader V6.0\FTdownloader V6.0-firefoxinstaller.exe <==== ATTENTION

Task: C:\Windows\Tasks\FTdownloader V6.0-updater.job => C:\Program Files (x86)\FTdownloader V6.0\FTdownloader V6.0-updater.exe <==== ATTENTION
 

==================== Loaded Modules (whitelisted) =============
 

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Users\Hannes\Desktop\FileZilla FTP Client\fzshellext_64.dll

2012-01-16 22:30 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll

2012-10-17 10:40 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

2011-09-06 04:48 - 2011-03-05 15:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll

2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Hannes\AppData\Roaming\Dropbox\bin\libcef.dll

2013-12-11 11:11 - 2013-12-11 11:11 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

2011-04-24 07:01 - 2011-02-18 10:18 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

2013-08-15 17:15 - 2013-08-15 17:15 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\cd9a4b4dbc1a4b564ebed696e18cadb6\IsdiInterop.ni.dll

2011-09-06 04:33 - 2010-09-13 17:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

2013-12-11 19:20 - 2013-12-11 19:20 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\Users\Hannes\Downloads\Doodle_ Admin-Link für __Kartell-interne Kollaboration__.eml:OECustomProperty

AlternateDataStreams: C:\Users\Hannes\Downloads\HistSprawi_ 3. Hausaufgabe korrigiert.eml:OECustomProperty
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== Faulty Device Manager Devices =============
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (01/30/2014 11:38:16 AM) (Source: CVHSVC) (User: )

Description: Nur zur Information.

(Stream product id=0x0066): Streaming Failed
 

Error: (01/30/2014 11:37:31 AM) (Source: CVHSVC) (User: )

Description: Nur zur Information.

Too many failures while downloading ranges: 2
 

Error: (01/30/2014 11:35:04 AM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/29/2014 10:37:53 PM) (Source: CVHSVC) (User: )

Description: Nur zur Information.

(Stream product id=0x0066): Streaming Failed
 

Error: (01/29/2014 10:36:00 PM) (Source: CVHSVC) (User: )

Description: Nur zur Information.

Too many failures while downloading ranges: 2
 

Error: (01/29/2014 10:35:46 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/29/2014 06:37:43 PM) (Source: CVHSVC) (User: )

Description: Nur zur Information.

(Stream product id=0x0066): Streaming Failed
 

Error: (01/29/2014 06:35:47 PM) (Source: CVHSVC) (User: )

Description: Nur zur Information.

Too many failures while downloading ranges: 2
 

Error: (01/29/2014 06:34:38 PM) (Source: WinMgmt) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/29/2014 00:18:16 PM) (Source: CVHSVC) (User: )

Description: Nur zur Information.

(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
 
 

System errors:

=============

Error: (01/26/2014 07:49:30 PM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎26.‎01.‎2014 um 15:29:17 unerwartet heruntergefahren.
 

Error: (01/16/2014 11:06:46 AM) (Source: EventLog) (User: )

Description: Das System wurde zuvor am ‎16.‎01.‎2014 um 11:04:56 unerwartet heruntergefahren.
 

Error: (01/12/2014 05:36:37 PM) (Source: NetBT) (User: )

Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.104

registriert werden. Der Computer mit IP-Adresse 192.168.2.103 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (01/09/2014 10:43:28 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR7 gefunden.
 

Error: (01/09/2014 10:43:27 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR7 gefunden.
 

Error: (01/09/2014 10:00:04 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
 

Error: (01/09/2014 10:00:03 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
 

Error: (01/09/2014 09:43:46 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.
 

Error: (01/09/2014 09:43:45 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR3 gefunden.
 

Error: (01/09/2014 09:30:59 PM) (Source: Disk) (User: )

Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
 

Microsoft Office Sessions:

=========================

Error: (01/30/2014 11:38:16 AM) (Source: CVHSVC)(User: )

Description: (Stream product id=0x0066): Streaming Failed
 

Error: (01/30/2014 11:37:31 AM) (Source: CVHSVC)(User: )

Description: Too many failures while downloading ranges: 2
 

Error: (01/30/2014 11:35:04 AM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/29/2014 10:37:53 PM) (Source: CVHSVC)(User: )

Description: (Stream product id=0x0066): Streaming Failed
 

Error: (01/29/2014 10:36:00 PM) (Source: CVHSVC)(User: )

Description: Too many failures while downloading ranges: 2
 

Error: (01/29/2014 10:35:46 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/29/2014 06:37:43 PM) (Source: CVHSVC)(User: )

Description: (Stream product id=0x0066): Streaming Failed
 

Error: (01/29/2014 06:35:47 PM) (Source: CVHSVC)(User: )

Description: Too many failures while downloading ranges: 2
 

Error: (01/29/2014 06:34:38 PM) (Source: WinMgmt)(User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (01/29/2014 00:18:16 PM) (Source: CVHSVC)(User: )

Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar. Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 57%

Total physical RAM: 4077.86 MB

Available physical RAM: 1729.05 MB

Total Pagefile: 8153.9 MB

Available Pagefile: 5145.63 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:582.06 GB) (Free:474.61 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 63B28608)

Partition 1: (Not Active) - (Size=14 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=582 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Hi, danke schon mal so weit. Hier der Logfile von Combofix

Code:

ComboFix 14-01-29.01 - Hannes 31.01.2014  12:28:41.1.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4078.2077 [GMT 1:00]

ausgeführt von:: c:\users\Hannes\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\SecureW2

c:\program files (x86)\SecureW2\Uninstall.exe

c:\program files (x86)\Windows Searchqu Toolbar

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.xul

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\mail.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\music.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\news.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\settings.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\translate.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\weather.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\web.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png

c:\program files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\manifest.xml

c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2

c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\TTLS Manager.lnk

c:\programdata\Microsoft\Windows\Start Menu\Programs\SecureW2\Uninstall.lnk

c:\users\Hannes\AppData\Local\TempDIR

c:\users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome.manifest

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\asyncDB.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\background.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\browserAction.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\contextMenu.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\dbManager.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\dom_bg.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\fileManager.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\firefox.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\firefoxNotifications.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\firefoxOmnibox.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\message.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\pageAction.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\request.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\tabs.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\webRequest.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\api\windowsMessagingHandler.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\background.html

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\baseObject.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\browser.xul

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\addressBarChangeObserver.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\console.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\consts.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\delegate.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\extensionDataStore.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\folderIOWrapper.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\httpObserver.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\IDBWrapper.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\installer.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\logFile.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\prefs.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\progressListenerObserver.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\registry.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\reloadObserver.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\reports.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\requestObject.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\searchSettings.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\uninstallObserver.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\updateManager.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\utils.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\core\xhr.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\dialog.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\ffCoreFilesIndex.txt

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\main.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\options.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\options.xul

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\platformVersion.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\chrome\content\search_dialog.xul

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\defaults\preferences\prefs.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\manifest.xml

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins.json

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\1_base.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\1000020_analytics.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\1000025_analyticsFront.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\1000030_mz.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\102_dealply_m.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\103_intext_5_m.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\104_jollywallet_m.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\123_intext_adv_m.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\13_CrossriderAppUtils.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\14_CrossriderUtils.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\155_ibario_pops_m.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\16_FFAppAPIWrapper.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\17_jQuery.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\175_coolmirage_m.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\177_crossriderDashboard.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\182_openUrl.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\183_tabsWrapper.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\207_dbWrapper.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\21_debug.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\22_resources.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\28_initializer.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\4_jquery_1_7_1.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\47_resources_background.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\64_appApiMessage.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\72_appApiValidation.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\78_CrossriderInfo.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\91_monetizationLoader.js.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\93_superfish_no_coupons_m.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\plugins\98_omniCommands.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\userCode\background.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\extensionData\userCode\extension.js

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\install.rdf

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\locale\en-US\translations.dtd

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\button1.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\button2.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\button3.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\button4.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\button5.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\crossrider_statusbar.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\icon128.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\icon16.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\icon24.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\icon48.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\panelarrow-up.png

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\popup.html

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\skin.css

c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com\skin\update.css

c:\windows\SysWow64\SET5574.tmp

c:\windows\SysWow64\SET6EC4.tmp

c:\windows\SysWow64\SET7D77.tmp

.

.

(((((((((((((((((((((((   Dateien erstellt von 2013-12-28 bis 2014-01-31  ))))))))))))))))))))))))))))))

.

.

2014-01-31 11:38 . 2014-01-31 11:38        --------        d-----w-        c:\users\Default\AppData\Local\temp

2014-01-31 11:25 . 2013-12-04 03:28        10315576        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{DFE5551C-DEFB-4F26-8F3C-7187337BF4D1}\mpengine.dll

2014-01-30 13:02 . 2014-01-30 13:04        --------        d-----w-        C:\FRST

2014-01-15 09:26 . 2013-11-27 01:41        343040        ----a-w-        c:\windows\system32\drivers\usbhub.sys

2014-01-15 09:26 . 2013-11-27 01:41        99840        ----a-w-        c:\windows\system32\drivers\usbccgp.sys

2014-01-15 09:26 . 2013-11-27 01:41        53248        ----a-w-        c:\windows\system32\drivers\usbehci.sys

2014-01-15 09:26 . 2013-11-27 01:41        325120        ----a-w-        c:\windows\system32\drivers\usbport.sys

2014-01-15 09:26 . 2013-11-27 01:41        25600        ----a-w-        c:\windows\system32\drivers\usbohci.sys

2014-01-15 09:26 . 2013-11-27 01:41        30720        ----a-w-        c:\windows\system32\drivers\usbuhci.sys

2014-01-15 09:26 . 2013-11-27 01:41        7808        ----a-w-        c:\windows\system32\drivers\usbd.sys

2014-01-15 09:26 . 2013-11-26 11:40        376768        ----a-w-        c:\windows\system32\drivers\netio.sys

2014-01-15 09:26 . 2013-11-26 10:32        3156480        ----a-w-        c:\windows\system32\win32k.sys

2014-01-02 09:27 . 2014-01-02 09:27        --------        d-----w-        c:\program files (x86)\FTDownloader.com

2014-01-02 09:11 . 2014-01-02 09:11        --------        d-----w-        c:\users\Hannes\.android

2014-01-02 09:11 . 2014-01-02 09:11        --------        d-----w-        c:\users\Hannes\AppData\Local\cache

2014-01-02 09:11 . 2014-01-31 11:18        --------        d-----w-        c:\users\Hannes\AppData\Roaming\newnext.me

2014-01-02 09:11 . 2014-01-02 09:19        --------        d-----w-        c:\users\Hannes\AppData\Local\Mobogenie

2014-01-02 09:11 . 2014-01-02 09:11        --------        d-----w-        c:\users\Hannes\AppData\Local\genienext

2014-01-02 09:10 . 2014-01-02 09:10        --------        d-----w-        c:\users\Hannes\AppData\Local\BeamriseUninstall

2014-01-02 09:08 . 2014-01-02 09:18        --------        d-----w-        c:\program files (x86)\IminentToolbar

2014-01-02 09:07 . 2014-01-02 09:08        --------        d-----w-        c:\program files (x86)\FTdownloader V6.0

2014-01-02 09:07 . 2014-01-02 09:07        --------        d-----w-        c:\users\Hannes\AppData\Local\Cool_Mirage

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-01-15 22:59 . 2012-01-30 17:30        86054176        ----a-w-        c:\windows\system32\MRT.exe

2013-12-18 05:13 . 2010-11-21 03:27        270496        ------w-        c:\windows\system32\MpSigStub.exe

2013-12-12 10:20 . 2013-05-02 08:43        84720        ----a-w-        c:\windows\system32\drivers\avnetflt.sys

2013-12-12 10:20 . 2013-03-29 11:49        131576        ----a-w-        c:\windows\system32\drivers\avipbb.sys

2013-12-12 10:20 . 2013-03-29 11:49        108440        ----a-w-        c:\windows\system32\drivers\avgntflt.sys

2013-12-11 18:20 . 2013-01-19 08:38        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2013-12-11 18:20 . 2012-01-31 00:18        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-12-04 00:39 . 2013-12-04 00:39        940032        ----a-w-        c:\windows\system32\MsSpellCheckingFacility.exe

2013-12-04 00:39 . 2013-12-04 00:39        194048        ----a-w-        c:\windows\SysWow64\elshyph.dll

2013-12-04 00:39 . 2013-12-04 00:39        71680        ----a-w-        c:\windows\SysWow64\RegisterIEPKEYs.exe

2013-12-04 00:39 . 2013-12-04 00:39        645120        ----a-w-        c:\windows\SysWow64\jsIntl.dll

2013-12-04 00:39 . 2013-12-04 00:39        235008        ----a-w-        c:\windows\system32\elshyph.dll

2013-12-04 00:39 . 2013-12-04 00:39        182272        ----a-w-        c:\windows\SysWow64\msls31.dll

2013-12-04 00:39 . 2013-12-04 00:39        62464        ----a-w-        c:\windows\SysWow64\tdc.ocx

2013-12-04 00:39 . 2013-12-04 00:39        61952        ----a-w-        c:\windows\SysWow64\MshtmlDac.dll

2013-12-04 00:39 . 2013-12-04 00:39        61952        ----a-w-        c:\windows\SysWow64\iesetup.dll

2013-12-04 00:39 . 2013-12-04 00:39        454656        ----a-w-        c:\windows\SysWow64\vbscript.dll

2013-12-04 00:39 . 2013-12-04 00:39        36352        ----a-w-        c:\windows\SysWow64\imgutil.dll

2013-12-04 00:39 . 2013-12-04 00:39        34816        ----a-w-        c:\windows\SysWow64\JavaScriptCollectionAgent.dll

2013-12-04 00:39 . 2013-12-04 00:39        337408        ----a-w-        c:\windows\SysWow64\html.iec

2013-12-04 00:39 . 2013-12-04 00:39        24576        ----a-w-        c:\windows\SysWow64\licmgr10.dll

2013-12-04 00:39 . 2013-12-04 00:39        151552        ----a-w-        c:\windows\SysWow64\iexpress.exe

2013-12-04 00:39 . 2013-12-04 00:39        139264        ----a-w-        c:\windows\SysWow64\wextract.exe

2013-12-04 00:39 . 2013-12-04 00:39        13312        ----a-w-        c:\windows\SysWow64\mshta.exe

2013-12-04 00:39 . 2013-12-04 00:39        112128        ----a-w-        c:\windows\SysWow64\ieUnatt.exe

2013-12-04 00:39 . 2013-12-04 00:39        1051136        ----a-w-        c:\windows\SysWow64\mshtmlmedia.dll

2013-12-04 00:39 . 2013-12-04 00:39        942592        ----a-w-        c:\windows\system32\jsIntl.dll

2013-12-04 00:39 . 2013-12-04 00:39        86016        ----a-w-        c:\windows\SysWow64\iesysprep.dll

2013-12-04 00:39 . 2013-12-04 00:39        86016        ----a-w-        c:\windows\system32\RegisterIEPKEYs.exe

2013-12-04 00:39 . 2013-12-04 00:39        74240        ----a-w-        c:\windows\SysWow64\SetIEInstalledDate.exe

2013-12-04 00:39 . 2013-12-04 00:39        52224        ----a-w-        c:\windows\system32\msfeedsbs.dll

2013-12-04 00:39 . 2013-12-04 00:39        51200        ----a-w-        c:\windows\SysWow64\ieetwproxystub.dll

2013-12-04 00:39 . 2013-12-04 00:39        48640        ----a-w-        c:\windows\SysWow64\mshtmler.dll

2013-12-04 00:39 . 2013-12-04 00:39        247808        ----a-w-        c:\windows\system32\msls31.dll

2013-12-04 00:39 . 2013-12-04 00:39        195584        ----a-w-        c:\windows\system32\msrating.dll

2013-12-04 00:39 . 2013-12-04 00:39        13312        ----a-w-        c:\windows\system32\msfeedssync.exe

2013-12-04 00:39 . 2013-12-04 00:39        111616        ----a-w-        c:\windows\SysWow64\IEAdvpack.dll

2013-12-04 00:39 . 2013-12-04 00:39        90112        ----a-w-        c:\windows\system32\SetIEInstalledDate.exe

2013-12-04 00:39 . 2013-12-04 00:39        84992        ----a-w-        c:\windows\system32\mshtmled.dll

2013-12-04 00:39 . 2013-12-04 00:39        81408        ----a-w-        c:\windows\system32\icardie.dll

2013-12-04 00:39 . 2013-12-04 00:39        77312        ----a-w-        c:\windows\system32\tdc.ocx

2013-12-04 00:39 . 2013-12-04 00:39        626176        ----a-w-        c:\windows\system32\msfeeds.dll

2013-12-04 00:39 . 2013-12-04 00:39        616104        ----a-w-        c:\windows\system32\ieapfltr.dat

2013-12-04 00:39 . 2013-12-04 00:39        48640        ----a-w-        c:\windows\system32\mshtmler.dll

2013-12-04 00:39 . 2013-12-04 00:39        453120        ----a-w-        c:\windows\system32\dxtmsft.dll

2013-12-04 00:39 . 2013-12-04 00:39        413696        ----a-w-        c:\windows\system32\html.iec

2013-12-04 00:39 . 2013-12-04 00:39        40448        ----a-w-        c:\windows\system32\JavaScriptCollectionAgent.dll

2013-12-04 00:39 . 2013-12-04 00:39        30208        ----a-w-        c:\windows\system32\licmgr10.dll

2013-12-04 00:39 . 2013-12-04 00:39        296960        ----a-w-        c:\windows\system32\dxtrans.dll

2013-12-04 00:39 . 2013-12-04 00:39        263376        ----a-w-        c:\windows\system32\iedkcs32.dll

2013-12-04 00:39 . 2013-12-04 00:39        243200        ----a-w-        c:\windows\system32\webcheck.dll

2013-12-04 00:39 . 2013-12-04 00:39        235520        ----a-w-        c:\windows\system32\url.dll

2013-12-04 00:39 . 2013-12-04 00:39        167424        ----a-w-        c:\windows\system32\iexpress.exe

2013-12-04 00:39 . 2013-12-04 00:39        143872        ----a-w-        c:\windows\system32\wextract.exe

2013-12-04 00:39 . 2013-12-04 00:39        131072        ----a-w-        c:\windows\system32\IEAdvpack.dll

2013-12-04 00:39 . 2013-12-04 00:39        1228800        ----a-w-        c:\windows\system32\mshtmlmedia.dll

2013-12-04 00:39 . 2013-12-04 00:39        105984        ----a-w-        c:\windows\system32\iesysprep.dll

2013-12-04 00:39 . 2013-12-04 00:39        101376        ----a-w-        c:\windows\system32\inseng.dll

2013-12-04 00:39 . 2013-12-04 00:39        83968        ----a-w-        c:\windows\system32\MshtmlDac.dll

2013-12-04 00:39 . 2013-12-04 00:39        774144        ----a-w-        c:\windows\system32\jscript.dll

2013-12-04 00:39 . 2013-12-04 00:39        62464        ----a-w-        c:\windows\system32\pngfilt.dll

2013-12-04 00:39 . 2013-12-04 00:39        548352        ----a-w-        c:\windows\system32\vbscript.dll

2013-12-04 00:39 . 2013-12-04 00:39        48128        ----a-w-        c:\windows\system32\imgutil.dll

2013-12-04 00:39 . 2013-12-04 00:39        147968        ----a-w-        c:\windows\system32\occache.dll

2013-12-04 00:39 . 2013-12-04 00:39        13824        ----a-w-        c:\windows\system32\mshta.exe

2013-12-04 00:39 . 2013-12-04 00:39        135680        ----a-w-        c:\windows\system32\iepeers.dll

2013-11-30 22:32 . 2013-03-29 11:49        28600        ----a-w-        c:\windows\system32\drivers\avkmgr.sys

2013-11-26 11:54 . 2013-12-13 01:25        23183360        ----a-w-        c:\windows\system32\mshtml.dll

2013-11-26 10:19 . 2013-12-13 01:25        2724864        ----a-w-        c:\windows\system32\mshtml.tlb

2013-11-26 10:18 . 2013-12-13 01:25        4096        ----a-w-        c:\windows\system32\ieetwcollectorres.dll

2013-11-26 09:48 . 2013-12-13 01:25        66048        ----a-w-        c:\windows\system32\iesetup.dll

2013-11-26 09:46 . 2013-12-13 01:25        48640        ----a-w-        c:\windows\system32\ieetwproxystub.dll

2013-11-26 09:41 . 2013-12-13 01:25        2764288        ----a-w-        c:\windows\system32\iertutil.dll

2013-11-26 09:29 . 2013-12-13 01:25        53760        ----a-w-        c:\windows\system32\jsproxy.dll

2013-11-26 09:27 . 2013-12-13 01:25        33792        ----a-w-        c:\windows\system32\iernonce.dll

2013-11-26 09:23 . 2013-12-13 01:25        2724864        ----a-w-        c:\windows\SysWow64\mshtml.tlb

2013-11-26 09:21 . 2013-12-13 01:25        574976        ----a-w-        c:\windows\system32\ieui.dll

2013-11-26 09:18 . 2013-12-13 01:25        139264        ----a-w-        c:\windows\system32\ieUnatt.exe

2013-11-26 09:18 . 2013-12-13 01:25        111616        ----a-w-        c:\windows\system32\ieetwcollector.exe

2013-11-26 09:16 . 2013-12-13 01:25        708608        ----a-w-        c:\windows\system32\jscript9diag.dll

2013-11-26 08:57 . 2013-12-13 01:25        218624        ----a-w-        c:\windows\system32\ie4uinit.exe

2013-11-26 08:35 . 2013-12-13 01:25        5769216        ----a-w-        c:\windows\system32\jscript9.dll

2013-11-26 08:28 . 2013-12-13 01:25        553472        ----a-w-        c:\windows\SysWow64\jscript9diag.dll

2013-11-26 08:16 . 2013-12-13 01:25        4243968        ----a-w-        c:\windows\SysWow64\jscript9.dll

2013-11-26 08:02 . 2013-12-13 01:25        1995264        ----a-w-        c:\windows\system32\inetcpl.cpl

2013-11-26 07:48 . 2013-12-13 01:25        12996608        ----a-w-        c:\windows\system32\ieframe.dll

2013-11-26 07:32 . 2013-12-13 01:25        1928192        ----a-w-        c:\windows\SysWow64\inetcpl.cpl

2013-11-26 07:07 . 2013-12-13 01:25        2334208        ----a-w-        c:\windows\system32\wininet.dll

2013-11-26 06:40 . 2013-12-13 01:25        1395200        ----a-w-        c:\windows\system32\urlmon.dll

2013-11-26 06:34 . 2013-12-13 01:25        817664        ----a-w-        c:\windows\system32\ieapfltr.dll

2013-11-26 06:33 . 2013-12-13 01:25        1820160        ----a-w-        c:\windows\SysWow64\wininet.dll

2013-11-23 18:26 . 2013-12-12 16:45        417792        ----a-w-        c:\windows\SysWow64\WMPhoto.dll

2013-11-23 17:47 . 2013-12-12 16:45        465920        ----a-w-        c:\windows\system32\WMPhoto.dll

2013-11-12 02:23 . 2013-12-12 16:45        2048        ----a-w-        c:\windows\system32\tzres.dll

2013-11-12 02:07 . 2013-12-12 16:45        2048        ----a-w-        c:\windows\SysWow64\tzres.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-20 1519824]

.

[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]

2012-06-20 11:18        1519824        ----a-w-        c:\program files (x86)\Ask.com\GenericAskToolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-20 1519824]

.

[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]

[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]

[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54        131248        ----a-w-        c:\users\Hannes\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54        131248        ----a-w-        c:\users\Hannes\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54        131248        ----a-w-        c:\users\Hannes\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NextLive"="c:\users\Hannes\AppData\Roaming\newnext.me\nengine.dll" [2013-11-14 1283584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]

"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]

"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-20 1568976]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-12-12 684600]

.

c:\users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Hannes\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Sony MSS.lnk - c:\program files (x86)\Sony\MSS\3.0.271\SSScheduler.exe [2012-3-13 274328]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer1"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]

R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]

R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]

R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.0.271\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [x]

R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]

R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]

R3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]

R3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]

R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]

R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]

S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]

S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]

S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]

S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]

S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]

S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]

S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]

S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]

S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]

S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]

S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]

S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]

S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]

S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]

S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]

S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]

S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]

S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]

S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]

S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]

S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]

S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]

S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]

.

.

Inhalt des "geplante Tasks" Ordners

.

2014-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-19 18:20]

.

2014-01-31 c:\windows\Tasks\FTdownloader V6.0-firefoxinstaller.job

- c:\program files (x86)\FTdownloader V6.0\FTdownloader V6.0-firefoxinstaller.exe [2014-01-02 09:27]

.

2014-01-31 c:\windows\Tasks\FTdownloader V6.0-updater.job

- c:\program files (x86)\FTdownloader V6.0\FTdownloader V6.0-updater.exe [2014-01-02 09:28]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54        164016        ----a-w-        c:\users\Hannes\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54        164016        ----a-w-        c:\users\Hannes\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54        164016        ----a-w-        c:\users\Hannes\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-10 23:54        164016        ----a-w-        c:\users\Hannes\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]

"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]

"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = <local>

IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~4\OFFICE11\EXCEL.EXE/3000

IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.178.1

FF - ProfilePath - c:\users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\

FF - prefs.js: browser.search.selectedEngine - 

FF - user.js: extensions.iminent.tlbrSrchUrl - hxxp://start.iminent.com/?ref=toolbarm#q=

FF - user.js: extensions.iminent.id - 3239f2c70000000000009439e5b14765

FF - user.js: extensions.iminent.appId - {0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}

FF - user.js: extensions.iminent.instlDay - 16072

FF - user.js: extensions.iminent.vrsn - 1.8.28.3

FF - user.js: extensions.iminent.vrsni - 1.8.28.3

FF - user.js: extensions.iminent.vrsnTs - 1.8.28.310:08

FF - user.js: extensions.iminent.prtnrId - iminent

FF - user.js: extensions.iminent.prdct - iminent

FF - user.js: extensions.iminent.aflt - orgnl

FF - user.js: extensions.iminent.smplGrp - none

FF - user.js: extensions.iminent.tlbrId - YBCPCSTIPO

FF - user.js: extensions.iminent.instlRef - 

FF - user.js: extensions.iminent.dfltLng - 

FF - user.js: extensions.iminent.excTlbr - false

FF - user.js: extensions.iminent.ffxUnstlRst - false

FF - user.js: extensions.iminent.admin - false

FF - user.js: extensions.iminent.autoRvrt - false

FF - user.js: extensions.iminent.rvrt - false

FF - user.js: extensions.iminent.newTab - false

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

URLSearchHooks-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)

BHO-{84FF7BD6-B47F-46F8-9130-01B2696B36CB} - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

Wow6432Node-HKLM-Run-mobilegeni daemon - c:\program files (x86)\Mobogenie\DaemonProcess.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

AddRemove-SecureW2 EAP Suite - c:\program files (x86)\SecureW2\Uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2014-01-31  12:43:26

ComboFix-quarantined-files.txt  2014-01-31 11:43

.

Vor Suchlauf: 13 Verzeichnis(se), 509.107.965.952 Bytes frei

Nach Suchlauf: 18 Verzeichnis(se), 510.006.710.272 Bytes frei

.

- - End Of File - - 943F8C923FE5AEE56ECF804E37120085

Tschüss! Schönes Wochenende

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Hier schonmal das Malwarebytes Logfile

Code:

Malwarebytes Anti-Malware (Test) 1.75.0.1300

www.malwarebytes.org
 

Datenbank Version: v2014.02.01.04
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16476

Hannes :: HANNES-VAIO [Administrator]
 

Schutz: Aktiviert
 

01.02.2014 11:38:51

mbam-log-2014-02-01 (11-38-51).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 216053

Laufzeit: 7 Minute(n), 45 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 1

C:\Users\Hannes\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Löschen bei Neustart.
 

Infizierte Registrierungsschlüssel: 6

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB} (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCR\Iminent (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCU\Software\InstalledBrowserExtensions\installdaddy (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Registrierungswerte: 1

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|NextLive (PUP.Optional.NextLive.A) -> Daten: C:\Windows\SysWOW64\rundll32.exe "C:\Users\Hannes\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 3

C:\Program Files (x86)\IminentToolbar (PUP.Optional.Iminent.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Hannes\AppData\Roaming\newnext.me (PUP.Optional.NextLive.A) -> Löschen bei Neustart.

C:\Users\Hannes\AppData\Roaming\newnext.me\cache (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Dateien: 7

C:\Users\Hannes\Downloads\FreeYouTubeToMP3Converter31212.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Hannes\Downloads\kitchen_2_664.exe (PUP.Optional.OneClickDownloader.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Hannes\Downloads\RebeDee-Lace_Pearls_226.exe (PUP.Optional.OneClickDownloader.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Hannes\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Hannes\AppData\Roaming\newnext.me\nengine.dll (PUP.Optional.NextLive.A) -> Löschen bei Neustart.

C:\Users\Hannes\AppData\Roaming\newnext.me\nengine.cookie (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Hannes\AppData\Roaming\newnext.me\cache\spark.bin (PUP.Optional.NextLive.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

Die anderen folgen, Grüße

Hier die AdwCleaner Logdatei

Code:

# AdwCleaner v3.018 - Bericht erstellt am 01/02/2014 um 12:03:28

# Updated 28/01/2014 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Benutzername : Hannes - HANNES-VAIO

# Gestartet von : C:\Users\Hannes\Desktop\adwcleaner.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\Program Files (x86)\Ask.com

Ordner Gelöscht : C:\Program Files (x86)\FTDownloader.com

Ordner Gelöscht : C:\Program Files (x86)\goforfiles

Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB

Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

Ordner Gelöscht : C:\Users\Hannes\AppData\Local\cool_mirage

Ordner Gelöscht : C:\Users\Hannes\AppData\Local\PackageAware

Ordner Gelöscht : C:\Users\Hannes\AppData\LocalLow\AskToolbar

Ordner Gelöscht : C:\Users\Hannes\AppData\LocalLow\Searchqutoolbar

Ordner Gelöscht : C:\Users\Hannes\AppData\Roaming\goforfiles

Ordner Gelöscht : C:\Users\Hannes\AppData\Roaming\pdfforge

Ordner Gelöscht : C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com

Ordner Gelöscht : C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\Searchqutoolbar

Ordner Gelöscht : C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\Extensions\toolbar@ask.com

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}

Datei Gelöscht : C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\searchplugins\Askcom.xml

Datei Gelöscht : C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\searchplugins\iminent.xml

Datei Gelöscht : C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\searchplugins\Search_Results.xml

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml

Datei Gelöscht : C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\user.js

Datei Gelöscht : C:\Windows\System32\Tasks\GoforFilesUpdate

Datei Gelöscht : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F994E0D9-8335-48F1-99C2-A712C21F8D5F}

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Schlüssel Gelöscht : HKCU\Software\Ask.com

Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar

Schlüssel Gelöscht : HKLM\Software\AskToolbar

Schlüssel Gelöscht : HKLM\Software\DeviceVM

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM

Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.16428
 

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 

-\\ Mozilla Firefox v26.0 (de)
 

[ Datei : C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\prefs.js ]
 

Zeile gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");

Zeile gelöscht : user_pref("extensions.crossrider.bic", "14352365320daa1f571acf18a81864a0");
 

*************************
 

AdwCleaner[R0].txt - [6092 octets] - [01/02/2014 12:02:20]

AdwCleaner[S0].txt - [5843 octets] - [01/02/2014 12:03:28]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5903 octets] ##########

Und der JRT

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.0 (01.07.2014:1)

OS: Windows 7 Home Premium x64

Ran by Hannes on 01.02.2014 at 12:11:14,40

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{31CED18A-BFAD-42D1-B950-91183EC646D6}
 
 
 

~~~ Files
 

Successfully deleted: [File] C:\Windows\syswow64\shoCA9E.tmp
 
 
 

~~~ Folders
 

Successfully deleted: [Empty Folder] C:\Users\Hannes\appdata\local\{0B6C4791-477A-45D8-81CC-5915FBD3E2C3}

Successfully deleted: [Empty Folder] C:\Users\Hannes\appdata\local\{1A49338F-3D10-4B65-946E-D49895E2DBF8}

Successfully deleted: [Empty Folder] C:\Users\Hannes\appdata\local\{26E0795B-F660-45D2-BBF8-39EE4C38B5A3}

Successfully deleted: [Empty Folder] C:\Users\Hannes\appdata\local\{6FEC42EB-7A0D-4275-8BD9-A71192B8100C}

Successfully deleted: [Empty Folder] C:\Users\Hannes\appdata\local\{7B6F936E-34D0-4462-967E-4A00D4631546}

Successfully deleted: [Empty Folder] C:\Users\Hannes\appdata\local\{836E5C98-4DBC-408D-A30F-99C3A72C6AAC}

Successfully deleted: [Empty Folder] C:\Users\Hannes\appdata\local\{9023BE23-DB5D-4D9E-A044-4154C0ADF7B1}

Successfully deleted: [Empty Folder] C:\Users\Hannes\appdata\local\{A2D54FD4-9E01-431E-A674-C48A11AC44D4}
 
 
 

~~~ FireFox
 

Successfully deleted: [Folder] C:\Users\Hannes\AppData\Roaming\mozilla\firefox\profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com

Successfully deleted the following from C:\Users\Hannes\AppData\Roaming\mozilla\firefox\profiles\45dmze7u.default\prefs.js
 

user_pref("extensions.iminent.admin", false);

user_pref("extensions.iminent.aflt", "orgnl");

user_pref("extensions.iminent.appId", "{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}");

user_pref("extensions.iminent.autoRvrt", "false");

user_pref("extensions.iminent.dfltLng", "");

user_pref("extensions.iminent.excTlbr", false);

user_pref("extensions.iminent.ffxUnstlRst", false);

user_pref("extensions.iminent.id", "3239f2c70000000000009439e5b14765");

user_pref("extensions.iminent.instlDay", "16072");

user_pref("extensions.iminent.instlRef", "");

user_pref("extensions.iminent.newTab", false);

user_pref("extensions.iminent.prdct", "iminent");

user_pref("extensions.iminent.prtnrId", "iminent");

user_pref("extensions.iminent.rvrt", "false");

user_pref("extensions.iminent.smplGrp", "none");

user_pref("extensions.iminent.tlbrId", "YBCPCSTIPO");

user_pref("extensions.iminent.tlbrSrchUrl", "hxxp://start.iminent.com/?ref=toolbarm#q=");

user_pref("extensions.iminent.vrsn", "1.8.28.3");

user_pref("extensions.iminent.vrsnTs", "1.8.28.310:08:48");

user_pref("extensions.iminent.vrsni", "1.8.28.3");

user_pref("iminent.LayoutId", "1");

user_pref("iminent.adapters", "{\"ft-download\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":2,\"expireTime\":\"1388653730014259200\"},\"iminent\":{\"CountryCode\":\"DE\

user_pref("iminent.enabledAds", "false");

user_pref("iminent.version", "7.51.3.1");

user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.51.3.1\",\"InstallEventCTime\":1388653728483,\"InstallEvent\":\"True\"}");

Emptied folder: C:\Users\Hannes\AppData\Roaming\mozilla\firefox\profiles\45dmze7u.default\minidumps [394 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 01.02.2014 at 12:18:51,32

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Noch ein neuer FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 03

Ran by Hannes (administrator) on HANNES-VAIO on 01-02-2014 12:25:01

Running from C:\Users\Hannes\Desktop

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Dropbox, Inc.) C:\Users\Hannes\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(ALPS) C:\Program Files\Apoint\Apvfb.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

() C:\Program Files\Sony\VAIO Care\VCPerfService.exe

() C:\Program Files\Sony\VAIO Care\listener.exe

(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Farbar) C:\Users\Hannes\Desktop\FRST64(1).exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)

HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)

HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)

Startup: C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Hannes\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com

URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {5AF86F4A-6085-4290-A5BF-6530936890D5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}

SearchScopes: HKCU - {9F8DC443-4795-4816-A1C1-76BB32574993} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices

BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File

BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default

FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");

FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
 

==================== Services (Whitelisted) =================
 

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-30] (Avira Operations GmbH & Co. KG)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros)

S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)

R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()

R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-02-01 12:25 - 2014-02-01 12:25 - 00015407 _____ () C:\Users\Hannes\Desktop\FRST.txt

2014-02-01 12:24 - 2014-02-01 12:24 - 02080256 _____ (Farbar) C:\Users\Hannes\Desktop\FRST64(1).exe

2014-02-01 12:18 - 2014-02-01 12:18 - 00003822 _____ () C:\Users\Hannes\Desktop\JRT.txt

2014-02-01 12:11 - 2014-02-01 12:11 - 00000000 ____D () C:\Windows\ERUNT

2014-02-01 12:10 - 2014-02-01 12:10 - 01037068 _____ (Thisisu) C:\Users\Hannes\Desktop\JRT.exe

2014-02-01 12:05 - 2014-02-01 12:05 - 00000000 ___RD () C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-02-01 12:02 - 2014-02-01 12:03 - 00000000 ____D () C:\AdwCleaner

2014-02-01 12:01 - 2014-02-01 12:01 - 01166132 _____ () C:\Users\Hannes\Desktop\adwcleaner.exe

2014-02-01 11:35 - 2014-02-01 11:35 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Malwarebytes

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-01 11:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-02-01 11:33 - 2014-02-01 11:34 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Hannes\Desktop\mbam-setup-1.75.0.1300.exe

2014-01-31 12:43 - 2014-01-31 12:43 - 00100162 _____ () C:\ComboFix.txt

2014-01-31 12:26 - 2014-01-31 12:43 - 00000000 ____D () C:\ComboFix

2014-01-31 12:24 - 2014-01-31 12:43 - 00000000 ____D () C:\Qoobox

2014-01-31 12:24 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-01-31 12:24 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-01-31 12:24 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe

2014-01-31 12:23 - 2014-01-31 12:41 - 00000000 ____D () C:\Windows\erdnt

2014-01-31 12:21 - 2014-01-31 12:21 - 05177551 ____R (Swearware) C:\Users\Hannes\Desktop\ComboFix.exe

2014-01-30 14:03 - 2014-01-30 14:04 - 00034638 _____ () C:\Users\Hannes\Downloads\Addition.txt

2014-01-30 14:02 - 2014-02-01 12:25 - 00000000 ____D () C:\FRST

2014-01-30 14:02 - 2014-01-30 14:04 - 00028581 _____ () C:\Users\Hannes\Downloads\FRST.txt

2014-01-30 14:01 - 2014-01-30 14:01 - 02079744 _____ (Farbar) C:\Users\Hannes\Downloads\FRST64.exe

2014-01-23 23:48 - 2014-01-24 22:30 - 00000000 ____D () C:\Users\Hannes\Desktop\Mond

2014-01-21 00:14 - 2004-03-16 12:00 - 58828524 _____ () C:\Users\Hannes\Desktop\Dazwischen 200114.WAV

2014-01-20 23:38 - 2004-03-16 12:00 - 41875756 _____ () C:\Users\Hannes\Desktop\Matilda 200114.WAV

2014-01-20 23:21 - 2004-03-16 12:00 - 50222124 _____ () C:\Users\Hannes\Desktop\Funkloch 200114.WAV

2014-01-20 18:17 - 2014-01-20 17:42 - 63139737 _____ () C:\Users\Hannes\Desktop\KopfhörerrausdasistKlausurrelevant_ep7_A1355CDUCDUK06.aax

2014-01-19 02:20 - 2014-01-18 23:07 - 100486455 _____ () C:\Users\Hannes\Desktop\Full Set 18.01.14.m4a

2014-01-15 10:26 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-01-15 10:26 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-01-15 10:26 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-01-08 17:38 - 2014-01-08 17:38 - 00000000 ____D () C:\Users\Hannes\Desktop\Rehan Songs

2014-01-06 22:24 - 2014-01-06 22:24 - 00005830 _____ () C:\Users\Hannes\Downloads\Re_Kracht-Referat Rezensieren am 10_11.1.zip

2014-01-02 10:11 - 2014-01-02 10:19 - 00000000 ____D () C:\Users\Hannes\AppData\Local\Mobogenie

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D () C:\Users\Hannes\Documents\Mobogenie

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D () C:\Users\Hannes\AppData\Local\genienext

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D () C:\Users\Hannes\AppData\Local\cache

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D () C:\Users\Hannes\.android

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 _____ () C:\Users\Hannes\daemonprocess.txt

2014-01-02 10:10 - 2014-01-02 10:10 - 00000000 ____D () C:\Users\Hannes\AppData\Local\BeamriseUninstall

2014-01-02 10:08 - 2014-02-01 12:05 - 00001334 _____ () C:\Windows\Tasks\FTdownloader V6.0-updater.job

2014-01-02 10:08 - 2014-01-02 10:28 - 00004364 _____ () C:\Windows\System32\Tasks\FTdownloader V6.0-updater

2014-01-02 10:07 - 2014-02-01 12:05 - 00002138 _____ () C:\Windows\Tasks\FTdownloader V6.0-firefoxinstaller.job

2014-01-02 10:07 - 2014-01-02 10:08 - 00000000 ____D () C:\Program Files (x86)\FTdownloader V6.0
 

==================== One Month Modified Files and Folders =======
 

2014-02-01 12:25 - 2014-02-01 12:25 - 00015407 _____ () C:\Users\Hannes\Desktop\FRST.txt

2014-02-01 12:25 - 2014-01-30 14:02 - 00000000 ____D () C:\FRST

2014-02-01 12:24 - 2014-02-01 12:24 - 02080256 _____ (Farbar) C:\Users\Hannes\Desktop\FRST64(1).exe

2014-02-01 12:20 - 2013-01-19 09:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-01 12:18 - 2014-02-01 12:18 - 00003822 _____ () C:\Users\Hannes\Desktop\JRT.txt

2014-02-01 12:13 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-01 12:13 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-01 12:11 - 2014-02-01 12:11 - 00000000 ____D () C:\Windows\ERUNT

2014-02-01 12:10 - 2014-02-01 12:10 - 01037068 _____ (Thisisu) C:\Users\Hannes\Desktop\JRT.exe

2014-02-01 12:10 - 2012-01-16 13:15 - 02076375 _____ () C:\Windows\WindowsUpdate.log

2014-02-01 12:05 - 2014-02-01 12:05 - 00000000 ___RD () C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-02-01 12:05 - 2014-01-02 10:08 - 00001334 _____ () C:\Windows\Tasks\FTdownloader V6.0-updater.job

2014-02-01 12:05 - 2014-01-02 10:07 - 00002138 _____ () C:\Windows\Tasks\FTdownloader V6.0-firefoxinstaller.job

2014-02-01 12:05 - 2012-01-31 14:30 - 00000000 ___RD () C:\Users\Hannes\Dropbox

2014-02-01 12:05 - 2012-01-31 14:28 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Dropbox

2014-02-01 12:04 - 2011-09-06 04:40 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-02-01 12:04 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-01 12:04 - 2009-07-14 05:51 - 00137476 _____ () C:\Windows\setupact.log

2014-02-01 12:03 - 2014-02-01 12:02 - 00000000 ____D () C:\AdwCleaner

2014-02-01 12:01 - 2014-02-01 12:01 - 01166132 _____ () C:\Users\Hannes\Desktop\adwcleaner.exe

2014-02-01 11:54 - 2010-11-21 04:47 - 00322810 _____ () C:\Windows\PFRO.log

2014-02-01 11:53 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-02-01 11:35 - 2014-02-01 11:35 - 00001109 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Malwarebytes

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-01 11:34 - 2014-02-01 11:33 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Hannes\Desktop\mbam-setup-1.75.0.1300.exe

2014-01-31 23:18 - 2012-01-16 14:35 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{71451E4B-A621-45D6-AF39-4F4B7545F0D6}

2014-01-31 23:05 - 2012-05-17 18:03 - 00000000 ____D () C:\Users\Hannes\AppData\Local\CrashDumps

2014-01-31 12:43 - 2014-01-31 12:43 - 00100162 _____ () C:\ComboFix.txt

2014-01-31 12:43 - 2014-01-31 12:26 - 00000000 ____D () C:\ComboFix

2014-01-31 12:43 - 2014-01-31 12:24 - 00000000 ____D () C:\Qoobox

2014-01-31 12:41 - 2014-01-31 12:23 - 00000000 ____D () C:\Windows\erdnt

2014-01-31 12:39 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini

2014-01-31 12:21 - 2014-01-31 12:21 - 05177551 ____R (Swearware) C:\Users\Hannes\Desktop\ComboFix.exe

2014-01-30 14:04 - 2014-01-30 14:03 - 00034638 _____ () C:\Users\Hannes\Downloads\Addition.txt

2014-01-30 14:04 - 2014-01-30 14:02 - 00028581 _____ () C:\Users\Hannes\Downloads\FRST.txt

2014-01-30 14:01 - 2014-01-30 14:01 - 02079744 _____ (Farbar) C:\Users\Hannes\Downloads\FRST64.exe

2014-01-30 11:35 - 2012-04-18 19:43 - 00000000 ____D () C:\Users\Hannes\Desktop\Uni

2014-01-29 22:34 - 2012-01-16 14:26 - 00000000 ____D () C:\Users\Hannes

2014-01-29 22:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration

2014-01-28 14:28 - 2013-12-04 21:59 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Audacity

2014-01-28 14:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat

2014-01-24 22:30 - 2014-01-23 23:48 - 00000000 ____D () C:\Users\Hannes\Desktop\Mond

2014-01-23 23:50 - 2011-09-06 14:17 - 00697534 _____ () C:\Windows\system32\perfh007.dat

2014-01-23 23:50 - 2011-09-06 14:17 - 00148540 _____ () C:\Windows\system32\perfc007.dat

2014-01-23 23:50 - 2009-07-14 06:13 - 01614892 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-01-21 12:46 - 2012-01-16 14:30 - 00000000 ____D () C:\Users\Hannes\Documents\Bluetooth Folder

2014-01-20 17:42 - 2014-01-20 18:17 - 63139737 _____ () C:\Users\Hannes\Desktop\KopfhörerrausdasistKlausurrelevant_ep7_A1355CDUCDUK06.aax

2014-01-18 23:07 - 2014-01-19 02:20 - 100486455 _____ () C:\Users\Hannes\Desktop\Full Set 18.01.14.m4a

2014-01-16 11:10 - 2012-01-31 14:30 - 00001023 _____ () C:\Users\Hannes\Desktop\Dropbox.lnk

2014-01-16 11:10 - 2012-01-31 14:29 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-01-16 11:10 - 2012-01-16 14:29 - 00000000 ___RD () C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-01-16 11:07 - 2009-07-14 05:45 - 00442320 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-01-16 00:02 - 2009-07-14 03:34 - 00000499 _____ () C:\Windows\win.ini

2014-01-16 00:01 - 2013-08-14 23:00 - 00000000 ____D () C:\Windows\system32\MRT

2014-01-15 23:59 - 2012-01-30 18:30 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-01-08 17:38 - 2014-01-08 17:38 - 00000000 ____D () C:\Users\Hannes\Desktop\Rehan Songs

2014-01-06 22:24 - 2014-01-06 22:24 - 00005830 _____ () C:\Users\Hannes\Downloads\Re_Kracht-Referat Rezensieren am 10_11.1.zip

2014-01-04 23:28 - 2012-01-16 23:15 - 00000000 ____D () C:\Users\Hannes\Desktop\Kartell und Sonstiges

2014-01-02 10:28 - 2014-01-02 10:08 - 00004364 _____ () C:\Windows\System32\Tasks\FTdownloader V6.0-updater

2014-01-02 10:19 - 2014-01-02 10:11 - 00000000 ____D () C:\Users\Hannes\AppData\Local\Mobogenie

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D () C:\Users\Hannes\Documents\Mobogenie

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D () C:\Users\Hannes\AppData\Local\genienext

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D () C:\Users\Hannes\AppData\Local\cache

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 ____D () C:\Users\Hannes\.android

2014-01-02 10:11 - 2014-01-02 10:11 - 00000000 _____ () C:\Users\Hannes\daemonprocess.txt

2014-01-02 10:10 - 2014-01-02 10:10 - 00000000 ____D () C:\Users\Hannes\AppData\Local\BeamriseUninstall

2014-01-02 10:08 - 2014-01-02 10:07 - 00000000 ____D () C:\Program Files (x86)\FTdownloader V6.0
 

Some content of TEMP:

====================

C:\Users\Hannes\AppData\Local\Temp\avgnt.exe

C:\Users\Hannes\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-01-19 02:41
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Das Problem mit der Werbung ist jetzt grade nicht mehr da (war aber in den letzten Tagen schon mehrfach kurzzeitig weg). Aber langsamer ist er glaub ich immernoch...
Grüße

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Hi, und weiter geht's. Heut morgen war das Problem leider wieder da.

Code:

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=9cfdcb6d04e66d40bd828c79fa31196f

# engine=16907

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2014-02-02 11:29:48

# local_time=2014-02-02 12:29:48 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=1799 16775165 100 96 71875 256763878 2006 0

# compatibility_mode=5893 16776573 100 94 90878 142970438 0 0

# scanned=167949

# found=1

# cleaned=0

# scan_time=5412

sh=796131190B8F2576CB86DA7F9876542473EC093F ft=0 fh=0000000000000000 vn="HTML/ScrInject.B.Gen virus" ac=I fn="C:\Users\Hannes\AppData\Local\Mozilla\Firefox\Profiles\45dmze7u.default\Cache\2\41\D4B78d01"

Code:

Results of screen317's Security Check version 0.99.79  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  
 ``````````````Antivirus/Firewall Check:`````````````` 

Avira Desktop   

 Antivirus up to date!  (On Access scanning disabled!) 
 `````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware Version 1.75.0.1300  

 Java(TM) 6 Update 22  

 Java version out of Date! 

 Adobe Flash Player 11.9.900.170  

 Adobe Reader 10.1.8 Adobe Reader out of Date!  

 Mozilla Firefox (26.0) 
 ````````Process Check: objlist.exe by Laurent````````  

 Malwarebytes Anti-Malware mbamservice.exe  

 Malwarebytes Anti-Malware mbamgui.exe  

 Avira Antivir avgnt.exe 

 Avira Antivir avguard.exe 

 Malwarebytes' Anti-Malware mbamscheduler.exe   
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  
 ````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 03

Ran by Hannes (administrator) on HANNES-VAIO on 02-02-2014 12:48:45

Running from C:\Users\Hannes\Desktop\Virus-Scan-Programme

Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe

(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

(Dropbox, Inc.) C:\Users\Hannes\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(ALPS) C:\Program Files\Apoint\Apvfb.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

() C:\Program Files\Sony\VAIO Care\VCPerfService.exe

() C:\Program Files\Sony\VAIO Care\listener.exe

(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Microsoft Corporation) C:\Windows\splwow64.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Microsoft Corporation) C:\Windows\System32\vds.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe

(Farbar) C:\Users\Hannes\Desktop\Virus-Scan-Programme\FRST64(1).exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [cAudioFilterAgent] - C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)

HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)

HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)

HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [226672 2011-02-17] (Alps Electric Co., Ltd.)

HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)

HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-26] (Sony Corporation)

HKLM-x32\...\Run: [] - [x]

HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-12] (Avira Operations GmbH & Co. KG)

Startup: C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Hannes\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com

URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKCU - {5AF86F4A-6085-4290-A5BF-6530936890D5} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}

SearchScopes: HKCU - {9F8DC443-4795-4816-A1C1-76BB32574993} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices

BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL No File

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

BHO-x32: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll No File

BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)

Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 

FireFox:

========

FF ProfilePath: C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default

FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");

FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()

FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101727.dll (Amazon.com, Inc.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FTdownloader V6.0 - C:\Users\Hannes\AppData\Roaming\Mozilla\Firefox\Profiles\45dmze7u.default\Extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com [2014-02-02]
 

==================== Services (Whitelisted) =================
 

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-12] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-30] (Avira Operations GmbH & Co. KG)

R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros)

S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)

S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)

R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()

R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
 

==================== Drivers (Whitelisted) ====================
 

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)

S3 catchme; \??\C:\ComboFix\catchme.sys [x]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-02-02 12:43 - 2014-02-02 12:43 - 00987425 _____ () C:\Users\Hannes\Desktop\SecurityCheck.exe

2014-02-02 11:19 - 2014-02-02 11:20 - 00012646 ____H () C:\Users\Hannes\Desktop\~WRL0003.tmp

2014-02-02 10:56 - 2014-02-02 10:56 - 02347384 _____ (ESET) C:\Users\Hannes\Desktop\esetsmartinstaller_enu.exe

2014-02-02 10:51 - 2014-02-02 10:51 - 00000000 ___RD () C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-02-01 22:24 - 2014-02-02 12:48 - 00000000 ____D () C:\Users\Hannes\Desktop\Virus-Scan-Programme

2014-02-01 12:11 - 2014-02-01 12:11 - 00000000 ____D () C:\Windows\ERUNT

2014-02-01 12:02 - 2014-02-01 12:03 - 00000000 ____D () C:\AdwCleaner

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Malwarebytes

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-02-01 11:35 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-01-31 12:43 - 2014-01-31 12:43 - 00100162 _____ () C:\ComboFix.txt

2014-01-31 12:26 - 2014-01-31 12:43 - 00000000 ____D () C:\ComboFix

2014-01-31 12:24 - 2014-01-31 12:43 - 00000000 ____D () C:\Qoobox

2014-01-31 12:24 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-01-31 12:24 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-01-31 12:24 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe

2014-01-31 12:24 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe

2014-01-31 12:23 - 2014-01-31 12:41 - 00000000 ____D () C:\Windows\erdnt

2014-01-31 12:21 - 2014-01-31 12:21 - 05177551 ____R (Swearware) C:\Users\Hannes\Desktop\ComboFix.exe

2014-01-30 14:03 - 2014-01-30 14:04 - 00034638 _____ () C:\Users\Hannes\Downloads\Addition.txt

2014-01-30 14:02 - 2014-02-02 12:48 - 00000000 ____D () C:\FRST

2014-01-30 14:02 - 2014-01-30 14:04 - 00028581 _____ () C:\Users\Hannes\Downloads\FRST.txt

2014-01-30 14:01 - 2014-01-30 14:01 - 02079744 _____ (Farbar) C:\Users\Hannes\Downloads\FRST64.exe

2014-01-23 23:48 - 2014-01-24 22:30 - 00000000 ____D () C:\Users\Hannes\Desktop\Mond

2014-01-21 00:14 - 2004-03-16 12:00 - 58828524 _____ () C:\Users\Hannes\Desktop\Dazwischen 200114.WAV

2014-01-20 23:38 - 2004-03-16 12:00 - 41875756 _____ () C:\Users\Hannes\Desktop\Matilda 200114.WAV

2014-01-20 23:21 - 2004-03-16 12:00 - 50222124 _____ () C:\Users\Hannes\Desktop\Funkloch 200114.WAV

2014-01-20 18:17 - 2014-01-20 17:42 - 63139737 _____ () C:\Users\Hannes\Desktop\KopfhörerrausdasistKlausurrelevant_ep7_A1355CDUCDUK06.aax

2014-01-19 02:20 - 2014-01-18 23:07 - 100486455 _____ () C:\Users\Hannes\Desktop\Full Set 18.01.14.m4a

2014-01-15 10:26 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys

2014-01-15 10:26 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-01-15 10:26 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys

2014-01-15 10:26 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-01-08 17:38 - 2014-01-08 17:38 - 00000000 ____D () C:\Users\Hannes\Desktop\Rehan Songs

2014-01-06 22:24 - 2014-01-06 22:24 - 00005830 _____ () C:\Users\Hannes\Downloads\Re_Kracht-Referat Rezensieren am 10_11.1.zip
 

==================== One Month Modified Files and Folders =======
 

2014-02-02 12:48 - 2014-02-01 22:24 - 00000000 ____D () C:\Users\Hannes\Desktop\Virus-Scan-Programme

2014-02-02 12:48 - 2014-01-30 14:02 - 00000000 ____D () C:\FRST

2014-02-02 12:43 - 2014-02-02 12:43 - 00987425 _____ () C:\Users\Hannes\Desktop\SecurityCheck.exe

2014-02-02 12:20 - 2013-01-19 09:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-02-02 12:19 - 2012-01-16 13:15 - 01059654 _____ () C:\Windows\WindowsUpdate.log

2014-02-02 11:49 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF

2014-02-02 11:20 - 2014-02-02 11:19 - 00012646 ____H () C:\Users\Hannes\Desktop\~WRL0003.tmp

2014-02-02 10:59 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-02-02 10:59 - 2009-07-14 05:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-02-02 10:56 - 2014-02-02 10:56 - 02347384 _____ (ESET) C:\Users\Hannes\Desktop\esetsmartinstaller_enu.exe

2014-02-02 10:53 - 2012-01-31 14:30 - 00000000 ___RD () C:\Users\Hannes\Dropbox

2014-02-02 10:53 - 2012-01-31 14:28 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Dropbox

2014-02-02 10:51 - 2014-02-02 10:51 - 00000000 ___RD () C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices

2014-02-02 10:51 - 2014-01-02 10:08 - 00001334 _____ () C:\Windows\Tasks\FTdownloader V6.0-updater.job

2014-02-02 10:51 - 2014-01-02 10:07 - 00002138 _____ () C:\Windows\Tasks\FTdownloader V6.0-firefoxinstaller.job

2014-02-02 10:51 - 2011-09-06 04:40 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-02-02 10:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-02-02 10:51 - 2009-07-14 05:51 - 00137532 _____ () C:\Windows\setupact.log

2014-02-02 00:20 - 2012-04-18 19:43 - 00000000 ____D () C:\Users\Hannes\Desktop\Uni

2014-02-01 20:19 - 2012-01-16 14:35 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{71451E4B-A621-45D6-AF39-4F4B7545F0D6}

2014-02-01 12:11 - 2014-02-01 12:11 - 00000000 ____D () C:\Windows\ERUNT

2014-02-01 12:03 - 2014-02-01 12:02 - 00000000 ____D () C:\AdwCleaner

2014-02-01 11:54 - 2010-11-21 04:47 - 00322810 _____ () C:\Windows\PFRO.log

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Malwarebytes

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-02-01 11:35 - 2014-02-01 11:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-01-31 23:05 - 2012-05-17 18:03 - 00000000 ____D () C:\Users\Hannes\AppData\Local\CrashDumps

2014-01-31 12:43 - 2014-01-31 12:43 - 00100162 _____ () C:\ComboFix.txt

2014-01-31 12:43 - 2014-01-31 12:26 - 00000000 ____D () C:\ComboFix

2014-01-31 12:43 - 2014-01-31 12:24 - 00000000 ____D () C:\Qoobox

2014-01-31 12:41 - 2014-01-31 12:23 - 00000000 ____D () C:\Windows\erdnt

2014-01-31 12:39 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini

2014-01-31 12:21 - 2014-01-31 12:21 - 05177551 ____R (Swearware) C:\Users\Hannes\Desktop\ComboFix.exe

2014-01-30 14:04 - 2014-01-30 14:03 - 00034638 _____ () C:\Users\Hannes\Downloads\Addition.txt

2014-01-30 14:04 - 2014-01-30 14:02 - 00028581 _____ () C:\Users\Hannes\Downloads\FRST.txt

2014-01-30 14:01 - 2014-01-30 14:01 - 02079744 _____ (Farbar) C:\Users\Hannes\Downloads\FRST64.exe

2014-01-29 22:34 - 2012-01-16 14:26 - 00000000 ____D () C:\Users\Hannes

2014-01-29 22:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration

2014-01-28 14:28 - 2013-12-04 21:59 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Audacity

2014-01-28 14:28 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat

2014-01-24 22:30 - 2014-01-23 23:48 - 00000000 ____D () C:\Users\Hannes\Desktop\Mond

2014-01-23 23:50 - 2011-09-06 14:17 - 00697534 _____ () C:\Windows\system32\perfh007.dat

2014-01-23 23:50 - 2011-09-06 14:17 - 00148540 _____ () C:\Windows\system32\perfc007.dat

2014-01-23 23:50 - 2009-07-14 06:13 - 01614892 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-01-21 12:46 - 2012-01-16 14:30 - 00000000 ____D () C:\Users\Hannes\Documents\Bluetooth Folder

2014-01-20 17:42 - 2014-01-20 18:17 - 63139737 _____ () C:\Users\Hannes\Desktop\KopfhörerrausdasistKlausurrelevant_ep7_A1355CDUCDUK06.aax

2014-01-18 23:07 - 2014-01-19 02:20 - 100486455 _____ () C:\Users\Hannes\Desktop\Full Set 18.01.14.m4a

2014-01-16 11:10 - 2012-01-31 14:30 - 00001023 _____ () C:\Users\Hannes\Desktop\Dropbox.lnk

2014-01-16 11:10 - 2012-01-31 14:29 - 00000000 ____D () C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-01-16 11:10 - 2012-01-16 14:29 - 00000000 ___RD () C:\Users\Hannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-01-16 11:07 - 2009-07-14 05:45 - 00442320 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-01-16 00:02 - 2009-07-14 03:34 - 00000499 _____ () C:\Windows\win.ini

2014-01-16 00:01 - 2013-08-14 23:00 - 00000000 ____D () C:\Windows\system32\MRT

2014-01-15 23:59 - 2012-01-30 18:30 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-01-08 17:38 - 2014-01-08 17:38 - 00000000 ____D () C:\Users\Hannes\Desktop\Rehan Songs

2014-01-06 22:24 - 2014-01-06 22:24 - 00005830 _____ () C:\Users\Hannes\Downloads\Re_Kracht-Referat Rezensieren am 10_11.1.zip

2014-01-04 23:28 - 2012-01-16 23:15 - 00000000 ____D () C:\Users\Hannes\Desktop\Kartell und Sonstiges
 

Some content of TEMP:

====================

C:\Users\Hannes\AppData\Local\Temp\avgnt.exe

C:\Users\Hannes\AppData\Local\Temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-02-01 14:25
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Also, das Problem ist leider nicht gelöst. Gestern nach Adw Cleaner und Junkware schien es weg zu sein, aber jetzt ist alles unverändert. Was ich an der Anweisung nicht verstanden habe: warum hieß es, kein Haken bei remove Threads? Der Eset hat nämlich einen File gefunden, der ja jetzt nicht gelöscht wurde.
Lieb Grüße und danke für die Mühen bis hierher!

Ich habe nochmal junkware drüberlaufen lassen, und wenn ich die beiliegende Logdatei richtig verstehe, scheint das Problem jetzt nur noch im Firefox zu liegen, oder? Wie auch schon gestern läuft jetzt alles vorläufig wieder reibungslos. Was sind das für Dateien, und warum kommen sie scheinbar immer wieder?

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.0 (01.07.2014:1)

OS: Windows 7 Home Premium x64

Ran by Hannes on 02.02.2014 at 14:34:12,81

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ FireFox
 

Successfully deleted: [Folder] C:\Users\Hannes\AppData\Roaming\mozilla\firefox\profiles\45dmze7u.default\extensions\cf7c3171-a228-46e6-872e-0ce5cd488f65@26856adc-3092-4439-91e4-b8f9b988d0d9.com

Successfully deleted the following from C:\Users\Hannes\AppData\Roaming\mozilla\firefox\profiles\45dmze7u.default\prefs.js
 

user_pref("iminent.adapters", "{\"ft-download\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":2,\"expireTime\":\"1388653730014259200\"},\"iminent\":{\"CountryCode\":\"DE\

user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.51.3.1\",\"InstallEventCTime\":1388653728483,\"InstallEvent\":\"True\"}");

Emptied folder: C:\Users\Hannes\AppData\Roaming\mozilla\firefox\profiles\45dmze7u.default\minidumps [1 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 02.02.2014 at 14:42:18,64

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Java udn Adobe updaten.

Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.